148.72.152.192 Threat Intelligence and Host Information

General

This page contains threat intelligence information for the IPv4 address 148.72.152.192 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Possibly Malicious Host 🟢 10/100

Host and Network Information

• View other sources: Spamhaus VirusTotal

• Country: United States
• Network:
• Noticed: 1 times
• Protocols Attacked: SSH
• Passive DNS Results: texasproroofer.com www.softwaredepo.com www.filehog.com flashdepo.com softwarepile.com toynewz.com whitecattoken.com malwareguide.com pcfreesoft.com sharewarepile.com softwaresplash.com softwaredepo.com sharewaredepo.com onestopsoft.com flashpile.com downloadupload.com adware-removers.com adnuker.com www.360technologygroup.com www.motoregypt.com motoregypt.com www.filejunction.com 360technologygroup.com www.baldeaglecrypto.com www.softwaremile.com softwaremile.com filejunction.com filehog.com baldeaglecrypto.com nojoketoken.com www.nojoketoken.com www.nojoke.xyz nojoke.xyz nojokeexchange.com www.nojokeexchange.com joke.company www.joke.company www.malwaresearch.com malwaresearch.com spyware.ws www.spyware.ws whatisadware.com www.whatisadware.com phishing.ws www.phishing.ws www.adwareinfo.com adwareinfo.com adwareblaster.com www.adwareblaster.com www.attackware.com attackware.com www.soundindepth.com soundindepth.com www.malwareinfo.com malwareinfo.com adware.us www.adware.us malwarealert.com www.malwarealert.com malwarehelp.com www.malwarehelp.com whatisspyware.com www.whatisspyware.com adwareinformation.com www.adwareinformation.com malwareinformation.com www.malwareinformation.com www.adwarelist.com adwarelist.com malwarelist.com www.malwarelist.com www.malware.ws malware.ws malwareprotection.com www.malwareprotection.com adware.ws www.adware.ws adwaresearch.com www.adwaresearch.com www.gamersnewz.com gamersnewz.com spywarenews.com www.spywarenews.com malwareforum.com www.malwareforum.com www.mawaqit.com mawaqit.com www.malwaredefinition.com malwaredefinition.com bostonhitech.com www.bostonhitech.com file4me.com www.file4me.com www.h4host.com h4host.com usloft5946.startdedicated.com

Malware Detected on Host

Count: 3 dea899fc14890957282c6ec0474a0c3c54fb50f0af6ad601cd009aafe3b4dd7c d812893c2c13f361cfffd8e60c420829d2a9d8260c87bbbc6e51cdab12aa09a6 2a13971643d37c94bff553815fdf91c673e7dc7db47e60aecbb9dd673f5e2dff

Open Ports Detected

110 143 21 22 25 443 465 53 7080 80 8443 8880 993 995

Map

Whois Information

• NetRange: 148.72.152.0 - 148.72.153.255
• CIDR: 148.72.152.0/23
• NetName: GO-DADDY-COM-LLC
• NetHandle: NET-148-72-152-0-1
• Parent: NET148 (NET-148-0-0-0-0)
• NetType: Direct Allocation
• OriginAS:
• Organization: velia.net (VIG-97)
• RegDate: 2015-10-26
• Updated: 2024-10-21
• Ref: https://rdap.arin.net/registry/ip/148.72.152.0
• OrgName: velia.net
• OrgId: VIG-97
• Address: Hessen-Homburg-Platz 1
• City: Hanau
• StateProv:
• PostalCode: 63452
• Country: DE
• RegDate: 2023-05-05
• Updated: 2024-11-26
• Ref: https://rdap.arin.net/registry/entity/VIG-97
• OrgRoutingHandle: STEWA571-ARIN
• OrgRoutingName: Steward, Ron
• OrgRoutingPhone: +1-555-867-5309
• OrgRoutingEmail: rsteward@velia.net
• OrgRoutingRef: https://rdap.arin.net/registry/entity/STEWA571-ARIN
• OrgNOCHandle: HOSTM2182-ARIN
• OrgNOCName: hostmaster
• OrgNOCPhone: +49 221 429 143
• OrgNOCEmail: net-arin@velia.net
• OrgNOCRef: https://rdap.arin.net/registry/entity/HOSTM2182-ARIN
• OrgTechHandle: STEWA571-ARIN
• OrgTechName: Steward, Ron
• OrgTechPhone: +1-555-867-5309
• OrgTechEmail: rsteward@velia.net
• OrgTechRef: https://rdap.arin.net/registry/entity/STEWA571-ARIN
• OrgTechHandle: HOSTM2182-ARIN
• OrgTechName: hostmaster
• OrgTechPhone: +49 221 429 143
• OrgTechEmail: net-arin@velia.net
• OrgTechRef: https://rdap.arin.net/registry/entity/HOSTM2182-ARIN
• OrgAbuseHandle: HOSTM2182-ARIN
• OrgAbuseName: hostmaster
• OrgAbusePhone: +49 221 429 143
• OrgAbuseEmail: net-arin@velia.net
• OrgAbuseRef: https://rdap.arin.net/registry/entity/HOSTM2182-ARIN
• OrgDNSHandle: HOSTM2182-ARIN
• OrgDNSName: hostmaster
• OrgDNSPhone: +49 221 429 143
• OrgDNSEmail: net-arin@velia.net
• OrgDNSRef: https://rdap.arin.net/registry/entity/HOSTM2182-ARIN
• OrgRoutingHandle: HOSTM2182-ARIN
• OrgRoutingName: hostmaster
• OrgRoutingPhone: +49 221 429 143
• OrgRoutingEmail: net-arin@velia.net
• OrgRoutingRef: https://rdap.arin.net/registry/entity/HOSTM2182-ARIN

Links to attack logs

****** ****** ******