176.65.139.158 Threat Intelligence and Host Information

General

IP Address
176.65.139.158
IPv4 Address
Location
🇩🇪 Germany
DE
Network
AS
Threat Score
50/100
Medium Risk
blacklistBlocklistbotnetbruteforcecowriedigitaloceandionaea
Attack Intelligence
MITRE ATT&CK Techniques
T1595 - Active Scanning
Open Ports Detected
80
Geographic Location
Country
Germany
City
Unknown
Region
Unknown
Coordinates
51.2993, 9.4910
Network Information
ASN
AS
Organization
Network
WHOIS Information
inetnum
176.65.139.0 - 176.65.139.255
netname
PFCLOUD-NET
org
ORG-SI335-RIPE
country
US
admin-c
SNO38-RIPE
tech-c
SNO38-RIPE
status
ASSIGNED PA
created
2026-01-28T13:15:05Z
last-modified
2026-01-28T13:15:05Z
mnt-by
MNT-ZEXOTEK
organisation
ORG-SI335-RIPE
org-name
Storm Industries LLC
reg-nr
0008104963
org-type
OTHER
address
United Kingdoms, Aberdare
mnt-ref
STORMINDUSTRIES-MNT
abuse-c
ACRO63650-RIPE
role
StormCloud Network Operations
abuse-mailbox
abuse@stormindustries.llc
nic-hdl
SNO38-RIPE
route
176.65.139.0/24
origin
AS51396

  • Country: Germany
  • Network:
  • Noticed: 26 times
  • Protocols Attacked: portscan telnet
  • Countries Attacked: China, Germany, Russian Federation, United Kingdom of Great Britain and Northern Ireland, United States of America

CVEs Detected

CVE-2009-2940 CVE-2009-3720 CVE-2020-29396 CVE-2021-32052 CVE-2023-27043 CVE-2023-36632 CVE-2023-40217 CVE-2024-6232 CVE-2024-7592 CVE-2024-9287 CVE-2025-12084 CVE-2025-12781 CVE-2025-13462 CVE-2025-13836 CVE-2025-13837 CVE-2026-3087 CVE-2026-3644 CVE-2026-4519 CVE-2026-6019 CVE-2026-7210

Disclaimer
This page contains threat intelligence information for the IPv4 address 176.65.139.158 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.