IP address

Search at other sites:

--176.65.140.160

Shodan(more info)

Passive DNS

IP blacklists

Spamhaus SBL

176.65.140.160 is listed on the Spamhaus SBL blacklist.

Description: The Spamhaus Block List ("SBL") Advisory is a database of IP addresses from which Spamhaus does not recommend the acceptance of electronic mail.
Type of feed: secondary (DNSBL) (feed detail page)

Last checked at: 2025-12-12 12:36:13.953000
Was present on blacklist at: 2025-10-24 12:36, 2025-10-31 12:36, 2025-11-07 12:36, 2025-11-14 12:36, 2025-11-21 12:36, 2025-11-28 12:36, 2025-12-05 12:36, 2025-12-12 12:36

OTX pulses

[68fb00e2b2d0361731cc0f7c] 2025-10-24 04:30:26.227000 | Unpacking NetSupport RAT Loaders Delivered via ClickFix

Author name:	AlienVault
Pulse modified:	2025-10-24 09:14:49.822000
Indicator created:	2025-10-24 04:30:27
Indicator role:	None
Indicator title:
Indicator expiration:	2025-11-23 04:00:00

Origin AS

AS214967 - OPTIBOUNCE

AS44592 - SkyLink

BGP Prefix

176.65.140.0/24

geo

Germany

🕑 Europe/Berlin

hostname

(null)

Address block ('inetnum' or 'NetRange' in whois database)

176.65.128.0 - 176.65.159.255

last_activity

2025-10-24 12:36:01.364000

reserved_range

0

Shodan's InternetDB

Open ports: 21, 22, 80, 443

Tags: self-signed, starttls

CPEs: cpe:/a:openbsd:openssh:8.9p1, cpe:/a:pureftpd:pure-ftpd, cpe:/a:apache:http_server, cpe:/o:canonical:ubuntu_linux

ts_added

2025-10-24 12:36:01.368000

ts_last_update

2025-12-15 12:36:10.547000

Warden event timeline

DShield event timeline

Presence on blacklists

OTX pulses