IOC Radar
IPMediumSignal 72/100

212.154.70.132

Location
TurkeyTurkey
Istanbul, 41
ASN
AS12735
TurkNet
First Seen
Dec 21, 2023
Last Seen
May 24, 2026
Dec 21
First Seen
918d ago
May 24
Last Seen
33d ago
11
Reports
source reports
72%
Confidence
medium
Found in 11 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
72%
Signal Score
72 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

23 techniques

Network Information

CountryTRTurkey
RegionIstanbul, 41
ASNAS12735
OrganizationTurkNet

Feed Intelligence Summary

11 reports72% confidence
11
Source reports
72%
Confidence score
Category tags
active scanactive scanningbotnetbrute forcebrute force attackbrute-forcecommand and controlcredential accesscredential stuffingdata exfiltrationddos attackdistributed attackseurope/asiaexploited hosthackingindicatorinitial accessiot securityiot targetedmalicious softwaremalwarenetworknetwork intrusionnetwork reconnaissancenetwork scanningnetwork securitynorth americapassword attacksprocess injectionprotocol exploitationreconnaissanceremote accessresearchedscannerssh attackt1021t1021.004t1040t1046t1055t1059t1059.001t1071.001t1078t1110t1110.001t1110.002t1110.003t1110.004t1486t1496t1499.002t1499.003t1565t1595t1595.001t1595.002t1595.003tcp/23telnet threattrturkeyunited states

Activity Timeline

1 total obs
May 24May 24

Threat Activity Heatmap

· Peak: 2026-05-24
Less
More
Mon
Wed
Fri
Jun
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
·
·
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
1
Minimal
Threat ScoreHigh Risk
72
SIGNAL
Signal Score
72%
Confidence
11
Reports
First seenDec 21, 2023
Last seenMay 24, 2026
GeolocationTR
CountryTurkey
LocationIstanbul, 41
ASNAS12735
OrgTurkNet
Coords40.8341, 30.1857

VirusTotal

Not checked

WHOIS

description
Logged 1 visit on 1 honeypot. Duration: 13.31s, did not supply credentials
raw
inetnum: 212.154.0.0 - 212.154.127.255 netname: TR-TURKNET-990212 country: TR org: ORG-SN10-RIPE admin-c: TL143-RIPE tech-c: TL143-RIPE status: ALLOCATED PA mnt-by: RIPE-NCC-HM-MNT mnt-by: MNT-TURKNET-MNT mnt-lower: MNT-TURKNET-MNT mnt-routes: MNT-TURKNET-MNT created: 2001-12-17T10:18:59Z last-modified: 2016-08-18T05:57:36Z source: RIPE # Filtered organisation: ORG-SN10-RIPE org-name: TurkNet Iletisim Hizmetleri A.S. country: TR org-type: LIR address: Fulya Mahallesi Buyukdere Caddesi Torun Center A Blok No: 74 A/89 Sisli/Istanbul address: 34394 address: Istanbul address: TURKEY phone: +90 212 355 1700 fax-no: +90 212 216 3939 admin-c: MT15110-RIPE admin-c: AE363-RIPE admin-c: NC214-RIPE abuse-c: AR17381-RIPE mnt-ref: RIPE-NCC-HM-MNT mnt-ref: MNT-TURKNET-MNT mnt-by: RIPE-NCC-HM-MNT mnt-by: MNT-TURKNET-MNT created: 2004-04-17T12:08:04Z last-modified: 2025-05-09T09:01:47Z source: RIPE # Filtered person: TurkNet LIR address: TurkNet Iletisim Hizmetleri A.S. address: Buyukdere Cad. Ercan Han No.121 address: Gayrettepe / Istanbul / Turkey phone: +90 212 355 17 00 nic-hdl: TL143-RIPE created: 2009-03-05T10:03:41Z last-modified: 2011-08-24T12:18:33Z source: RIPE mnt-by: MNT-TURKNET-MNT route: 212.154.64.0/18 descr: TurkNet origin: AS12735 mnt-by: MNT-TURKNET-MNT created: 1970-01-01T00:00:00Z last-modified: 2009-07-22T13:17:00Z source: RIPE

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 2 years ago · Last seen 1 month ago
Appeared in 11 threat reports