66.29.132.33 Threat Intelligence and Host Information

Sep 11, 2025 ipinfopage

General

This page contains threat intelligence information for the IPv4 address 66.29.132.33 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Likely Malicious Host 🟠 64/100

Host and Network Information

  • Mitre ATT&CK IDs: T1003 - OS Credential Dumping, T1018 - Remote System Discovery, T1023 - Shortcut Modification, T1031 - Modify Existing Service, T1045 - Software Packing, T1049 - System Network Connections Discovery, T1053 - Scheduled Task/Job, T1055 - Process Injection, T1056 - Input Capture, T1060 - Registry Run Keys / Startup Folder, T1068 - Exploitation for Privilege Escalation, T1071.001 - Web Protocols, T1071.004 - DNS, T1071 - Application Layer Protocol, T1082 - System Information Discovery, T1096 - NTFS File Attributes, T1105 - Ingress Tool Transfer, T1110 - Brute Force, T1112 - Modify Registry, T1119 - Automated Collection, T1129 - Shared Modules, T1143 - Hidden Window, T1204 - User Execution, T1428 - Exploit Enterprise Resources, T1449 - Exploit SS7 to Redirect Phone Calls/SMS, T1553.002 - Code Signing, T1568 - Dynamic Resolution, T1583.005 - Botnet, T1598 - Phishing for Information

  • Tags: 103.129.252.44, 103.224.212.222, 103.28.36.182, 162.0.215.111, aaaa, aaaa nxdomain, accept, accept encoding, added active, address, a div, a domains, agent, algorithm, a li, all scoreblue, all search, antigua, a nxdomain, apache, apple, apple-access.com, application, april, arial helvetica, artro, as10906, as11284, as13414 twitter, as14061, as15133 verizon, as15169, as15169 google, as16276, as19527 google, as22612, as24940 hetzner, as29873, as30081, as31034 aruba, as31898 oracle, as36459, as36647 oath, as393245 oath, as397240, as397241, as46606, as49505, as54113, as54994 quantil, as62597 nsone, as7296 alchemy, as8075, as8560, as9009 m247, ascii text, asn as22612, asn as36459, asnone united, aurora, author avatar, backdoor, bank, barbuda, barbuda unknown, beginstring, bios, bladabindi, body, brazil unknown, brute force, bugs, capture, certificate, change, checkin, chrome, city, class, click, cname, cnwe1 validity, cnwotrus dv, code, collisionbox, command type, contact, contacted, contacted hosts, content, content type, cookie, copy, copyright, crazy doll, create c, created, creation date, crlf line, cryp, csam, cus ogoogle, date, date hash, days ago, delete, delete c, director, div div, div h3, dns replication, dnssec, dock, document file, domain, domain address, domain name, dotcisoffer, downloader, drweb, dynamic, dynamicloader, east, email, emails, emotet type, encrypt, enigmaprotector, entries, equiv cache, error, error all, error f, execution, expiration, expiration date, expiresthu, exploit, false, federation asn, filehash, filehashmd5, filehashsha256, files, file samples, files ip, files location, files matching, files related, first, flag, flag united, formbook cnc, for privacy, gameoverpanel, gecko, germany, germany unknown, github, github pages, global domains, gmt cache, gmt content, gmt contenttype, gmt server, grum, guard, hacktool, hack type, health type, high, hostname, http, httponly, http scans, httpsupgrades, hybrid, iana, iana ref, iana special, icmp traffic, idlogin sep, ieedge chrome1, incapsula, installs, intel mac, international, internet, ip address, ip check, ipv4, ipv6, italy, italy unknown, key algorithm, key info, khtml, labs pulses, lanc type, launcher, less see, less whois, life, limited, linux x8664, litespeed x, llc name, local, location united, look, los angeles, lowfi, macintosh, malware, markmonitor, mcig sep, media center, medium, memcommit, memreserve, meta, meta http, meta name, miori hackers, mirai, mirai type, moved, mozilla, msie, mtb aug, mtb description, mtb sep, namecheap inc, name servers, net168, net1680000, nethandle, next, nextc type, ninite, null, number, nxdomain, orgabusephone, organization, org domains, orgid, orgtechhandle, orgtechref, os x, overview domain, overview ip, owotrus ca, panda, param, passive dns, path, pattern match, pegasus, phishing, pii, piiexposure, porn type, possible, powershell, pragma, privacy admin, privacy billing, privacy tech, process details, program, proxy, pulse pulses, pulses email, pulse submit, pulses url, python, ransom, read, read c, record value, redacted for, redirect, refresh, registrar, registrar abuse, related nids, related pulses, related tags, report spam, request, request id, restart, reverse dns, robots content, roleselfservice, role title, runner, russia, sameorigin, scan endpoints, script, script endif, script script, script urls, search, sea x, secure, secure server, server, server ca, servers, service, sha1, sha256, show, showing, size, slcc2, smoke loader, softcnapp, span, span div, span svg, stack, status, stream, strings, subject public, suite, technology, telegram strong, telper, title, tofsee, tools, top destination, top source, tour, trex, trojan, trojanclicker, trojandropper, trojan features, trojanspy, trust, tulach type, twitter, type indicator, typeof, types of, ucha, uid38009, ul div, unis, united, united kingdom, university, unknown, updater, url analysis, url http, url https, urls, utf8, v2 document, v3 serial, verdict, verify, veryhigh, vipre, virgin islands, virtool, virustotal, whitelisted, whitelisted ip, whois registrar, win32, win32mydoom sep, win32 type, win64, windows, windows nt, windows startup, worm, wow64, write, write c, xport, x ua, yara detections

  • JARM: 3fd3fd15d3fd3fd00042d42d000000038eaaf490bec8dc33757f165ce01762

  • View other sources: Spamhaus VirusTotal

  • Country: United States
  • Network:
  • Noticed: 2 times
  • Protocols Attacked: SSH
  • Countries Attacked: Aruba, Italy, United States of America
  • Passive DNS Results: gidi.today georgiaboringanddrilling.com benue.today abuja.today 177slot.org bahiscixgiris.com buyelderberry.com marketingcdnservice.com www.pkgames.com.pk pkgames.com.pk www.apkofficial.pk apkofficial.pk allpkrgames.org allgamesapk.com www.aaasme.africa mytrip.ng joyindustriesgh.com apkpoker.net graphitecburkina.com vipvbetguncel.com epiwingame.net casinobetcomm.com epiwingame.com pioneertradeline.com a2pkr.live wavebestudio.com quickcamcoin.com mobilemotorsportsinc.com vehiclecrawler.com gogobetgiris.com mvkellyinfo.com supergiris.com betpkrlogin.com 9xwin.top bookshoper.com aaasme.africa toowoombataiko.club grantonic.com raprev.com operatorsrc.com emporio-della-legna.online showdwn.xyz spaziolegna.com nftmatrix.vip www.inventorcoin.vip inventorcoin.vip ariadtech-solutions.com www.thedrsam.com thedrsam.com mabrogtc.com www.mabrogtc.com vitterfinances.com anemones-fleurs.online heissinvest.com altafinanza.online clarashuangoldresources.com bildconslt.online medicalcarddoctors.com bagne-bois.com efsgroup.online hscfinancesrl.online lunerinvest.online edilfinancesrl.online esainvestsrl.com oraprestitosrl.com cheapbay.online www.watersoftahoe.com watersoftahoe.com easybay-pt.com phonie.africa dfsxvdbd.store bnfghtrs.store dsdwsdvd.site adlema.online indoslot303a.net apr-store.com qqvip303-asli.com thenewsbor.com sdfgrdsfe.store mnbvcxzz.store yuktyuyd.store qwrgdvsg.store jmyutycd.store caudalvehiculos.com 20220171.xyz 958962.xyz 769262.xyz 84992596.xyz 1153925.xyz 84992313.xyz 9966845.xyz 1171412.xyz 20220139.xyz 699617.xyz 84991982.xyz 84992212.xyz 8499046.xyz 84992425.xyz 9156287.xyz 8499017.xyz 84992969.xyz 771397.xyz 866518.xyz 84992123.xyz 84992449.xyz 701145.xyz 9966801.xyz 771404.xyz 9966156.xyz 8499083.xyz 84991849.xyz 889222.xyz 84992816.xyz 996643.xyz 8499160.xyz 525856.xyz 20210158.xyz 884000.xyz 707625.xyz 701785.xyz 1125970.xyz 1124136.xyz 3467800.xyz 20220256.xyz 159981.xyz 3693269.xyz 118206.xyz 510313.xyz 1125887.xyz 68085445.xyz 1125341.xyz 103285.xyz communitychaplaincyservices.org indoslot303resmi.net indoslot303vip.net indoslot303resmi.org indoslot303a.org indoslot303resmi.com indoslot303vip.com indoslot303a.com avidtechsoftware.com empirestatecellars.com www.empirestatecellars.com finwebify.com inibet88slot.com bola338daftar.com expandily.com cpgscout.com www.cgmfinance.online cgmfinance.online jockerfin.online paya2a.com www.phentronix.com www.ilumelechome.com 1153924.xyz 1153798.xyz 1154065.xyz 1153893.xyz 1153886.xyz 44211445.xyz 1153911.xyz 1153788.xyz 1153883.xyz 085322.xyz www.mvmansionhousespa.com mvmansionhousespa.com lumbung138-amp.site strategicchaplaincyservices.com cobransis.com paymentsist.com contabilfin.com shopamallmaroc.store lsdemosite.com enecigroup.online www.wtnmarkets.xyz wtnmarkets.xyz www.wanderlust-swim.com wanderlust-swim.com www.marketing.ridgehomes.in marketing.ridgehomes.in sales.ridgehomes.in www.sales.ridgehomes.in www.newsbor.com newsbor.com www.holyghostnyc.net holyghostnyc.net www.offers.inayogam.com www.felicitysolarnig.com www.staging2.foodwalker.co staging2.foodwalker.co www.beat4d.net beat4d.net idola777.net www.idola777.net jokerwin.co www.jokerwin.co cair188slot.org www.cair188slot.org bighokidaftar.com www.bighokidaftar.com cantik4d.id www.cantik4d.id winplay88.org www.winplay88.org mpowin88slot.org mpowin777slot.com www.mpowin777slot.com www.mpowin88slot.org www.initoto.id initoto.id mami4dslot.org www.mami4dslot.org asin4d.id www.asin4d.id www.ini88.id ini88.id juara138.pro juara77.pro rusiaslot88.pro lifeslot.lol landak4d.lol juaraplay.lol lifebet.lol bowototo.lol laligaslot.lol paoslot.lol paotogel.lol juara4d.lol rusia4d.lol juara999.lol banditbet.lol juarawin.lol rusiaslot77.lol rose888.lol royalwin.lol juara777.lat roseslot.lol rose777.lol rusiaslot.lol paototo.lat rosetogel.lat tema88.info rose4d.info juara88.lat www.ugandancrafts.com ugandancrafts.com www.rose999.lol rose999.lol www.rose77.lol rose77.lol rose99.lol www.rose99.lol temabet.lol www.temabet.lol rose88.lol www.rose88.lol www.juara99.pro juara99.pro www.juara888.lol juara888.lol www.bandittogel.info bandittogel.info www.landakslot.lat landakslot.lat tematoto.info www.tematoto.info www.temaslot.lol temaslot.lol tema77.lat www.tema77.lat tematogel.lol www.tematogel.lol www.laligabet.lol laligabet.lol www.rusiatoto.lol rusiatoto.lol www.west4d.lol west4d.lol rusiabet.lol www.rusiabet.lol www.landakbets.lol landakbets.lol www.westslot.lol westslot.lol www.landaktoto.lol landaktoto.lol bowotogel.pro www.bowotogel.pro bandittoto.shop www.bandittoto.shop spontan77.xyz spontan77.com spontan77.org spontan77.net www.spontan77.net djvikimatkakings.com slottipsuonline.com highupspeedslots.com aliva-investsrl.com business136.web-hosting.com cpcontacts.tommysjerkcentre.com alnurinvestsrl.com www.alnurinvestsrl.com slvco-finance.com ajsautotrans.com ailmlm.com showdwn.app webmail.tommysjerkcentre.com excogitatoris.site www.excogitatoris.site tommysjerkcentre.com thomasload.store tahliamileh.shop keirafult.online www.blog.ridgehomes.in blog.ridgehomes.in www.mariambrisb.shop mariambrisb.shop seatsaver.io www.seatsaver.io barclbk.online www.societe-gen.online societe-gen.online getgerrys.com tofusteak.top deepfriedtofu.top soborodon.top simmeredtaro.top agebitashi.top japanesefriedchicken.top inarizushi.top ikayaki.top ikanwoku.top panko.top beefbowl.top gulaiikan.top gyudon.top japanesepickles.top umeboshi.top japaneseomelette.top riceball.top fishcake.top kwetiaugoreng.top lariocreditsrl.com boneshta-auto.com katsusando.top www.katsusando.top grilledsquid.top www.grilledsquid.top japanesepancake.top www.japanesepancake.top grilledporkbelly.top www.grilledporkbelly.top www.miegoreng.top miegoreng.top japanesepizza.top www.japanesepizza.top shiokara.top www.shiokara.top www.yakisoba.top yakisoba.top seaweedsoup.top www.seaweedsoup.top seaweedsalad.top www.seaweedsalad.top www.beeftongue.top beeftongue.top shimesaba.top www.shimesaba.top beeftataki.top www.beeftataki.top www.kushikatsu.top kushikatsu.top basashi.top www.basashi.top offers.inayogam.com www.admin5.bookaneer.shop admin5.bookaneer.shop www.scholarshipsbox.com scholarshipsbox.com gangkiri.top www.gangpanda.top gangpanda.top www.bumbumfree.top bumbumfree.top thewholesalesstore.com gemmys.net www.bakerscastle.in nanteyie1.online thehottnews.com seogns.com jitglobalconsult.com bakerscastle.in arnecainternational.com forjp3.top mabevva.com alcsecuritysystems.com venketfitness.com www.venketfitness.com areanoir.art netness.store joyoushairscollection.com mymuute.com cagzin.com kaypopson.com 1940teas.com firstguaranteeshipment.com gcecfgc.com glademall.com novaseagroup.com glimpseoflightministries.com jettyroyalhub.com verse19.com krayziedetails.com kraysound.com apparelgr.com dlifeempirecakes.com yankysmarineoilandgasservicesltd.com ddhmechatronics.com ifynesthair.com oxweekly.com crackkid.xyz jadwalcwsports.live jadwalhmnsports.live polacw.info infombahhmn.info areanoir.group sandoqalstockj.com voicenaija.com zoneot.com scoopscafe.co.uk cardzonees.com codescard.com codestravel.com cardpaste.com stevewoodschamberspllc.com zoneies.com puregold-holdings.com offerslife.com offerno.com offerxz.com codesst.com codeoc.com cardradio.com mytoolec.com offersgateway.com offerslaw.com offerwater.com foodwellsaid.com nobshomesteading.com paypaddi.com travu.africa pioneercac.com essentialsavvybeautyfinds.com phentronix.com wvvvv-gemini.com rateuseasy.com cempaka88champ.com cempaka88super.com cempaka88cuan.com cempaka88big.com cempaka88win.com cempaka88slot.com cempaka88first.com cempaka88ace.com cempaka88max.com cempaka88mantap.com cempaka88gacor.com cempaka88best.com cempaka88top.com zonesoul.com daoffers.com coinejs.com grillirestaurant.com stoneproductions.info seevero.com myofferv.com zonerah.com gorillatag.pro blooketcode.info offers5d.com cempakamaster.com shadhr-alkalam.com infinity-fly.com africasmemall.com saharaagriproductspvtltd.com sahakarcropsciencepvtltd.com perceptionsmedia.org eonmusic.org transmissionafrica.com losttrybes.com lovelingoquiz.com fundlinknetwork.com gostarino.xyz climb-explore-share.com fdxtool.com ilumelechome.com globalhotelex.net uniorch.com karnmore.com

Open Ports Detected

143 2079 21 443 80 8888 995

CVEs Detected

CVE-2016-10735 CVE-2018-14040 CVE-2018-14042 CVE-2018-20676 CVE-2018-20677 CVE-2019-8331

Map

Whois Information

  • NetRange: 66.29.128.0 - 66.29.159.255
  • CIDR: 66.29.128.0/19
  • NetName: NAMEC-4
  • NetHandle: NET-66-29-128-0-1
  • Parent: NET66 (NET-66-0-0-0-0)
  • NetType: Direct Allocation
  • OriginAS:
  • Organization: Namecheap, Inc. (NAMEC-4)
  • RegDate: 2021-03-05
  • Updated: 2021-03-05
  • Ref: https://rdap.arin.net/registry/ip/66.29.128.0
  • OrgName: Namecheap, Inc.
  • OrgId: NAMEC-4
  • Address: 11400 W. Olympic Blvd. Suite 200
  • City: Los Angeles
  • StateProv: CA
  • PostalCode: 90064
  • Country: US
  • RegDate: 2011-01-28
  • Updated: 2024-11-25
  • Ref: https://rdap.arin.net/registry/entity/NAMEC-4
  • OrgTechHandle: EFIME-ARIN
  • OrgTechName: Efimenko, Igor
  • OrgTechPhone: +1-323-375-2822
  • OrgTechEmail: igor.e@namecheap.com
  • OrgTechRef: https://rdap.arin.net/registry/entity/EFIME-ARIN
  • OrgAbuseHandle: ABUSE2885-ARIN
  • OrgAbuseName: Abuse team
  • OrgAbusePhone: +1-323-375-2822
  • OrgAbuseEmail: abuse@namecheaphosting.com
  • OrgAbuseRef: https://rdap.arin.net/registry/entity/ABUSE2885-ARIN
  • OrgTechHandle: TECHT4-ARIN
  • OrgTechName: Tech team
  • OrgTechPhone: +1-661-310-2107
  • OrgTechEmail: tech@namecheaphosting.com
  • OrgTechRef: https://rdap.arin.net/registry/entity/TECHT4-ARIN
  • network:Class-Name:network
  • network:Auth-Area:66.29.132.0/24
  • network:ID:NET-175193.66.29.132.33
  • network:IP-Network:66.29.132.33
  • network:IP-Network-Block:66.29.132.33
  • network:Org-Name:Web-hosting.com
  • network:Street-Address:3402 East University Drive
  • network:City:Phoenix
  • network:State:AZ
  • network:Postal-Code:85034
  • network:Country-Code:US
  • network:Tech-Contact:MAINT-175193.66.29.132.33
  • network:Created:20210407071900000
  • network:Updated:20210407094842000
  • network:Updated-By:net-admin@namecheap.com
  • contact:POC-Name:Network team
  • contact:POC-Email:net-admin@namecheap.com
  • contact:POC-Phone:
  • contact:Tech-Name:Network team
  • contact:Tech-Email:net-admin@namecheap.com
  • contact:Tech-Phone:
  • contact:Abuse-Name:Abuse team
  • contact:Abuse-Email:abuse@namecheaphosting.com

Links to attack logs

****** ****** ******

Share on: