IOC Radar
IPMediumSignal 100/100

91.93.135.60

Location
TurkeyTurkey
Istanbul, 34
ASN
AS34984
Norm Yazilim ve Internet Hizmetleri
First Seen
Sep 7, 2024
Last Seen
Apr 26, 2026
Sep 7
First Seen
641d ago
Apr 26
Last Seen
46d ago
13
Reports
source reports
99%
Confidence
medium
Found in 13 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
99%
Signal Score
100 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

30 techniques

Network Information

CountryTRTurkey
RegionIstanbul, 34
ASNAS34984
OrganizationNorm Yazilim ve Internet Hizmetleri

Feed Intelligence Summary

13 reports99% confidence
13
Source reports
99%
Confidence score
Category tags
abuseaccess controlactive scanactive scanningattackbad reputationbad web botblog spambotnetbotnet activitybrute forcebrute force attackbrute force attemptcommand and controlcommunication protocolcompromised hostcredential accesscredential stuffingctadata exfiltrationdata store exposureddosddos attacksdecoy systemdenial of servicedistributed attackseurope/asiaexfiltrationexploitation activityexploited hosthackingidentity & access exploitationindicatorinjection activityinternet of thingsintrusion detectioniociot botnetiot securityiot/ics attacklateral movementmalicious activitymalicious network activitymalicious softwaremalwaremirai botnetnetworknetwork attacksnetwork intrusionnetwork probingnetwork scanningnetwork securitynetwork service scanningnetwork traffic analysispassword attacksprocess injectionprotocol exploitationransomwarereconnaissanceremote accessresearchedscanscannersecurity policyservice scansocradar honeypotspamssh attackt1021.002t1040t1046t1055t1056.001t1059.001t1071t1071.001t1078t1105t1110t1110.001t1110.002t1110.003t1110.004t1133t1190t1203t1486t1496t1497t1499.001t1499.002t1499.003t1565t1573t1595t1595.001t1595.002t1595.003tcp protocoltcp/23telnet threatthreat actorthreat intelligencethreat preventiontor nodetrturkeyvulnerability scanweb application attackweb exploitationweb spam

Activity Timeline

1 total obs
Apr 26Apr 26

Threat Activity Heatmap

· Peak: 2026-04-26
Less
More
Mon
Wed
Fri
Jun
·
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
1
Minimal
Threat ScoreHigh Risk
100
SIGNAL
Signal Score
99%
Confidence
13
Reports
First seenSep 7, 2024
Last seenApr 26, 2026
GeolocationTR
CountryTurkey
LocationIstanbul, 34
ASNAS34984
OrgNorm Yazilim ve Internet Hizmetleri
Coords41.0197, 28.9757

VirusTotal

Not checked

WHOIS

description
Scans hitting the server at TCP port 23 Telnet. Same IP should not appear more than once in 96 hours in our lists S3#.
raw
inetnum: 91.93.135.0 - 91.93.135.63 netname: NormYazilim descr: Norm Yazilim ve Internet Hizmetleri country: tr remarks: <<<[email protected]>>> admin-c: OC928-RIPE tech-c: OY154-RIPE status: ASSIGNED PA mnt-by: mnt-teletek created: 2010-05-30T10:43:41Z last-modified: 2010-05-30T18:25:13Z source: RIPE person: Osman CAKIR address: Teletek Telekomunikasyon Hizmetleri ASS address: Ayazma Dere Caddesi Aksit Plaza No:12/1 address: Fulya 34349 Besiktas Istanbul TURKEY phone: +90 212 2277030 fax-no: +90 212 2278700 mnt-by: MNT-TELETEK nic-hdl: OC928-RIPE created: 2007-12-14T13:41:23Z last-modified: 2014-12-24T23:13:03Z source: RIPE person: Omer YUCE address: Ozveren Sokak No: 13/18 Demirtepe address: 06570 Cankaya Ankara-TURKEY phone: +90 312 229 09 80 fax-no: +90 312 229 09 81 nic-hdl: OY154-RIPE mnt-by: MNT-TELETEK created: 2010-05-30T18:21:07Z last-modified: 2010-05-30T18:21:07Z source: RIPE # Filtered route: 91.93.135.0/24 origin: AS34984 mnt-by: mnt-teletek created: 2018-01-05T17:37:08Z last-modified: 2018-01-05T17:37:08Z source: RIPE
references
https://malware-filter.gitlab.io/malware-filter/botnet-filter.txt

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 1 year ago · Last seen 1 month ago
Appeared in 13 threat reports