IOC Radar
IPMediumSignal 28/100

176.65.139.142

Location
United KingdomUnited Kingdom
Eygelshoven, Limburg
ASN
AS214472
Storm Industries
First Seen
Jan 28, 2025
Last Seen
Jun 6, 2026
Jan 28
First Seen
503d ago
Jun 6
Last Seen
8d ago
15
Reports
source reports
28%
Confidence
medium
Found in 15 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
28%
Signal Score
28 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

45 techniques

Network Information

CountryGBUnited Kingdom
RegionEygelshoven, Limburg
ASNAS214472
OrganizationStorm Industries

Feed Intelligence Summary

15 reports28% confidence
15
Source reports
28%
Confidence score
Category tags
abuseactive scanactive scanningattackaustraliaauthentication attackautomated attackbad reputationbotnetbotnet activitybrute forcebrute force attackbrute force attemptcode executioncommand and controlcommand executioncompromised credentialsconpotconpot honeypotcowriecowrie honeypotcredential accesscredential harvestingcredential stuffingctadata exfiltrationdata store exposurededecoy systemdefense evasiondionaeadionaea honeypotdistributed attacksemailenumerationeuropeexploit kit activityexploit scanexploitation activityfail2ban blocked ipftp brute forcegbgermanygithubhackinghoneytrap honeypothttp brute forcehttp scanningics securityidentity & access exploitationindicatorindustrial control systemsinjection activityintrusion detectioniot securityiot/ics attacklamplateral movementmailoney honeypotmalicious activitymalicious softwaremalwaremalware behaviourmalware capturemysql brute forcenetherlandsnetworknetwork intrusionnetwork intrusion attemptsnetwork probingnetwork scanningnetwork securitynloceaniapassword attacksphishingphishing attackphishing trapprivilege escalationprocess injectionprotocol exploitationpythonransomwarereconnaissanceremote accessremote servicesresearchedscannerscripting attackssecurity operationssftpsftp attackslugsmtp brute forcesocial engineeringsocradar honeypotsoftware exploitationsshssh attackssh monitoringsurface webt1021t1021.001t1021.002t1027t1040t1041t1046t1053t1053.005t1055t1059t1059.004t1059.007t1068t1071.001t1076t1078t1078.002t1078.004t1083t1110t1110.001t1110.002t1110.003t1110.004t1133t1190t1203t1486t1496t1499.001t1499.002t1499.003t1555t1563t1565t1566.001t1566.002t1566.003t1566.004t1589t1595t1595.001t1595.002t1595.003tannertelecommunicationstelnet threatthreat actorthreat detectionthreat intelligencetor nodeunauthorized access attemptunited kingdomunited kingdom of great britain and northern irelandweb app attackweb application attacksweb attackweb exploitation

Activity Timeline

1 total obs
Jun 6Jun 6

Threat Activity Heatmap

· Peak: 2026-06-06
Less
More
Mon
Wed
Fri
Jun
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
·
24h
0
Dormant
7d
0
Dormant
30d
1
Minimal
3mo
1
Minimal
Threat ScoreLow Risk
28
SIGNAL
Signal Score
28%
Confidence
15
Reports
First seenJan 28, 2025
Last seenJun 6, 2026
GeolocationGB
CountryUnited Kingdom
LocationEygelshoven, Limburg
ASNAS214472
OrgStorm Industries
Coords51.2993, 9.4910

VirusTotal

Not checked

WHOIS

description
2025-02-19T16:41:40.429Z Honeypot : ConPot : Source: 176.65.139.142 : Port: 10001 Data Type: guardian_ast Event Type: NEW_CONNECTION
raw
inetnum: 176.65.139.0 - 176.65.139.255 netname: NET1 country: LT admin-c: AA44473-RIPE tech-c: AA44473-RIPE org: ORG-SCL93-RIPE status: ASSIGNED PA mnt-by: MNT-ZEXOTEK created: 2025-01-26T18:28:58Z last-modified: 2025-01-28T15:51:45Z source: RIPE organisation: ORG-SCL93-RIPE org-name: Silent Connection Ltd. country: GB org-type: OTHER address: 321-323 High Road, Romford, RM6 6AX, United Kingdom abuse-c: ACRO56007-RIPE mnt-ref: SILENTCONNECTION-MNT mnt-ref: WHITELABEL-MNT mnt-ref: MNT-ZEXOTEK mnt-by: SILENTCONNECTION-MNT created: 2024-03-24T20:46:42Z last-modified: 2025-01-26T15:22:32Z source: RIPE # Filtered role: ADMIN address: 27 Old Gloucester Street, London, United Kingdom, WC1N 3AX nic-hdl: AA44473-RIPE created: 2025-01-26T15:27:53Z last-modified: 2025-01-26T15:27:53Z source: RIPE # Filtered mnt-by: SILENTCONNECTION-MNT route: 176.65.139.0/24 origin: AS215240 mnt-by: MNT-ZEXOTEK created: 2025-03-02T17:15:53Z last-modified: 2025-03-02T17:15:53Z source: RIPE
references
https://raw.githubusercontent.com/ahamed-rizvan/IOCs/refs/heads/main/Malicous%20IP%20Address.txt, https://redpiranha.net, https://github.com/telekom-security/tpotce

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 1 year ago · Last seen 8 days ago
Appeared in 15 threat reports