IPMediumSignal 47/100
176.65.150.109
Location
NetherlandsEygelshoven, Limburg
ASN
AS51396
Pfcloud UG
First Seen
Jul 8, 2025
Last Seen
Apr 4, 2026
Found in 11 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
47%
Signal Score
47 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK
MITRE ATT&CK TTPs
Network Information
CountryNetherlands
NetherlandsRegionEygelshoven, Limburg
ASNAS51396
OrganizationPfcloud UG
Feed Intelligence Summary
11 reports47% confidence
11
Source reports
47%
Confidence score
Category tags
abuseaccess controlactive scanactive scanningattackbad reputationbotnetbotnet activitybrute forcebrute force attackbrute force attemptcommand and controlcommunication protocolcredential accesscredential harvestingcredential stuffingdata exfiltrationdata store exposureddosddos attacksdecoy systemdionaea honeypotdistributed attackseuropeexploitation activitygermanyhoneytrap honeypotidentity & access exploitationindicatorinjection activityinternet of thingsintrusion detectioniociot botnetiot securityiot/ics attacklampmalicious activitymalicious network activitymalicious softwaremalwaremalware behaviourmalware capturemirai botnetnetherlandsnetworknetwork attacksnetwork intrusionnetwork probingnetwork scanningnetwork securitynetwork service scanningpassword attacksphishingphishing attackprocess injectionprotocol exploitationransomwarereconnaissanceresearchedscanscannersecurity policyservice scansocial engineeringsocradar honeypott1021.002t1040t1046t1055t1056.001t1059.001t1071.001t1078t1110t1110.001t1110.002t1110.003t1110.004t1133t1190t1204.002t1486t1496t1499.001t1499.002t1499.003t1565t1566.001t1566.002t1566.003t1595t1595.001t1595.002t1595.003tcp protocoltelnet threatthreat actorthreat detectionthreat intelligencethreat preventiontor node
Activity Timeline
Apr 4Apr 4
Threat Activity Heatmap
· Peak: 2026-04-04LessMore
Mon
Wed
Fri
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
1
Minimal
Intelligence SummaryAI Generated
This report highlights the critical significance of the Indicator of Compromise (IOC) `176.65.150.109`, an IPv4 address, which has been extensively flagged across numerous reputable threat intelligence feeds, including AbuseIPDB, AlienVault OTX, and SOCRadar Honeypot Feed. The cumulative threat score of 46.55 substantiates its highly suspicious and potentially malicious nature, demanding immediate attention. If this IOC is detected within an organization's network, it strongly indicates ongoing …
Threat ScoreMedium Risk
47
SIGNAL
Signal Score
47%
Confidence
11
Reports
First seenJul 8, 2025
Last seenApr 4, 2026
GeolocationNL
CountryNetherlands
LocationEygelshoven, Limburg
ASNAS51396
OrgPfcloud UG
Coords51.2993, 9.4910
VirusTotal
Not checked
WHOIS
- description
- Scans hitting the server at TCP port 23 Telnet. Same IP should not appear more than once in 96 hours in our lists S3#.
- raw
- inetnum: 176.65.150.0 - 176.65.150.255 netname: PFCLOUD-NET-3 country: DE org: ORG-PU39-RIPE admin-c: AA42303-RIPE tech-c: AA42303-RIPE status: ASSIGNED PA mnt-by: MNT-ZEXOTEK created: 2025-04-09T07:21:19Z last-modified: 2025-04-09T16:11:19Z source: RIPE organisation: ORG-PU39-RIPE org-type: OTHER org-name: Pfcloud UG address: Lilienstra�e 5 address: 94051 Hauzenberg country: DE abuse-c: AA42303-RIPE mnt-ref: MNT-NETERRA mnt-ref: pfcloud-mnt mnt-ref: WHITELABEL-MNT mnt-ref: DGTL-MNT mnt-ref: LV-VERNET-HM-MNT mnt-ref: lir-ae-royal-1-MNT mnt-ref: mnt-de-xsserver-1 mnt-ref: Mnt-zexotek mnt-by: pfcloud-mnt created: 2023-11-26T15:29:32Z last-modified: 2025-04-09T11:06:56Z source: RIPE # Filtered role: Admin address: Lilienstra�e 5, 94051 Hauzenberg abuse-mailbox: [email protected] nic-hdl: AA42303-RIPE mnt-by: pfcloud-mnt created: 2023-11-26T15:27:29Z last-modified: 2024-02-08T20:37:11Z source: RIPE # Filtered route: 176.65.150.0/24 origin: AS51396 mnt-by: MNT-ZEXOTEK created: 2025-04-09T07:23:28Z last-modified: 2025-04-09T07:23:28Z source: RIPE
- references
- https://github.com/telekom-security/tpotce
Export & API
STIX 2.1 Bundle
CSV Export
Permalink
IOC Journey
mediumFirst detected 11 months ago · Last seen 2 months ago
Appeared in 11 threat reports