208.68.4.129 Threat Intelligence and Host Information

Apr 22, 2025 ipinfopage

General

This page contains threat intelligence information for the IPv4 address 208.68.4.129 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Likely Malicious Host 🟠 60/100

Host and Network Information

  • Tags: cyber security, ioc, malicious, Nextray, phishing, TOR, VPN

  • View other sources: Spamhaus VirusTotal

  • Contained within other IP sets: sblam, tor_exits_1d, tor_exits_30d, tor_exits_7d, tor_exits

  • Country: United States
  • Network:
  • Noticed: 50 times
  • Protocols Attacked: SSH
  • Countries Attacked: Canada, Czechia, Denmark, Estonia, France, Germany, Latvia, Lithuania, Norway, Poland, Romania, Turkey, Ukraine, United Kingdom of Great Britain and Northern Ireland, United States of America

Malware Detected on Host

Count: 38 b11e614cdd02aecb8d6ae65bf67bfac8cbefd68830065217e2cb48922743bb12 e0be3b2f569e78ff589287651d3c268459556d2d3415fefd32c16334b7a97038 2fd353ffcace535b5c0cdd3b70784bcbf1d4e35879a3109ed8825c2f970d22d3 7282e2fdb25b07554b082f5cf1697315ed5ce3005f985cbe96a34da965869db5 522d71d020b798dab9fa69d906a4c76747932bc2d1f952cc0d5e2f49579f827e f2f719fadb5b639096fd706837b767516af8e2767a8209d52ecceb42b40a2abb d6c66d2f8e7ffed2f9bb3abf23620d6e6e82b9ac0bf2378fff4d19147c5d50b2 36433318a92129edc1c4bd0ca1d35124efe130904ce61163eee4889c5cba9f62 ec43e150012d049bbdf9a552c9a466482c628db8b981064584998a97d2662914 a896be5e1f5b7d498d6556c9d64fe6407b70360e36dd3f47ee46da9367748ff6

Map

Whois Information

  • NetRange: 208.68.4.0 - 208.68.7.255
  • CIDR: 208.68.4.0/22
  • NetName: PRIVACY-SVCS
  • NetHandle: NET-208-68-4-0-1
  • Parent: NET208 (NET-208-0-0-0-0)
  • NetType: Direct Allocation
  • OriginAS: AS397444, AS395853
  • Organization: Overkill Interbuzz LLC (OIL-41)
  • RegDate: 2019-08-09
  • Updated: 2023-03-14
  • Comment: Geofeed https://noc.as397444.net/as397444-opengeofeed.txt
  • Comment: —————
  • Comment: 208.68.4.128/28 and 208.68.7.128/28 provide privacy services
  • Comment: (incl running tor exit node(s)!)
  • Comment: Abuse reports will be handled but there is likely not much that can be done.
  • Comment: Send abuse to abuse at privacysvcs net.
  • Comment: —————
  • Comment: 208.68.5.0/24 announced by/managed through NYCMesh Community.
  • Comment: See AS395853 for abuse, etc.
  • Comment: —————
  • Ref: https://rdap.arin.net/registry/ip/208.68.4.0
  • OrgName: Overkill Interbuzz LLC
  • OrgId: OIL-41
  • Address: 450 Lexington Ave Fl 2
  • Address: Ste 1476
  • City: New York
  • StateProv: NY
  • PostalCode: 10017
  • Country: US
  • RegDate: 2019-03-29
  • Updated: 2022-04-11
  • Ref: https://rdap.arin.net/registry/entity/OIL-41
  • OrgTechHandle: OINA1-ARIN
  • OrgTechName: Overkill Interbuzz Network Admin
  • OrgTechPhone: +1-915-996-2882
  • OrgTechEmail: netadmin@as397444.net
  • OrgTechRef: https://rdap.arin.net/registry/entity/OINA1-ARIN
  • OrgAbuseHandle: OIA5-ARIN
  • OrgAbuseName: Overkill Interbuzz Abuse
  • OrgAbusePhone: +1-915-996-2882
  • OrgAbuseRef: https://rdap.arin.net/registry/entity/OIA5-ARIN

Links to attack logs

****** bruteforce-ip-list-2021-02-03 ****** ******

Share on: