199.188.200.15 Threat Intelligence and Host Information

Apr 04, 2025 ipinfopage

General

This page contains threat intelligence information for the IPv4 address 199.188.200.15 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Likely Malicious Host 🟠 51/100

Host and Network Information

  • Tags: abuse contact, a domains, ah6itbtgl, algorithm, all octoseek, all search, as41357, as44273 host, as63949 linode, bbonline uk, body, bt6lcuigydc9yc, chrome, cloud marketing, cname, community score, contacted, contact phone, content type, creation date, csv order, cus cnr3, data, data center, date, detections type, dns replication, dnssec, domain, domain name, domain status, ec oid, email, encrypt, eqsray, execution, expiration date, files, files domain, first, formbook, gmt content, graph api, graph community, historical ssl, history first, hostname, http, iana id, identifier, info, ionos se, ip address, ipv4, jansky, javascript, jxaavf4jnzza0, key algorithm, key identifier, key info, keysystems gmbh, malware, meta, metro, microsoft, ms excel, msie, name, namecheap inc, next, no security, number, olet, otx octoseek, passive dns, phishing, plesklin, pulse pulses, pulse submit, record type, record value, referrer, registrar abuse, registrar url, registrar whois, registry domain, resolutions, reverse dns, sabey, scam, scan endpoints, script domains, script urls, search, server, showing, social engineering, ssl certificate, status, subdomains, subject key, subject public, submission, submitters, summary iocs, text, thebrotherssabey, threat roundup, ttl value, united, united kingdom, unknown, url analysis, url http, urls, usage, utc submissions, v3 serial, vbs, whois lookup, whois record, win32 exe, x509v3 extended, x509v3 key, xcitium verdict, zip blaze

  • JARM: 3fd3fd15d3fd3fd00042d42d000000038eaaf490bec8dc33757f165ce01762

  • View other sources: Spamhaus VirusTotal

  • Contained within other IP sets: hphosts_fsa, hphosts_psh

  • Country: United States
  • Network:
  • Noticed: 3 times
  • Protocols Attacked: SSH
  • Countries Attacked: United States of America

Malware Detected on Host

Count: 15 2fcfc802499d6e4e6d6cf3005b701836e858798cf80cd9043a106e15ba22df24 9e1671d9bfdf9f398186aeda6281f8193631d791f779f2e560d39cb2138e93bb 89c86d765462245ed319a56570e2093ebc8d195f529f950b13f6030da6182c92 9156dc2df017a208625a2f80b06a561c26138ba0df65fab13e9212f01738b2fd 7f05c3f5735404ffdb56082eca6a5bd93f9b068de85ec410450b4a00a6a4f33a dc23b8b4019e66150ba86d69fc8d81af64fe13dae6e181b2f2102b64c647f9fb 8142164d1bc6288f8460a34158707e3dc5def2c794a60cbfc14636a837cb71e0 1bfe8674d0a6fab48c515d4c1547ec13419fb1a88fbe7f588508f96e122a014c 2f6da4dffb8c34dd7f773fdd23114a6039763f8e2972558925d63d5e35c1b57b ddaeffb12a944a5f4d47b28affe97c1bc3a613dab32e5b5b426ef249cfc29273

Open Ports Detected

2079 2080 2082 2083 21 443 53 80

CVEs Detected

CVE-2016-10735 CVE-2018-14040 CVE-2018-14042 CVE-2018-20676 CVE-2018-20677 CVE-2019-8331 CVE-2024-6484

Map

Whois Information

  • NetRange: 199.188.200.0 - 199.188.207.255
  • CIDR: 199.188.200.0/21
  • NetName: NCNET-1
  • NetHandle: NET-199-188-200-0-1
  • Parent: NET199 (NET-199-0-0-0-0)
  • NetType: Direct Allocation
  • OriginAS: AS16626, AS174, AS4323, AS3356, AS22612, AS32421
  • Organization: Namecheap, Inc. (NAMEC-4)
  • RegDate: 2011-08-03
  • Updated: 2015-03-24
  • Comment: http://namecheap.com
  • Comment: for any abuse please use: abuse@namecheap.com
  • Ref: https://rdap.arin.net/registry/ip/199.188.200.0
  • OrgName: Namecheap, Inc.
  • OrgId: NAMEC-4
  • Address: 11400 W. Olympic Blvd. Suite 200
  • City: Los Angeles
  • StateProv: CA
  • PostalCode: 90064
  • Country: US
  • RegDate: 2011-01-28
  • Updated: 2024-11-25
  • Ref: https://rdap.arin.net/registry/entity/NAMEC-4
  • OrgAbuseHandle: ABUSE2885-ARIN
  • OrgAbuseName: Abuse team
  • OrgAbusePhone: +1-323-375-2822
  • OrgAbuseEmail: abuse@namecheaphosting.com
  • OrgAbuseRef: https://rdap.arin.net/registry/entity/ABUSE2885-ARIN
  • OrgTechHandle: TECHT4-ARIN
  • OrgTechName: Tech team
  • OrgTechPhone: +1-323-375-2822
  • OrgTechEmail: tech@namecheaphosting.com
  • OrgTechRef: https://rdap.arin.net/registry/entity/TECHT4-ARIN
  • OrgTechHandle: EFIME-ARIN
  • OrgTechName: Efimenko, Igor
  • OrgTechPhone: +1-323-375-2822
  • OrgTechEmail: igor.e@namecheap.com
  • OrgTechRef: https://rdap.arin.net/registry/entity/EFIME-ARIN
  • network:Class-Name:network
  • network:Auth-Area:199.188.200.0/24
  • network:ID:NET-73149.199.188.200.15
  • network:IP-Network:199.188.200.15
  • network:IP-Network-Block:199.188.200.15
  • network:Org-Name:Web-hosting.com
  • network:Street-Address:3402 East University Drive
  • network:City:Phoenix
  • network:State:AZ
  • network:Postal-Code:85034
  • network:Country-Code:US
  • network:Tech-Contact:MAINT-73149.199.188.200.15
  • network:Created:20190301071351000
  • network:Updated:20190301071438000
  • network:Updated-By:net-admin@namecheap.com
  • contact:POC-Name:Network team
  • contact:POC-Email:net-admin@namecheap.com
  • contact:POC-Phone:
  • contact:Tech-Name:Network team
  • contact:Tech-Email:net-admin@namecheap.com
  • contact:Tech-Phone:
  • contact:Abuse-Name:Abuse team
  • contact:Abuse-Email:abuse@namecheaphosting.com

Links to attack logs

****** ****** ******

Share on: