66.29.141.227 Threat Intelligence and Host Information

General

This page contains threat intelligence information for the IPv4 address 66.29.141.227 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Potentially Malicious Host 🟡 33/100

Host and Network Information

• Tags: anna paula, associated, currc3adculo, from email, headers, malspam email, msi file, phishing, scam, tuesday, utf8, zip archive

• JARM: 3fd3fd15d3fd3fd00042d42d000000038eaaf490bec8dc33757f165ce01762

• View other sources: Spamhaus VirusTotal

• Country: United States
• Network: AS22612 namecheap inc.
• Noticed: 1 times
• Protcols Attacked: SSH
• Passive DNS Results: broadearn.com sending-data.info stephencashin.com checkused.com adrijagroup.com littleseamarine.com disputeresolution.info magickmilk.com barakatpetroleum.com projectwoundedhealer.org petsomecare.online xn–42c6aaa6a9cb1cxeybyf8cl.com wilsonbruno.com alphatechh.com contentrelationshipmanagement.com stealsndealsoutlet.com masterpieces-of-beauty.com myhealthaxis.com bivasbros-agency.com greencirclenergy.com reviereconsult.com gacorjpcoi.xyz qualitybuy.store bravotechs.org qdivers.net internetresidence.biz topautoeurope.com couchrenters.com hakoltovltd.com nehantechsolution.com buyresearchchemicalsstoreusa.com swipe2share.com loluores.com secureinsightsshippingcoltd.com thecloserjla.com muskonomyerc20.vip quarsarinvest.online prediksiangka4d.xyz stocben.xyz pepeaierc20.vip freakinseals.vip hizliindir.shop abiastructureplans.org ld-gmbh.org adssilonlegacy.online process-template.online 7658ty.info trevor-powell.com therealtatecompany.com taylorsrenovation.com dyncxwallet.com dedistruck.com conspiracieswithcurvez.com vadimdentalcenter.com samueltacay.com hopecorpfi.com marabeautyhub.com intellectcamarketing.com parsamehdi.com petprovender.com boliarpuragrofarm.com boooksing.com burjcoffee.com gglnovn.com ngglnov.com forexrover.com underground.directory adealtd.com www.successcontinuity.info successcontinuity.info aiartbook.store stemway-ib.online smartage-isb.online cargoservices.online mahoni88linkresmi.live domainkpl2.host bluemoon.host aljawarih.com truoilpkdf.com triathletebot.com swhealth-cm.com investedgebk.com prosubrosa.com gejcdumen.com nsfft.com eaglesgrouptz.com revoult-business.com richardclearyverse.com filippotramontana.com techhelpr.org reallyarchitecture.org basebit.online setbaju-wanita.com bennprints.com mirait.us db2dev.online whitecrowncleaning.com iptvdigital.fun internetbillingservice.online x22-enq.online pksintezoil.com sagesoftworld.org goodwinwebdev.com srrokon.com clrndirect.com medicalsensed.com exploreet.org hbbirmingham.co.uk triovalinc.com milica.xyz glasstome.us billiingdepartment.store bliss-salon.site backlinkservice.org appstride.live belivecoach.lat ttontpetroleum.com shpijaniku.com link2mrsheg.com lashlyric.com firesideats.com ergosupport.online bestrabota.org buyssn.online bibleparkusa.com weblogics.guru sultanspeedtransport.com towtrucky.com thewarminds.com e3principles.com grandmodz.xyz harget.online animaticlab.com skycracken.com lamsthayah.com srodkafundacja.site atogov.us escobarvape.us infosseeker.com afrosochambers.com eclua.com howwellinfo.com vesselsofmercy.net ihdo-ssd.org www.ihdo-ssd.org badnamsamosa.com takedaspharm.com skilledgroupe.com citalackiblog.com cenfotec.info www.moropoint.yangasc.shop moropoint.yangasc.shop www.infos-tsc-rdc.online onlinedate.shopmakkarieurrope.com www.onlinedate.shopmakkarieurrope.com 4prenuers.us abbviespharm.com www.abbviespharm.com broadearn.site darknspy.net bugbitething.net philonghoi.shopmakkarieurrope.com www.philonghoi.shopmakkarieurrope.com 1q1.shop www.1q1.shop millicore.live iberia.cards ahilalqima.com technexte.com danny-young-digital-venture.com caxafinancials.com cryptopluz.com vipsportstv.com stallionplace.com socialspay.com shopmakkarieurrope.com mumbond.com medtronicsmedicals.com ip-tvpro.com www.artalchemylab.com artalchemylab.com biigcart-sa.store www.onlyhealthytipz.com onlyhealthytipz.com phoenixappofficial.online www.phoenixappofficial.online www.centurancapital.shop centurancapital.shop www.alloffers4all.com alloffers4all.com www.cmarket.uk cmarket.uk dtranslogs.com ofastshop.com fundb-online.net softwareinforeview.com apkipure.net www.apkipure.net nm23xc78.xyz starisa2.trade wesecurepc.info tips-us.com stevquset.com monayz.com rayeresources.com www.christophercashin.com christophercashin.com aisichurch.org apkipure.com unilabszambia.com www.nigeriainfigures.com nigeriainfigures.com cofertrans.com www.cofertrans.com www.new13.online new13.online zeyadelhtab.guinee-o.online www.zeyadelhtab.guinee-o.online biig-cartsa.store mint.rottenus.com www.mint.rottenus.com grandhorizonsrealty.com big-cartsa.store southcargo.net www.southcargo.net bigcart-sa.store handel-bruktbil.sbs infos-tsc-rdc.online alubiagba.com deriv360.com jobswithfrank.com fourmanelads.com techcpa.online www.techcpa.online bizzsolutionsltd.com big-carttsa.com maceny.com www.maceny.com shopkorrect.com.ng www.shopkorrect.com.ng dasfg.aldas.pro hdfga.aldas.pro www.hdfga.aldas.pro kalu.petinnes.com www.kalu.petinnes.com mypigfarm.org ketunes.com winzoneph.com techasiadigital.com villaincat.com highlandstractors.com boisakh.com niazbakhshtechnicalservices.com kalihatitech.com narmedical.com merrykeysstudio.com www.dreadfullydistinct.dev dotrefl.com kalinternationalgroup.com www.office.garrisonone.com office.garrisonone.com tikmoneyinfo.com digitalna.agency appdatadoghg.com erss911.com continuousimprovementadvisoryaustralia.com www.continuousimprovementadvisoryaustralia.com www.ingemotors.com ingemotors.com petnessllc.petinnes.com www.petnessllc.petinnes.com anaya-aesthetics.com www.anaya-aesthetics.com cv.modernkarachi.com www.cv.modernkarachi.com www.billboard-mag.com billboard-mag.com travisazrealtor.com www.mtxarbitragetrading.org mtxarbitragetrading.org www.anayapropertyinvestments.com anayapropertyinvestments.com www.prabhavah.com prabhavah.com dreadfullydistinct.dev alsaharrealestate.com limojeddah.com jardinemma.com devsdenbd.com www.g2kpharm.com g2kpharm.com ashleysbeachdogsandfriends.com www.ashleysbeachdogsandfriends.com www.spectrum.petinnes.com spectrum.petinnes.com www.upvoucher.com upvoucher.com www.ffuniquedeals.com www.oxys-mexico.cloudorigin.in oxys-mexico.cloudorigin.in princeroseevents.com www.princeroseevents.com dev.proptydive.com www.dev.proptydive.com www.bigcart-sa.co bigcart-sa.co www.iptv-subscriptions.store www.ofastmobile.com ofastmobile.com www.joberunite.com joberunite.com www.pkfscientific.com pkfscientific.com www.advertising-guide.com advertising-guide.com melonmki.store reservasimurah.info caribb2b.com gainbaze.com www.rocketmeup.io rocketmeup.io www.jugthad.site jugthad.site www.kerin.melonmki.store kerin.melonmki.store akisantech.com www.akisantech.com www.proptydive.com proptydive.com journaldunumerique.cd www.journaldunumerique.cd www.aarnainfoservices.com aarnainfoservices.com quranina.com www.quranina.com sistemadisicurezzaweb.com www.sistemadisicurezzaweb.com beyerilarare.com www.beyerilarare.com www.servicioaudiologico.com servicioaudiologico.com www.eliminacollegamento-poste.com eliminacollegamento-poste.com www.avvisodispositivo.com avvisodispositivo.com global.helpicent.com www.global.helpicent.com helpicent.com www.helpicent.com biig-cartsa.com digid.website trans-cd.site mcib-onlinesoftware.com t-shirts.one www.t-shirts.one inbox.splashalt.com www.inbox.splashalt.com www.mandrill.splashalt.com mandrill.splashalt.com www.ecomyamarket.store ecomyamarket.store www.ads-nejk.com ads-nejk.com www.itself.today itself.today ahitanseo.co.uk www.ahitanseo.co.uk south-siderp.com garrisonone.com njija.com goji-cream.cloudorigin.in www.goji-cream.cloudorigin.in www.finejewelrycut.com finejewelrycut.com ust1wiy6.art thirteencare.com solarcity-ng.com connected-stream-ma.com www.connected-stream-ma.com ai4pro.org sactime.cloud homeautoguide.com www.homeautoguide.com treadmill-stocks.com www.treadmill-stocks.com www.petinnes.com petinnes.com stenascon.com passoproperties.com zerosales.xyz www.zerosales.xyz diaxil-review-italy.cloudorigin.in www.diaxil-review-italy.cloudorigin.in www.simpla360-austria.cloudorigin.in simpla360-austria.cloudorigin.in simpla360-germany.cloudorigin.in www.simpla360-germany.cloudorigin.in arthrazex-review.cloudorigin.in www.arthrazex-review.cloudorigin.in ingenius.digital www.ingenius.digital www.giffscen.com giffscen.com rouissemohammed.me www.rouissemohammed.me www.test.mukyalamabiriizihospital.com test.mukyalamabiriizihospital.com www.old.website.steptoe.ca old.website.steptoe.ca www.zushafashion.pk zushafashion.pk vrcearn.online evventix.com www.admin.nfmj.ng admin.nfmj.ng www.yetiportal.shpalistudio.com yetiportal.shpalistudio.com www.apply.appealls.today apply.appealls.today www.afaawards.org afaawards.org normq.site acerithalatihracat.com tonkeeperapp.com tradebtclive.com shpalistudio.com marklawal.com russton.com www.russton.com www.sportsnewshome.com sportsnewshome.com www.appealls.today app.cryptomarketanalysis.live www.app.cryptomarketanalysis.live www.cryptomarketanalysis.live cryptomarketanalysis.live www.bccnashville.org bccnashville.org profjakospells.com www.profjakospells.com marluxe.net www.marluxe.net www.uk.zeluxer.com uk.zeluxer.com integprocessgroup.co www.integprocessgroup.co pantheraai.com www.pantheraai.com globetours.co.uk www.globetours.co.uk www.app.cryptomarketoptions.live app.cryptomarketoptions.live cryptomarketoptions.live www.cryptomarketoptions.live lexvonta.pro www.lexvonta.pro www.moneyskillsafrica.com moneyskillsafrica.com www.notifymyusers.info notifymyusers.info www.totalamendment.com totalamendment.com digimastermind.org www.digimastermind.org globalcloud.dev doc.kaoma.agency iptv-subscriptions.store www.apeall.today apeall.today www.autorepairlongbeach.net autorepairlongbeach.net elektrabullz.com www.elektrabullz.com artistesmanagement.com www.artistesmanagement.com inn.smdigbetalng.online www.inn.smdigbetalng.online alifragomeni.com www.alifragomeni.com lwsumon.com www.e-channel.rizalcbc.com e-channel.rizalcbc.com rizalcbc.com www.rizalcbc.com www.amnean.com amnean.com plotchronicle.com www.plotchronicle.com biitquetrading.winnershubng.com tinleyparklocksmith.com iptvprovideer.com www.salmosalar.ca salmosalar.ca www.kuzhanov.com kuzhanov.com kingdolphin.co www.kingdolphin.co metropoltancontracting.com elooni.com rightfixers.com

Malware Detected on Host

Count: 2 b5138b4caab0e7c711be51140e952dab4fc0103e7b1f0ce2a3b1c6622f7bcec0 01c76e37c2ea15f1fda54e08c2fd9f7315621828d973ddcf670f96976b393542

Open Ports Detected

110 143 2082 2083 2096 21 26 443 465 53 587 80 993 995

CVEs Detected

CVE-2022-31628 CVE-2022-31629 CVE-2022-37454

Map

Whois Information

• NetRange: 66.29.128.0 - 66.29.159.255
• CIDR: 66.29.128.0/19
• NetName: NAMEC-4
• NetHandle: NET-66-29-128-0-1
• Parent: NET66 (NET-66-0-0-0-0)
• NetType: Direct Allocation
• OriginAS:
• Organization: Namecheap, Inc. (NAMEC-4)
• RegDate: 2021-03-05
• Updated: 2021-03-05
• Ref: https://rdap.arin.net/registry/ip/66.29.128.0
• OrgName: Namecheap, Inc.
• OrgId: NAMEC-4
• Address: 11400 W. Olympic Blvd. Suite 200
• City: Los Angeles
• StateProv: CA
• PostalCode: 90064
• Country: US
• RegDate: 2011-01-28
• Updated: 2017-01-28
• Ref: https://rdap.arin.net/registry/entity/NAMEC-4
• OrgTechHandle: EFIME-ARIN
• OrgTechName: Efimenko, Igor
• OrgTechPhone: +1-323-375-2822
• OrgTechEmail: igor.e@namecheap.com
• OrgTechRef: https://rdap.arin.net/registry/entity/EFIME-ARIN
• OrgTechHandle: TECHT4-ARIN
• OrgTechName: Tech team
• OrgTechPhone: +1-661-310-2107
• OrgTechEmail: tech@namecheaphosting.com
• OrgTechRef: https://rdap.arin.net/registry/entity/TECHT4-ARIN
• OrgAbuseHandle: ABUSE2885-ARIN
• OrgAbuseName: Abuse team
• OrgAbusePhone: +1-323-375-2822
• OrgAbuseEmail: abuse@namecheaphosting.com
• OrgAbuseRef: https://rdap.arin.net/registry/entity/ABUSE2885-ARIN
• network:Class-Name:network
• network:Auth-Area:66.29.141.0/24
• network:ID:NET-197096.66.29.141.227
• network:IP-Network:66.29.141.227
• network:IP-Network-Block:66.29.141.227
• network:Org-Name:Web-hosting.com
• network:Street-Address:3402 East University Drive
• network:City:Phoenix
• network:State:AZ
• network:Postal-Code:85034
• network:Country-Code:US
• network:Tech-Contact:MAINT-197096.66.29.141.227
• network:Created:20210803110321000
• network:Updated:20210803114913000
• network:Updated-By:net-admin@namecheap.com
• contact:POC-Name:Network team
• contact:POC-Email:net-admin@namecheap.com
• contact:POC-Phone:
• contact:Tech-Name:Network team
• contact:Tech-Email:net-admin@namecheap.com
• contact:Tech-Phone:
• contact:Abuse-Name:Abuse team
• contact:Abuse-Email:abuse@namecheaphosting.com

Links to attack logs

****** ****** ******