IPMediumSignal 52/100
84.54.13.102
Location
TurkeyIstanbul, Istanbul
ASN
AS61084
IMAJWEB Internet Teknoloji Hiz. Ltd. Sti
First Seen
Mar 13, 2025
Last Seen
Jun 2, 2026
Found in 20 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
52%
Signal Score
52 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK
MITRE ATT&CK TTPs
Network Information
CountryTurkey
TurkeyRegionIstanbul, Istanbul
ASNAS61084
OrganizationIMAJWEB Internet Teknoloji Hiz. Ltd. Sti
Feed Intelligence Summary
20 reports52% confidence
20
Source reports
52%
Confidence score
Category tags
abuseaccess controlaccount discoveryaccount profilingaccount takeoveractive scanactive scanningapacheapache attackerattackattack patternaustraliaauthenticationauthentication abuseauthentication attackauthentication bypassautomated attackautomated brute forcebad reputationbad web botblog spambotnetbotnet activitybrute forcebrute force attackbrute force attemptbrute force attemptsc2 communicationcommand & controlcommand and controlcommunication protocolcompromised credentialscompromised hostcompromised systemscredential accesscredential harvestingcredential stuffingdata exfiltrationdata store exposureddosdecoy systemdenial of servicedictionary attackdistributed attackseuropeeurope/asiaexfiltrationexploitationexploitation activityexploitation attemptexploited hostexternal attackexternal ipexternal remote servicesexternal threatfailed login attemptsfinlandhackingidentity & access exploitationimapimap attackindicatorinitial accessinjection activityintrusion detectionioclateral movementlogin attacklogin brute forcelogin brute-forcemalicious activitymalicious softwaremalwaremalware distributionnetworknetwork accessnetwork attacksnetwork boundarynetwork intrusionnetwork probingnetwork protocolnetwork scanningnetwork securitynetwork service scanningnetwork trafficnetwork traffic analysisoceaniapassword attackpassword attackspassword crackingpassword sprayingphishingphishing attackprocess injectionreconnaissanceremote accessremote servicesresearchedscanscannerscanning activitysecurity operationssecurity policyself-signedservice exploitationservice scansocial engineeringspamssh attackt1021t1021.004t1040t1046t1055t1059t1059.004t1071t1071.001t1078t1078.002t1078.003t1078.004t1105t1110t1110.001t1110.002t1110.003t1110.004t1133t1187t1190t1203t1486t1496t1497t1499.001t1499.002t1499.003t1550t1550.002t1555t1555.003t1565t1566.001t1566.002t1566.003t1566.004t1567t1573t1573.001t1583t1583.001t1588t1588.002t1588.004t1589t1589.002t1595t1595.001t1595.002t1595.003tcp protocolthreat actorthreat intelligencethreat preventiontor nodetrtsecturkeyunauthorized accessunauthorized loginvalid accountsvulnerability scanweb application attackweb exploitationweb spam
Activity Timeline
Jun 2Jun 2
Threat Activity Heatmap
· Peak: 2026-06-02LessMore
Mon
Wed
Fri
24h
0
Dormant
7d
0
Dormant
30d
1
Minimal
3mo
1
Minimal
Intelligence SummaryAI Generated
This Indicator of Compromise (IOC), an IPv4 address identified as `84.54.13.102`, is highly significant due to its pervasive listing across numerous reputable threat intelligence feeds and an elevated risk score of 52.04. This consistently reported activity points towards an address heavily involved in malicious operations, presenting a clear and present danger to organizational security. Its detected associations with activities such as SSH brute-forcing and network scanning indicate a high lik…
Threat ScoreMedium Risk
52
SIGNAL
Signal Score
52%
Confidence
20
Reports
First seenMar 13, 2025
Last seenJun 2, 2026
GeolocationTR
CountryTurkey
LocationIstanbul, Istanbul
ASNAS61084
OrgIMAJWEB Internet Teknoloji Hiz. Ltd. Sti
Coords41.0082, 28.9784
VirusTotal
Not checked
WHOIS
- description
- IPV4 hosts detected attempting to brute force SSH on private honeypot
Export & API
STIX 2.1 Bundle
CSV Export
Permalink
IOC Journey
mediumFirst detected 1 year ago · Last seen 18 days ago
Appeared in 20 threat reports