107.180.26.63 Threat Intelligence and Host Information

General

This page contains threat intelligence information for the IPv4 address 107.180.26.63 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Possibly Malicious Host 🟢 20/100

Host and Network Information

• View other sources: Spamhaus VirusTotal
• Contained within other IP sets: hphosts_emd

• Country: United States
• Network: AS26496 godaddy.com llc
• Noticed: 1 times
• Protocols Attacked: SSH

Malware Detected on Host

Count: 95 d04b22b5e4cbcf06261ded472aa57757057ac06395640fee8f32412a892bda48 8d5fadbd650e94939b5223fc22e048cd863f7c664a1b811964f4162d563cdccc 79d2f93124b7d6918c300267ba096a45bff8e070f1f1a729f04ec7889d1390d4 6bde91be732cde54bfe7e8746969a201096a28c83f430104401a1ebe1c807c2b e50ca42cece8459c5ed1bf0713f580775a5bea5fd9384b1e5f284e52f2db08b1 6d56ff5624f4ba34f1debdf93fa9d22f3562b709ecbe019d48754112e0fad585 d9500d465f78780e403dd0d7427b5b6708198dc22af44ca53482b7ac69eff125 c2eeb57d3f6e88203cd79a6ae544209cbf15ee0ea85f8e4cc069fff733c4d585 3d01b5634985350eb0753da8324f05a468b2e27cfb4e7d5911f3005520bfd2f2 0ab8477021b63068a8679afd9366043c54ff10cb338fa0bda4671ee54d9c6a78

Open Ports Detected

110 143 21 22 25 3306 443 465 587 80 993 995

CVEs Detected

CVE-2010-4478 CVE-2010-4755 CVE-2010-5107 CVE-2011-4327 CVE-2011-5000 CVE-2012-0814 CVE-2014-1692 CVE-2014-2532 CVE-2014-2653 CVE-2015-5352 CVE-2015-5600 CVE-2015-6563 CVE-2015-6564 CVE-2016-0777 CVE-2016-10009 CVE-2016-10010 CVE-2016-10011 CVE-2016-10012 CVE-2016-10708 CVE-2016-1908 CVE-2016-20012 CVE-2017-15906 CVE-2018-15473 CVE-2018-20685 CVE-2019-6109 CVE-2019-6110 CVE-2019-6111 CVE-2020-15778 CVE-2021-36368 CVE-2023-38408 CVE-2023-48795 CVE-2023-51384 CVE-2023-51385

Map

Whois Information

• NetRange: 107.180.0.0 - 107.180.127.255
• CIDR: 107.180.0.0/17
• NetName: GO-DADDY-COM-LLC
• NetHandle: NET-107-180-0-0-1
• Parent: NET107 (NET-107-0-0-0-0)
• NetType: Direct Allocation
• OriginAS: AS26496
• Organization: GoDaddy.com, LLC (GODAD)
• RegDate: 2014-02-11
• Updated: 2014-02-25
• Comment: Please send abuse complaints to abuse@godaddy.com
• Ref: https://rdap.arin.net/registry/ip/107.180.0.0
• OrgName: GoDaddy.com, LLC
• OrgId: GODAD
• Address: 2155 E GoDaddy Way
• City: Tempe
• StateProv: AZ
• PostalCode: 85284
• Country: US
• RegDate: 2007-06-01
• Updated: 2023-12-19
• Comment: Please send abuse complaints to abuse@godaddy.com
• Ref: https://rdap.arin.net/registry/entity/GODAD
• OrgNOCHandle: NOC124-ARIN
• OrgNOCName: Network Operations Center
• OrgNOCPhone: +1-480-505-8809
• OrgNOCEmail: noc@godaddy.com
• OrgNOCRef: https://rdap.arin.net/registry/entity/NOC124-ARIN
• OrgAbuseHandle: ABUSE51-ARIN
• OrgAbuseName: Abuse Department
• OrgAbusePhone: +1-480-624-2505
• OrgAbuseEmail: abuse@godaddy.com
• OrgAbuseRef: https://rdap.arin.net/registry/entity/ABUSE51-ARIN
• OrgTechHandle: NOC124-ARIN
• OrgTechName: Network Operations Center
• OrgTechPhone: +1-480-505-8809
• OrgTechEmail: noc@godaddy.com
• OrgTechRef: https://rdap.arin.net/registry/entity/NOC124-ARIN
• RAbuseHandle: ABUSE51-ARIN
• RAbuseName: Abuse Department
• RAbusePhone: +1-480-624-2505
• RAbuseEmail: abuse@godaddy.com
• RAbuseRef: https://rdap.arin.net/registry/entity/ABUSE51-ARIN
• RTechHandle: NOC124-ARIN
• RTechName: Network Operations Center
• RTechPhone: +1-480-505-8809
• RTechEmail: noc@godaddy.com
• RTechRef: https://rdap.arin.net/registry/entity/NOC124-ARIN
• RNOCHandle: NOC124-ARIN
• RNOCName: Network Operations Center
• RNOCPhone: +1-480-505-8809
• RNOCEmail: noc@godaddy.com
• RNOCRef: https://rdap.arin.net/registry/entity/NOC124-ARIN

Links to attack logs

****** ****** ******