109.236.84.70 Threat Intelligence and Host Information

Feb 13, 2026 ipinfopage

General

This page contains threat intelligence information for the IPv4 address 109.236.84.70 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Possibly Malicious Host 🟢 6/100

Host and Network Information

View other sources: Spamhaus VirusTotal

Country: Netherlands
Network:
Noticed: 1 times
Protocols Attacked: Anonymous Proxy
Passive DNS Results: wls4.gsmxdrx.org 109-236-84-70.cprapid.com

Open Ports Detected

11000 11001 11112 11210 11300 11371 11434 12000 12019 12115 12120 12124 12129 12137 12138 12144 12145 12147 12165 12167 12169 12173 12179 12180 12200 12203 12208 12212 12213 12222 12223 12226 12227 12228 12234 12239 12246 12254 12259 12264 12279 12284 12286 12290 12293 12295 12296 12301 12304 12305 12306 12313 12327 12333 12337 12338 12351 12353 12356 12363 12364 12376 12382 12389 12390 12398 12406 12412 12416 12421 12430 12431 12450 12452 12460 12465 12470 12472 12474 12475 12480 12503 12517 12526 12527 12530 12534 12542 12549 12555 12557 12558 13000 13001 13380 13579 14006 14147 14265 14344 14402 14407 14524 14875 14880 14896 14900 14903 15018 15044 15123 15151 15831 16001 16004 16008 16010 16012 16020 16024 16030 16034 16035 16041 16042 16043 16047 16050 16053 16056 16060 16063 16064 16077 161 16403 16992 16993 17000 17010 17082 17777 18010 18018 18020 18046 18067 18080 18081 18100 18112 18239 18245 18264 18789 19000 19071 19084 19091 20547 21025 80 8000 82 8200

CVEs Detected

CVE-2021-3618 CVE-2023-44487 CVE-2025-23419

Map

Whois Information

inetnum: 109.236.84.0 - 109.236.84.255
netname: WORLDSTREAM
descr: WorldStream IPv4.27
country: NL
admin-c: WS1670-RIPE
tech-c: WS1670-RIPE
status: ASSIGNED PA
mnt-by: MNT-WORLDSTREAM
created: 2010-05-11T11:48:21Z
last-modified: 2012-09-13T12:35:03Z
role: WORLDSTREAM DBM
address: Industriestraat 24
address: 2671CT NAALDWIJK
address: The Netherlands
phone: +31174712117
abuse-mailbox: abuse@worldstream.nl
admin-c: DV1495-RIPE
tech-c: DV1495-RIPE
nic-hdl: WS1670-RIPE
mnt-by: MNT-WORLDSTREAM
created: 2008-05-15T09:52:38Z
last-modified: 2013-08-20T11:17:59Z
route: 109.236.84.0/24
origin: AS49981
mnt-by: MNT-WORLDSTREAM
created: 2022-11-18T15:32:53Z
last-modified: 2022-11-18T15:32:53Z

Links to attack logs

Share on: