IOC Radar
IPMediumSignal 48/100

65.109.242.126

Location
FinlandFinland
Helsinki, Uusimaa
ASN
AS24940
Hetzner Online GmbH
First Seen
Jul 18, 2025
Last Seen
May 21, 2026
Jul 18
First Seen
330d ago
May 21
Last Seen
23d ago
6
Reports
source reports
48%
Confidence
medium
Found in 6 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
48%
Signal Score
48 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

16 techniques

Network Information

CountryFIFinland
RegionHelsinki, Uusimaa
ASNAS24940
OrganizationHetzner Online GmbH

Feed Intelligence Summary

6 reports48% confidence
6
Source reports
48%
Confidence score
Category tags
active scanactive scanningbrute forcebrute force attackc2command & controlcredential accesscredential stuffingdata exfiltrationdata store exposuredata thefteuropeexploitation activityfifinlandidentity & access exploitationindicatorinfostealerinjection activitymalicious softwaremalwarenetworkpassword attacksprocess injectionreconnaissanceresearchedscannert1005t1041t1055t1071t1071.001t1110.001t1110.002t1110.003t1110.004t1486t1565t1567t1573t1595.001t1595.002t1595.003vidar

Activity Timeline

1 total obs
May 21May 21

Threat Activity Heatmap

· Peak: 2026-05-21
Less
More
Mon
Wed
Fri
Jun
·
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
24h
0
Dormant
7d
0
Dormant
30d
1
Minimal
3mo
1
Minimal
Threat ScoreMedium Risk
48
SIGNAL
Signal Score
48%
Confidence
6
Reports
First seenJul 18, 2025
Last seenMay 21, 2026
GeolocationFI
CountryFinland
LocationHelsinki, Uusimaa
ASNAS24940
OrgHetzner Online GmbH
Coords60.1695, 24.9354

VirusTotal

Not checked

WHOIS

raw
inetnum: 65.109.240.0 - 65.109.255.255 netname: CLOUD-HEL1 country: FI status: ASSIGNED PA org: ORG-HOA1-RIPE admin-c: HOAC1-RIPE tech-c: HOAC1-RIPE mnt-by: HOS-GUN remarks: INFRA-AW created: 2023-12-12T12:40:46Z last-modified: 2023-12-12T12:40:46Z source: RIPE organisation: ORG-HOA1-RIPE org-name: Hetzner Online GmbH country: DE org-type: LIR address: Industriestrasse 25 address: D-91710 address: Gunzenhausen address: GERMANY phone: +49 9831 5050 fax-no: +49 9831 5053 admin-c: MF1400-RIPE admin-c: GM834-RIPE admin-c: HOAC1-RIPE admin-c: MH375-RIPE admin-c: SK2374-RIPE admin-c: SK8441-RIPE abuse-c: HOAC1-RIPE mnt-ref: RIPE-NCC-HM-MNT mnt-ref: HOS-GUN mnt-by: RIPE-NCC-HM-MNT mnt-by: HOS-GUN created: 2004-04-17T11:07:58Z last-modified: 2022-11-22T18:32:44Z source: RIPE # Filtered role: Hetzner Online GmbH - Contact Role address: Hetzner Online GmbH address: Industriestrasse 25 address: D-91710 Gunzenhausen address: Germany phone: +49 9831 505-0 fax-no: +49 9831 505-3 abuse-mailbox: [email protected] remarks: ************************************************* remarks: * For spam/abuse/security issues please contact * remarks: * [email protected], or fill out the form at * remarks: * abuse.hetzner.com, thank you. * remarks: ************************************************* remarks: remarks: ************************************************* remarks: * Any questions on Peering please send to * remarks: * [email protected] * remarks: ************************************************* org: ORG-HOA1-RIPE admin-c: MH375-RIPE tech-c: GM834-RIPE tech-c: SK2374-RIPE tech-c: MF1400-RIPE tech-c: SK8441-RIPE tech-c: DD15478-RIPE nic-hdl: HOAC1-RIPE mnt-by: HOS-GUN created: 2004-08-12T09:40:20Z last-modified: 2022-11-22T18:33:55Z source: RIPE # Filtered route: 65.109.0.0/16 org: ORG-HOA1-RIPE descr: HETZNER-DC origin: AS24940 mnt-by: HOS-GUN created: 2021-06-25T09:20:18Z last-modified: 2021-06-25T09:20:18Z source: RIPE organisation: ORG-HOA1-RIPE org-name: Hetzner Online GmbH country: DE org-type: LIR address: Industriestrasse 25 address: D-91710 address: Gunzenhausen address: GERMANY phone: +49 9831 5050 fax-no: +49 9831 5053 admin-c: MF1400-RIPE admin-c: GM834-RIPE admin-c: HOAC1-RIPE admin-c: MH375-RIPE admin-c: SK2374-RIPE admin-c: SK8441-RIPE abuse-c: HOAC1-RIPE mnt-ref: RIPE-NCC-HM-MNT mnt-ref: HOS-GUN mnt-by: RIPE-NCC-HM-MNT mnt-by: HOS-GUN created: 2004-04-17T11:07:58Z last-modified: 2022-11-22T18:32:44Z source: RIPE # Filtered

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 11 months ago · Last seen 23 days ago
Appeared in 6 threat reports