Report for IP: 176.65.139.195

Threat LevelCRITICAL79/1002 rule types across 2 attack categories
9 incidents on record · 2 rule types · active attacker + blocklisted · active over 2 days · seen 43m ago
PTR N/A
Org / ASN Storm Industries
Country 🇳🇱 The Netherlands
City Eygelshoven, Limburg
Timezone Europe/Amsterdam

Attack Analysis

🇳🇱 Netherlands · Eygelshoven · 214472 · Storm Industries
IDS: Blocklist — Spamhaus DROP
This IP is on the Spamhaus DROP list — a dataset of netblocks hijacked or leased by professional spam and cybercrime operations with no legitimate users. Traffic from DROP-listed ranges is considered hostile by design. Blocking is unconditional.
Suricata IDS Alert
Suricata intrusion detection flagged this IP for malicious network behaviour — including port scanning, exploit attempts, botnet activity, or known attack signatures. The specific signature is shown in the report list below.

Reports (9)

Date Severity Description
13 Jun 2026 - 11:47 high IDS: Blocklist — Spamhaus DROP listed IP — ET DROP Spamhaus DROP Listed Traffic Inbound group 35
13 Jun 2026 - 09:57 high IDS: Blocklist — Spamhaus DROP listed IP — ET DROP Spamhaus DROP Listed Traffic Inbound group 35
12 Jun 2026 - 22:53 high IDS: Blocklist — Spamhaus DROP listed IP — ET DROP Spamhaus DROP Listed Traffic Inbound group 35
12 Jun 2026 - 13:11 high IDS: Blocklist — Spamhaus DROP listed IP — ET DROP Spamhaus DROP Listed Traffic Inbound group 35
12 Jun 2026 - 09:42 high IDS: Blocklist — Spamhaus DROP listed IP — ET DROP Spamhaus DROP Listed Traffic Inbound group 35
12 Jun 2026 - 05:11 high IDS: Blocklist — Spamhaus DROP listed IP — ET DROP Spamhaus DROP Listed Traffic Inbound group 35
12 Jun 2026 - 00:53 high IDS: Blocklist — Spamhaus DROP listed IP — ET DROP Spamhaus DROP Listed Traffic Inbound group 35
11 Jun 2026 - 09:47 high IDS: Blocklist — Spamhaus DROP listed IP — ET DROP Spamhaus DROP Listed Traffic Inbound group 35
11 Jun 2026 - 09:47 medium IDS: Suricata alert — ET EXPLOIT Realtek SDK - Command Execution/Backdoor Access Inbound (CVE-2021-35394)

Related IPs — Same /24 Block (176.65.139.0/24)

176.65.139.140CRITICAL61 reports176.65.139.43CRITICAL49 reports176.65.139.151HIGH31 reports176.65.139.130HIGH90 reports176.65.139.66HIGH29 reports176.65.139.103HIGH131 reports176.65.139.254HIGH23 reports176.65.139.31HIGH65 reports
Part of EagleEye Intelligence