No, no they didn’t.   At least not from what my investigation finds.   Just wanted to put out there another example of a False Positive in the DHS/US-CERT JAR that I talk about in this article, Grizzly Steppe: Lighting up Like A Christmas Tree

IP address:

NSLookup output:

$ nslookup

Non-authoritative answer: name =

WHOIS output can be found here:  Inktomi whois

Inktomi was aquired by Yahoo back in 2002.

wikipedia entry

Now, this IP address is resolved via:[.]com

This looks to be a service utilized by Yahoo mail.





Short URL: