IPMediumSignal 77/100
185.118.143.154
Location
TurkeyMagnesia ad Sipylum, Manisa
ASN
AS57844
BuyukHosting Internet ve Bili?im Hizmetleri
First Seen
Jan 12, 2026
Last Seen
Apr 25, 2026
Found in 20 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
77%
Signal Score
77 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK
MITRE ATT&CK TTPs
Network Information
CountryTurkey
TurkeyRegionMagnesia ad Sipylum, Manisa
ASNAS57844
OrganizationBuyukHosting Internet ve Bili?im Hizmetleri
Feed Intelligence Summary
20 reports77% confidence
20
Source reports
77%
Confidence score
Category tags
abuseactive scanactive scanningapacheapache attackeraptattackattacker ipattacker-ipaustraliaautomated attackautomated attack attemptsautomated attacksautomated-attackbad reputationbad web botblocklist_allbotnetbotnet activitybrute forcebrute force attackbrute force attacksbrute force attemptbrute force attemptscanadacisco devicecisco exploitation attemptscode executioncode injectioncode-injectioncommand executioncommunication protocolcompromised hostcompromised hostsconnected devicesconpot honeypotcowrie honeypotcredential accesscredential harvestingcredential stuffingcredential-abusedata exfiltrationdata store exposuredatabase attackdatabase securityddosddos attackdecoy systemdenial of servicedevice managementdigital oceandionaea honeypotelasticpot honeypotelasticsearch monitoringenterprise networkingeurope/asiaexploitexploitationexploitation activityexploitation attemptsexploited hostfailed login attemptsfattftpftp brute forcehackinghoneytrap honeypothttp brute forcehttp scannerhttp scanninghttps scanningics securityidentity & access exploitationindustrial control systemsindustrial iotinjection activityinjection attacksinternet of thingsiot analyticsiot applicationsiot platformsiot securityiot targetediot/ics attackipphoney honeypotlampmailoney honeypotmalicious activitymalicious ip addressesmalicious network activitymalicious softwaremalicious trafficmalwaremalware behaviourmalware capturenetworknetwork attacksnetwork infrastructurenetwork intrusionnetwork intrusion attemptsnetwork probingnetwork protocolnetwork reconnaissancenetwork scanningnetwork securitynetwork traffic analysisnorth americaobjectoceaniap0fpassword attacksphishingphishing attackphishing trapping of deathport-scanningpotential vulnerability exploitationprocess injectionprotocol exploitationproxyransomwarereconnaissanceremote accessremote servicesresearchedresource hijackingscannerscannersscanning activityscripting attackssecurity operationssensor-taggedsentrypeer botnetservice scansftp attacksftp attemptsip scanningsmart devicessmtpsocial engineeringspamsql-injectionssh attackssh monitoringt1021t1021.001t1040t1041t1046t1055t1056t1059t1059.003t1059.004t1059.007t1068t1071.001t1076t1078t1110t1110.001t1110.002t1110.003t1110.004t1133t1190t1203t1204.002t1486t1496t1499.001t1499.002t1499.003t1563t1565t1566.001t1566.002t1566.003t1566.004t1589t1592t1595t1595.001t1595.002t1595.003tannertargeting databasetcp protocoltcp scantelecommunicationstelnet threatthreat actorthreat detectionthreat intelligencetor nodetpotturkeyudp scanunauthorized accessunknown threat actorvoidtrapvoipvoip attackvulnerability scanweb application attackweb application scanningweb attackweb exploitationweb spamweb trafficweb-application-attack
Activity Timeline
Apr 25Apr 25
Threat Activity Heatmap
· Peak: 2026-04-25LessMore
Mon
Wed
Fri
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
1
Minimal
Threat ScoreHigh Risk
77
SIGNAL
Signal Score
77%
Confidence
20
Reports
First seenJan 12, 2026
Last seenApr 25, 2026
GeolocationTR
CountryTurkey
LocationMagnesia ad Sipylum, Manisa
ASNAS57844
OrgBuyukHosting Internet ve Bili?im Hizmetleri
Coords38.6054, 27.4287
VirusTotal
Not checked
WHOIS
- raw
- inetnum: 185.118.143.0 - 185.118.143.255 netname: BuyukHosting descr: BuyukHosting Internet ve Bili?im Hizmetleri country: TR admin-c: CE1532-RIPE tech-c: CE1532-RIPE status: ASSIGNED PA mnt-by: MNT-SALAY mnt-lower: MNT-SALAY mnt-routes: MNT-SALAY created: 2015-09-30T00:36:09Z last-modified: 2018-11-18T21:10:35Z source: RIPE geoloc: 38.613228 27.372435 remarks: ********************ENGLISH********************* remarks: *** Abuse Reports to :[email protected] *** remarks: *** This IP block is used for web hosting, *** remarks: *** dedicated and co-located servers. In *** remarks: *** case of spam, please only deal with *** remarks: *** originator IP only. *** remarks: *** DO NOT DEAL WITH THE WHOLE IP BLOCK *** remarks: ************************************************ remarks: ********************TURKISH********************* remarks: *** Abuse Reports to :[email protected] *** remarks: *** Bu ip blogu web hosting, kiralik sunucu *** remarks: *** ve sunucu barindirma hizmetleri icin *** remarks: *** kullanilmaktadir. Eger iplerimizden *** remarks: *** spam gonderilirse lutfen sadece *** remarks: *** gonderen ip ile ilgili islem yapiniz. *** remarks: *** TUM IP BLOGU ILE ILGILI ISLEM YAPMAYINIZ *** remarks: ************************************************ person: Cahit Eyigunlu address: Adalet Mah. Manas Bulv. Folkart Towers A Kule No:47/B K: 26 D: 2601 Bayrakli/izmir phone: +908508409773 nic-hdl: CE1532-RIPE mnt-by: MNT-SPD created: 2012-03-01T22:59:07Z last-modified: 2022-04-25T19:53:41Z source: RIPE # Filtered route: 185.118.143.0/24 origin: AS57844 mnt-by: MNT-SPD created: 2020-11-29T23:14:51Z last-modified: 2020-11-29T23:14:51Z source: RIPE
Export & API
STIX 2.1 Bundle
CSV Export
Permalink
IOC Journey
mediumFirst detected 5 months ago · Last seen 1 month ago
Appeared in 20 threat reports