178.132.3.48 Threat Intelligence and Host Information

Sep 08, 2025 ipinfopage

General

This page contains threat intelligence information for the IPv4 address 178.132.3.48 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Potentially Malicious Host 🟡 39/100

Host and Network Information

  • Tags: cisco, cowrie, dionaea, email, heralding, honeytrap, LAMP, mailoney, malicious, sentrypeer, sftp, sip, ssh, tanner

  • View other sources: Spamhaus VirusTotal

  • Country: Netherlands
  • Network:
  • Noticed: 2 times
  • Protocols Attacked: Anonymous Proxy

Open Ports Detected

11000 11027 11084 11111 11112 11210 11211 11288 11300 11371 11401 11434 11601 12000 12056 12107 12109 12119 12125 12130 12134 12135 12136 12137 12141 12160 12165 12176 12177 12181 12187 12189 12190 12198 12205 12207 12211 12234 12236 12238 12240 12243 12244 12246 12247 12260 12264 12267 12269 12276 12284 12288 12289 12290 12293 12295 12297 12298 12299 12307 12316 12321 12329 12335 12338 12344 12345 12349 12357 12359 12360 12361 12362 12363 12367 12369 12376 12379 12392 12393 12394 12397 12403 12408 12411 12421 12425 12428 12429 12437 12444 12445 12446 12447 12451 12452 12455 12457 12463 12464 12469 12474 12480 12482 12484 12489 12490 12491 12493 12498 12500 12506 12509 12510 12511 12514 12521 12522 12538 12542 12550 12561 12564 12572 12573 12574 12575 12581 12584 12586 12980 13000 13579 13780 14084 14101 14265 14344 14523 14880 15018 15084 15503 16006 16030 16032 22 4150 80 8101 91 9111

CVEs Detected

CVE-2007-2768 CVE-2008-3844 CVE-2016-20012 CVE-2021-3618 CVE-2021-36368 CVE-2021-41617 CVE-2023-38408 CVE-2023-44487 CVE-2023-48795 CVE-2023-51385 CVE-2023-51767 CVE-2024-6387 CVE-2025-26465 CVE-2025-32728

Map

Whois Information

  • inetnum: 178.132.3.0 - 178.132.3.255
  • netname: WORLDSTREAM
  • country: NL
  • admin-c: WS1670-RIPE
  • tech-c: WS1670-RIPE
  • status: ASSIGNED PA
  • mnt-by: MNT-WORLDSTREAM
  • mnt-domains: MNT-WORLDSTREAM
  • mnt-routes: MNT-WORLDSTREAM
  • created: 2018-12-18T10:28:51Z
  • last-modified: 2018-12-18T10:28:51Z
  • role: WORLDSTREAM DBM
  • address: Industriestraat 24
  • address: 2671CT NAALDWIJK
  • address: The Netherlands
  • phone: +31174712117
  • abuse-mailbox: abuse@worldstream.nl
  • admin-c: DV1495-RIPE
  • tech-c: DV1495-RIPE
  • nic-hdl: WS1670-RIPE
  • mnt-by: MNT-WORLDSTREAM
  • created: 2008-05-15T09:52:38Z
  • last-modified: 2013-08-20T11:17:59Z
  • route: 178.132.3.0/24
  • origin: AS49981
  • mnt-by: MNT-WORLDSTREAM
  • created: 2022-11-21T09:36:18Z
  • last-modified: 2022-11-21T09:36:18Z

Links to attack logs

anonymous-proxy-ip-list-2025-09-07

Share on: