IPMediumSignal 62/100
62.60.131.60
Location
Iran, Islamic Republic ofTehran, CA
ASN
AS208137
Feo Prest SRL
First Seen
Sep 27, 2025
Last Seen
May 28, 2026
Found in 11 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
62%
Signal Score
62 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK
MITRE ATT&CK TTPs
Network Information
CountryIran, Islamic Republic of
Iran, Islamic Republic ofRegionTehran, CA
ASNAS208137
OrganizationFeo Prest SRL
IP Category
⟲
Proxy
Proxy server
⊕
VPN
VPN exit node
Feed Intelligence Summary
11 reports62% confidence
11
Source reports
62%
Confidence score
Category tags
abuseaccess attemptsactive scanactive scanningadbadbhoney honeypotasiaattackattacking-ipsaustraliaautomated attackautomated attacksautomated threatbad reputationbad web botbotnetbotnet activitybotnet-activitybrute forcebrute force attackbrute force attackerbrute force attacksbrute-forcebrute_forcebruteforceciscocisco asacisco devicecisco exploitation attemptscloud environmentcloud infrastructurecloud-infrastructurecloud_infrastructurecommunication protocolcompromised credentialscowriecowrie honeypotcredential accesscredential access attemptscredential attackcredential attackscredential brute forcecredential guessingcredential harvestingcredential stuffingdata encryptiondata exfiltrationdata store exposuredatabase securityddosddos attackdecoy systemdenial of servicedevice managementdigital oceandigitalocean infrastructuredionaeadionaea honeypotemailencryptionenterprise networkingeuropeexploitexploit attemptsexploitation activityexploited hostexternal attackexternal-threatexternal_threatfailed loginfattftpftp brute forceftp brute-forcegbhackinghoneytrap honeypothttp brute forcehttp scanneridentity & access exploitationindicators-of-compromiseinitial_accessinjection activityinjection attacksinternet-scanninginternet-wide observationinternet-wide scaniot securityiot targetedipv4ipv4 activityipv4 indicatorsipv4-addressesipv4-scanningipv4_activityiriranlamplateral movementlinux systemsmailoney activitymailoney honeypotmalicious activitymalicious infrastructuremalicious sftp activitymalicious softwaremalicious ssh activitymalwaremalware attemptmalware behaviourmalware capturemalware distributionmalware downloadmass-scanningmonthlymssqlnetherlandsnetworknetwork discoverynetwork enumerationnetwork infrastructurenetwork intrusion attemptsnetwork probingnetwork protocolnetwork reconnaissancenetwork scanningnetwork securitynetwork service scanningnetwork traffic analysisnetwork-reconnaissancenetwork_discoverynetwork_scannetwork_scanningnlnorth americaoceaniaopen proxyopportunistic-attackp0fpassword attacksphishingphishing attackphishing trapport-scanningportscanpossible malware propagationpotential compromisepre-attackprocess injectionprotocol exploitationproxypublic cloud targetingransomwarereconnaissanceremote accessremote servicesresearchedresource hijackingscannerscannersscanning activityscripting attackssecurity operationssensor-taggedsentrypeer botnetserver exploitationservice scansftpsftp access attemptssftp attacksftp attemptsingaporesmtpsocial engineeringsocradar honeypotsql injectionsshssh attackssh monitoringt1018t1021t1021.001t1021.002t1021.004t1040t1041t1046t1055t1059t1059.003t1059.007t1071.001t1071.002t1076t1077t1078t1110t1110.001t1110.002t1110.003t1110.004t1133t1190t1203t1210t1486t1496t1499.001t1499.002t1505.002t1563t1565t1566.001t1566.002t1566.003t1566.004t1589t1590t1592t1595t1595.001t1595.002t1595.003tannertargeting databasetelnet threatthreat actorthreat detectionthreat intelligencethreat-intelligencetor nodetpotunattributed activityunauthorized accessunauthorized access attemptunited kingdomunited statesvnc protocolvoip attackvpnvpn ipvulnerability scanvulnerability-scanningvultrweb app attackweb application attackweb attackweb exploitationweb serversweb shell uploadsweb traffic
Activity Timeline
May 28May 28
Threat Activity Heatmap
· Peak: 2026-05-28LessMore
Mon
Wed
Fri
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
1
Minimal
Threat ScoreMedium Risk
62
SIGNAL
Signal Score
62%
Confidence
11
Reports
First seenSep 27, 2025
Last seenMay 28, 2026
GeolocationIR
CountryIran, Islamic Republic of
LocationTehran, CA
ASNAS208137
OrgFeo Prest SRL
Coords34.0544, -118.2440
ProxyVPN
VirusTotal
Not checked
WHOIS
- description
- Seen in CiscoASA honeypot logs within the configured window. request: GET / HTTP/1.1" 200 - geo: IR; ASN 208137 (Feo Prest SRL)
- raw
- inetnum: 62.60.131.0 - 62.60.131.255 org: ORG-FPS12-RIPe descr: FEO PREST SRL netname: FEO country: GB admin-c: IA7649-RIPE tech-c: IA7649-RIPE status: ASSIGNED PA mnt-by: mm500-mnt created: 2025-07-12T09:39:59Z last-modified: 2025-09-13T07:55:52Z source: RIPE organisation: ORG-FPS12-RIPE reg-nr: 19186487 mnt-ref: wcd org-name: Feo Prest SRL org-type: OTHER address: VALU LUI TRAIAN, Str. PLUGARILOR, Nr. 5A, judet CONSTANTA country: RO abuse-c: ACRO60442-RIPE mnt-ref: FeoPrest-MNT mnt-by: FeoPrest-MNT created: 2025-05-20T19:33:50Z last-modified: 2026-04-29T06:02:42Z source: RIPE # Filtered role: IIC-RAIL-LIMITED address: 27 UXENDON CRESCENT WEMBLEY MIDDLESEX UNITED KINGDOM nic-hdl: IA7649-RIPE mnt-by: IIC-RAIL-LIMITED-MNT created: 2025-09-02T16:10:26Z last-modified: 2025-09-02T16:10:26Z source: RIPE # Filtered route: 62.60.131.0/24 org: ORG-FPS12-RIPE origin: AS208137 mnt-by: mm500-mnt created: 2025-09-13T07:48:05Z last-modified: 2025-09-13T07:53:20Z source: RIPE organisation: ORG-FPS12-RIPE reg-nr: 19186487 mnt-ref: wcd org-name: Feo Prest SRL org-type: OTHER address: VALU LUI TRAIAN, Str. PLUGARILOR, Nr. 5A, judet CONSTANTA country: RO abuse-c: ACRO60442-RIPE mnt-ref: FeoPrest-MNT mnt-by: FeoPrest-MNT created: 2025-05-20T19:33:50Z last-modified: 2026-04-29T06:02:42Z source: RIPE # Filtered
- references
- https://jamesbrine.com.au/digitaloceansingapore-portscan-bruteforce-ip-list-2026-04-03/, https://jamesbrine.com.au, https://jamesbrine.com.au/digitaloceansingapore-portscan-bruteforce-ip-list-2026-04-02/, https://jamesbrine.com.au/digitaloceansingapore-portscan-bruteforce-ip-list-2026-04-01/, https://jamesbrine.com.au/digitaloceansingapore-portscan-bruteforce-ip-list-2026-03-31/, https://jamesbrine.com.au/digitaloceansingapore-portscan-bruteforce-ip-list-2026-03-30/, https://jamesbrine.com.au/digitaloceansingapore-portscan-bruteforce-ip-list-2026-03-29/, https://jamesbrine.com.au/digitaloceansingapore-portscan-bruteforce-ip-list-2026-03-28/, https://jamesbrine.com.au/digitaloceansingapore-portscan-bruteforce-ip-list-2026-03-27/, https://jamesbrine.com.au/digitaloceansingapore-portscan-bruteforce-ip-list-2026-03-26/, https://jamesbrine.com.au/digitaloceansingapore-portscan-bruteforce-ip-list-2026-03-25/, https://jamesbrine.com.au/digitaloceansingapore-portscan-bruteforce-ip-list-2026-03-23/, https://jamesbrine.com.au/digitaloceansingapore-portscan-bruteforce-ip-list-2026-03-22/, https://jamesbrine.com.au/digitaloceansingapore-portscan-bruteforce-ip-list-2026-03-21/, https://jamesbrine.com.au/digitaloceansingapore-portscan-bruteforce-ip-list-2026-03-20/, https://jamesbrine.com.au/digitaloceansingapore-portscan-bruteforce-ip-list-2026-03-19/, https://jamesbrine.com.au/digitaloceansingapore-portscan-bruteforce-ip-list-2026-03-18/, https://jamesbrine.com.au/digitaloceansingapore-portscan-bruteforce-ip-list-2026-03-17/, https://jamesbrine.com.au/digitaloceanlondon-portscan-bruteforce-ip-list-2026-04-15/, https://jamesbrine.com.au/vultrtokyo-portscan-bruteforce-ip-list-2026-04-15/, https://jamesbrine.com.au/digitaloceansingapore-portscan-bruteforce-ip-list-2026-03-16/, https://jamesbrine.com.au/digitaloceansingapore-portscan-bruteforce-ip-list-2026-03-15/, https://jamesbrine.com.au/digitaloceansingapore-portscan-bruteforce-ip-list-2026-03-14/, https://jamesbrine.com.au/digitaloceansingapore-portscan-bruteforce-ip-list-2026-03-13/, https://jamesbrine.com.au/digitaloceansingapore-portscan-bruteforce-ip-list-2026-03-12/, https://jamesbrine.com.au/digitaloceansingapore-portscan-bruteforce-ip-list-2026-03-11/, https://jamesbrine.com.au/digitaloceansingapore-portscan-bruteforce-ip-list-2026-03-09/, https://jamesbrine.com.au/digitaloceansingapore-portscan-bruteforce-ip-list-2026-03-08/, https://jamesbrine.com.au/digitaloceansingapore-portscan-bruteforce-ip-list-2026-04-04/, https://github.com/telekom-security/tpotce
Export & API
STIX 2.1 Bundle
CSV Export
Permalink
IOC Journey
mediumFirst detected 9 months ago · Last seen 1 month ago
Appeared in 11 threat reports