IPMediumSignal 100/100
85.109.189.83
Location
TürkiyeYukarıkaraman, Antalya
ASN
AS9121
TurkTelecom
First Seen
Jul 29, 2022
Last Seen
Apr 7, 2026
Found in 18 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
99%
Signal Score
100 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK
MITRE ATT&CK TTPs
Network Information
CountryTürkiye
TürkiyeRegionYukarıkaraman, Antalya
ASNAS9121
OrganizationTurkTelecom
Feed Intelligence Summary
18 reports99% confidence
18
Source reports
99%
Confidence score
Category tags
abuseaccess controlactive scanactive scanningattackauto-generated securitybad reputationbotnetbotnet activitybotnet activity detectedbrute forcebrute force attackbrute force attacksbrute force attemptc2 communicationcommand & controlcommand and controlcommunication protocolcompromised credentialscompromised hostscompromised systemcowrie honeypotcredential accesscredential harvestingcredential stuffingdata exfiltrationdata store exposureddosddos attacksdecoy systemdenial of servicedistributed attackseurope/asiaexploitexploit attemptsexploitation activityexploited hosthackinghoneytrap honeypotidentity & access exploitationindicatorinfrastructure acquisitionreconnaissanceinitiator ipinjection activityinternet of thingsintrusion detectioniociot botnetiot securityiot/ics attacklampmalicious activitymalicious domainmalicious linksmalicious network activitymalicious sftp activitymalicious softwaremalicious ssh activitymalwaremalware distributionmanualmirai botnetnetworknetwork attacksnetwork intrusionnetwork probingnetwork scanningnetwork securitynetwork service scanningpassword attacksphishingphishing attackprocess injectionprotocol exploitationreconnaissanceresearchedresource hijackingrtbhscanscannersecurity operationssecurity policysentrypeer botnetservice scansftp attacksocial engineeringspamssh attackssh monitoringt1003t1021.002t1021.004t1040t1041t1046t1055t1056.001t1059t1059.001t1071t1071.001t1078t1110t1110.001t1110.002t1110.003t1110.004t1133t1190t1204.001t1486t1496t1497t1499.001t1499.002t1499.003t1565t1566t1566.001t1566.002t1566.003t1587.001t1590.001t1595t1595.001t1595.002t1595.003tcp protocoltcp/23telecommunicationstelnet threatthreat actorthreat detectionthreat intelligencethreat preventiontor nodetrturkeyvoipvoip attackweb security
Activity Timeline
Apr 7Apr 7
Threat Activity Heatmap
· Peak: 2026-04-07LessMore
Mon
Wed
Fri
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
1
Minimal
Threat ScoreHigh Risk
100
SIGNAL
Signal Score
99%
Confidence
18
Reports
First seenJul 29, 2022
Last seenApr 7, 2026
GeolocationTR
CountryTürkiye
LocationYukarıkaraman, Antalya
ASNAS9121
OrgTurkTelecom
Coords36.9156, 30.6538
VirusTotal
Not checked
WHOIS
- description
- Scans hitting the server at TCP port 23 Telnet. Same IP should not appear more than once in 96 hours in our lists S3#.
- raw
- inetnum: 85.109.0.0 - 85.109.255.255 netname: TurkTelekom descr: Turk Telekom Statik ADSL-ISP country: tr admin-c: TTBA1-RIPE tech-c: TTBA1-RIPE status: ASSIGNED PA mnt-by: as9121-mnt created: 2005-10-26T06:30:16Z last-modified: 2014-07-01T14:43:27Z source: RIPE # Filtered role: TT Administrative Contact Role address: Turk Telekomunikasyon A.S Turgut Ozal Blv. Aydinlikevler address: 06103 ANKARA TURKEY phone: +90 312 555 0000 fax-no: +90 312 313 1924 admin-c: BADB3-RIPE abuse-mailbox: [email protected] tech-c: BADB3-RIPE tech-c: BADB3-RIPE tech-c: BADB3-RIPE nic-hdl: TTBA1-RIPE mnt-by: AS9121-MNT created: 2002-02-28T12:22:28Z last-modified: 2022-01-28T07:15:56Z source: RIPE # Filtered route: 85.109.128.0/17 descr: TurkTelecom origin: AS9121 mnt-by: AS9121-MNT created: 2006-11-20T06:43:56Z last-modified: 2006-11-20T06:43:56Z source: RIPE
Export & API
STIX 2.1 Bundle
CSV Export
Permalink
IOC Journey
mediumFirst detected 3 years ago · Last seen 2 months ago
Appeared in 18 threat reports