IOC Radar
IPMediumSignal 70/100

176.65.141.22

Location
GermanyGermany
Erlenbach, Rheinland-Pfalz
First Seen
Jan 31, 2025
Last Seen
Mar 19, 2026
Jan 31
First Seen
498d ago
Mar 19
Last Seen
86d ago
9
Reports
source reports
70%
Confidence
medium
Found in 9 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
70%
Signal Score
70 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

26 techniques

Network Information

CountryDEGermany
RegionErlenbach, Rheinland-Pfalz
OrganizationZeXoTeK IT-Services GmbH

Feed Intelligence Summary

9 reports70% confidence
9
Source reports
70%
Confidence score
Category tags
abuseaccessactive scanningasiaattackbotnetbrute forcebrute force attackcommand and controlcowriecowrie honeypotcredential accesscredential harvestingcredential stuffingdata exfiltrationdedecoy systemdistributed attacksemaileuropeftp brute forcegermanygithubgroupshoneytrap honeypothong kongindicatorlamplateral movementmailoney honeypotmalicious activitymalicious softwaremalwarenetworknetwork enumerationnetwork scanningpassword attacksphishingphishing attackphishing trappotential malicious activityprocess injectionpythonreconnaissanceresearchedscannerscriptservice enumerationsftpsftp attackslugsmtp brute forcesocial engineeringsshssh attackssh monitoringsurface webt1021t1021.004t1041t1055t1059t1059.004t1071.001t1110t1110.001t1110.002t1110.003t1110.004t1190t1486t1496t1499.002t1499.003t1565t1566.001t1566.002t1566.003t1566.004t1595t1595.001t1595.002t1595.003threat actorthreat detectionunauthorized access attemptsunidentified attacker

Activity Timeline

1 total obs
Mar 19Mar 19

Threat Activity Heatmap

· Peak: 2026-03-19
Less
More
Mon
Wed
Fri
Jun
·
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
1
Minimal
Threat ScoreHigh Risk
70
SIGNAL
Signal Score
70%
Confidence
9
Reports
First seenJan 31, 2025
Last seenMar 19, 2026
GeolocationDE
CountryGermany
LocationErlenbach, Rheinland-Pfalz
OrgZeXoTeK IT-Services GmbH
Coords51.2993, 9.4910

VirusTotal

Not checked

WHOIS

description
Unknown source type: h0neytr4p
raw
inetnum: 176.65.141.0 - 176.65.141.255 netname: NET-3 country: LT admin-c: AA44473-RIPE tech-c: AA44473-RIPE org: ORG-SCL93-RIPE status: ASSIGNED PA mnt-by: MNT-ZEXOTEK created: 2022-11-14T14:04:55Z last-modified: 2025-01-28T15:52:26Z source: RIPE organisation: ORG-SCL93-RIPE org-name: Silent Connection Ltd. country: GB org-type: OTHER address: 321-323 High Road, Romford, RM6 6AX, United Kingdom abuse-c: ACRO56007-RIPE mnt-ref: SILENTCONNECTION-MNT mnt-ref: WHITELABEL-MNT mnt-ref: MNT-ZEXOTEK mnt-by: SILENTCONNECTION-MNT created: 2024-03-24T20:46:42Z last-modified: 2025-01-26T15:22:32Z source: RIPE # Filtered role: ADMIN address: 27 Old Gloucester Street, London, United Kingdom, WC1N 3AX nic-hdl: AA44473-RIPE created: 2025-01-26T15:27:53Z last-modified: 2025-01-26T15:27:53Z source: RIPE # Filtered mnt-by: SILENTCONNECTION-MNT route: 176.65.141.0/24 origin: AS215240 mnt-by: MNT-ZEXOTEK created: 2025-01-26T18:42:37Z last-modified: 2025-01-26T18:42:37Z source: RIPE
references
https://github.com/telekom-security/tpotce

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 1 year ago · Last seen 2 months ago
Appeared in 9 threat reports