68.65.122.142 Threat Intelligence and Host Information

Oct 29, 2025 ipinfopage

General

This page contains threat intelligence information for the IPv4 address 68.65.122.142 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Likely Malicious Host 🟠 64/100

Host and Network Information

  • Mitre ATT&CK IDs: T1036 - Masquerading, T1055 - Process Injection, T1071 - Application Layer Protocol, T1102 - Web Service, T1204.001 - Malicious Link, T1566.002 - Spearphishing Link, T1583.001 - Domains, T1584.001 - Domains, T1585.002 - Email Accounts, T1586.002 - Email Accounts, T1589.002 - Email Addresses, T1606.002 - SAML Tokens, T1608.001 - Upload Malware, T1608.004 - Drive-by Target

  • Tags: attack, brand abuse, chevron, conocophillips, copy, credential harvesting, domain, domain impersonation, encrypt, energy, energy sector, gophish, hosting ip, httrack, hunt, huntsql, investment scams, ip address, january, june, keitaro, pbf energy, pbfupdate.zip, phillips, phishing, phishing domain, phishing site, rhadamanthys, stealer, strong, telegram, threat, wave, website cloning

  • View other sources: Spamhaus VirusTotal

  • Country: United States
  • Network:
  • Noticed: 2 times
  • Protocols Attacked: SSH
  • Countries Attacked: United States of America
  • Passive DNS Results: 02livecall.online growmybusiness.net xmrig.online redrock.games mumstastyrecipes.com aprogers.com www.skylana.io skylana.io www.cryptofunded.xyz cryptofunded.xyz orchidbayinvest.com www.orchidbayinvest.com noorshort.com www.oja-ng.com oja-ng.com www.kickblasts.com kickblasts.com www.onlinefard-punjab-zameen-gov-pk.muhammadhamza.website onlinefard-punjab-zameen-gov-pk.muhammadhamza.website judithfhomeloans.com nexvantageai.com mazad360.live yeezy-refunds.fit zangoparts.com decentralised.website liaforlove.com nexlubedynamics.com fhasgh.com mktestrategia.lat www.mktestrategia.lat clinicahispanavitalsalud.com www.clinicahispanavitalsalud.com www.abdullazuhair.com sbfinancial.pro www.ssl.jurec.org ssl.jurec.org db.gcspawn.com www.db.gcspawn.com ashknania.online behemothhax.store promo2.store newsmartfinancial.pro dazeeh.online laniercatering.com gas-servis-ali.com elavatesuperfoods.com richcarmusic.com www.fosase.com fosase.com colomborentacar.com tlcmglobal.org tenants.bensmall.ca tenants-api.bensmall.ca accounting.bensmall.ca accounting-api.bensmall.ca tool-library.bensmall.ca tool-library-api.bensmall.ca bensmall.ca gcspawn.com elerover.com www.allegrascrugham.com www.suiexplore-suivision.site suiexplore-suivision.site www.bonkreward.net bonkreward.net teckbuck.com misa-regulation-paradtrade.com buyrentrwanda.com untieandunite.com envisionboxone.com apollotv-8k.com serenelankajourneys.com lentalogistics.com www.anime2win.online anime2win.online numerarie.com www.numerarie.com www.puretrade.info puretrade.info web3secureconnect.live www.offsyt.com offsyt.com dramaonsui.xyz dwaq.site kaoskaki-genz.site aerontogel.online mountainsideoralsurgery.com buildtechskills.com www.cvatlas.com naturalelementstcm.com www.naturalelementstcm.com scrub.nz www.scrub.nz www.makroficaverify.com makroficaverify.com www.campgenie.rsvp campgenie.rsvp straphaelhospital.com julianawilson.com julianawilsonguitar.com www.julianawilsonguitar.com padrinio.com dealsonavs.shop mrflexnigeria.org monkeyswishfoundation.org mibenstudio.online mystay.link digisaga-review.com vultrax.com mudiwahoodarena.com mnreddy.com leanfatxmass.com primecontructiongroupdoo.com polkcountyoutreachandcommunity.com polkuai.com unemployedtarek.com nfx-subgatepay.com rosalindfisher.com tlgoto.online moonbolt.online republicspectra.online aitoolmagnet.com apexahub.com carissatech.com salemridgeinc.com guidedjustice.com enicajp.com www.pakestatenbuilders.com pakestatenbuilders.com gulfalejtmaeyen.com molarmessenger.com bucklynmyrtle.com bullfxsignals.com rawatrumahku.com 48premierstores.com divinelovesanctuary.com onwaycargo.com movemylicence.com muhammadhamza.website zephyra.space garasicenter.click amexgbl.com mshaurlisglobal.com racingpylons.com rbuxearn.com freetunehub.com firstfinancialaccount.com punshubjokes.com vovols.com czdog.io alakinrise.com barnabaspharmacy.co.tz cej311.online banz-xa.online mbdonsamaxgroup.com ralphmakale.com www.livingwatershealing.ca livingwatershealing.ca renovationsofhuntsville.com alilegal.live pureleathercrafts.com widenetcomp.com joblines.xyz x-unit.space bameofbirtley.org alphakt.live c-inbz.com service-ctx.com mamagsapothecary.com ebookera.com financo-groupe.com www.kernelgy.com kernelgy.com abtechcare.com www.abtechcare.com axismine.cloud www.jobs70.com aimpexx.com godofreda.com usa.works70.com www.usa.works70.com pipergreencraft.com backusdt.com lienketnhanquabe.com jobs70.com oruba.net profitboost10.com flexincome70.com bluevisionitsolutions.nl www.works70.com works70.com ivote.excesscode.tech www.ivote.excesscode.tech syncledgernano.app hoseadevelopmentfoundation.org dekalpremier.online nickcreg.online bluegarnetpower.online bondinsharescapital.online trashcan.info thenurse.health splurge.fun akinsol.fun aisend.fun wordses.com worthcolumn.com wholedwhen.com lumiestilos.com indiaproaviatorslots.com qabascon.com pumpkin.pics hallowmeta.fun www.wetseductress.com wetseductress.com church.monster fbai.fun jesusai.fun creador.lol maximus.ink daddyterm.fun iqia.fun fomoai.fun moonbag.art bucks.ink togen.fun hentai-sol.fun fomo.gay guruai.fun hoppa.site tokenai.lol milly.gay goatta.fun trumpai.pro sheknows.fun trumpterminal.fun www.clinica.ccinco.net clinica.ccinco.net aidaddy.fun questai.fun cashai.fun mommyai.fun onlyai.fun billyai.xyz daddy.rest aitor.fun elonterminal.fun quiz20.xyz twenty.wiki bags.tax aiknow.lol hackinator.fun spendme.fun pumpbags.fun 20quiz.fun www.20quiz.fun solinator.fun solator.fun knowgpt.fun soltah.lol thispieceisforyou.art fixedheadline.com petssaves.com www.petssaves.com xinghuanlimited.com glstransportegmbh.com mariozaur.website tronclassic.fun kangaroogames.us casinoboomaussie.us aussiejackpotcasino.us www.skynextservices.com apexblidz.com towerpropfirm.com casecrackerquest.com skynextservices.com uwcminfo-profiel.com neuronadigitalaffiliates.com forestofnightmares.com blockbusterreelz.com www.blockbusterreelz.com billiardsshopindia.store www.billiardsshopindia.store www.millionspump.fun millionspump.fun djmiqelly.com www.djmiqelly.com ashishsangroula.com sportnews247.co.uk osamrazlogazasto.xyz pumprex.baby drestyla.fun asthashop24.com driver-licence.zone sedamrazlogazasto.xyz rtptowel138.xyz cim7438.org gumme.baby thegoldenvale.com devopsthepracticalway.com hatchcoupon.com bodyspaface.com beni1-ks.com globalhorst.com backpackingsecrets.com jewelripalda.com usetend.com kabbalahdelnombre.com fundatrx.com ajewellness.com tenablefarms.com towel138gass.xyz banxway.us zeus2025.xyz digitalcryptomeme.online nationalctb.com gaacoor.com studixshare.com cvatlas.com sreshtadigital.com bugatticarrental.com aqbusinessconsultants.com nikavendano.com bellisbooks.com envi-envi.com www.dadeasmr.com dadeasmr.com faayzmedia.com crivagu.com www.agatonfinance.com agatonfinance.com sports-zone.online news-wolrd.online hauturluxe.com ezdinemenu.com g2legal.org neirocoin.net whatsstore.live vipfusionfx.lol redbubble.fun pumpjump.fun ruinpump.fun pumpbudget.fun osintcat.xyz zerofoundation.site okutrade.site dietak.org in-prestige.one tonspin.live b2bdelight.info spendpump.fun hoku.foundation affiliatenetsuccess.com akwafoods.com hastyads.com mmahuolive.com youshareworld.com interiorsbyjack.com imperial-keyrings.com psamtoursandtravels.com boof-search.com jsagrofarmingltd.com endlesslm.com nexonsol.com raccys.com byteuprise.com gynfertilite.com hamden-co.uk www.hamden-co.uk www.emilysportnews.com finxway.site heitway.site flava.d3gz.monster wittenltd.net blazinstar.store kurukerebuke.org ppc12x.agency culinaryloaiza.com shaunwilsonautomotive.com unicornschoolhouse.com enegizer.monster www.enegizer.monster www.fluxus.d3gz.monster fluxus.d3gz.monster pacquiao-system-bk8.d3gz.monster www.pacquiao-system-bk8.d3gz.monster www.cyera.d3gz.monster cyera.d3gz.monster www.abrahamolas.com abrahamolas.com www.wajdbaw.xyz wajdbaw.xyz besduct.xyz bizwise.ventures krictabet.online bantah.app lyrified.com ccinco.net www.reviewerrewards.com reviewerrewards.com www.80fiftyv-fashion-jewelry-accessories-us.shop 80fiftyv-fashion-jewelry-accessories-us.shop sightcontent.com www.sightcontent.com cmonerc.xyz mediaasiath.xyz magagrab.xyz excesscode.tech studyguide.online rtwpro.online eog.digital www.app.softcredits.com app.softcredits.com wolfysocklabs.com aolicit.com advantabv.com alphapipnetwork.com theswissairtaxi.com tianalaw.com terra-expeditions.com discovermyfunds.com sivemasac.com sauksupersam.com moringogainbd.com bizprods.com bizprintershop.com breakingmedia77.com gestalt7k.com jemisy.com usagemail.com rtexpressd.com fmailing.com www.optimfb.online optimfb.online www.highmountainchimneysweepsllc.com highmountainchimneysweepsllc.com www.hamaspepe.fun hamaspepe.fun www.byteuprise.online byteuprise.online www.softcredits.com softcredits.com www.claime.info claime.info gazelleleap.com www.gazelleleap.com minda.doymism.com www.minda.doymism.com www.doymism.com doymism.com teslagroup-inc.com www.teksback.com www.casinoplayit.com allinoneplayers.com www.helloiptv.store movierecap.online star-stream.com www.star-stream.com www.northcreteconcrete.com brilliantideasdaily.com btcptl.online frotlvaconnect.online deyaarproperty.com www.deyaarproperty.com criptoprime.com www.criptoprime.com princesskittiecat.com www.princesskittiecat.com gwmart.org merolist.com dmv.merolist.com www.dmv.merolist.com prosperitycity-b.com gratchrecruitmentagency.com 7figuresmarvis.info andfriends.club shelltta.com growthgurus.trade topanzeigen24.com cuddlecarnival.com bizarrebath.com basketballshoeshop.com ttou.online edwinavecedo.com learnwithblessing.info citizencreditbl.online firelandsdefense.us airwayexpresslog.com autocar-logistics.com acdhub.com carlamerset.online amouranthsdog.love julietamarketing.com ucaptil.com mada-dodo.com abujamomsestate.com bonifacekithinji.com thequalityhomecaregiver.com nyunison.com joeorange.com lienketnhanqua.xyz

Malware Detected on Host

Count: 4 27a74e9ad39b478d279243b881b6f16b834ffb0f1708be95ae6bb7a27ae9caa0 adbf6fef7ff0f8af127747216f81e2eef1369f9d6d17e25f406686f5d5732b52 ec5e4ecccaec39e7cfb8abd74fafcc377b4db525972f8ccc8b7581302cc72376 476ec94ea9616495f14b1388ca77213978c5f948c1268cf7d1acb02356b39fc7

Open Ports Detected

110 143 2077 2082 2083 21 26 443 465 53 587 80 993 995

CVEs Detected

CVE-2016-10735 CVE-2018-14040 CVE-2018-14042 CVE-2018-20676 CVE-2018-20677 CVE-2019-8331

Map

Whois Information

  • NetRange: 68.65.120.0 - 68.65.123.255
  • CIDR: 68.65.120.0/22
  • NetName: NCNET-7
  • NetHandle: NET-68-65-120-0-1
  • Parent: NET68 (NET-68-0-0-0-0)
  • NetType: Direct Allocation
  • OriginAS:
  • Organization: Namecheap, Inc. (NAMEC-4)
  • RegDate: 2015-03-06
  • Updated: 2015-03-06
  • Comment: http://namecheap.com
  • Comment: for any abuse please use: abuse@namecheap.com
  • Ref: https://rdap.arin.net/registry/ip/68.65.120.0
  • OrgName: Namecheap, Inc.
  • OrgId: NAMEC-4
  • Address: 11400 W. Olympic Blvd. Suite 200
  • City: Los Angeles
  • StateProv: CA
  • PostalCode: 90064
  • Country: US
  • RegDate: 2011-01-28
  • Updated: 2024-11-25
  • Ref: https://rdap.arin.net/registry/entity/NAMEC-4
  • OrgTechHandle: EFIME-ARIN
  • OrgTechName: Efimenko, Igor
  • OrgTechPhone: +1-323-375-2822
  • OrgTechEmail: igor.e@namecheap.com
  • OrgTechRef: https://rdap.arin.net/registry/entity/EFIME-ARIN
  • OrgAbuseHandle: ABUSE2885-ARIN
  • OrgAbuseName: Abuse team
  • OrgAbusePhone: +1-323-375-2822
  • OrgAbuseEmail: abuse@namecheaphosting.com
  • OrgAbuseRef: https://rdap.arin.net/registry/entity/ABUSE2885-ARIN
  • OrgTechHandle: TECHT4-ARIN
  • OrgTechName: Tech team
  • OrgTechPhone: +1-661-310-2107
  • OrgTechEmail: tech@namecheaphosting.com
  • OrgTechRef: https://rdap.arin.net/registry/entity/TECHT4-ARIN
  • network:Class-Name:network
  • network:Auth-Area:68.65.122.128/25
  • network:ID:NET-190907.68.65.122.142
  • network:IP-Network:68.65.122.142
  • network:IP-Network-Block:68.65.122.142
  • network:Org-Name:Web-hosting.com
  • network:Street-Address:3402 East University Drive
  • network:City:Phoenix
  • network:State:AZ
  • network:Postal-Code:85034
  • network:Country-Code:US
  • network:Tech-Contact:MAINT-190907.68.65.122.142
  • network:Created:20210629130736000
  • network:Updated:20210629132335000
  • network:Updated-By:net-admin@namecheap.com
  • contact:POC-Name:Network team
  • contact:POC-Email:net-admin@namecheap.com
  • contact:POC-Phone:
  • contact:Tech-Name:Network team
  • contact:Tech-Email:net-admin@namecheap.com
  • contact:Tech-Phone:
  • contact:Abuse-Name:Abuse team
  • contact:Abuse-Email:abuse@namecheaphosting.com

Links to attack logs

****** ****** ******

Share on: