IPMediumSignal 54/100

`176.65.148.58`

Location

Netherlands

Eygelshoven, Rheinland-Pfalz

ASN

AS51396

Pfcloud UG

First Seen

May 4, 2025

Last Seen

Jun 8, 2026

May 4

First Seen

403d ago

Jun 8

Last Seen

3d ago

Reports

source reports

54%

Confidence

medium

14/91

VirusTotal

detections

Found in 14 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.

IPv4 Address

Network layer indicator observed in threat reports.

MISP Category

Network Activity

Confidence

54%

Signal Score

54 / 100

IDS Rule

Threat Context

MITRE ATT&CK TTPs

75 techniques

Network Information

Country

Netherlands

RegionEygelshoven, Rheinland-Pfalz

ASNAS51396

OrganizationPfcloud UG

Feed Intelligence Summary

14 reports54% confidence

Source reports

54%

Confidence score

Category tags

abuseaccess controlaccount compromiseaccount securityackactive scanactive scanningadministrative accessagentalertaptattackattack vectorsattacker-ipaustraliaauthentication attemptsauthentication failurebad ip'sbad reputationbad web botblacklisted ipbotnetbotnet activitybotnet commandbrutebrute forcebrute force attackbrute force attackerbrute force attacksbrute-forcec&c channelc2 servercins activecloud infrastructurecloud infrastructure attackcloud servicescode-injectioncommand & controlcommand and controlcommunication protocolcompromised hostscowrie honeypotcredential accesscredential harvestingcredential stuffingcredential-attackdata exfiltrationdata store exposuredatabase securityddosddos attackddos attacksdecoy systemdenial of servicedigital oceandionaea honeypotdistributed attacksdshield blocket dropeuropeexploitexploitation activityexploited hostexternal_threatfattfraud voipftpftp brute forceftp brute-forcegermanyhackinghoneytrap honeypothttp scannerhttp scanninghttpshttps trafficicmpidentity & access exploitationinbound scanindicatorinfrastructure reconnaissanceinjection activityinjection attacksinternet of thingsinternet-wide scanintrusion detectioniot attackiot botnetiot securityiot targetediot/ics attackipv4ipv4 port scanningipv4_addresslisted sourceloginlogin attemptsmailoney honeypotmalicious activitymalicious ip listmalicious ipsmalicious linksmalicious network activitymalicious softwaremalicious-ipmalwaremalware activitymalware behaviourmalware capturemalware distributionmelbourne regionmirai botnetnetherlandsnetworknetwork attacksnetwork discoverynetwork intrusionnetwork probenetwork probingnetwork protocolnetwork reconnaissancenetwork scanningnetwork securitynetwork trafficnetwork-reconnaissancenetwork_enumerationnetwork_scannetwork_scanningnlobserved ipoceaniaoperating systemoperating system securityp0fpassword attacksphishingphishing attackphishing trappingpoor reputationportportscanpotential vulnerability scanprivilege escalationprocess injectionprotoprotocol exploitationransomwarereconnaissanceremote accessremote access attemptremote servicesresearchedresource hijackingscams & fraudscanscannerscannersscanning activitysecurity eventsecurity operationssecurity policysensor-taggedsentrypeer botnetservice enumerationservice scansftp attacksocial engineeringsocradar honeypotspamsql injectionsql-injectionsshssh attackssh monitoringsynsyn scansystem accesssystem discoveryt1018t1021t1021.001t1021.002t1021.006t1040t1041t1046t1047t1055t1056.001t1059t1059.001t1059.003t1059.004t1068t1069.001t1071t1071.001t1071.004t1076t1078t1078.001t1078.002t1078.003t1078.004t1083t1088t1105t1110t1110.001t1110.002t1110.003t1110.004t1133t1187t1190t1199t1203t1204t1204.001t1204.002t1210t1486t1496t1499.001t1499.002t1499.003t1562t1562.001t1562.002t1562.006t1563t1564t1564.001t1564.004t1565t1566t1566.001t1566.002t1566.003t1569t1569.002t1573t1573.001t1573.002t1583t1589t1590t1590.005t1592t1595t1595.001t1595.002t1595.003tannertargeting databasetcp protocoltcp scantelnet threatthreat actorthreat detectionthreat intelligencethreat intelligence feedthreat preventionthreat-feedthreat_intelligencetor nodetpottraffic analysisudp port scanudp scanunauthorized accessvnc protocolvoidtrapvoidtrap-intelligencevoip attackvulnerability scanvultrvultr infrastructure targetedvultr_platform_activityweb app attackweb application attackweb exploitationweb securityweb spamweb trafficweb-application-attack

Activity Timeline

1 total obs

Jun 8Jun 8

Threat Activity Heatmap

Less

Mon

Wed

Fri

Jun

Jul

Aug

Sep

Oct

Nov

Dec

Jan

Feb

Mar

Apr

May

Jun

24h

Dormant

Minimal

30d

Minimal

3mo

Minimal

Threat ScoreMedium Risk

SIGNAL

Signal Score

54%

Confidence

Reports

First seenMay 4, 2025

Last seenJun 8, 2026

GeolocationNL

CountryNetherlands

LocationEygelshoven, Rheinland-Pfalz

ASNAS51396

OrgPfcloud UG

Coords49.1108, 8.1866

VirusTotal

14/ 91vendors flagged

15% detection rateJun 8, 2026

WHOIS

description: Score: 100/100 | Detector: threat_feed | Label: reported_abuse | Tags: reported_abuse, abuseipdb
raw: inetnum: 176.65.148.0 - 176.65.148.255 netname: PF-CLOUD-NET-1 country: NL org: ORG-PU39-RIPE admin-c: AA42303-RIPE tech-c: AA42303-RIPE geofeed: https://api.geofeed.space/pfcloud/geofeed.txt status: ASSIGNED PA mnt-by: MNT-ZEXOTEK created: 2025-04-09T07:19:59Z last-modified: 2025-09-08T10:51:36Z source: RIPE organisation: ORG-PU39-RIPE org-type: OTHER org-name: Pfcloud UG address: Lilienstra�e 5 address: 94051 Hauzenberg country: DE abuse-c: AA42303-RIPE mnt-ref: pfcloud-mnt mnt-ref: gold-mnt mnt-ref: lir-ae-goldip-1-mnt mnt-ref: mnt-de-xsserver-1 mnt-ref: Mnt-zexotek mnt-by: pfcloud-mnt created: 2023-11-26T15:29:32Z last-modified: 2026-02-21T19:59:51Z source: RIPE # Filtered role: Admin address: Lilienstra�e 5, 94051 Hauzenberg remarks: ------------------------------------------------------------------------------- remarks: For all operational or administrative inquiries, please contact [email protected] remarks: Do not send abuse reports to this address. remarks: ------------------------------------------------------------------------------- remarks: Auskunftsersuchen / Information Requests should only be sent to the following email: remarks: [email protected] remarks: ------------------------------------------------------------------------------- abuse-mailbox: [email protected] nic-hdl: AA42303-RIPE mnt-by: pfcloud-mnt created: 2023-11-26T15:27:29Z last-modified: 2025-11-17T20:55:52Z source: RIPE # Filtered route: 176.65.148.0/24 origin: AS51396 mnt-by: MNT-ZEXOTEK created: 2025-04-09T07:22:39Z last-modified: 2025-04-09T07:22:39Z source: RIPE

`176.65.148.58`

MITRE ATT&CK TTPs

Network Information

Feed Intelligence Summary

Activity Timeline

Threat Activity Heatmap

VirusTotal

WHOIS

Export & API

IOC Journey

We value your privacy