172.64.197.2 Threat Intelligence and Host Information

Share on:
Jun 24, 2023 ipinfopage

General

This page contains threat intelligence information for the IPv4 address 172.64.197.2 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Possibly Malicious Host 🟢 10/100

Host and Network Information

  • View other sources: Spamhaus VirusTotal

  • Country: United States
  • Network: AS13335 cloudflare
  • Noticed: 1 times
  • Protcols Attacked: Anonymous Proxy
  • Passive DNS Results: fevermag.com easytrdksa.com spekulasi.com momandworld.com www.momandworld.com rl-vue.pages.dev gmp.com.ar chat.covid19.go.id cdn.covid19.go.id covid19.go.id fren832.card4958483.workers.dev delicate-lab-a156.card4958483.workers.dev www.meothamthuy.com meothamthuy.com agoranoticiamt.com.br officeland.io whatdozigzag.gloriaestefanmexico.com howfarcan.gloriaestefanmexico.com doesyesstyle.gloriaestefanmexico.com couldthewestern.gloriaestefanmexico.com whatskillsdo.gloriaestefanmexico.com candiamonds.gloriaestefanmexico.com whatishidden.gloriaestefanmexico.com pptdrive.xyz repelis24.co leenkus.net play.repelis24.co 5to.me explorenewideas.com www.explorenewideas.com www.blogdepelis.io player.repelis24.co xuty.panparan.com fonti.panparan.com mety.panparan.com leakedbb.com govopendata.com www.aboutnutra.com www.rewardsgiantusa.com repelis.id pivigames.blog hotideiasnetwork.ga verox.pivigames.blog www.movieboxpro.app qd.admetricspro.com animalporn.rocks draxe.com tamilrockers.ws cumbrepuebloscop20.org vivud.com www.practicalmachinist.com safeiosvpn.com login.egy.best xvs9.renropsitto.info www.668833b.com www.egy.best egy.best resultadosdobichotemporeal.com.br fili.cc viduba.com watchwrestling.in www.zombs.io pttweb.tw unboxingame.com soltana.ma cdngangsta.com appvalley.vip 7ba.ru

Malware Detected on Host

Count: 6 f382752173ff54a9bc307d1287c08d19992aad472b34e81508f766159f9fe815 a0f63436d856d1340a7a4ca76d5ca80b1e9c5626f8c305efa0da414d93524796 f450e05fbc544b810b024b66be6aad0520a5348c0674709f04cc9a729c29ed5c 941b99c9df4a72b079f8121e04b9df6ea17c6411faf5003f11d7aaf1f4e6b8a0 57402aa7ed19a5082f4ff64d8747ce6c4e735e6b7f809ce320e3549f6bf40569 c17156b1b27ddfe03672eb8e02dfb6e504051193c268724825437d35685d7aca

Open Ports Detected

2082 2086 2087 2095 80

Map

Whois Information

  • NetRange: 172.64.0.0 - 172.71.255.255
  • CIDR: 172.64.0.0/13
  • NetName: CLOUDFLARENET
  • NetHandle: NET-172-64-0-0-1
  • Parent: NET172 (NET-172-0-0-0-0)
  • NetType: Direct Allocation
  • OriginAS: AS13335
  • Organization: Cloudflare, Inc. (CLOUD14)
  • RegDate: 2015-02-25
  • Updated: 2021-05-26
  • Comment: All Cloudflare abuse reporting can be done via https://www.cloudflare.com/abuse
  • Ref: https://rdap.arin.net/registry/ip/172.64.0.0
  • OrgName: Cloudflare, Inc.
  • OrgId: CLOUD14
  • Address: 101 Townsend Street
  • City: San Francisco
  • StateProv: CA
  • PostalCode: 94107
  • Country: US
  • RegDate: 2010-07-09
  • Updated: 2021-07-01
  • Ref: https://rdap.arin.net/registry/entity/CLOUD14
  • OrgAbuseHandle: ABUSE2916-ARIN
  • OrgAbuseName: Abuse
  • OrgAbusePhone: +1-650-319-8930
  • OrgAbuseEmail: [email protected]
  • OrgAbuseRef: https://rdap.arin.net/registry/entity/ABUSE2916-ARIN
  • OrgNOCHandle: CLOUD146-ARIN
  • OrgNOCName: Cloudflare-NOC
  • OrgNOCPhone: +1-650-319-8930
  • OrgNOCEmail: [email protected]
  • OrgNOCRef: https://rdap.arin.net/registry/entity/CLOUD146-ARIN
  • OrgTechHandle: ADMIN2521-ARIN
  • OrgTechName: Admin
  • OrgTechPhone: +1-650-319-8930
  • OrgTechEmail: [email protected]
  • OrgTechRef: https://rdap.arin.net/registry/entity/ADMIN2521-ARIN
  • OrgRoutingHandle: CLOUD146-ARIN
  • OrgRoutingName: Cloudflare-NOC
  • OrgRoutingPhone: +1-650-319-8930
  • OrgRoutingEmail: [email protected]
  • OrgRoutingRef: https://rdap.arin.net/registry/entity/CLOUD146-ARIN
  • RAbuseHandle: ABUSE2916-ARIN
  • RAbuseName: Abuse
  • RAbusePhone: +1-650-319-8930
  • RAbuseEmail: [email protected]
  • RAbuseRef: https://rdap.arin.net/registry/entity/ABUSE2916-ARIN
  • RNOCHandle: NOC11962-ARIN
  • RNOCName: NOC
  • RNOCPhone: +1-650-319-8930
  • RNOCEmail: [email protected]
  • RNOCRef: https://rdap.arin.net/registry/entity/NOC11962-ARIN
  • RTechHandle: ADMIN2521-ARIN
  • RTechName: Admin
  • RTechPhone: +1-650-319-8930
  • RTechEmail: [email protected]
  • RTechRef: https://rdap.arin.net/registry/entity/ADMIN2521-ARIN

Links to attack logs

anonymous-proxy-ip-list-2023-06-22