199.192.29.136 Threat Intelligence and Host Information

General

This page contains threat intelligence information for the IPv4 address 199.192.29.136 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Possibly Malicious Host 🟢 28/100

Host and Network Information

• Tags: tsec

• JARM: 15d3fd16d29d29d00042d43d0000009ec686233a4398bea334ba5e62e34a01

• View other sources: Spamhaus VirusTotal

• Country: United States
• Network:
• Noticed: 4 times
• Protocols Attacked: SSH
• Passive DNS Results: justchillpty.com happoldcapitals.com kings-tradefx.com greenranddam.com midfinancebank.com www.midfinancebank.com ineos-agrochem.ltd encoreminingfx.com defi-whalestrade.com spacebinvestment.com server1.justchillhosting.xyz elite-financestable.com finbreau.org fortelcrypto.net coin-tech.ltd capitalhills.limited gaubertpower.ltd airlightindextrades.com coinassetfinance.com devine-chemicals.ltd royal-minners.ltd nextraenergy.ltd twsupp.space malberonftpurchase.com binanceinvest.ltd wealthfinancelimited.com alfaenergy.ltd ventora-investment.ltd globalfinance-trade.ltd crypto-messiah.org www.emeraldprofit.co emeraldprofit.co capital-miners.ltd www.capital-miners.ltd spacebinvest.ltd www.spacebinvest.ltd www.coins-trade.cash coins-trade.cash miningtrade.world www.miningtrade.world bit-trade.miningtrade.world www.bit-trade.miningtrade.world cvbfx.xyz bratulescu.online ntaijwk5.com howlongtillhugs.com www.howlongtillhugs.com ded-ex.com www.ded-ex.com verified-account-amzonsecure.com www.auth-signappsamzon-scurecstmr.bumbleshrimp.com auth-signappsamzon-scurecstmr.bumbleshrimp.com sign-idamazon-manage.com www.sign-idamazon-manage.com www.itemku.org itemku.org help-appamzon-secure.com www.vlxx.studio vlxx.studio sign-authntflixacc.serveftp.com traveloka.services www.traveloka.services appsscureamzonidacc.serveirc.com sign-amazon-service.com signauth-amazon.services app-sign-secure.com www.apps1gn-scureamzonservicemnge.kozow.com apps1gn-scureamzonservicemnge.kozow.com sign-1n-safety-amazon-customer.com www.sign-1n-safety-amazon-customer.com bapakmuciter.com www.expedia.menu expedia.menu www.garena.services garena.services www.app-sign-secure.com www.sign-amazon-authsecure.com sign-amazon-authsecure.com signin-amazon-accountid.com www.signin-amazon-accountid.com www.amazon-authsign.com amazon-authsign.com amazon-sign-service.com www.amazon-sign-service.com biils-srvceamzon.com www.sign-in-idamazon-account.com sign-in-idamazon-account.com sign-inamzon-customer.bumbleshrimp.com www.sign-inamzon-customer.bumbleshrimp.com www.apsign-amazon-apps.com apsign-amazon-apps.com www.resignin-amazon-manage.com resignin-amazon-manage.com www.csc-appamzon-signin.com csc-appamzon-signin.com account-verification.nbvsdrtt.art www.account-verification.nbvsdrtt.art account-verification.bytuearfj.art www.account-verification.bytuearfj.art notificcation-paypl.com applicationupdate.info servicesapp.info www.www-paypl-secure.duckdns.org www-paypl-secure.duckdns.org securirty-information.com application.update.servicefirewall.com servicefirewall.com secure.paypal.com.servicefirewall.com www.security-paypl-accounts.duckdns.org security-paypl-accounts.duckdns.org www-secure-appid.duckdns.org www.www-secure-appid.duckdns.org www.applxunusual.duckdns.org applxunusual.duckdns.org www-applesecurity.duckdns.org www.www-applesecurity.duckdns.org www-amaznlocked.duckdns.org www.www-amaznlocked.duckdns.org www.www-amaznalert.duckdns.org www-amaznalert.duckdns.org exexexehihi.com kontol11.exexexehihi.com memek.exexexehihi.com www.www-pavpalsecure.duckdns.org www-pavpalsecure.duckdns.org www.www-pavpalnotification.duckdns.org www-pavpalnotification.duckdns.org www.unlock-account-appleid.e283fecaecac.webredirect.org unlock-account-appleid.e283fecaecac.webredirect.org www.unlock-account-appie.e283facqec.webredirect.org unlock-account-appie.e283facqec.webredirect.org unlock-account-appleid.e283fecoah.webredirect.org www.unlock-account-appleid.e283fecoah.webredirect.org www.locked-notification.appie.vxdcfgjdfg.com locked-notification.appie.vxdcfgjdfg.com www.secure01b.chase.com.vbnasdet.com secure01b.chase.com.vbnasdet.com 6810137013.whilemendise.com pavpl-sercure.link4.ntaijwk3.com www.pavpl-sercure.link4.ntaijwk3.com www.transaction-receipt.service.vxdcfgjdfg.com transaction-receipt.service.vxdcfgjdfg.com www.vxdcfgjdfg.com alert-accountverif03.duckdns.org www.alert-accountverif03.duckdns.org mamaklo.kentl3.com ntaijwk4.com paypl-acvity-record1.duckdns.org www.paypl-acvity-record1.duckdns.org www.paypl-acvity-record5.duckdns.org paypl-acvity-record5.duckdns.org paypl-acvity-record4.duckdns.org www.paypl-acvity-record4.duckdns.org paypl-acvity-record2.duckdns.org www.paypl-acvity-record2.duckdns.org resolveaccount212.serveftp.com gracioussmith.com resolveaccount211.serveirc.com ns2.memesguy.com

Open Ports Detected

110 111 143 2082 2083 2086 2087 21 22 3306 443 465 53 587 80 993 995

CVEs Detected

CVE-2007-2768 CVE-2008-3844 CVE-2016-20012 CVE-2019-16905 CVE-2020-14145 CVE-2020-15778 CVE-2021-36368 CVE-2021-41617 CVE-2023-38408 CVE-2023-48795 CVE-2023-51385 CVE-2023-51767 CVE-2025-26465

Map

Whois Information

• NetRange: 199.192.16.0 - 199.192.31.255
• CIDR: 199.192.16.0/20
• NetName: NAMEC-4
• NetHandle: NET-199-192-16-0-1
• Parent: NET199 (NET-199-0-0-0-0)
• NetType: Direct Allocation
• OriginAS:
• Organization: Namecheap, Inc. (NAMEC-4)
• RegDate: 2018-03-12
• Updated: 2018-03-12
• Ref: https://rdap.arin.net/registry/ip/199.192.16.0
• OrgName: Namecheap, Inc.
• OrgId: NAMEC-4
• Address: 11400 W. Olympic Blvd. Suite 200
• City: Los Angeles
• StateProv: CA
• PostalCode: 90064
• Country: US
• RegDate: 2011-01-28
• Updated: 2024-11-25
• Ref: https://rdap.arin.net/registry/entity/NAMEC-4
• OrgTechHandle: TECHT4-ARIN
• OrgTechName: Tech team
• OrgTechPhone: +1-323-375-2822
• OrgTechEmail: tech@namecheaphosting.com
• OrgTechRef: https://rdap.arin.net/registry/entity/TECHT4-ARIN
• OrgTechHandle: EFIME-ARIN
• OrgTechName: Efimenko, Igor
• OrgTechPhone: +1-323-375-2822
• OrgTechEmail: igor.e@namecheap.com
• OrgTechRef: https://rdap.arin.net/registry/entity/EFIME-ARIN
• OrgAbuseHandle: ABUSE2885-ARIN
• OrgAbuseName: Abuse team
• OrgAbusePhone: +1-323-375-2822
• OrgAbuseEmail: abuse@namecheaphosting.com
• OrgAbuseRef: https://rdap.arin.net/registry/entity/ABUSE2885-ARIN
• network:Class-Name:network
• network:Auth-Area:199.192.29.0/24
• network:ID:NET-233487.199.192.29.136
• network:Network-Name:199.192.29.136
• network:IP-Network:199.192.29.136
• network:IP-Network-Block:199.192.29.136
• network:Org-Name:B’MEKS DIGITALS
• network:Street-Address:no 17 olokodana street
• network:City:ojo
• network:State:lagos
• network:Postal-Code:112102
• network:Country-Code:NG
• network:Tech-Contact:MAINT-233487.199.192.29.136
• network:Created:20220615210650000
• network:Updated:20220615210650000
• network:Updated-By:net-admin@namecheap.com
• contact:POC-Name:Network team
• contact:POC-Email:net-admin@namecheap.com
• contact:POC-Phone:
• contact:Tech-Name:Network team
• contact:Tech-Email:net-admin@namecheap.com
• contact:Tech-Phone:
• contact:Abuse-Name:Abuse team
• contact:Abuse-Email:abuse@namecheaphosting.com

Links to attack logs

****** ****** ******