176.65.132.3 Threat Intelligence and Host Information

Mar 13, 2026 ipinfopage

General

IP Address

176.65.132.3

IPv4 Address

Location

🇩🇪 Germany

Network

AS56325

Diogelo Ltd.

Threat Score

70/100

High Risk

2026-02asyncratautomatedAutomatedautomated-huntblacklistbotnetc2-infrastructure

Attack Intelligence

MITRE ATT&CK Techniques

T1005 - Data from Local System, T1027 - Obfuscated Files or Information, T1041 - Exfiltration Over C2 Channel, T1055 - Process Injection, T1056.001 - Keylogging, T1059.001 - PowerShell, T1071.001 - Web Protocols, T1105 - Ingress Tool Transfer, T1219 - Remote Access Software, T1528 - Steal Application Access Token, T1539 - Steal Web Session Cookie, T1555.003 - Credentials from Web Browsers

Open Ports Detected

Geographic Location

Country

Germany

City

Unknown

Region

Unknown

Coordinates

51.2993, 9.4910

Network Information

ASN

AS56325

Organization

Diogelo Ltd.

Network

AS56325 Diogelo Ltd.

WHOIS Information

inetnum

176.65.132.0 - 176.65.132.255

netname

VMHeaven

country

admin-c

AA45092-RIPE

tech-c

AA45092-RIPE

geofeed

https://api.geofeed.space/pfcloud/geofeed.txt

org

ORG-VA33504-RIPE

status

ASSIGNED PA

mnt-by

MNT-ZEXOTEK

created

2025-09-08T10:53:24Z

last-modified

2025-09-08T10:53:24Z

organisation

ORG-VA33504-RIPE

org-name

VMHeaven.io

org-type

OTHER

address

abuse@vmheaven.io

abuse-c

AA45188-RIPE

mnt-ref

MNT-ZEXOTEK

role

Abuse

abuse-mailbox

abuse@vmheaven.io

nic-hdl

AA45092-RIPE

route

176.65.132.0/24

origin

AS51396

Known TOR node
Country: Germany
Network:
Noticed: 50 times
Protocols Attacked: portscan
Passive DNS Results: customer-assistance-agent03877.support boa.credit myonlinelogin-recovery2025.support connecticutsecu.live

Disclaimer

This page contains threat intelligence information for the IPv4 address 176.65.132.3 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.