IOC Radar
IPMediumSignal 64/100

5.11.146.29

Location
TurkeyTurkey
İzmit, 34
ASN
AS16135
Turkcell Internet
First Seen
Jun 1, 2025
Last Seen
Aug 28, 2025
Jun 1
First Seen
377d ago
Aug 28
Last Seen
289d ago
6
Reports
source reports
64%
Confidence
medium
Found in 6 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
64%
Signal Score
64 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

34 techniques

Network Information

CountryTRTurkey
Regionİzmit, 34
ASNAS16135
OrganizationTurkcell Internet

Feed Intelligence Summary

6 reports64% confidence
6
Source reports
64%
Confidence score
Category tags
abuseaccess controlactive scanningbotnetbrute forcebrute force attackbrute force attemptcommand and controlcommunication protocolcredential accesscredential stuffingdata exfiltrationddosddos attacksdecoy systemdenial of servicedistributed attackseurope/asiaexploit attemptsftp brute forcehttp brute forceindicatorinternet of thingsintrusion detectioniociot botnetiot/ics attacklateral movementmalicious network activitymalicious softwaremalwaremalware propagationmalware scanningmirai botnetnetworknetwork attacksnetwork intrusionnetwork probingnetwork scanningnetwork securitynetwork service scanningpassword attacksprocess injectionprotocol exploitationreconnaissanceremote accessremote servicesresearchedscanscannersecurity policysmtp brute forcesql injection attemptsssh attackt1021t1021.001t1021.002t1040t1046t1055t1056.001t1059t1059.001t1071.001t1076t1078t1110t1110.001t1110.002t1110.003t1110.004t1133t1187t1190t1199t1210t1486t1496t1499.001t1499.002t1499.003t1563t1565t1588t1595t1595.001t1595.002t1595.003tcp protocoltelnet threatthreat intelligencethreat preventionturkey

Activity Timeline

1 total obs
Aug 28Aug 28

Threat Activity Heatmap

· Peak: 2025-08-28
Less
More
Mon
Wed
Fri
Jun
·
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
0
Dormant
Intelligence SummaryAI Generated

This indicator of compromise (IOC), an IPv4 address with a score of 64.39, represents a significant and potentially severe threat to organizational security. Its high score and inclusion in multiple reputable threat intelligence feeds strongly suggest its involvement in malicious activities such as reconnaissance, active scanning, and potentially more sophisticated attack stages. Unaddressed, this IOC could be associated with unauthorized access attempts, system compromises leading to data exfil…

Threat ScoreMedium Risk
64
SIGNAL
Signal Score
64%
Confidence
6
Reports
First seenJun 1, 2025
Last seenAug 28, 2025
GeolocationTR
CountryTurkey
Locationİzmit, 34
ASNAS16135
OrgTurkcell Internet
Coords41.0247, 28.9252

VirusTotal

Not checked

WHOIS

description
Scans hitting the server at TCP port 23 Telnet. Same IP should not appear more than once in 96 hours in our lists S3#.
raw
inetnum: 5.11.128.0 - 5.11.191.255 netname: TR-TURKCELL-INTERNET descr: TURKCELL INTERNET country: TR admin-c: TIM96-RIPE tech-c: TIM96-RIPE status: ASSIGNED PA mnt-by: TR-TURKCELL created: 2012-05-04T13:51:38Z last-modified: 2012-05-04T13:51:38Z source: RIPE person: Turkcell IP Manager address: Turkcell Kartal Plaza address: Topselvi Mahallesi Dipcik Sokak No:31 address: Kartal ISTANBUL phone: +90 216 458 10 00 fax-no: +90 216 427 50 60 nic-hdl: TIM96-RIPE mnt-by: tr-turkcell created: 2006-04-17T07:04:48Z last-modified: 2011-07-17T21:19:30Z source: RIPE # Filtered route: 5.11.128.0/17 origin: AS16135 mnt-by: tr-turkcell created: 2012-05-04T13:57:22Z last-modified: 2023-03-10T08:47:50Z source: RIPE

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 1 year ago · Last seen 9 months ago
Appeared in 6 threat reports