172.64.149.68 Threat Intelligence and Host Information

Share on:
Jul 12, 2023 ipinfopage

General

This page contains threat intelligence information for the IPv4 address 172.64.149.68 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Possibly Malicious Host 🟢 5/100

Host and Network Information

  • Tags: tsec

  • View other sources: Spamhaus VirusTotal

  • Country: United States
  • Network: AS13335 cloudflare
  • Noticed: 1 times
  • Protcols Attacked: Anonymous Proxy
  • Passive DNS Results: www.jockey.ca jockey.ca shopinscottsdaleaz.com www.protocallmgmt.com protocallmgmt.com pentest001.dev-sagefrp1000.sagepartnercloud.com tst2022117.dev-sagefrp1000.sagepartnercloud.com testff2110.dev-sagefrp1000.sagepartnercloud.com testff2010.dev-sagefrp1000.sagepartnercloud.com infineo22.dev-sagefrp1000.sagepartnercloud.com infineo21.dev-sagefrp1000.sagepartnercloud.com lipz4hctty.dev-sagefrp1000.sagepartnercloud.com tstpreprd2.dev-sagefrp1000.sagepartnercloud.com infineo18.dev-sagefrp1000.sagepartnercloud.com infineo16.dev-sagefrp1000.sagepartnercloud.com infineo15.dev-sagefrp1000.sagepartnercloud.com lhaakar1iu.dev-sagefrp1000.sagepartnercloud.com en.mywebcamroom.com infineo14.dev-sagefrp1000.sagepartnercloud.com tst2210032.dev-sagefrp1000.sagepartnercloud.com test223003.dev-sagefrp1000.sagepartnercloud.com test202209.dev-sagefrp1000.sagepartnercloud.com h9e7gawtxf.dev-sagefrp1000.sagepartnercloud.com agn4drbfyr.dev-sagefrp1000.sagepartnercloud.com infineo12.dev-sagefrp1000.sagepartnercloud.com escapetomyrtlebeach.com betswing.net testffe20.dev-sagefrp1000.sagepartnercloud.com wwwint.mycronic.com wwwpre.mycronic.com demov103.dev-sagefrp1000.sagepartnercloud.com testffe19.dev-sagefrp1000.sagepartnercloud.com sitee.be testffe18.dev-sagefrp1000.sagepartnercloud.com attrcmtreatment.com www.attrcmtreatment.com ninapastori.es demov10a.dev-sagefrp1000.sagepartnercloud.com demov10.dev-sagefrp1000.sagepartnercloud.com testffe17.dev-sagefrp1000.sagepartnercloud.com testffe16.dev-sagefrp1000.sagepartnercloud.com testffe13.dev-sagefrp1000.sagepartnercloud.com testffe12.dev-sagefrp1000.sagepartnercloud.com testffe11.dev-sagefrp1000.sagepartnercloud.com www.mypsatips.com mywebcamroom.com testffe10.dev-sagefrp1000.sagepartnercloud.com testffe09.dev-sagefrp1000.sagepartnercloud.com testffe08.dev-sagefrp1000.sagepartnercloud.com testffe07.dev-sagefrp1000.sagepartnercloud.com testffe06.dev-sagefrp1000.sagepartnercloud.com testffe05.dev-sagefrp1000.sagepartnercloud.com testffe03.dev-sagefrp1000.sagepartnercloud.com testffe002.dev-sagefrp1000.sagepartnercloud.com infineo11.dev-sagefrp1000.sagepartnercloud.com vgiwpbwi9g.dev-sagefrp1000.sagepartnercloud.com admin.uat-safe.bcu1.org uat-safe.bcu1.org z629z6qhfo.dev-sagefrp1000.sagepartnercloud.com xnhoeg1fy1.dev-sagefrp1000.sagepartnercloud.com www.slowburningcigars.net dfewqp1rp6.dev-sagefrp1000.sagepartnercloud.com zbr81odnbz.dev-sagefrp1000.sagepartnercloud.com aial2ijzpa.dev-sagefrp1000.sagepartnercloud.com lwyan8nxdi.dev-sagefrp1000.sagepartnercloud.com wxcnr5atcd.dev-sagefrp1000.sagepartnercloud.com vuvdognej1.dev-sagefrp1000.sagepartnercloud.com uitvmiy54h.dev-sagefrp1000.sagepartnercloud.com e3zdhlw5sa.dev-sagefrp1000.sagepartnercloud.com nkcmovmk6u.dev-sagefrp1000.sagepartnercloud.com nv1n9okshv.dev-sagefrp1000.sagepartnercloud.com quzmor9lvm.dev-sagefrp1000.sagepartnercloud.com cbpeysu1ft.dev-sagefrp1000.sagepartnercloud.com fqii3w8ufi.dev-sagefrp1000.sagepartnercloud.com p26wkmer63.dev-sagefrp1000.sagepartnercloud.com u58ejfma24.dev-sagefrp1000.sagepartnercloud.com jotc1uc7bt.dev-sagefrp1000.sagepartnercloud.com awr6gdffzu.dev-sagefrp1000.sagepartnercloud.com yttmv5ayen.dev-sagefrp1000.sagepartnercloud.com ucndi2tzc4.dev-sagefrp1000.sagepartnercloud.com fob2lujrtb.dev-sagefrp1000.sagepartnercloud.com pxxnuhdv8i.dev-sagefrp1000.sagepartnercloud.com ypwojqlgw7.dev-sagefrp1000.sagepartnercloud.com www.mycronic.com hzvk2yuil6.dev-sagefrp1000.sagepartnercloud.com

Open Ports Detected

2052 2053 2082 2086 2087 2096 443 80 8080 8443 8880

Map

Whois Information

  • NetRange: 172.64.0.0 - 172.71.255.255
  • CIDR: 172.64.0.0/13
  • NetName: CLOUDFLARENET
  • NetHandle: NET-172-64-0-0-1
  • Parent: NET172 (NET-172-0-0-0-0)
  • NetType: Direct Allocation
  • OriginAS: AS13335
  • Organization: Cloudflare, Inc. (CLOUD14)
  • RegDate: 2015-02-25
  • Updated: 2021-05-26
  • Comment: All Cloudflare abuse reporting can be done via https://www.cloudflare.com/abuse
  • Ref: https://rdap.arin.net/registry/ip/172.64.0.0
  • OrgName: Cloudflare, Inc.
  • OrgId: CLOUD14
  • Address: 101 Townsend Street
  • City: San Francisco
  • StateProv: CA
  • PostalCode: 94107
  • Country: US
  • RegDate: 2010-07-09
  • Updated: 2021-07-01
  • Ref: https://rdap.arin.net/registry/entity/CLOUD14
  • OrgNOCHandle: CLOUD146-ARIN
  • OrgNOCName: Cloudflare-NOC
  • OrgNOCPhone: +1-650-319-8930
  • OrgNOCEmail: [email protected]
  • OrgNOCRef: https://rdap.arin.net/registry/entity/CLOUD146-ARIN
  • OrgAbuseHandle: ABUSE2916-ARIN
  • OrgAbuseName: Abuse
  • OrgAbusePhone: +1-650-319-8930
  • OrgAbuseEmail: [email protected]
  • OrgAbuseRef: https://rdap.arin.net/registry/entity/ABUSE2916-ARIN
  • OrgRoutingHandle: CLOUD146-ARIN
  • OrgRoutingName: Cloudflare-NOC
  • OrgRoutingPhone: +1-650-319-8930
  • OrgRoutingEmail: [email protected]
  • OrgRoutingRef: https://rdap.arin.net/registry/entity/CLOUD146-ARIN
  • OrgTechHandle: ADMIN2521-ARIN
  • OrgTechName: Admin
  • OrgTechPhone: +1-650-319-8930
  • OrgTechEmail: [email protected]
  • OrgTechRef: https://rdap.arin.net/registry/entity/ADMIN2521-ARIN
  • RTechHandle: ADMIN2521-ARIN
  • RTechName: Admin
  • RTechPhone: +1-650-319-8930
  • RTechEmail: [email protected]
  • RTechRef: https://rdap.arin.net/registry/entity/ADMIN2521-ARIN
  • RNOCHandle: NOC11962-ARIN
  • RNOCName: NOC
  • RNOCPhone: +1-650-319-8930
  • RNOCEmail: [email protected]
  • RNOCRef: https://rdap.arin.net/registry/entity/NOC11962-ARIN
  • RAbuseHandle: ABUSE2916-ARIN
  • RAbuseName: Abuse
  • RAbusePhone: +1-650-319-8930
  • RAbuseEmail: [email protected]
  • RAbuseRef: https://rdap.arin.net/registry/entity/ABUSE2916-ARIN

Links to attack logs

anonymous-proxy-ip-list-2023-07-10