190.53.38.98 Threat Intelligence and Host Information

Oct 29, 2025 ipinfopage

General

This page contains threat intelligence information for the IPv4 address 190.53.38.98 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Possibly Malicious Host 🟢 29/100

Host and Network Information

  • Mitre ATT&CK IDs: T1027 - Obfuscated Files or Information

  • Tags: acint, adload, agent, agent tesla, alexa, alexa top, anonymizer, applicunwnt, artemis, asyncrat, attacker, back, bank, blacklist, blacklist http, botnetwork, brontok, chaos, cia, cisco umbrella, cleaner, cnc, cobalt strike, communicating, conduit, contacted, copy, core, crack, critical, cve201711882, cyber threat, dark power, defacement, department of homeland security hoax banner, detection list, dhs, doj, download, dpd, emotet, execution, exploit, facebook, fakealert, fareit, fbi, filetour, firehol, floxif, fraud services, fusioncore, .gov, hacker, hacktool, heur, historical ssl, iframe, installcore, installpack, interpol, ip summary, irs, keygen, love, malicious, malicious site, maltiverse, maltiverse http, malvertizing, malware, malware site, million, mirai, nanocore, nircmd, no data, nsa, nypd, occamy, opencandy, panama, patcher, pe resource, phishing, phishing site, pony, presenoker, probe, psexec, quasar, ransomexx, referrer, resolutions, riskware, sabey, safe site, sample, samples, satacom, secrisk, service, site, soc, spammer, spyware, ssl certificate, startpage, summary, suppobox, swrort, tag count, targeting, team, team http, team proxy, threat report, trojan, trojanspy, tsara brashears, tulach, union, united, unruy, unsafe, url summary, wacatac, webtoolbar, whois record, whois whois, win64, xtrat, zbot, zpevdo

  • View other sources: Spamhaus VirusTotal

  • Contained within other IP sets: lashback_ubl

  • Country: Nicaragua
  • Network:
  • Noticed: 1 times
  • Protocols Attacked: Anonymous Proxy
  • Countries Attacked: United States of America

Malware Detected on Host

Count: 2 f13f159ce0e51d059ed3888e32a2295148a11563196d73bc7bd6e4e993ca9429 0f8d4714c07a57673909221c91ac8c929fa44f86d135cfc9976945a601c46cbb

Open Ports Detected

1022 161 2000

Map

Whois Information

  • inetnum: 190.53.32.0/21
  • status: reallocated
  • aut-num: AS27742
  • owner: Amnet Datos Nicaragua
  • ownerid: NI-ADNI-LACNIC
  • responsible: Ramon Calero
  • address: Edificio Tecnico Tigo (MTSO), 505, -
  • address: - - Managua - -
  • country: NI
  • phone: +505 88723499 [0000]
  • owner-c: IRD
  • tech-c: IRD
  • abuse-c: IRD
  • inetrev: 190.53.34.0/23
  • nserver: NS1.TIGOBUSINESS.COM.NI
  • nsstat: 20251028 AA
  • nslastaa: 20251028
  • nserver: NS2.TIGOBUSINESS.COM.NI
  • nsstat: 20251028 AA
  • nslastaa: 20251028
  • nserver: NS3.TIGOBUSINESS.COM.NI [lame - not published]
  • nsstat: 20251028 TIMEOUT
  • nslastaa: 20230215
  • inetrev: 190.53.32.0/24
  • nserver: TUCAN.SIBOIF.GOB.NI
  • nsstat: 20251028 AA
  • nslastaa: 20251028
  • nserver: NS1.TIGOBUSINESS.COM.NI
  • nsstat: 20251028 AA
  • nslastaa: 20251028
  • nserver: NS2.TIGOBUSINESS.COM.NI
  • nsstat: 20251028 AA
  • nslastaa: 20251028
  • nserver: NS3.TIGOBUSINESS.COM.NI [lame - not published]
  • nsstat: 20251028 TIMEOUT
  • nslastaa: 20230216
  • inetrev: 190.53.33.0/24
  • nserver: NS1.TIGOBUSINESS.COM.NI
  • nsstat: 20251027 AA
  • nslastaa: 20251027
  • nserver: NS2.TIGOBUSINESS.COM.NI
  • nsstat: 20251027 AA
  • nslastaa: 20251027
  • nserver: NS3.TIGOBUSINESS.COM.NI [lame - not published]
  • nsstat: 20251027 TIMEOUT
  • nslastaa: 20230216
  • inetrev: 190.53.36.0/22
  • nserver: NS1.TIGOBUSINESS.COM.NI
  • nsstat: 20251028 AA
  • nslastaa: 20251028
  • nserver: NS2.TIGOBUSINESS.COM.NI
  • nsstat: 20251028 AA
  • nslastaa: 20251028
  • nserver: NS3.TIGOBUSINESS.COM.NI [lame - not published]
  • nsstat: 20251028 TIMEOUT
  • nslastaa: 20230214
  • created: 20121206
  • changed: 20121206
  • inetnum-up: 190.53.32.0/20
  • nic-hdl: IRD
  • person: Telefonia Celular de Nicaragua SA
  • e-mail: jefaturaderedydatos@tigo.com.ni
  • address: Edificio Técnico (MTSO), -, -
  • address: 505 - Managua - Managua
  • country: NI
  • phone: +505 88021931 [000]
  • created: 20080219
  • changed: 20230131

Links to attack logs

anonymous-proxy-ip-list-2025-10-28

Share on: