192.64.118.12 Threat Intelligence and Host Information

General

This page contains threat intelligence information for the IPv4 address 192.64.118.12 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Likely Malicious Host 🟠 59/100

Host and Network Information

• Mitre ATT&CK IDs: T1048 - Exfiltration Over Alternative Protocol, T1055 - Process Injection, T1543 - Create or Modify System Process

• Tags: agenttesla, agentteslaexe, arkeistealer, authentihash, azorult, azorultexe, burkard, commandline, connections id, creation id, creation using, danabot, darkrat, david burkett, denscare, dridex, dridexopendir, emotetheodo, exclusions, formbook, gandcrab, gozi, g tlsh, hancitor, hawkeye, heodo, icedid, imageendswith, kpot, kpotstealer, loader, loki, luminositylink, markus neis, nanocore, nemty, netwire, new firewall, new service, nextron, outbound smtp, pehash, phorpiex, pony, process id, qakbot, qealler, quasarrat, raccoonstealer, remcos, remcosrat, richhash, rich pe, roth, rule added, sander wiebing, servhelper, setting, sha1, signalblur, smtp, sorry, ssdeep, stealer, svchost parent, systembc, thank, trickbot, troldesh, vhash, zloader

• JARM: 3fd3fd15d3fd3fd00042d42d000000038eaaf490bec8dc33757f165ce01762

• View other sources: Spamhaus VirusTotal

• Contained within other IP sets: hphosts_emd, hphosts_fsa, hphosts_psh

• Country: United States
• Network:
• Noticed: 2 times
• Protocols Attacked: SSH
• Passive DNS Results: locationmotoessaouira.com nextcoresolution.com vueloendescuento.lat wealththinkingchallenge.com coolfixdubai.com horizonsopyrwa.com pytchltd.com generalpowrplc.com 64racing.com saiap.io www.saiap.io www.unioncountysb.com unioncountysb.com ioepress.co.uk www.ambongaming808.store bostoncg.site fidelitychartered.com morewaifu.com boostshock.com goodmangrowthsystems.com solgraphd.website amati.studio riveirostudio.online flashshop.homes carolinasantosveliz.digital doloslabs.com www.jobping.app jobping.app www.maicreations.website maicreations.website printergeeksinstall.online www.printergeeksinstall.online ibookcelebhub.com www.ibookcelebhub.com iowasandwichguy.com newspointcenter.com cjartdesign.com banglish.site truewaycrypto.com fortuneflip.net hevium.shop coloritex.com dissolpsqs.com siluniwalakuluarachchige.com graylap.com neurawebtech.com startfreshamerica.org publictaxhelp.org wimlove.com fruitlandgospel.org ruralagronet.org neoreportgh.com usacollegezone.org lgbcolombia.com flamigoexports.com ssatatement.site secondascentproject.org usacollegeinfo.org tradingnest.online flareinternationalfoundation.org brothersetupprinti.online kidstories.online uiuc.live tiafergusonauthor.digital dogebonk.club xliveon.com antonernst.com apexftgb.com cowpeanilt.com aggreysystems.com aaryafintechs.com taifrh.com dickinsonpestcontrolxperts.com megcart.com manorpestcontrolxperts.com movixer.com masarbh.com puertografico.com boernepestcontrolxperts.com bbs-bbd.com geosakia.com gnomecrafted.com jutebook.com olooloitikosh.com onlinelotteryaustralian.com kvarrotrips.com formationathome.com designphase.space jickmsmslkparty.us dow-uk.net kotagg66.online familylinegrp.com ayowd99.vip debtfreeme.org cmarshall.info wathiqa-dz.com abdullahabukaraki.com solumechs.com magcourses.com poriadventuresandsafaris.com best4uservices.com goldentigertransport.com elementalsforsonrealm.com mail.jjpms.com ambongaming808.store ambongacor88.shop wegotthebeats.productions mikesontrack.com restcolor.com flutterlikebutter.com gggnatural.com get.boardquestion.com boardquestion.com crossdockingdallas.com orcinsc.com www.denscare.com bc221china.com wadialdinatech.com olatokunbosanni.com eaglessservice.online paybilllonline.store pidyonartzeinu.com pehlepakistan.com internethogar.site monjob.pro rolex1bet.online a-ainter.com tenantsnest.com my-users-binan.com michaeltvhunton.com feelbetterforlife.com iyan.ekoile.ca www.iyan.ekoile.ca wisecaption.com egbcprivatewealthmanagement.com slotjawa.club citicurrecy.com grantbeneficiary.site qatartrust.online visualllee.art wildlycreativemedia.com daniellehaldane.com zalando-outlet.pro nexsteprinters.online diamondtrustgate.com darcycoin.com cybersecuresolutions.online www.cybersecuresolutions.online kmillionea.com migpro.site jkim284.site iamurson.space dani.host schtl.center worldelitegroup.com linemediapro.com jjpms.com redyellowmedia.com diversityforkamala.com denscare.com connectcelebrities.com vintageshipartifacts.com sewacranekelantan.com rapidcurrencyexchange.com equalitypath.org chatlunbu.online pacmanonsol.online songimail1.cfd thefleecepublishing.com i90minutes.com boursobk-client.com justgloh.com www.worldtrackservice.com worldtrackservice.com www.uploads.market uploads.market samycart.store www.samycart.store tranxactly.net rajiokeesaeducationfoundation.org eductaionalfedearl.online thenerdmatic.life muffinheadbeats.com moelrazy.com lumiere-ia.com inseperable2.com gredubq.com grammarecho.com fascinatenames.com jennysrockroom.com ezycurrencyexchange.com www.immediateconnect.ltd immediateconnect.ltd www.toy18plus.com toy18plus.com converdoc.com vipcrypto.vip elitetank.online everything-mobility.com privateboatcharleston.com rainbowbreakthroughmasterclass.com shibainublack.xyz tradeinvestment.org iyaneyemusic.com preceptease.com bis-stellar.com gurlovelife.com ecowindowslakewales.com www.ekoile.ca ekoile.ca serizen.online quantum-engine-diy.com goldcoastmarinediag.com fxtcore.com compassionate.training doneforstarter.shop darna.agency mighty-bite.xyz immediate-edge-canada.net slotsbali.xyz kalavathimatchingcenter.website telesync.org st-jamesamezionithaca.org immediate-edge-canada.org lakechamplaiinwaldorfschool.org slotjawa.online nahlaparfumes.life wbbenjshhi.info toshithecat.claims wolksmining.com aztc-courses.com andersnttng.com copx-training.com steelstructuresofaberdeeninc.com miraelsalvador.com zerographyproduction.com ironhorseexcavatinginc.com bullfootwear.com mgappsglobal.com fjaartaf.zone apexdevelopments.org intergiro.org clube-cupons.online sotesoftware.com opmc.gg www.opmc.gg www.brokerscamaudit.com brokerscamaudit.com www.mail.utopians.co www.caymangreenscape.com homegardentrends.com homegardenluxury.com steadywriter.com vashlijvariresidence.com financekeyltd.com online.financekeyltd.com www.online.financekeyltd.com luzdesemanasanta.com fendely.com www.digiupnext.com www.upbound.studio salefishpropertiesrlty.com jobhiregojov.bongolifemediatz.xyz www.jobhiregojov.bongolifemediatz.xyz secure.renmarkets.com www.secure.renmarkets.com schmtt.com baderclean.com kbcheadoffice.info upbound.studio www.remediogenial.com www.medy.bongolifemediatz.xyz medy.bongolifemediatz.xyz collisionexchange.ai www.collisionexchange.ai www.ccis-agadir.com ccis-agadir.com paydayloans365new.org www.paydayloans365new.org www.quicknocreditcheckloans.info quicknocreditcheckloans.info kwiqjobjovi.bongolifemediatz.xyz www.kwiqjobjovi.bongolifemediatz.xyz www.susejgroup.org susejgroup.org www.mariawenner.com mariawenner.com mangusha2.bongolifemediatz.xyz www.mangusha2.bongolifemediatz.xyz mangusha.bongolifemediatz.xyz www.mangusha.bongolifemediatz.xyz omegacredit.site www.omegacredit.site itsghanashri.website www.itsghanashri.website www.rishirajexport.com app.simedarbyltd.com www.app.simedarbyltd.com simedarbyltd.com www.simedarbyltd.com www.thecrystalinvest.com www.grayphite.com test.swagscheck.com www.test.swagscheck.com www.nft.swagscheck.com nft.swagscheck.com www.ekremsigorta.com www.online.financekeytrust.com online.financekeytrust.com www.financekeytrust.com financekeytrust.com www.military.diamondexpresscourierplus.com military.diamondexpresscourierplus.com www.advanced.standuibk.online advanced.standuibk.online btes.standuibk.online www.btes.standuibk.online hrm.upbound.studio www.hrm.upbound.studio opencart.caymangreenscape.com www.opencart.caymangreenscape.com rennysfxtrade.com www.rennysfxtrade.com vivacredit.site www.apparell.upbound.studio apparell.upbound.studio www.mockup.caymangreenscape.com mockup.caymangreenscape.com rad-ark.com www.education.caymangreenscape.com education.caymangreenscape.com 9japaintballhub.com themetest.caymangreenscape.com www.themetest.caymangreenscape.com www.giogionta.com stagingusa.caymangreenscape.com www.stagingusa.caymangreenscape.com donoiffice.com douscommerce.com conscientiousyouth.org xn–kucon-h81b.com www.bitcoincryptoprofits.com www.delifastway.com delifastway.com stuyvesant-burgh-haamstede.com linxuav.caymangreenscape.com www.linxuav.caymangreenscape.com www.ewocollections.store ewocollections.store greatorganizationbrotherhood.com www.greatorganizationbrotherhood.com urbanbanana83.com www.urbanbanana83.com trentvfd.org www.trentvfd.org vamybiz.com www.vamybiz.com knowme.grayphite.com grayphite.com artistdoge.xyz kaylaliving.com rservices.digital quranonline4all.com www.quranonline4all.com www.abihailrealestate.com tokenswapex.com www.tokenswapex.com acceleratedbank.online saversglobalmart.com lazyreef.com www.blinkexpress.online blinkexpress.online www.latinstyleacademy.com www.zazashirts.com zazashirts.com faranandco.com www.faranandco.com k1transportations.caymangreenscape.com www.k1transportations.caymangreenscape.com www.mobile.viewico.com mobile.viewico.com www.26ne.net 26ne.net www.shuhrat.co shuhrat.co horizon-investmentmanagement.ltd www.noyon.themezone.xyz noyon.themezone.xyz myhometwist.com www.myhometwist.com www.cards.upbound.studio cards.upbound.studio www.bougiebodycare.caymangreenscape.com bougiebodycare.caymangreenscape.com www.e-verification.sbbk-group.com e-verification.sbbk-group.com churchsafetyministryacademy.com www.churchsafetyministryacademy.com www.epicbarber.upbound.studio epicbarber.upbound.studio www.arizondigital.xyz arizondigital.xyz www.jobjovi.bongolifemediatz.xyz jobjovi.bongolifemediatz.xyz staging.greatlakespaa.org www.staging.greatlakespaa.org fenceworld.rad-ark.com www.fenceworld.rad-ark.com livewebcrafts.com fitnessfaqs.store www.fitnessfaqs.store aqon.io www.aqon.io www.nevergiveup99.online nevergiveup99.online www.lanelashop.com lanelashop.com www.test.traderyt.com test.traderyt.com ap.traderyt.com www.ap.traderyt.com cryptoonboard.com rythumitraorganics.com spacecitydumpster.com www.spacecitydumpster.com www.econfirmation.sbbk-group.com econfirmation.sbbk-group.com rbcplc.us www.rbcplc.us www.urbanbana.com urbanbana.com yemencrypto.shop www.yemencrypto.shop wahatalaweer.com www.wahatalaweer.com eagle-financialgroup.co.uk www.eagle-financialgroup.co.uk www.bf-api.upbound.studio bf-api.upbound.studio www.nitmedtutorials.com.ng nitmedtutorials.com.ng protocolresolvesite.com ventasmodalima.online www.ventasmodalima.online themezone.xyz www.themezone.xyz server284.web-hosting.com project356.upbound.studio www.project356.upbound.studio www.jay.wil.bar jay.wil.bar techoard.com www.tbc.upbound.studio tbc.upbound.studio www.gachtminers.com gachtminers.com vendor.jahidhassan.com www.vendor.jahidhassan.com apeswrap.finance pacificwestbank.org www.pacificwestbank.org renmarkets.com www.tystutts.com tystutts.com www.testing.tystutts.com testing.tystutts.com abihailrealestate.com philp-bernard.com collab.nettense.com www.collab.nettense.com 3-6-5.digital www.3-6-5.digital sichere-agb-aenderung.info www.sichere-agb-aenderung.info www.meter.susejgroup.org meter.susejgroup.org viewico.com www.thedogejo.com thedogejo.com www.bulkammunitioncaliber.com bulkammunitioncaliber.com www.ffcfinance.com ffcfinance.com payuk.upbound.studio www.payuk.upbound.studio instafix.bogodistro.com www.instafix.bogodistro.com www.bogodistro.com bogodistro.com www.francesalexander.co.uk crodexfinance.com www.crodexfinance.com assgefront.narenciyeland.com www.assgefront.narenciyeland.com growfiinancial.org www.foxnewsglobalnetwork.com foxnewsglobalnetwork.com kkopticals.co.ke www.kkopticals.co.ke lukatotadze.com

Malware Detected on Host

Count: 1 d1e93486b35a55cb331fe7cd4b23364a09917255b4f7f80fb70aa676819eb09e

Open Ports Detected

21 443 53 80

CVEs Detected

CVE-2016-10735 CVE-2018-14040 CVE-2018-14042 CVE-2018-20676 CVE-2018-20677 CVE-2019-8331

Map

Whois Information

• NetRange: 192.64.112.0 - 192.64.119.255
• CIDR: 192.64.112.0/21
• NetName: NCNET-3
• NetHandle: NET-192-64-112-0-1
• Parent: NET192 (NET-192-0-0-0-0)
• NetType: Direct Allocation
• OriginAS:
• Organization: Namecheap, Inc. (NAMEC-4)
• RegDate: 2012-12-17
• Updated: 2015-03-24
• Comment: http://namecheap.com
• Comment: for any abuse please use: abuse@namecheap.com
• Ref: https://rdap.arin.net/registry/ip/192.64.112.0
• OrgName: Namecheap, Inc.
• OrgId: NAMEC-4
• Address: 11400 W. Olympic Blvd. Suite 200
• City: Los Angeles
• StateProv: CA
• PostalCode: 90064
• Country: US
• RegDate: 2011-01-28
• Updated: 2024-11-25
• Ref: https://rdap.arin.net/registry/entity/NAMEC-4
• OrgTechHandle: EFIME-ARIN
• OrgTechName: Efimenko, Igor
• OrgTechPhone: +1-323-375-2822
• OrgTechEmail: igor.e@namecheap.com
• OrgTechRef: https://rdap.arin.net/registry/entity/EFIME-ARIN
• OrgTechHandle: TECHT4-ARIN
• OrgTechName: Tech team
• OrgTechPhone: +1-661-310-2107
• OrgTechEmail: tech@namecheaphosting.com
• OrgTechRef: https://rdap.arin.net/registry/entity/TECHT4-ARIN
• OrgAbuseHandle: ABUSE2885-ARIN
• OrgAbuseName: Abuse team
• OrgAbusePhone: +1-323-375-2822
• OrgAbuseEmail: abuse@namecheaphosting.com
• OrgAbuseRef: https://rdap.arin.net/registry/entity/ABUSE2885-ARIN
• network:Class-Name:network
• network:Auth-Area:192.64.118.0/25
• network:ID:NET-106788.192.64.118.12
• network:IP-Network:192.64.118.12
• network:IP-Network-Block:192.64.118.12
• network:Org-Name:Web-hosting.com
• network:Street-Address:3402 East University Drive
• network:City:Phoenix
• network:State:AZ
• network:Postal-Code:85034
• network:Country-Code:US
• network:Tech-Contact:MAINT-106788.192.64.118.12
• network:Created:20200303154000000
• network:Updated:20200303154213000
• network:Updated-By:net-admin@namecheap.com
• contact:POC-Name:Network team
• contact:POC-Email:net-admin@namecheap.com
• contact:POC-Phone:
• contact:Tech-Name:Network team
• contact:Tech-Email:net-admin@namecheap.com
• contact:Tech-Phone:
• contact:Abuse-Name:Abuse team
• contact:Abuse-Email:abuse@namecheaphosting.com

Links to attack logs

****** ****** ******