51.68.251.200 Threat Intelligence and Host Information

Jun 19, 2024 ipinfopage

General

This page contains threat intelligence information for the IPv4 address 51.68.251.200 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Possibly Malicious Host 🟢 20/100

Host and Network Information

  • JARM: 29d29d00029d29d00042d43d00041d598ac0c1012db967bb1ad0ff2491b3ae

  • View other sources: Spamhaus VirusTotal

  • Country: France
  • Network: AS16276 ovh sas
  • Noticed: 1 times
  • Protocols Attacked: SSH
  • Passive DNS Results: www.lasantedemain.com lasantedemain.com seed.bitcoinstats.com seed2.tecracoin.io seed.bitcoin.sipa.be

Malware Detected on Host

Count: 39 617f328f43bdd9b95903356d68c43d993f8b7e3c7e210fc6c1cc83e510f18344 6967f568dec9a6f54d7231cfb53626022824afe9796af7ec196b1432cb129c70 fb0c03676c50dc565009c90bac8eac0eb82af00f8bfbdf33b3d200d116d2299b 8d923dd494e8d2859bbd51f71e92d030f62df3895aa2c425e783241f72f373cd 8cd91ca5276cb5e82c91d4def4a2cf2293df5f8584dbdee596b01facd42bc5b9 6cdf803a0c648485886d2d7858faaed75e987aa3318bc293ac68eedb866d1fc5 b205ea833a7df534283133ce8d00faf93d96c237e989ad26f891aebaf5104d15 fab0e972a2b0400328610fbbb57ba0ef89001472483796dfb542d950d28fb1e3 8e08ecef1b3dadc07e391e7fc0645fe5412cc35a34191099ff5c674033ae96d3 212dad31df9ab4fdf2f0c4ff1566d882b0036f2a8ac73115371613e7a6a93bdb

Open Ports Detected

143 2082 2083 2086 2087 21 22 443 465 53 80

CVEs Detected

CVE-2007-2768 CVE-2008-3844 CVE-2016-20012 CVE-2019-16905 CVE-2020-14145 CVE-2020-15778 CVE-2021-36368 CVE-2021-41617 CVE-2023-38408 CVE-2023-48795 CVE-2023-51385 CVE-2023-51767

Map

Whois Information

  • inetnum: 51.68.251.200 - 51.68.251.203
  • netname: OVH_195241470
  • country: FR
  • descr: Failover Ips
  • org: ORG-GC109-RIPE
  • admin-c: OTC2-RIPE
  • tech-c: OTC2-RIPE
  • status: LEGACY
  • mnt-by: OVH-MNT
  • created: 2022-03-20T20:45:41Z
  • last-modified: 2022-03-20T20:45:41Z
  • organisation: ORG-GC109-RIPE
  • org-name: Guerin Cedric
  • org-type: OTHER
  • address: 1 rue de Belle Ile
  • address: 35340 La Bouexiere
  • address: FR
  • phone: +33.633484518
  • abuse-c: ACRO2601-RIPE
  • mnt-ref: OVH-MNT
  • mnt-by: OVH-MNT
  • created: 2016-12-14T11:40:05Z
  • last-modified: 2017-10-30T14:44:32Z
  • role: OVH Technical Contact
  • address: OVH SAS
  • address: 2 rue Kellermann
  • address: 59100 Roubaix
  • address: France
  • admin-c: OK217-RIPE
  • tech-c: GM84-RIPE
  • tech-c: SL10162-RIPE
  • nic-hdl: OTC2-RIPE
  • abuse-mailbox: abuse@ovh.net
  • mnt-by: OVH-MNT
  • created: 2004-01-28T17:42:29Z
  • last-modified: 2014-09-05T10:47:15Z
  • route: 51.68.0.0/16
  • origin: AS16276
  • mnt-by: OVH-MNT
  • created: 2018-03-07T09:22:39Z
  • last-modified: 2018-03-07T09:22:39Z

Links to attack logs

****** ****** ******

Share on: