66.29.141.5 Threat Intelligence and Host Information

General

This page contains threat intelligence information for the IPv4 address 66.29.141.5 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Likely Malicious Host 🟠 55/100

Host and Network Information

• Tags: agenttesla, agentteslaexe, arkeistealer, azorult, azorultexe, danabot, darkrat, dridex, dridexopendir, emotetheodo, formbook, gandcrab, gozi, hancitor, hawkeye, heodo, icedid, kpot, kpotstealer, loader, loki, luminositylink, nanocore, nemty, netwire, phorpiex, pony, qakbot, qealler, quasarrat, raccoonstealer, remcos, remcosrat, servhelper, stealer, systembc, trickbot, troldesh, zloader

• JARM: 3fd3fd15d3fd3fd00042d42d000000038eaaf490bec8dc33757f165ce01762

• View other sources: Spamhaus VirusTotal

• Contained within other IP sets: stopforumspam_180d, stopforumspam_30d, stopforumspam_365d, stopforumspam_90d, stopforumspam

• Country: United States
• Network: AS22612 namecheap inc.
• Noticed: 1 times
• Protcols Attacked: SSH
• Passive DNS Results: bbtoon.com apyfx.org zipfiles-down.store trojawar.store codedwebltd.org fn-bllhandelssted.cfd tas-dadidudedo.com megapharmacybrasil.com investlogex.com frokswap.com littlefool.us bakery-dy-dx.org smartforexea.com parksoncasino.com jawabet88indo.com eluxeprojectsolutions.com www.fox.ritetradingmarket.com istearacingelsin.xyz ritetradingmarket.com autobidsolutions.com us-grantprogram.online slot888.one energybillmatrix.net coinfextime.website coachjaynette.online procaremode.com onlytory.com refinedsatin.com procryptoch.com ox1.live arvenscan.com cryptonicexchange.com iptvcast.store jendralsmaya.org alorban.online jendralsmaya.online ialexander.dev currencychronicles.click tjbcustomwoodworks.com calohagrindz.com jnmsol.com jendralsmaya.com eloninvestmentcore.online flokisui.com localdateus.us loancrib.com jdtechnologie.com unleashuniqueme.com pemudamendunia.store lintasterbaru.club ascendit.info hichuz.com cheatsrvthailand.pro pepebond.online bondinvest.online washingtonlandscapeandfeatures.com dehandreatarot.com s4greatness.com listingeveryday.com landlordslounge.com 4dtreebooks.com flannerysolutions.com socialmediasafety.lat stephandshay.lat ardalsalabah.com demuseumofthefuture.com supermuseumofthefuture.com museumofthefuturemusec.com leaveearthstudios.com betting-bd.com fateemola.com famouspokerhands.com valantic-stellar.com bjcyprian.net greenchoicekitchen.com onlinemoneyplanet.com javhome.xyz simhs.website sanaalawton.site lifechangefile.org creativeboundless.com kwetuafricaadventure.com javhome.store supportoffice.support frosted-brew.com www.frosted-brew.com s.thelocaldate.xyz www.s.thelocaldate.xyz 02.thelocaldate.xyz www.02.thelocaldate.xyz thelocaldate.xyz www.thelocaldate.xyz www.naryshare.site naryshare.site www.banan-solutions.com banan-solutions.com livestreamhdtv.me amardainik.com lajmet.online rtpmadridtoto.net caredropscf.org jabss.app fosil99.sbs homeboutique.pro vixon.lat thenicetrygames.com theunitdiet.com quickappliancefixers.com nyskaglobal.com prisdaviventures.com ermcsc.us vipprizebond.live goldin4tic.com rtpslotpedia.xyz blendfusion.store frostybrew.store dossier-electricite-de-france.site mustaqeemkh.org couponfcnc.fun weststreettcu.com vividscakesntreats.com hasbat-alarab.com magnetsaas.com in2webitsolutions.com phenixprotransit.com poolofwishes.com patinstitutesms.com gbtcmarkets.com noticesterms-ps.com fca24.com homemowers.sydney thomas-c-robert.com tetfin.com swedoffshore.com spillogistics.com osadome.com markazimamalmuntazir.com whyme.wtf automationleaflet.online newdestinytoday.org onlineseoblogging.fun ordernow.center blockinbox.agency tripsinagadir.com tprimelimited.com cloudtechpk.com cavokado.com viandshealth.com safiielts.com boostyfollow.com gtfundingsimplified.com empiresleasing.com fcaesma.com bitminingstream.com pemudamendunia.info knsbd.com trumpinternational.me orion-management.com planemigration.com saudi4tickets.com mousanedrosum01.com earn-giftme.com theoldfoundation.com dellssportsacademy.com 7sabat-alarab.com whitneyspencernews.net coinvaz.com cleenswap.com sanbornlogistics.com siteforgestudios.com heibe-sexy-doll.com hampshirepropco.com multitrademarkets.com pawtokenbsc.com onedesigndynasty.com kamembe.com foodieinspire.com www.bolsadesantiago.site bolsadesantiago.site 88escourt.site chisexyfashions.com lintasterbaru.com fstexpresdelvry.com wentrippyiand.wtf pejuangsimsim.website aisotab.online isman.live lonelybear.info warstour.com shipconnects.com monentum.com messagerieriblbc.com massanidksa.com illuonlineofficial.com illumembersonline.com ibactivities.com peacefulpetsitting.com jetwaveinnovation.com nataliacabral-plasticartist.com khumriworks.com medical-clowning.org w3global.us www.pent-house.com.co pent-house.com.co illupeoplesupremeonline.com www.illupeoplesupremeonline.com cricfreedom.com usacashlenders.net eftinvoicdupymnt.site cetmaticfx.org moll.ink whatsmymbti.com cryptoinvestmentupdates.com safeivftech.com golenser.com api.travelhotline.info www.api.travelhotline.info www.focusmedia.mk focusmedia.mk free-token.online www.free-token.online earnixincome.org rtpbapau365.live auroar.gold venous.center tranzlokj.com veritasmart.com standfunds.com goldzetclassic.com orchidaeg.com elpidacrafts.com kocarek-ltd.com gritinai.com www.gritinai.com ffcunion.com www.world-crypt-so.site world-crypt-so.site profitvent.com www.profitvent.com prashantr.com www.autolive.mindbursters.com autolive.mindbursters.com www.blog.travelhotline.info blog.travelhotline.info crave-coinnft.com profitpactng.com goldan4tc.com www.analysisshack.com kuveyturkoffshore.com www.femalereturnnetwork.org ranstomcreations.com goldn4tc.com kingsforthspring.com gappstore.shop bitclub-network.org restake.live illumi.boutique adultnationentertainment.com tokenpad-defi.com eventticketportal.com eandmshapers.com freightshipping-ltd.com wenylplastics.com meraktech.tech tamelalynn.com technolegygvc.com ikriche.com www.ikriche.com nl.percularybank.com www.mappdevelopers.com mappdevelopers.com siakyglobuz.xyz federcourierpackages.online alphabotcalls.com caniexpress.com ldeasyweb.com percularybank.com pugliatravelling.com www.electronicsbestquality.com electronicsbestquality.com dhakagypsum.com collinsfarookurpms.com golden4tck.com goudirachid.com www.resttime.golden4tk.com resttime.golden4tk.com baitalzaeem.com www.baitalzaeem.com proactivecoder.net doompoolvox.website jorjesa.net jorjesa.site creativeiptv.online jorjesa.org www.santamuerteopw.com santamuerteopw.com www.barristergeorgechambers.com barristergeorgechambers.com www.kryptowehrmann.com kryptowehrmann.com myprizebond.net www.myprizebond.net www.jorjesa.store jorjesa.store ainalbustan.com www.ainalbustan.com offweb.okpekingdomdtf.com www.offweb.okpekingdomdtf.com combatsurvivalist.com www.combatsurvivalist.com garpitstreams.xyz travel-generation.com www.sa-mystor.com sa-mystor.com www.sa.golden4tk.com sa.golden4tk.com openarmscharity.org aethergames-seedifa.fund creativescgh.com cosmicpanels.com sa-mystore.com arepaimperium.lat www.moveoverseas.in moveoverseas.in www.sipsariya.com sipsariya.com luxhomespaces.com www.skysvault.zannone.dev www.deltaz.medicureinfo.com deltaz.medicureinfo.com homenewwifi.com www.homenewwifi.com date.irfahijamacenter.pk www.date.irfahijamacenter.pk byoseonline.com www.mystream4k.com support.romblontrends.com www.support.romblontrends.com www.login.romblontrends.com login.romblontrends.com litbitfinance.com ev4.asamacompany.com www.ev4.asamacompany.com pemudamendunia.org www.pemudamendunia.org www.system.excelcambridgeschool.rw system.excelcambridgeschool.rw capellanetwork.org ev2.asamacompany.com www.ev2.asamacompany.com ev1.asamacompany.com www.ev1.asamacompany.com femalereturnnetwork.org visual-stock.com motorolasolutionasia.com meridianexpressco.com raspscan.com ronotas.com www.littlewindow.in littlewindow.in www.digikeys.shop digikeys.shop www.elementalfurnishings.com elementalfurnishings.com beacon.cash www.beacon.cash 1kclubonline.com www.1kclubonline.com www.zeden.shop zeden.shop vagusevicius.com www.vagusevicius.com www.pdcbd.net pdcbd.net www.goldn4tk.com goldn4tk.com www.betterfitlive.com betterfitlive.com amarrella.com www.amarrella.com www.test.tattooedheart.net test.tattooedheart.net mystreamer4k.com www.python.smartcommdevice.com python.smartcommdevice.com www.django.smartcommdevice.com django.smartcommdevice.com aerocenter.site www.aerocenter.site zeddbank.com www.zeddbank.com akul.webdevmorshed.com www.akul.webdevmorshed.com mahin.webdevmorshed.com www.mahin.webdevmorshed.com www.storyelectronics.com storyelectronics.com zonetech-ks.com modelo.creativeservices.art emerssso.com www.emerssso.com www.irfahijamacenter.pk irfahijamacenter.pk geektium.com www.geektium.com business.webdevmorshed.com www.business.webdevmorshed.com britzsecgoldvault.com www.daringwebdesigns.site daringwebdesigns.site etisalat-elife.com www.etisalat-elife.com zonestream.site maroc-emploi.org impelintegratedtechservices.com twinoaksmemorials.com masonorse.com grabbexlogistics.com onlinepmpcertification.com uppowerhouse.com dalmacijousrcutenosim.org www.prodescol.asamacompany.com prodescol.asamacompany.com joyboyy.zonestream.site www.joyboyy.zonestream.site www.foryou.zonestream.site foryou.zonestream.site good.zonestream.site www.good.zonestream.site www.jentaka.zonestream.site jentaka.zonestream.site www.amon.zonestream.site amon.zonestream.site www.bren.zonestream.site bren.zonestream.site secim2023medya.com www.secim2023medya.com gloryfinance-seediffy.fund www.gloryfinance-seediffy.fund weeply.live www.weeply.live email-sms-agency.com www.email-sms-agency.com static-ware.pro www.static-ware.pro www.testweb.okpekingdomdtf.com testweb.okpekingdomdtf.com solomigka.com dashboard.dwelar.com www.dashboard.dwelar.com www.theonlineus.com newletter.mindbursters.com www.newletter.mindbursters.com www.magento.ekowoodtoys.me magento.ekowoodtoys.me www.moodle.ekowoodtoys.me moodle.ekowoodtoys.me standardfx.net www.standardfx.net wldefensegroup.com ofialinkglobal.org www.ofialinkglobal.org hem.gawdat.xyz www.hem.gawdat.xyz www.store.mindbursters.com store.mindbursters.com wp.solomigka.com www.wp.solomigka.com www.90ninety.shop 90ninety.shop www.historyhogs.com historyhogs.com packageacademy.com www.packageacademy.com www.tarikanpaito.info tarikanpaito.info www.t-m.queueco.co t-m.queueco.co wassla.online www.drive.lesrain.cc drive.lesrain.cc lesrain.cc www.lesrain.cc egmsglobal.com www.stl3dprinter.com stl3dprinter.com www.careconnect-kosova.com careconnect-kosova.com cjetholdingsinc.site www.cjetholdingsinc.site mocaverse.space arepasdejesus.restaurant ba7aar.live trojan.health oveehealthcare.com agorinelson.com www.agorinelson.com www.tonyrecommeds.com tonyrecommeds.com pretyskin.com

Malware Detected on Host

Count: 1 bc0c97620bdbbefab2c948545289b965bc9e978d9ed9a1cedb06de4c4c4e4dc4

Open Ports Detected

2079 2082 21 443 80

CVEs Detected

CVE-2016-10735 CVE-2018-14040 CVE-2018-14042 CVE-2018-20676 CVE-2018-20677 CVE-2019-8331 CVE-2022-31628 CVE-2022-31629 CVE-2022-37454

Map

Whois Information

• NetRange: 66.29.128.0 - 66.29.159.255
• CIDR: 66.29.128.0/19
• NetName: NAMEC-4
• NetHandle: NET-66-29-128-0-1
• Parent: NET66 (NET-66-0-0-0-0)
• NetType: Direct Allocation
• OriginAS:
• Organization: Namecheap, Inc. (NAMEC-4)
• RegDate: 2021-03-05
• Updated: 2021-03-05
• Ref: https://rdap.arin.net/registry/ip/66.29.128.0
• OrgName: Namecheap, Inc.
• OrgId: NAMEC-4
• Address: 11400 W. Olympic Blvd. Suite 200
• City: Los Angeles
• StateProv: CA
• PostalCode: 90064
• Country: US
• RegDate: 2011-01-28
• Updated: 2017-01-28
• Ref: https://rdap.arin.net/registry/entity/NAMEC-4
• OrgTechHandle: EFIME-ARIN
• OrgTechName: Efimenko, Igor
• OrgTechPhone: +1-323-375-2822
• OrgTechEmail: igor.e@namecheap.com
• OrgTechRef: https://rdap.arin.net/registry/entity/EFIME-ARIN
• OrgTechHandle: TECHT4-ARIN
• OrgTechName: Tech team
• OrgTechPhone: +1-661-310-2107
• OrgTechEmail: tech@namecheaphosting.com
• OrgTechRef: https://rdap.arin.net/registry/entity/TECHT4-ARIN
• OrgAbuseHandle: ABUSE2885-ARIN
• OrgAbuseName: Abuse team
• OrgAbusePhone: +1-323-375-2822
• OrgAbuseEmail: abuse@namecheaphosting.com
• OrgAbuseRef: https://rdap.arin.net/registry/entity/ABUSE2885-ARIN
• network:Class-Name:network
• network:Auth-Area:66.29.141.0/24
• network:ID:NET-190977.66.29.141.5
• network:IP-Network:66.29.141.5
• network:IP-Network-Block:66.29.141.5
• network:Org-Name:Web-hosting.com
• network:Street-Address:3402 East University Drive
• network:City:Phoenix
• network:State:AZ
• network:Postal-Code:85034
• network:Country-Code:US
• network:Tech-Contact:MAINT-190977.66.29.141.5
• network:Created:20210629174658000
• network:Updated:20210629175552000
• network:Updated-By:net-admin@namecheap.com
• contact:POC-Name:Network team
• contact:POC-Email:net-admin@namecheap.com
• contact:POC-Phone:
• contact:Tech-Name:Network team
• contact:Tech-Email:net-admin@namecheap.com
• contact:Tech-Phone:
• contact:Abuse-Name:Abuse team
• contact:Abuse-Email:abuse@namecheaphosting.com

Links to attack logs

****** ****** ******