198.54.116.248 Threat Intelligence and Host Information

Aug 18, 2025 ipinfopage

General

This page contains threat intelligence information for the IPv4 address 198.54.116.248 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Potentially Malicious Host 🟡 45/100

Host and Network Information

  • Tags: agenttesla, agentteslaexe, anna paula, arkeistealer, associated, azorult, azorultexe, currc3adculo, danabot, darkrat, dridex, dridexopendir, emotetheodo, formbook, from email, gandcrab, gozi, hancitor, hawkeye, headers, heodo, icedid, kpot, kpotstealer, loader, loki, luminositylink, malspam email, msi file, nanocore, nemty, netwire, phishing, phorpiex, pony, qakbot, qealler, quasarrat, raccoonstealer, remcos, remcosrat, scam, servhelper, stealer, systembc, trickbot, troldesh, tuesday, utf8, zip archive, zloader

  • JARM: 3fd3fd15d3fd3fd00042d42d000000038eaaf490bec8dc33757f165ce01762

  • View other sources: Spamhaus VirusTotal

  • Contained within other IP sets: hphosts_psh

  • Country: United States
  • Network:
  • Noticed: 31 times
  • Protocols Attacked: SSH
  • Passive DNS Results: lgaemprendetufuturo.com www.safeaxispro.com safeaxispro.com vuelosesconomisc.lat www.vuelosesconomisc.lat checkonline.live www.rfpwriter.net rfpwriter.net veritas-strat.com encrvs.com encrons.com fellafedme.com www.kiwanisclubofrosemead.org vercodes.com haritraa.com palatablefu.com unwelcomet.com kaspowerlogistics.com www.tokencrib.org tokencrib.org icenet.live scottsledgemd.com alliednovalogistics.com valikhani.com valikhani.me www.valikhani.me www.sohthai.com gamesgoneby.com www.orkaadvisory.com orkaadvisory.com kaviyaa-k.me salvemosmamitas.com www.tmmediavideo.com tmmediavideo.com www.gsefert.com gsefert.com kavse.com www.lexdefacto.legal lexdefacto.legal www.arkuzcreo.com structured8.com test.brightpowerstation.com www.test.brightpowerstation.com digitaldepotpro.com sortedlivingllc.com jammuhomestay.com palmbeachmobility.com remsytrashbincleaning.com factueasy.com d0t.fm pdffpr.com lumiere-coranique.com www.klover.agency klover.agency archseven.com mymihp.com producerndrctr.com producerandfilmdirector.com klmnoperesete.com forgeurfuture.com www.arkominaresearch.com key4.shop sonmancamp.org privatedalights.ch chungrygrowth.com icandiientertainment.com caronivzweb.website caronihome.website cypher-score-board.com vigotravelers.com naimacleaning.com adventurefloof.com vibequest.art staticwellness.com vegastars.wiki njtech.space vegastars.blog seifeltohamy.com tulisansehat.id heard.consulting lacidaproperties.com javbeee.com mobileshop-manager.xyz innovaplusresourceslimited.com mavensdigest.com marrakechactivite.com xn–h50b57be41c.com infouniversaltar.net sanjay.vip itmail.vip afinest-pt.online koreanews.blog tealstreet.us web-myapp.com cbfinancgroup.com spainwindpower.com saltandbloodco.com harunor.com primemilestone.com ppc-course.com bolashakdostrade.com bioliciouslife.com ghourieventplanner.com jabacomms.com josendrive.com nileinternationalcargo.com 7ohsafehaven.com rootsandwingscouplesrestoration.com recensbdlimited.com kingdomkumz.com simplexdigitalpro.online taxi777-daftar.xyz claude.space dateitout.com njawulofoundation.org caplivraison.online accountingcodesolutions.com tailtechdigital.com sohthai.com nazstay.com cybercrewslab.com creditrewritten.com safetyfirstalert.com josshub.com holidaykenyasafaris.com dhakaculinary.com autoshopconnect.com sweetwaterhelium.com kubotaequipmentpackage.shop elevateseo.pro echostake.live swiftlines.agency apex-securitysolutions.com dogcareasy.com tampabayrealtordanny.com delightfullydefiant.com dailycanadajobs.com sacgef.com habibitasty.com ilyasmarketinghub.com magicaivein.com zonoxpro.com intensitycompany.com peopleandpetsco.com nixiwatches.com vagmemes.xyz iptvsmartpro.shop phantomxpro.online fultondelivery.com perfectbikersa.com discovermart.site aquilaspace.ltd c-model.xyz chayahumanitarian.org signnv.com prestonlsv.com dstreem.website littbnks.live cliente.ink download-rovbit.com phonetiendabaires.com grownwomansguidetomanifesting.com odiumrsps.com electhahn.com nbbookkeepingllc.com r1life.com luyomi.com luxcasinoslot.com spoofx.xyz lekwerey.site alia2.site crondomour.site krystalmonteros.org tiksi.online informatop.online soolsynk.online donmva.online sigiriyarock.online dhama.info universify.app goezadvertising.agency ceramicstirling.com calculator-logical.com sendisoft.com shakerheightspestcontrolxperts.com marysvillepestcontrolxperts.com bowlinggreenpestcontrolxperts.com greenpestcontrolxperts.com garfieldheightspestcontrolxperts.com kentpestcontrolxperts.com friendconsults.com doctorsicknote.us andystrails.com.au www.xn--3j4bn7eg4q.com xn–3j4bn7eg4q.com www.awesomeclock.com ladymechanicinitiative.org genlogs.store exobit.store megologs.site lakushca.shop growingseedfriendsfoundation.org atfkan4743.art angelpaez.com trustworthynotory.com driftnshine.com stealcopyspin.com sencilloypunto.com moro-kech-tours.com kajolamoney.com www.innoinversiones.com innoinversiones.com hardwiredvibes.com www.hardwiredvibes.com www.tigoldlux.com tigoldlux.com hssbuilders.deviec.com www.hssbuilders.deviec.com polkdoz.xyz phillipsinsurance.org jurpietr.online trapixairdrop.com testfutura.com danteasparadise.com caminosalparque.com caminobeatz.com coodexe.com prodigitalpicks.com octorium.com exiixon.com ninjapromx.com www.ninjapromx.com pneumaschool.com www.pneumaschool.com www.visiontruckline.com visiontruckline.com digitaltechservicellc.com magneticleadai.com www.xposemail.com www.isticharati.ma jzsmphotography.com alertinfo.cloud comdotcom.net terrysjustoffbroadway.org clcs.online pabullionvault.gold bebob.fun awesomeclock.com alamenexchange.com skystopestates.com youramericanway.com erikshapka.com rafata.org bimscanner.us dr-joe.com skullagents.xyz amigogpt.xyz zoneai.live cccphotography.net zeedeliver25.site gracehandfoundation.site pharma-fam.online dynamite777.biz arkia.agency enviroproject.biz applyviza.com vivifycareers.com innosutra.com www.garden.crowne-dining.com garden.crowne-dining.com garasi-sepatu.site harmonybank.org futuron.pro cc4smb.com motor-maniancs.com beautifystone.com bookingbros.com rxaccredit.com ririwrites.com evanpomakov.site hmcts.online phenomnetwork.live bookandpapers.com sunhaul.org modernwest.online tdcstream.lat smswizard.icu atropineangel.com sssmrdu.com plethorafx.com revelosearch.com kevincostner.modernwest.online www.kevincostner.modernwest.online purepinnacle.cleaning xprexzone.com discreetally.com centromedicobocagrande.com house2homeinc.com mendlykos.com litefartcoin.com tinythreadpups.com www.tinythreadpups.com jannathair.com coinprice.fun bigcaster.wtf www.kylomer.net kylomer.net xandria.pro 73fund.xyz kontil.xyz dentalproo.store fixmania.store secova.org cryptotradebot.online ginchilla.online ohlongjohnson.fun xn–439a514b2ll.com xn–h50bq6eftkouwfzb.com projektenwicklungsgesellschaft.com proffayssal.com www.handsonenergy-ang.com www.helm-mevvahku.com panelessolaresya.shop smsconnect.click venusunani.com www.venusunani.com emojiman.dev microfriks.online boudix.live casinohighwins.com onlinejackpotreels.com stimul-os.site anythinganywhere.supplies totalexcit.shop anythinganywhere.sale gifttoday.online theroyaltravels.us brightpowerstation.com kyc-0587263.live iampaulmazzarella.com www.tomiclub.me tomiclub.me meepleschoice.org pdxbarbies.us www.cairobuild.com www.edenrockcapcana.com www.kuality.ai kuality.ai ascenddcms.com www.altwp.net altwp.net fanatik.pro www.ibuydelco.com research.help arwatravel.com handsonenergy-ang.com helm-mevvahku.com iwisemarketing.com garasiofficialbest.com olympichopeful.com eqtisad365.com mecronoco.shop attstellar.org gcreditsolutions.biz jettbuild.com www.jettbuild.com www.chervtech.com chervtech.com isticharati.ma ipcheckerpro.online cairobuild.com beautifulbeauty.xyz wecromaco.site fxdevweb.site bwombus.site priscyagrostore.com azharyacademy.com cannabisseedsexpert.com edenrockcapcana.com api.dhakaculinary.com www.api.dhakaculinary.com promo.edenrockcapcana.com www.promo.edenrockcapcana.com www.lifehealth.website www.laundryday.flashcitytours.com laundryday.flashcitytours.com trfeforsins.info www.dosceapp.com fgtyliop.lol ids.foundation shadowfreight.us auraencendida.com acquisitionstracker.com mediaworksmkt.com midavbeautycare.com brunswickartscouncil.com urbantrendytwist.com rbrefresh.com fehero.com evisaswift.com anointingstone.com lifehealth.website captainsfastenerstest.site omghackeromgscary.site sandpipertradingcorporation.com learnwithsathi.com zero4trd.com yeshookup.com www.danlevasseur.me danlevasseur.me bornbeautifulfashions.com memevault.io daninthewild.site recette-cuisine.site thehierarchygroup.org alphagrandtravel.com alaahany.com transformerscrap.com ftxchainsdigital.com munnatraders.biz dosceapp.com fayettethriftshop.com facevyu.com mtgroup.biz rentsbuddy.com grupolaevo.com womanhealthafrica.org distribution.idemusic.id www.distribution.idemusic.id quicknaturalfoods.com punaravarthanstudios.com ra9mana.org dey.rent bgddiatrust.xyz wojakinamemesworld.vip pentransform.online hajjiagency.com gslawnewyork.com herbalistbyhamza.com aleeftechs.com goldpartnerit.com stagestash.com 3x3fest.com tlkfoods.com jetspeednetworks.com chilamchoir.com sodeshiponno.com bestchoicetrans.com patoxi.com www.unambassadors.org anirudhdhawan.com daylanspadafora.org www.aghasafetyglass.com angomedia.org esxe.shop www.esxe.shop deathnote.wtf tonshop.store unambassadors.org kiwanisclubofrosemead.org quickfundz.online nonplayable.events agentnathan770.com viveresupportfoundation.com mohfunds.com grounded-hr.com gruponowell.com recargesiya.com funhobbiesdrawing.com www.scarboroughdentures.com www.phisherftw.com ecosafetygh.com imistarstore.com entertherom.org beerfedbeef.net 08fleetdiscovery.shop visa2way.com sqisend.com blackbatdesign.com fastcrossdock.com hakone.taxi www.royalpaintstudio.com barik.com.mx trumpvsbiden.website crystaljackson.org falfan.org monademstudio.live antoniamaldonado.com ceylonfx.com scarboroughdentures.com hokiinaja.com multijamz.com habileinvts.com primeacctr.com phisherftw.com builderbrosco.com banditonsol.com gypsumboarddamam.com edenbarllc.com raamisarl.com

Malware Detected on Host

Count: 1 7d71ebaa729357affd0d9610d424cb84c9a9fe581f2076b67c12eb58fdc0ad77

Open Ports Detected

110 143 2082 21 26 443 465 53 587 80 993 995

CVEs Detected

CVE-2007-3205 CVE-2013-2220 CVE-2016-10735 CVE-2018-14040 CVE-2018-14042 CVE-2018-20676 CVE-2018-20677 CVE-2019-8331 CVE-2022-4900 CVE-2024-25117 CVE-2024-3566 CVE-2024-5458

Map

Whois Information

  • NetRange: 198.54.112.0 - 198.54.127.255
  • CIDR: 198.54.112.0/20
  • NetName: NAMEC-4
  • NetHandle: NET-198-54-112-0-1
  • Parent: NET198 (NET-198-0-0-0-0)
  • NetType: Direct Allocation
  • OriginAS:
  • Organization: Namecheap, Inc. (NAMEC-4)
  • RegDate: 2015-11-13
  • Updated: 2015-11-13
  • Ref: https://rdap.arin.net/registry/ip/198.54.112.0
  • OrgName: Namecheap, Inc.
  • OrgId: NAMEC-4
  • Address: 11400 W. Olympic Blvd. Suite 200
  • City: Los Angeles
  • StateProv: CA
  • PostalCode: 90064
  • Country: US
  • RegDate: 2011-01-28
  • Updated: 2024-11-25
  • Ref: https://rdap.arin.net/registry/entity/NAMEC-4
  • OrgTechHandle: EFIME-ARIN
  • OrgTechName: Efimenko, Igor
  • OrgTechPhone: +1-323-375-2822
  • OrgTechEmail: igor.e@namecheap.com
  • OrgTechRef: https://rdap.arin.net/registry/entity/EFIME-ARIN
  • OrgAbuseHandle: ABUSE2885-ARIN
  • OrgAbuseName: Abuse team
  • OrgAbusePhone: +1-323-375-2822
  • OrgAbuseEmail: abuse@namecheaphosting.com
  • OrgAbuseRef: https://rdap.arin.net/registry/entity/ABUSE2885-ARIN
  • OrgTechHandle: TECHT4-ARIN
  • OrgTechName: Tech team
  • OrgTechPhone: +1-661-310-2107
  • OrgTechEmail: tech@namecheaphosting.com
  • OrgTechRef: https://rdap.arin.net/registry/entity/TECHT4-ARIN
  • network:Class-Name:network
  • network:Auth-Area:198.54.116.192/26
  • network:ID:NET-214208.198.54.116.248
  • network:IP-Network:198.54.116.248
  • network:IP-Network-Block:198.54.116.248
  • network:Org-Name:Web-hosting.com
  • network:Street-Address:3402 East University Drive
  • network:City:Phoenix
  • network:State:AZ
  • network:Postal-Code:85034
  • network:Country-Code:US
  • network:Tech-Contact:MAINT-214208.198.54.116.248
  • network:Created:20211115151149000
  • network:Updated:20211115151242000
  • network:Updated-By:net-admin@namecheap.com
  • contact:POC-Name:Network team
  • contact:POC-Email:net-admin@namecheap.com
  • contact:POC-Phone:
  • contact:Tech-Name:Network team
  • contact:Tech-Email:net-admin@namecheap.com
  • contact:Tech-Phone:
  • contact:Abuse-Name:Abuse team
  • contact:Abuse-Email:abuse@namecheaphosting.com

Links to attack logs

****** ****** ******

Share on: