188.138.1.148 Threat Intelligence and Host Information

Share on:
Apr 20, 2023 ipinfopage

General

This page was generated as a result of this host being detected actively attacking or scanning another host. See below for information related to the host network, location, number of days noticed, protocols attacked and other information including reverse DNS and whois.

Potentially Malicious Host 🟡 45/100

Host and Network Information

  • Tags: Malicious IP, Nextray, SIP, UK Based, awsjap, blacklist, botnet, bruteforce, cyber security, ioc, ip monitor, malicious, mirai, phishing, scan, sip, tcp, udp

  • View other sources: Spamhaus VirusTotal

  • Country: France
  • Network: AS8972 host europe gmbh
  • Noticed: 11 times
  • Protcols Attacked: sip
  • Countries Attacked: Canada, Czechia, Denmark, Estonia, France, Germany, Japan, Latvia, Lithuania, Norway, Poland, Romania, Turkey, Ukraine, United Kingdom of Great Britain and Northern Ireland, United States of America
  • Passive DNS Results: iconicemg.com mountkilimanjaronationalpark.com elonlabscom.com echuya-adventures.com twinomujunichildrenshome.com rkmonline.org kabaffulosafaris.com heartsforvulnerable.org enakazibacreatives.com cheapselfdriveuganda.com upcloudel.com oshengroup.com innoxcellent.com e-classroomuganda.com brooksagrofarm.com terrainjourneys.com vandoornsafaris.com platinumprojectsuganda.com nsangiss.com fabrimartug.com ugandacarrentaldeals.com lictsodk.net kafeeroandcoadvocates.com uganda-birding.com educateug.com thekingswedding.com uwims.com pesubenministries.com graealtoursandtravel.com safariengine.com ubuntuambulance.net ubuntuambulance.org mathoniagroup.com ubuntuambulance.com marliamessenger.com johnbulltoursuganda.com mersyministries.org touchjesusoutreach.org katubwevillagefarm.com organic-uganda.org qualityinternationalfoundation.com joelssenyonyifoundation.org solvaychemicals.net masambullamedia.com couchcouple.org restmedlabconsult.com familybuildingblock.com africabiocity.org goldeagleug.com lakwanacademy.com carhireentebbe.com equalitymission.org rhizooministries.org ariyochurch.org solvaysolutionsuk.com charityraisingug.org dearthe200.com dayandnightstores.com ourladyofmtcarmelacademy.com bottomupexp.org brac-elearning.com fahamisha.org adinalfinance.com totoagiripina.com teltreat.com www.kirangwainvestments.com kirangwainvestments.com nativegroupug.com serenatours.com africaauthenticsafaris.com cowfoundation-ug.org southrwenzorid.org travelwithtino.com jointeffortsupporttheneedy.org dimensionlessltd.com gorillainsightsuganda.com petabyteug.com www.my.jpesa.com creativecoloursug.com montagemconstruction.com vitalintelligencegroup.com idwesmiles.org buwembo.com med.ug acladvisory.com sup.money kiwagama.com ltd.ug legendesuites.com prestigeuganda.com rwandajobline.com expertmothers.org chromieint.com ultimategorillaexpeditions.com amanicentreforeducation.com ugandanchemist.com pangolintoursug.creativecoloursug.com alakaros.net alakaros.org alakaros.com farmerzguide.com www.amagenda.org amnotseen.com kabtechsolutions.com buspro.biz gorillapermitsbooking.com cykotraib.com secure.jpesa.com my.jpesa.com secure.jolis.net gorillatourafrica.com jolisftp.com theg7.com ulicious256.com stmathiasnursingrubirizi.com mushasafaris.com mgahingaforestnationalpark.com norvikhospital.com www.arktelevision.org kabebe.org www.jpesa.com jpesa.com akaboxii.com insuranceonlineintl.com gotowakanda.com jolis.net www.jolis.net nilecomposites.com barrcenter.net lowlandgorillatours.com studioinfinite.net eams.mobi kasambya.org sheemaproducts.ug ahfsmarterp.org ns1.jolis.net artebelss.xyz ns1.theg7.com visionresponse.net www.g7bill.com g7bill.com secure.g7cp.com op.szvetron.com rmq.vetron.tech foto.sende.biz sende.biz

Open Ports Detected

33060 80 9095 9096

CVEs Detected

CVE-2006-20001 CVE-2022-36760 CVE-2022-37436 CVE-2023-25690 CVE-2023-27522

Map

Whois Information

  • inetnum: 188.138.1.0 - 188.138.1.255
  • descr: BSB-SERVICE Dedicated Server Hosting
  • netname: BSB-SERVICE-1
  • country: DE
  • admin-c: NPA10-RIPE
  • tech-c: NPA10-RIPE
  • status: ASSIGNED PA
  • mnt-by: intergenia-mnt
  • mnt-lower: bsb-service-mnt
  • created: 2012-10-31T09:40:10Z
  • last-modified: 2014-11-14T08:56:08Z
  • role: NMC PlusServer GmbH
  • address: PlusServer GmbH
  • address: Welserstr. 14
  • address: 51149 Koeln
  • phone: +49 1801 119991
  • fax-no: +49 2233 612-53500
  • admin-c: JBPS-RIPE
  • tech-c: ADPS-RIPE
  • nic-hdl: NPA10-RIPE
  • mnt-by: INTERGENIA-MNT
  • created: 2007-12-10T16:02:37Z
  • last-modified: 2023-03-14T11:11:18Z
  • route: 188.138.1.0/24
  • descr: BSB-More-Specific
  • origin: AS8972
  • mnt-by: INTERGENIA-MNT
  • created: 2015-02-26T10:35:14Z
  • last-modified: 2015-02-26T10:35:14Z

Links to attack logs

dolondon-sip-bruteforce-ip-list-2022-02-10 awsjap-sip-bruteforce-ip-list-2022-03-11