68.180.131.16 Threat Intelligence and Host Information

General

This page contains threat intelligence information for the IPv4 address 68.180.131.16 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Possibly Malicious Host 🟢 10/100

Host and Network Information

• View other sources: Spamhaus VirusTotal
• Contained within other IP sets: hphosts_ats

• Country: United States
• Network:
• Noticed: 1 times
• Protcols Attacked: SSH
• Passive DNS Results: orbitalresearch.com dns-06.ns.aol.com dns-01.ns.aol.com delstglobal.com contactjc.com hidden-master.yahoo.com srv1-yahoo.co.ma ns1.anycast.dns.yahoo.com chaitown.com ns1.yahoo.com

Malware Detected on Host

Count: 26 71fbcd00a9666354fb00cda332dbaca735bf3a863a79248e3256eb54a5987fcc a2b29fba18ef10cae0ede9dada916108b68111191c851ce2d13be0fec308ac7e 1a183a8e298f748932072bb9295a17af9cbd148f2ef4977498f3bd413bc8033d a14912c77c015091b54b7114a4651195394d795a2f9660069d416e11aefcc6a6 1f61a68b24f3f63da12b3604ffd9306808214f52282eb5a074287fe479e1c730 3f47e6cade2e2027b13fea851ae79824a7846771bf99c1cd7d1c0e96c75859d3 73d1fa1256a1f5c0fa5964f53b9af3569e36bc5089312aee410260f85adfd3b4 1fded1007d72555085cd3ed5cc013af949e7210ef8aaeb689283a071f25d3da9 096f727df94cd2b26c42a42d572c54b6b712ca26456f064377214566189347a2 ecca8938d42018abd9920dcbf1904fc8e81d40b74e2b3be6b6849db774786a57

Open Ports Detected

53

Map

Whois Information

• NetRange: 68.180.128.0 - 68.180.255.255
• CIDR: 68.180.128.0/17
• NetName: A-YAHOO-US6
• NetHandle: NET-68-180-128-0-1
• Parent: NET68 (NET-68-0-0-0-0)
• NetType: Direct Allocation
• OriginAS: AS10310
• Organization: Oath Holdings Inc. (OH-207)
• RegDate: 2006-09-22
• Updated: 2019-05-01
• Ref: https://rdap.arin.net/registry/ip/68.180.128.0
• OrgName: Oath Holdings Inc.
• OrgId: OH-207
• Address: 770 BROADWAY FL 4
• City: New York
• StateProv: NY
• PostalCode: 10003-9558
• Country: US
• RegDate: 2018-12-21
• Updated: 2019-05-16
• Ref: https://rdap.arin.net/registry/entity/OH-207
• OrgTechHandle: OTC2-ARIN
• OrgTechName: Oath Tech Contact
• OrgTechPhone: +1-408-349-5555
• OrgTechEmail: rir-tech@yahooinc.com
• OrgTechRef: https://rdap.arin.net/registry/entity/OTC2-ARIN
• OrgAbuseHandle: OATHA-ARIN
• OrgAbuseName: Oath Abuse
• OrgAbusePhone: +1-408-349-3300
• OrgAbuseEmail: network-abuse@cc.yahoo-inc.com
• OrgAbuseRef: https://rdap.arin.net/registry/entity/OATHA-ARIN
• OrgNOCHandle: OATHN-ARIN
• OrgNOCName: Oath NOC
• OrgNOCPhone: +1-408-349-5555
• OrgNOCEmail: rir-noc@yahooinc.com
• OrgNOCRef: https://rdap.arin.net/registry/entity/OATHN-ARIN

Links to attack logs

****** ****** ******