IOC Radar
IPMediumSignal 67/100

176.65.148.253

Location
GermanyGermany
Eygelshoven, Bavaria
ASN
AS51396
Pfcloud UG
First Seen
May 4, 2025
Last Seen
Jun 3, 2026
May 4
First Seen
406d ago
Jun 3
Last Seen
10d ago
12
Reports
source reports
67%
Confidence
medium
Found in 12 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
67%
Signal Score
67 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

22 techniques

Network Information

CountryDEGermany
RegionEygelshoven, Bavaria
ASNAS51396
OrganizationPfcloud UG

Feed Intelligence Summary

12 reports67% confidence
12
Source reports
67%
Confidence score
Category tags
abuseactive scanactive scanningaptattackbad reputationbotnetbotnet activitybrute forcebrute force attackcommand and controlcowriecredential accesscredential stuffingdata exfiltrationdata store exposureddosdionaeadistributed attackseuropeexploitation activityexploited hostfattftpgermanyhackingidentity & access exploitationinbound scanindicatorinjection activitymalicious activitymalicious ipmalicious softwaremalwaremirainetherlandsnetworknlp0fpassword attacksphishingprocess injectionreconnaissanceremote accessremote servicesresearchedscanscannerscanning activitysecurity operationssensor-taggedssh attackt1021.001t1055t1071t1071.001t1076t1090t1110t1110.001t1110.002t1110.003t1110.004t1486t1496t1498t1499.002t1499.003t1563t1565t1595t1595.001t1595.002t1595.003tannertcptelnetthreat actorthreat intelligencetor nodetpot

Activity Timeline

1 total obs
Jun 3Jun 3

Threat Activity Heatmap

· Peak: 2026-06-03
Less
More
Mon
Wed
Fri
Jun
·
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
24h
0
Dormant
7d
0
Dormant
30d
1
Minimal
3mo
1
Minimal
Threat ScoreMedium Risk
67
SIGNAL
Signal Score
67%
Confidence
12
Reports
First seenMay 4, 2025
Last seenJun 3, 2026
GeolocationDE
CountryGermany
LocationEygelshoven, Bavaria
ASNAS51396
OrgPfcloud UG
Coords48.6242, 13.6687

VirusTotal

Not checked

WHOIS

description
Scans hitting the server at TCP port 23 Telnet. The same IP address may appear more than once a day. S3#
raw
inetnum: 176.65.148.0 - 176.65.148.255 netname: PF-CLOUD-NET-1 country: DE org: ORG-PU39-RIPE admin-c: AA42303-RIPE tech-c: AA42303-RIPE status: ASSIGNED PA mnt-by: MNT-ZEXOTEK created: 2025-04-09T07:19:59Z last-modified: 2025-04-09T16:10:10Z source: RIPE organisation: ORG-PU39-RIPE org-type: OTHER org-name: Pfcloud UG address: Lilienstra�e 5 address: 94051 Hauzenberg country: DE abuse-c: AA42303-RIPE mnt-ref: MNT-NETERRA mnt-ref: pfcloud-mnt mnt-ref: WHITELABEL-MNT mnt-ref: DGTL-MNT mnt-ref: LV-VERNET-HM-MNT mnt-ref: lir-ae-royal-1-MNT mnt-ref: mnt-de-xsserver-1 mnt-ref: Mnt-zexotek mnt-by: pfcloud-mnt created: 2023-11-26T15:29:32Z last-modified: 2025-04-09T11:06:56Z source: RIPE # Filtered role: Admin address: Lilienstra�e 5, 94051 Hauzenberg abuse-mailbox: [email protected] nic-hdl: AA42303-RIPE mnt-by: pfcloud-mnt created: 2023-11-26T15:27:29Z last-modified: 2024-02-08T20:37:11Z source: RIPE # Filtered route: 176.65.148.0/24 origin: AS51396 mnt-by: MNT-ZEXOTEK created: 2025-04-09T07:22:39Z last-modified: 2025-04-09T07:22:39Z source: RIPE

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 1 year ago · Last seen 10 days ago
Appeared in 12 threat reports