198.54.125.148 Threat Intelligence and Host Information

Oct 19, 2025 ipinfopage

General

This page contains threat intelligence information for the IPv4 address 198.54.125.148 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Potentially Malicious Host 🟡 49/100

Host and Network Information

  • Mitre ATT&CK IDs: T1192 - Spearphishing Link, T1193 - Spearphishing Attachment

  • Tags: agenttesla, agentteslaexe, analyze, arkeistealer, azorult, azorultexe, block, botnet attack, danabot, darkrat, dridex, dridexopendir, emotetheodo, formbook, gandcrab, gozi, hancitor, hawkeye, heodo, high, icedid, ipaddress, kpot, kpotstealer, loader, loki, luminositylink, nanocore, nemty, netwire, phishing attack, phorpiex, pony, qakbot, qealler, quasarrat, raccoonstealer, remcos, remcosrat, servhelper, stealer, systembc, trickbot, troldesh, true, zloader

  • JARM: 3fd3fd15d3fd3fd00042d42d000000038eaaf490bec8dc33757f165ce01762

  • View other sources: Spamhaus VirusTotal

  • Country: United States
  • Network:
  • Noticed: 2 times
  • Protocols Attacked: SSH
  • Countries Attacked: Belgium
  • Passive DNS Results: sakeracademy.online www.aceesgh.org tekahub.online www.tekahub.online directserviceconsultancy.com zyvobank.com homingservice.com s-classhunterhealswithmonsters.online www.s-classhunterhealswithmonsters.online discountedpromoservicess.com www.homingservice.com patriotacademy.online www.etherealmakeover.com centrexea.online www.centrexea.online admeterpro.com agencydaki.com cheerry.site crakcken.site cleanners.site syntaxx.site onek.shop job.quicksrich.com www.job.quicksrich.com www.go.salaryhere.com go.salaryhere.com panabet.org poloniaslot.org inemslot.org grafiktogel.org slotpaito.com inemtogel.com jinzaa.site brackettt.site www.brackettt.site mamamoni.co happyshow.site www.workbyinternet.com workbyinternet.com www.tsgsschool.edu.bd tsgsschool.edu.bd www.apkblock.net apkblock.net ecomburgerllc.com www.darxkum.site toneda.site www.microcln.com microcln.com tiketmantap.com ckobayonne.com aithne-everett.me honeylmonsoda.com rakeshmistri.com gadun138slot.net bestie88slot.net mexwinslot.net foya168slot.net bo99slot.net surgajudi88win.com lapakzeusslot.com lotus168win.com ps4dwin.com bonanza77win.com prediksi-hoki78.com demetriusone.com dtiicodes.com skindeepcleanbd.com everydaymusee.com uittech.com brydgesconstruction-i2.online masukhoki78.xyz punyahoki78.xyz punyahoki78.online tanfukangpro.com kubrapayz.com climbingbayarea.com gonnle.com shimulazad.com beweru-recise.sbs dixula-tazadu.sbs tarinu-moxuja.sbs dazuva-vafeya.sbs cujeja-maledu.sbs mexasu-luvimu.sbs hehiba-dafeba.sbs cabiza-bisihe.sbs bowovi-suxehu.sbs xenixnews.com dewaacintaa.xyz totalsecureinsurence.com spiriteagleplus.com wdmsticker.com duckyschool.com skylinetrends.com shopalhuwais.com watchtostreams.com wpdeveloperbd.site hoki-78.site lovechicagousa.com totlasolution1.com tropicalvacationspots.com castletrades.com hillbillywhitehouse.com sabrinacampanelli.com shiatsu-rein.com ncekcinta.com descargasacc.online genconyersplumbing.com b4beautika.com elmhurstplumbingheating.com www.woodsideplumbingheating.com woodsideplumbingheating.com unleashyourenglish.com directdiscountsolution.net customboxpackagings.com anthiax.com bayriv.com plenalimentos-br.com dwarenewables.com goldthorn.edu.au mariettaplumbingdrain.com frigoconcepcoin-py.com richjob2.com anthonysdomain.xyz optimumservicess.com nailchico.store conleyplumbingrooter.com conquer-bd.com goodlluckfrozen.com multitradesgroup.com salaryhere.com quicksrich.com 66ez.pro redditdownloader.online whimsicalreverie.design dreamteamnames.com hostapr.com torrigiliabroker.com achrilidz.online pcceramicsupply.com dimiexa-holdings.com m1nervafoods.com priestoph-de.com physicailabs.com enoc-eoi.com www.koni.zip koni.zip cableinternetsolution.com www.creativeway-ad.com creativeway-ad.com cabletvbilling.com physicianux.com situsslot-online.com exportspackers.com bolsasdepapelymas.com gatoractual.wtf cablenetsolutions.org joyandedward.com raqmidz.online directserviceproviderr.com dogclub.us mahjong168slot.org mahjong89slot.com greatnorthroadacademy.com edikamalun.lol corporatewellbeing.live studiowiser.com www.studiowiser.com etherealmakeover.com oppa168slot.com nimototo.com nimo88slot.com navi4d.com mpbochey.com membresiascompartidas.online alahly-sabboureg.com gourabakery.com thedispatchgear.com efideg.com databirototoid08.com mrfuxsol.com ismotech.site aceesgh.org criticalenergysolution.com www.workhighs.com usthesishelp.com huskytoto.tech andrabooks.com sethjionline.com egyptbehindtheveil.com pulsefl3x.com www.lyonmacktv.com lyonmacktv.com poeadirectjobs.com www.poeadirectjobs.com elreefelmasry.media dacsatlantic.xyz dsrs-brunei.com www.dsrs-brunei.com www.oppa4d.blog oppa4d.blog www.nimo4d.blog nimo4d.blog www.nangis4d.com nangis4d.com www.sportanyway.com sportanyway.com www.anywheretrips.com anywheretrips.com beiyuanltd.tech frigconcepcion-py.com www.aurafilms.online aurafilms.online 4my.tech www.4my.tech 4my.host www.4my.host 4my.io www.4my.io 4my.one www.4my.one 4my.photos www.4my.photos junkie.love www.junkie.love www.formy.space 4my.mobi www.4my.mobi www.4my.online 4my.online the-students-hub.blog richjob9.com womenofmight.com darkfiles.net www.darkfiles.net tahmid.online payriche.com onegrop.store threegrouo.store letme.host investockbanking.com finance.nopvision.com www.finance.nopvision.com capisnuee.store infoinsuee.store bigupdates.store globalupdate.store keepinhub.store www.keepinhub.store tishyafoods.com www.digicose.com digicose.com viralmedaddy.com www.viralmedaddy.com www.techjinja.com techjinja.com farhanjanii.store homeutilityservicess.com vijumanhoos.store desh-tech.com skinultrang.com mythiqeshop.com elan.agilensmart.in www.elan.agilensmart.in umarkanjos.store gabanasa.com lifeofapk.store businesapk.store makeapk.store dailyinsurance.store businisslife.store inusranceapka.store workhighs.com frankiegale.com hardapparels.com cablenetsolutionss.com trucklinesolution.com mollytheshihtzu.dog heretissporthorses.com digitaldirectsolutionss.com botrcg.com xdtronics.com uvprop.com beautyspotpk.com vmsconstrucciones.com marketiziadigital.com herblife-int.com bizzflip.com formula1review.com sweetspet.com optireach.biz matrixcigars.com cknetplus.online bloomchiccollections.com digitaldirectdiscountss.com citepestudia.com erccashcredits.com swiftblock.org decisionforlifegh.com patrickdaka.com feztechllc.com creativecloudclubkitero.online homijob.com bigbearfamilycabin.com bigbearsnowsummitcabin.com bigbearbikecabin.com bigbeardencabin.com bigbeargolfcabin.com camdenvania.com richepay.com starlinedigitalmedia.com freightflowllc.site paradigma-ukraine.com dollglamproduction.com lodobites.com sportsmania.site theglobalhub.site thenewspaper.site apkjeet.com webifycreatives.com thecustommylarbags.com tanvir.host coffee4rmhawaii.com altaibalancets.cfd altaibalancews.cfd altaibalancess.cfd altaibalanceqs.cfd altaibalanceye.cfd altaibalanceqe.cfd altaibalanceme.cfd altaibalanceae.cfd altaclicks.com biofitpm.cfd biofitfm.cfd biofitkm.cfd biofitsl.cfd biofitdl.cfd biofitpl.cfd biofitwc.shop newspedia.world biofitjw.shop biofitpw.shop biofitsw.shop altaibalancewc.cfd altaibalanceac.cfd altaibalancevc.cfd biofitjt.cfd biofitht.cfd biofityt.cfd biofitmt.cfd biofitpt.cfd prexte1.correoscorporativosperu.com www.prexte1.correoscorporativosperu.com www.prexte2.correoscorporativosperu.com prexte2.correoscorporativosperu.com altaibalancene.cfd biofitvt.cfd www.biofitvt.cfd redaerrazki.com biofitep.cfd altaibalancese.cfd altaibalancele.cfd biofittp.cfd biofitsa.shop biofitta.shop biofitey.cfd biofitby.cfd biofitsp.cfd altaibalancepo.shop altaibalancero.shop biofittk.shop biofitwk.shop biofitft.shop www.biofitbt.shop biofitbt.shop www.biofitit.shop biofitit.shop altaibalanceko.shop altaibalanceco.shop altaibalanceto.shop dropneedle.co.uk www.dropneedle.co.uk netpayfast.com musmusrugs.com www.musmusrugs.com clinicfinderapp.com clinicfinderqa.com www.salarybux.com ismotech.fun propertico.agency tropicalhotdeals.com shaduzzproperties.com prowritehub.org thetechbro.com.ng www.thetechbro.com.ng dsfreehosting.com dsseotools.com coachsultan.com prowritehub.com elrinconliterariodevite.com dreamymadagascartours.com www.dreamymadagascartours.com www.garrettgale.com garrettgale.com homeworkanswers.org www.homeworkanswers.org antiviolencewi.org galeracingstable.com galeracing.com erccredit.net salarybux.com isidrovaldezpalmer.com osomresearch.com ebooxhelp.com tro-inc.com.mx bearmountainrental.com www.bearmountainrental.com dreamweaverfloral.com innovationscubed.com ebook.gold www.richsalary.com richsalary.com 2new2023.website bigbearresortcabin.com www.apprichs.com apprichs.com www.richepay.com www.pepecoin.fans pepecoin.fans www.wojak.news wojak.news www.wapspin.com wapspin.com www.jeff.dragyourhalogames.com jeff.dragyourhalogames.com tanaloo.com www.tanaloo.com kermitthefrog.xyz asspizza.shop isoar.online chadcoin.link getsetwinz365.club destinywincraze.com copecoin.net www.copecoin.net www.jonitogel.linkamp.info jonitogel.linkamp.info paynoow.online www.paynoow.online www.allangale.net allangale.net allangale.am www.trianglevproductions.com trianglevproductions.com www.allangale.mx allangale.mx allangale.us www.allangale.us www.mrmaas.com mrmaas.com karleengale.com www.karleengale.com www.allangale.com.mx allangale.com.mx allangale.com www.allangale.com m.wapspintv.com www.m.wapspintv.com www.erapest.com mateno.com.mx asimkhaliq.com www.asimkhaliq.com www.abdulbaais.com abdulbaais.com www.streamflix.store streamflix.store www.coreceptz.com coreceptz.com spacexorder.com www.spacexorder.com stage.swisst10.com www.stage.swisst10.com www.goffsconcepts.com goffsconcepts.com www.omegamine.info omegamine.info resydiam.com www.resydiam.com www.dsbiolinks.com dsbiolinks.com wapspintv.com www.wapspintv.com linkamp.info www.linkamp.info goffsentrepreneurshipconcepts.com chicagofitnessmartialarts.com technicalbilal.xyz www.goffsreviewingconcepts.com goffsreviewingconcepts.com eaglehemp.us

Malware Detected on Host

Count: 6 55b388ed29c82924c4a014ae1966624d67867c231649cd44f5b207644c4732a0 b0926ae928939ee89b212b7c03e175d3de27a3ed90f73a6aca49e15a57f7994d 11d50dd4b25d8e1c89ee3922ed6c785045aa613c8de72ecb50911edcd6b586b9 a5671457c105028c2b2f5f83a9d92f15837e5b48a913b64449b130d0a7b9f530 81d17c2641975a0841e48e12f035e57f9f2c58a4ff4cdaeb47fcc29cb05022ec c3c8148fd3205ecfd3567f50f640637c5f755948f2d5040ef60c9a9573201c19

Open Ports Detected

2082 2083 21 443 80

CVEs Detected

CVE-2016-10735 CVE-2018-14040 CVE-2018-14042 CVE-2018-20676 CVE-2018-20677 CVE-2019-8331

Map

Whois Information

  • NetRange: 198.54.112.0 - 198.54.127.255
  • CIDR: 198.54.112.0/20
  • NetName: NAMEC-4
  • NetHandle: NET-198-54-112-0-1
  • Parent: NET198 (NET-198-0-0-0-0)
  • NetType: Direct Allocation
  • OriginAS:
  • Organization: Namecheap, Inc. (NAMEC-4)
  • RegDate: 2015-11-13
  • Updated: 2015-11-13
  • Ref: https://rdap.arin.net/registry/ip/198.54.112.0
  • OrgName: Namecheap, Inc.
  • OrgId: NAMEC-4
  • Address: 11400 W. Olympic Blvd. Suite 200
  • City: Los Angeles
  • StateProv: CA
  • PostalCode: 90064
  • Country: US
  • RegDate: 2011-01-28
  • Updated: 2024-11-25
  • Ref: https://rdap.arin.net/registry/entity/NAMEC-4
  • OrgTechHandle: EFIME-ARIN
  • OrgTechName: Efimenko, Igor
  • OrgTechPhone: +1-323-375-2822
  • OrgTechEmail: igor.e@namecheap.com
  • OrgTechRef: https://rdap.arin.net/registry/entity/EFIME-ARIN
  • OrgTechHandle: TECHT4-ARIN
  • OrgTechName: Tech team
  • OrgTechPhone: +1-661-310-2107
  • OrgTechEmail: tech@namecheaphosting.com
  • OrgTechRef: https://rdap.arin.net/registry/entity/TECHT4-ARIN
  • OrgAbuseHandle: ABUSE2885-ARIN
  • OrgAbuseName: Abuse team
  • OrgAbusePhone: +1-323-375-2822
  • OrgAbuseEmail: abuse@namecheaphosting.com
  • OrgAbuseRef: https://rdap.arin.net/registry/entity/ABUSE2885-ARIN
  • network:Class-Name:network
  • network:Auth-Area:198.54.125.0/24
  • network:ID:NET-109786.198.54.125.148
  • network:IP-Network:198.54.125.148
  • network:IP-Network-Block:198.54.125.148
  • network:Org-Name:Web-hosting.com
  • network:Street-Address:3402 East University Drive
  • network:City:Phoenix
  • network:State:AZ
  • network:Postal-Code:85034
  • network:Country-Code:US
  • network:Tech-Contact:MAINT-109786.198.54.125.148
  • network:Created:20200327153505000
  • network:Updated:20200327153607000
  • network:Updated-By:net-admin@namecheap.com
  • contact:POC-Name:Network team
  • contact:POC-Email:net-admin@namecheap.com
  • contact:POC-Phone:
  • contact:Tech-Name:Network team
  • contact:Tech-Email:net-admin@namecheap.com
  • contact:Tech-Phone:
  • contact:Abuse-Name:Abuse team
  • contact:Abuse-Email:abuse@namecheaphosting.com

Links to attack logs

****** ****** ******

Share on: