192.74.250.130 Threat Intelligence and Host Information

General

This page contains threat intelligence information for the IPv4 address 192.74.250.130 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Potentially Malicious Host 🟡 35/100

Host and Network Information

• Tags: alerts continue, anna paula, april, associated, august, beacon detected, click, cobalt, cobalt stike, cobalt strike, currc3adculo, cyber, february, from email, headers, june, lockbit, malspam email, msi file, november, october, reading, september, service, tuesday, utf8, zip archive

• View other sources: Spamhaus VirusTotal

• Country: United States
• Network: AS54600 peg tech inc
• Noticed: 7 times
• Protocols Attacked: spam
• Passive DNS Results: ky000.top chinacreates.com wanderwater.com wartharts.com alemartinez.com artmedianet.com amico-market.com aimskin.com tebowhaters.com thgbm.com towardheaven.com talviconseil.com dogaltakviye.com divorcetable.com diabeticmed.com davidbuffalo.com cookitagain.com clareashton.com visualise-it.com santarosafl.com starrage.com visitors24.com sonicglobe.com studio8ten.com sz-gifts.com sdcmillwork.com skytroniks.com hughrandall.com markandjanie.com mulliganhome.com messtray.com maltafotos.com loco-model.com isac4flylinz.com igrekuhanja.com ledxg.com ivistra.com its-about-me.com polsorbsales.com phx-media.com polycraftusa.com best4gifts.com pocketchic.com pauloimoveis.com bouffardbuzz.com berlin-ia.com bappstore.com bobgoyer.com baovui.com grupomoving.com goodmale.com gebzeinsaat.com jongarciapj.com gbdaniels.com jat2012.com olleshop.com uyelik-kayit.com ugly-houses.com email-friend.com nexteconomia.com net-runners.com ne-polymers.com kimpoh.com kuyusuyu.com ris-alwahda.com roblesmusica.com friskycash.com frauenhaare.com websalads.com aufilduniger.com designigloo.com dangattire.com designhomebd.com miedzymamami.com youradvances.com plprofit.com uselesscock.com kiteeffect.com wwwskmov.com ccfuganda.com hbfamilycare.com yamatoonline.com botonon.com grupodln.com jld-events.com 11tricks.com kumpit.com free-cuba.com adornhairbar.com taliangroup.com poolvan.com p4pent.com kheddam.com fepevela.com xxx-captions.com wishesnow.com thermomis.com tosscn.com siamnation.com masquezumos.com mumtazhealth.com mcpcbd.com love-mariage.com pandasis.com bylucybyhand.com jiatongbao.com klaop.com kingsmindset.com ohlalapanama.com winddose.com tragazorras.com tokomuslimah.com tageswetter.com clesdeals.com vitalpub.com famille-gay.com ahoyearth.com mshaynebell.com bain-soleil.com openplayzone.com alagence.com stereocien.com home-ktec.com ray-solomon.com wordbucks.com weltviral.com wellmain.com armyperks.com arb4wd.com aoestats.com al-fonon.com tuneshere.com topconx.com tinypipol.com teschpets.com tupetate.com tekfluent.com tentmail.com terazz.com deziri.com dromride.com doo-b.com devexams.com copy-bot.com chopstyks.com chemrecs.com cfcgllc.com caviled.com crymera.com corecginc.com cassanie.com viralless.com caniecani.com casonsbnb.com suabb.com sicrewing.com hddnlifts.com shopeazee.com meermusa.com mcgel.com mnserver1.com lsshoe.com zeeticket.com imsplay.com yoporngay.com pornsex99.com youpend.com yarimax.com pcinstyle.com pyromy.com picotear.com pay-flow.com phamgrp.com bgpolish.com gaadi25.com ganzaroli.com orbav.com oz-en.com omnihd.com espacius.com exportlot.com epronos.com 3elti.com narmeo.com kaylaam.com frescoln.com fonexi.com fulcrumfc.com fedeix.com oldapp.commerceiq.vip oldadmin.commerceiq.vip commerceiq.vip app.xencapitall.com 7u4q1.959wl.cn

Open Ports Detected

1801 5985 80

Map

Whois Information

• NetRange: 192.74.224.0 - 192.74.255.255
• CIDR: 192.74.224.0/19
• NetName: PT-82-5
• NetHandle: NET-192-74-224-0-1
• Parent: NET192 (NET-192-0-0-0-0)
• NetType: Direct Allocation
• OriginAS: AS54600
• Organization: PEG TECH INC (PT-82)
• RegDate: 2012-11-08
• Updated: 2012-11-08
• Ref: https://rdap.arin.net/registry/ip/192.74.224.0
• OrgName: PEG TECH INC
• OrgId: PT-82
• Address: 55 South Market Street, Suite 320
• City: San Jose
• StateProv: CA
• PostalCode: 95113
• Country: US
• RegDate: 2012-03-27
• Updated: 2017-01-28
• Ref: https://rdap.arin.net/registry/entity/PT-82
• OrgAbuseHandle: ABUSE3497-ARIN
• OrgAbuseName: Abuse
• OrgAbusePhone: +1-408-692-5581
• OrgAbuseEmail: abuse@petaexpress.com
• OrgAbuseRef: https://rdap.arin.net/registry/entity/ABUSE3497-ARIN
• OrgTechHandle: NOC12550-ARIN
• OrgTechName: NOC
• OrgTechPhone: +1-408-692-5581
• OrgTechEmail: noc@petaexpress.com
• OrgTechRef: https://rdap.arin.net/registry/entity/NOC12550-ARIN
• OrgNOCHandle: NOC12550-ARIN
• OrgNOCName: NOC
• OrgNOCPhone: +1-408-692-5581
• OrgNOCEmail: noc@petaexpress.com
• OrgNOCRef: https://rdap.arin.net/registry/entity/NOC12550-ARIN
• NetRange: 192.74.250.128 - 192.74.250.135
• CIDR: 192.74.250.128/29
• NetName: 199-180-100-0-1
• NetHandle: NET-192-74-250-128-1
• Parent: PT-82-5 (NET-192-74-224-0-1)
• NetType: Reassigned
• OriginAS: AS54600
• Customer: staridc (C03273532)
• RegDate: 2013-01-14
• Updated: 2013-01-14
• Ref: https://rdap.arin.net/registry/ip/192.74.250.128
• CustName: staridc
• Address: Beijing
• City: Beijing
• StateProv: BEIJING
• PostalCode: 362200
• Country: CN
• RegDate: 2013-01-14
• Updated: 2013-01-14
• Ref: https://rdap.arin.net/registry/entity/C03273532
• OrgAbuseHandle: ABUSE3497-ARIN
• OrgAbuseName: Abuse
• OrgAbusePhone: +1-408-692-5581
• OrgAbuseEmail: abuse@petaexpress.com
• OrgAbuseRef: https://rdap.arin.net/registry/entity/ABUSE3497-ARIN
• OrgTechHandle: NOC12550-ARIN
• OrgTechName: NOC
• OrgTechPhone: +1-408-692-5581
• OrgTechEmail: noc@petaexpress.com
• OrgTechRef: https://rdap.arin.net/registry/entity/NOC12550-ARIN
• OrgNOCHandle: NOC12550-ARIN
• OrgNOCName: NOC
• OrgNOCPhone: +1-408-692-5581
• OrgNOCEmail: noc@petaexpress.com
• OrgNOCRef: https://rdap.arin.net/registry/entity/NOC12550-ARIN

Links to attack logs

****** ****** forum-spam-ip-list-2013-07-29 ******