IOC Radar
IPMediumSignal 61/100

176.65.139.91

Location
United KingdomUnited Kingdom
Eygelshoven, Noord-Holland
ASN
AS214472
Storm Industries
First Seen
Feb 14, 2025
Last Seen
Jun 20, 2026
Feb 14
First Seen
493d ago
Jun 20
Last Seen
2d ago
15
Reports
source reports
61%
Confidence
medium
Found in 15 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
61%
Signal Score
61 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

29 techniques

Network Information

CountryGBUnited Kingdom
RegionEygelshoven, Noord-Holland
ASNAS214472
OrganizationStorm Industries

Feed Intelligence Summary

15 reports61% confidence
15
Source reports
61%
Confidence score
Category tags
abuseactive scanactive scanningaptasyncratbad reputationbianlianbotnetbotnet activitybrute forcebrute force attackbrute-forcebruteforcec2cobaltstrikecommand & controlcommand and controlcowriecowrie honeypotcredential accesscredential harvestingcredential stuffingdanabotdata exfiltrationdata store exposuredcratddosdedecoy systemdenial of servicedionaeadionaea honeypotdistributed attackseuropeexploitation activityexploited hostfattgbgermanyhackinghak5_cloud_c2havochoneytrap honeypothookbotidentity & access exploitationindicatorinfrastructure acquisitionreconnaissanceinjection activitylumailoney honeypotmalicious activitymalicious softwaremalwaremalware behaviourmalware capturemanualmythicnetherlandsnetsupportratnetworknlp0fpassword attackspegasusphishingphishing attackphishing trapprocess injectionqakbotransomwarereconnaissanceremcosremcos trojanremote accessremote servicesresearchedresource hijackingscannersensor-taggedsentrypeer botnetsliversocial engineeringsshssh attackssh monitoringsupershellt1005t1021.001t1055t1059t1059.003t1071t1071.001t1105t1110.001t1110.002t1110.003t1110.004t1190t1203t1486t1496t1499.001t1499.002t1499.003t1565t1566t1566.001t1566.002t1566.003t1587.001t1590.001t1595.001t1595.002t1595.003tannerthreat actorthreat detectionthreat intelligencetor nodetpotunited kingdomunknown groupvoip attackweb application attackweb exploitation

Activity Timeline

1 total obs
Jun 20Jun 20

Threat Activity Heatmap

· Peak: 2026-06-20
Less
More
Mon
Wed
Fri
Jun
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
·
·
24h
0
Dormant
7d
1
Minimal
30d
1
Minimal
3mo
1
Minimal
Threat ScoreMedium Risk
61
SIGNAL
Signal Score
61%
Confidence
15
Reports
First seenFeb 14, 2025
Last seenJun 20, 2026
GeolocationGB
CountryUnited Kingdom
LocationEygelshoven, Noord-Holland
ASNAS214472
OrgStorm Industries
Coords52.3785, 4.9000

VirusTotal

Not checked

WHOIS

raw
inetnum: 176.65.139.0 - 176.65.139.255 netname: PFCLOUD-NET org: ORG-SI335-RIPE country: NL admin-c: SNO38-RIPE tech-c: SNO38-RIPE status: ASSIGNED PA created: 2026-01-28T13:14:37Z last-modified: 2026-02-23T13:52:04Z source: RIPE mnt-by: MNT-ZEXOTEK organisation: ORG-SI335-RIPE org-name: Storm Industries org-type: OTHER address: United Kingdom, Aberdare mnt-ref: MNT-ZEXOTEK abuse-c: ACRO63650-RIPE mnt-ref: STORMINDUSTRIES-MNT created: 2026-02-21T21:08:51Z last-modified: 2026-02-22T13:44:07Z source: RIPE # Filtered mnt-by: STORMINDUSTRIES-MNT role: StormCloud Network Operations address: United Kingdoms, Aberdare abuse-mailbox: [email protected] nic-hdl: SNO38-RIPE mnt-by: STORMCLOUD-MNT created: 2026-02-21T21:02:21Z last-modified: 2026-02-22T01:23:53Z source: RIPE # Filtered route: 176.65.139.0/24 origin: AS214472 created: 2026-03-18T17:56:01Z last-modified: 2026-03-18T17:56:01Z source: RIPE mnt-by: MNT-ZEXOTEK route: 176.65.139.0/24 origin: AS51396 created: 2026-01-28T13:15:05Z last-modified: 2026-01-28T13:15:05Z source: RIPE mnt-by: MNT-ZEXOTEK
references
https://threatfox.abuse.ch/export/csv/recent/, https://x.com/drb_ra/status/1890222770212032998, https://x.com/drb_ra/status/1890291180782358558, https://x.com/drb_ra/status/1890291251326726642, https://x.com/drb_ra/status/1890291271115386949, https://x.com/drb_ra/status/1890291790328262694, https://x.com/drb_ra/status/1890291810880352685, https://x.com/drb_ra/status/1890291829398274360, https://x.com/drb_ra/status/1890291850189349027, https://x.com/drb_ra/status/1890291875959173446, https://x.com/drb_ra/status/1890291902991552723, https://x.com/drb_ra/status/1890291925682647431, https://x.com/drb_ra/status/1890291948554187114, https://x.com/drb_ra/status/1890291972747018368, https://x.com/drb_ra/status/1890291994364375336, https://x.com/drb_ra/status/1890292016342528219, https://x.com/drb_ra/status/1890292037829947744, https://x.com/drb_ra/status/1890292059518746834, https://x.com/drb_ra/status/1890292082574782467, https://x.com/drb_ra/status/1890292105630924952, https://x.com/drb_ra/status/1890292128523383020, https://x.com/drb_ra/status/1890292152053481695, https://x.com/drb_ra/status/1890292670792372531, https://x.com/drb_ra/status/1890292692439203872, https://x.com/drb_ra/status/1890292711833637215, https://x.com/drb_ra/status/1890292731383300504, https://x.com/drb_ra/status/1890292751151034402, https://x.com/drb_ra/status/1890292772609097766, https://x.com/drb_ra/status/1890292795002478747, https://x.com/drb_ra/status/1890292817005801504, https://x.com/drb_ra/status/1890292840137388317, https://x.com/drb_ra/status/1890292863428350077, https://x.com/drb_ra/status/1890292887008735702, https://x.com/drb_ra/status/1890325271997198597, https://x.com/drb_ra/status/1890357146308452397, https://x.com/drb_ra/status/1890357166424367456, https://x.com/drb_ra/status/1890357184791224403, https://x.com/drb_ra/status/1890357205569790361, https://x.com/drb_ra/status/1890357226000339343, https://x.com/drb_ra/status/1890357246145487106, https://x.com/drb_ra/status/1890357264072024564, https://x.com/drb_ra/status/1890357283340640544, https://x.com/drb_ra/status/1890359822261870712, https://x.com/drb_ra/status/1890473253568667767, https://x.com/drb_ra/status/1890473258731897180, https://x.com/drb_ra/status/1890473270236852447, https://x.com/drb_ra/status/1890473273831383480, https://x.com/drb_ra/status/1890473280806510699, https://x.com/drb_ra/status/1890473294123397529, https://x.com/drb_ra/status/1890473315883483158, https://x.com/drb_ra/status/1890473337660268735, https://x.com/drb_ra/status/1890473360380907807, https://x.com/drb_ra/status/1890473382358982903, https://x.com/drb_ra/status/1890473404894990721, https://x.com/drb_ra/status/1890473426860601702, https://x.com/drb_ra/status/1890473448658399614, https://x.com/drb_ra/status/1890473470619763163, https://x.com/drb_ra/status/1890473493768057328, https://x.com/drb_ra/status/1890473516673163748, https://x.com/drb_ra/status/1890473540568166872, https://x.com/drb_ra/status/1890473563938865597, https://x.com/drb_ra/status/1890473587380752496, https://x.com/drb_ra/status/1890473612613718506, https://x.com/drb_ra/status/1890511184614302117, https://x.com/drb_ra/status/1890511265887383671, https://x.com/drb_ra/status/1890535584331923938, https://x.com/drb_ra/status/1890535582763303310, https://x.com/drb_ra/status/1890535609971749358, https://x.com/drb_ra/status/1890535632755101791, https://x.com/drb_ra/status/1890535652720038021, https://x.com/drb_ra/status/1890535687398584739

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 1 year ago · Last seen 2 days ago
Appeared in 15 threat reports