IOC Radar
IPMediumSignal 100/100

159.146.23.227

Location
TürkiyeTürkiye
Izmir, İzmir Province
ASN
AS12735
TurkNet Iletisim Hizmetleri
First Seen
Apr 9, 2022
Last Seen
May 30, 2026
Apr 9
First Seen
1526d ago
May 30
Last Seen
15d ago
11
Reports
source reports
99%
Confidence
medium
Found in 11 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
99%
Signal Score
100 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

25 techniques

Network Information

CountryTRTürkiye
RegionIzmir, İzmir Province
ASNAS12735
OrganizationTurkNet Iletisim Hizmetleri

Feed Intelligence Summary

11 reports99% confidence
11
Source reports
99%
Confidence score
Category tags
abuseaccess controlactive scanactive scanningattacker ipsaustraliabad reputationbotnetbotnet activitybrute forcebrute force attackbrute-forcebruteforcecommand and controlcommunication protocolcowriecredential accesscredential stuffingctadata encryptionddosddos attacksdecoy systemdionaeadionaea honeypotdistributed attacksencryptioneurope/asiaexploitation activityexploited hostfattftpftp brute forcehackinghttp brute forcehttp scanneridentity & access exploitationindicatorinternet of thingsintrusion detectioniociot botnetiot securityiot targetediot/ics attacklateral movementmalwaremalware behaviourmalware capturemirai botnetmssqlmssql brute forcenetworknetwork attacksnetwork probenetwork protocolnetwork scanningnetwork securityoceaniap0fpassword attacksreconnaissanceremote accessresearchedscanscannerscanning activitysecurity policysensor-taggedsmb brute forcespamt-pott1021t1021.002t1040t1046t1059t1068t1071.001t1077t1110t1110.001t1110.002t1110.003t1110.004t1190t1210t1486t1496t1499.001t1499.002t1499.003t1562t1595t1595.001t1595.002t1595.003tannertcp protocolthreat actorthreat intelligencethreat preventiontor nodetpottrturkeyweb app attackweb spamweb traffic

Activity Timeline

1 total obs
May 30May 30

Threat Activity Heatmap

· Peak: 2026-05-30
Less
More
Mon
Wed
Fri
Jun
·
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
24h
0
Dormant
7d
0
Dormant
30d
1
Minimal
3mo
1
Minimal
Threat ScoreHigh Risk
100
SIGNAL
Signal Score
99%
Confidence
11
Reports
First seenApr 9, 2022
Last seenMay 30, 2026
GeolocationTR
CountryTürkiye
LocationIzmir, İzmir Province
ASNAS12735
OrgTurkNet Iletisim Hizmetleri
Coords38.4140, 27.1412

VirusTotal

Not checked

WHOIS

description
seen in Dionaea honeypot logs; events=5; services=smbd; ports=445; cc=TR; asn=12735; asn_org=TurkNet Iletisim Hizmetleri A.S.

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 4 years ago · Last seen 15 days ago
Appeared in 11 threat reports