IOC Radar
IPMediumSignal 46/100

212.126.97.214

Location
IraqIraq
Erbil, Sulaymaniyah
ASN
AS39216
ALSARD FIBER Co. Internet Fiber and Optical Cable Services /Ltd
First Seen
May 17, 2025
Last Seen
Jun 8, 2026
May 17
First Seen
391d ago
Jun 8
Last Seen
4d ago
12
Reports
source reports
46%
Confidence
medium
Found in 12 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
46%
Signal Score
46 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

46 techniques

Network Information

CountryIQIraq
RegionErbil, Sulaymaniyah
ASNAS39216
OrganizationALSARD FIBER Co. Internet Fiber and Optical Cable Services /Ltd

Feed Intelligence Summary

12 reports46% confidence
12
Source reports
46%
Confidence score
Category tags
active scanactive scanningadbhoney honeypotantispamapplication layer protocolaptasiaattackattacker ipsaustraliaauthentication abuseauthentication attackauthentication bypassautomated_threatsbad reputationblocklist_allbotnetbotnet activitybotnet_activitybrute forcebrute force attackbrute force attacksbrute force attemptbrute force attemptsbrute-forcebrute_force_attackscisco brute forcecisco devicecisco exploit attemptcommand and controlcommand executioncommand injectioncommunication protocolconpot honeypotcowrie honeypotcredential accesscredential attackcredential brute forcecredential harvestingcredential stuffingcredential_stuffingdata encryptiondata exfiltrationdata store exposuredatabase attacksdatabase exploitation attemptdatabase securitydatabase service attacksddosddos attackdecoy systemdevice managementdionaea honeypotdistributed attacksdnsdns attackelasticpot honeypotelasticsearch monitoringencryptionenterprise networkingexploitexploit attemptsexploitationexploitation activityexploitation attemptsfattftpftp attacksftp brute forceftp brute-forcehoneytrap honeypothttp brute forcehttp scannericsics securityics/scada attacksidentity & access exploitationimapindicatorindicators of compromiseindustrial control systemsinitial accessinjection activityintrusion detectioniociot attacksiot device attacksiot device targetingiot securityiot/ics attackipphoney honeypotipv4ipv4 attacksiqiraqlamplamp vulnerability scanlateral movementlog4jlogin attackmailoney honeypotmalicious activitymalicious softwaremalicious_ip_addressesmalwaremalware behaviourmalware capturemalware deliverymalware distributionnetworknetwork activitynetwork device attacksnetwork enumerationnetwork infrastructurenetwork intrusionnetwork intrusion attemptnetwork intrusion attemptsnetwork probingnetwork protocolnetwork reconnaissancenetwork scanningnetwork securitynetwork service scanningnetwork-based attack attemptsnorth americaoceaniap0fpassword attackpassword attacksphishingphishing attackphishing trapprocess injectionprotocol exploitationrdp attacksreconnaissanceredis honeypotremote accessremote access attemptsremote servicesresearchedresource hijackingscannerscanning activityscripting attackssecurity operationssensor-taggedsentrypeer botnetserver exploitationservice scansftp attacksftp attackssftp exploit attemptsftp exploitationsip brute forcesip scanningsmtpsmtp attackersmtp attackssocial engineeringspamsql injectionsql injection attemptssh attackssh attacksssh brute-forcessh monitoringt1021t1021.001t1021.002t1021.004t1040t1041t1046t1055t1059t1059.003t1059.004t1059.005t1059.007t1071t1071.001t1076t1077t1078t1090t1110t1110.001t1110.002t1110.003t1110.004t1133t1190t1203t1204.002t1486t1496t1499.001t1499.002t1499.003t1505.002t1505.004t1563t1565t1566.001t1566.002t1566.003t1566.004t1588.004t1595t1595.001t1595.002t1595.003tannertargeting databasetelecommunicationstelnet attackstelnet threatthreat actorthreat actor activitythreat detectionthreat intelligencethreat intelligence feedtor nodetpotunauthorized loginunited statesvnc protocolvoipvoip attackvoip attacksvulnerability scanweb application attacksweb attackweb exploitationweb service attacksweb traffic

Activity Timeline

1 total obs
Jun 8Jun 8

Threat Activity Heatmap

Less
More
Mon
Wed
Fri
Jun
·
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
24h
0
Dormant
7d
1
Minimal
30d
1
Minimal
3mo
1
Minimal
Threat ScoreMedium Risk
46
SIGNAL
Signal Score
46%
Confidence
12
Reports
First seenMay 17, 2025
Last seenJun 8, 2026
GeolocationIQ
CountryIraq
LocationErbil, Sulaymaniyah
ASNAS39216
OrgALSARD FIBER Co. Internet Fiber and Optical Cable Services /Ltd
Coords35.5650, 45.4329

VirusTotal

Not checked

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 1 year ago · Last seen 4 days ago
Appeared in 12 threat reports