IOC Radar
IPMediumSignal 24/100

2.50.17.6

Location
United Arab EmiratesUnited Arab Emirates
Abu Dhabi, AZ
ASN
AS5384
Etisalat
First Seen
Jul 2, 2025
Last Seen
Apr 7, 2026
Jul 2
First Seen
344d ago
Apr 7
Last Seen
65d ago
7
Reports
source reports
24%
Confidence
medium
Found in 7 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
24%
Signal Score
24 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

35 techniques

Network Information

CountryAEUnited Arab Emirates
RegionAbu Dhabi, AZ
ASNAS5384
OrganizationEtisalat

Feed Intelligence Summary

7 reports24% confidence
7
Source reports
24%
Confidence score
Category tags
active scanactive scanningattackbotnetbotnet activitybrute forcebrute force attackbrute force attemptsbrute_forcecisco devicecisco exploitation attemptscommand and controlcommunication protocolcowrie honeypotcredential accesscredential harvestingcredential stuffingcve scandata exfiltrationdata store exposureddosddos attackdecoy systemdevice managementdionaea honeypotdistributed attacksenterprise networkingexploit kit activityexploitation activityftpftp brute forceftp_bruteforcehoneytrap honeypothttp brute forcehttp scannerhttp_scanhttps_scanidentity & access exploitationindicatorinjection activitylamplamp stack targetingmailoney honeypotmalicious activitymalicious payload detectionmalicious softwaremalwaremalware behaviourmalware capturemalware distributionnetworknetwork attack attemptsnetwork infrastructurenetwork intrusion attemptsnetwork scanningnetwork securitynetwork service scanningnorth americapassword attacksphishingphishing attackphishing trappossible botnet activityprocess injectionprotocol exploitationransomwarereconnaissanceremote accessremote servicesresearchedresource hijackingscannerscripting attackssentrypeer botnetservice scansftp attacksip attackssip brute forcesocial engineeringspamsql injection attemptssh attackssh monitoringssh_bruteforcet1021t1021.001t1040t1041t1046t1055t1059t1059.007t1071.001t1076t1078t1110t1110.001t1110.002t1110.003t1110.004t1133t1190t1203t1204.002t1486t1496t1499.001t1499.002t1499.003t1563t1565t1566.001t1566.002t1566.003t1566.004t1595t1595.001t1595.002t1595.003tannertargeting databasetelecommunicationstelnet threattelnet_bruteforcethreat actorthreat detectionthreat intelligencetor nodeunauthorized accessunauthorized access attemptunited statesvoipvoip attackvulnerability scanweb application attackweb attackweb exploitationweb shell attemptweb spamweb traffic

Activity Timeline

1 total obs
Apr 7Apr 7

Threat Activity Heatmap

· Peak: 2026-04-07
Less
More
Mon
Wed
Fri
Jun
·
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
1
Minimal
Threat ScoreLow Risk
24
SIGNAL
Signal Score
24%
Confidence
7
Reports
First seenJul 2, 2025
Last seenApr 7, 2026
GeolocationAE
CountryUnited Arab Emirates
LocationAbu Dhabi, AZ
ASNAS5384
OrgEtisalat
Coords24.4638, 54.3630

VirusTotal

Not checked

WHOIS

description
2025-07-05T03:01:10.066Z Honeypot : Heralding : Source: 2.50.17.6 : Username/Password: usER/evony192 Port: 1080 Message: 2025-07-05 03:01:10.066493,f9dfd055-c623-487f-a10b-f990b900e27f,d52d682e-7fb8-4a9d-8ee4-8e6a05edf3a5,2.50.17.6,42020,99.18.26.18,1080,socks5,usER,evony192,
raw
inetnum: 2.50.12.0 - 2.50.19.255 netname: ETISALATADSL-EMIRNET descr: Emirates Telecommunications Corporation descr: P O Box 1150, Dubai, UAE country: AE admin-c: AK915-RIPE tech-c: AK915-RIPE status: ASSIGNED PA mnt-by: ETISALAT-MNT mnt-lower: ETISALAT-MNT mnt-routes: ETISALAT-MNT created: 2010-09-28T12:54:31Z last-modified: 2010-09-28T12:54:31Z source: RIPE person: Arif Khalid address: Emirates Telecommunications Corporation address: P O Box 1150, Dubai, UAE phone: +971 800 6100 fax-no: +971 4 2959876 remarks: For any kind of abuse orignating from our network please remarks: email [email protected] nic-hdl: AK915-RIPE mnt-by: ETISALAT-MNT created: 2002-02-11T09:36:40Z last-modified: 2008-06-19T04:25:20Z source: RIPE # Filtered route: 2.50.0.0/18 descr: Emirates Telecommunications Corporation P.O. Box 1150, Dubai, UAE origin: AS5384 mnt-by: ETISALAT-MNT created: 2024-05-06T06:27:54Z last-modified: 2024-05-06T06:27:54Z source: RIPE
references
https://github.com/telekom-security/tpotce

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 11 months ago · Last seen 2 months ago
Appeared in 7 threat reports