172.67.70.112 Threat Intelligence and Host Information

General

This page contains threat intelligence information for the IPv4 address 172.67.70.112 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Potentially Malicious Host 🟡 38/100

Host and Network Information

• Tags: 8000, action, ajax search, ajaxsearchlite, akamaias, akamaiasn1, amazon02, armenia, array, as15169, as16509, as20940, as3359, as8075, as852, attr, auto-generated security, az09, canvas, careers blog, cdfunction, child, class, click, closure library, constant, copyright, cuba, customevent, datasecret, date, ddfunction, dom element, embed, emptyfield, error, errorevent, esaddsubscriber, facebook, focus focus, function, generator, geoip, ghost, google, html tags, iframe, indonesia, infinity, input, israel, js foundation, kefunction, lefunction, level3, maximum, media, messagetext, mexico, mini, name, nodetwindow, null, number, object, observe, ox20trnf, portfolio team, post, price city, proton, pseudo, public url, regexp, resizeobserver, rferror, rfmail, seznam, software, string, subscribe, success, sufeffxa0, symbol, tech, technologies, telecom, textarea, Tracking Domains, twitter, typeerror, typeof c, typeof define, typeof e, typeof module, typeof n, typeof o, typeof s, typeof symbol, typeof t, typeof window, ukraine, unobserve, value, void, wall deco, weakmap, win32, win64, xdfunction

• View other sources: Spamhaus VirusTotal

• Country: United States
• Network:
• Noticed: 4 times
• Protocols Attacked: Anonymous Proxy
• Countries Attacked: Anguilla, Aruba, Australia, Bahamas, Barbados, Canada, Cayman Islands, Costa Rica, Curaçao, Georgia, Guatemala, Japan, Mexico, Netherlands, Panama, Philippines, Poland, Saint Kitts and Nevis, Saint Martin (French part), Saint Vincent and the Grenadines, Sint Maarten (Dutch part), Tanzania United Republic of, Trinidad and Tobago, Ukraine, United Kingdom of Great Britain and Northern Ireland, United States of America
• Passive DNS Results: megavalecard.com.br regal.staging.flexa.co project.emizentech.com fh.umaha.ac.id whaozhan.com seed.umaha.ac.id newsletter.shopifydev.emizentech.com providence.edgemedianetwork.com savourea-shop.com www.topvoca.com noirth.com r-api.instantly.ai filapel.com www.relxths.com relxths.com austin.edgemedianetwork.com supplierportal.conairgroup.com m.aventon-tech.com zuckermanlaw.com topvoca.com ol.livewild.com avalovedoll.com www.merlininkazani.com finn-flare.ru huntingcontainers.com mysolo401k.net santjaumedelsdomenys.com amigochat.io api.amigochat.io pib.my-legal-indemnity-shop.com gensuitestage.com andinoplay.com www.finn-flare.ru awverify.staging.movinlegal.my-legal-indemnity-shop.com awverify.staging.poweredbypie.my-legal-indemnity-shop.com app.flexa.co rigorz.com www.power-eng.com dev.visalist.io buy.liteflow.com malulsid.work www.amigochat.io pls.my-legal-indemnity-shop.com c.biomedevicesanjose.com docs.flexa.co regal.flexa.co static.utop.vn newtea.ua bandarsultan88.link fida.finance admin-v3.aventon-tech.com www.muziker.be casinosuomi.eu dev.newtea.ua emizentech.com merlininkazani.com xoilacxd.cc danangkingkong.com wtcx.dev camspiceexpress.com www.emizentech.com help.instantly.ai en.merlininkazani.com r2.gaplo.tech prod65.biomedevicesanjose.com api-0.playwin.fun conairgroup.com queue-espa-stage.sojospaclub.com flowhcm.com sl-hq.online custom.utopapp.net nonwovens-industry.com www.kashing.co.uk app.furio.io stanningtonpizza.com dashboard.liteflow.com ptown.edgemedianetwork.com bbetraining.co.uk abqmt-gpt.com bluefineagleview.com b2b.ingredien.com flettz.com pusher.instantly.ai ptounxi.com support.flexa.co flycovered.com mca-92.com www.sojospaclub.com recycletroop.com dermash.pl credentials.minehut.app www.ujeeb.com api-espa-stage.sojospaclub.com wiki.incelogia.org chinapandaliverpool.co.uk zlily.com m247.vinehousefarm.co.uk incelogia.org autodiiler.ee sandiego.edgemedianetwork.com echofineproperties.com vstrike.com www.echofineproperties.com fabk.in visalist.io sultan88cuan.net alyssa-regan.echofineproperties.com api.staging.flexa.co juegacasinovip.bet dev.azbridemag.com azbridemag.com www.azbridemag.com flexa.co www.parts.conairgroup.com parts.conairgroup.com extranet.conairgroup.com vegasfreedom.com api.mybanker.dk www.mybanker.dk app.mybanker.dk developer.instantly.ai hudsonvalley.edgemedianetwork.com sacramento.edgemedianetwork.com dallas.edgemedianetwork.com charlotte.edgemedianetwork.com www.globalprime.com 2.html-load.cc muziker.be 6.html-load.cc 8.html-load.cc 4.html-load.cc 3.html-load.cc 5.html-load.cc 9.html-load.cc 0.html-load.cc 7.html-load.cc 1.html-load.cc instantly.ai html-load.cc mybanker.dk news.clicks.mybanker.dk www.withspiffy.com yojicasino.ro 55055.app mx4.mail.go.th mx5.mail.go.th a2baerialfilm.co.uk api.flexa.co homezone.com.ua srscalculatorapp.com elf.staticflare.com video.utop.vn www.pumenu.com pumenu.com kilat77cuan.org www.conairgroup.com secure.globalprime.com spotify-downloader.com nature.ingredien.com wheel-fortune-tiger-br.pu020ev.com kittencastle.org multigame-az.pu020ev.com wheel-joker-ca.pu020ev.com wheel-girl-bear-ca.pu020ev.com bonanza-az.pu020ev.com liteflow.com wheel-sweet-bonanza-ua.pu020ev.com aviator-wheel-bd.pu020ev.com wheel-birthdaycup-mx.pu020ev.com aviator-wheel-bn.pu020ev.com fortune-tiger-br-wheel.pu020ev.com business.bippermedia.com bonus-ca.pu020ev.com wheel-birthdaycup-az.pu020ev.com select-card-br.pu020ev.com demo-game-aviator-ru-kz.pu020ev.com card-selection-uz.pu020ev.com wolf-gold-kz.pu020ev.com wheel-birthdaycup-kz.pu020ev.com sojospaclub.com birthday-cup-kz.pu020ev.com aviator.pu020ev.com magicport.ai wheel-birthday-cup-br.pu020ev.com birthday-cup-br.pu020ev.com fortune-tiger-br.pu020ev.com demo.liteflow.com twincities.edgemedianetwork.com seattle.edgemedianetwork.com columbus.edgemedianetwork.com cleveland.edgemedianetwork.com chicago.edgemedianetwork.com houston.edgemedianetwork.com philadelphia.edgemedianetwork.com atlanta.edgemedianetwork.com www.hl-fintech.top wordwool.com staging.sojospaclub.com globalprime.com bonus4-mx.pu020ev.com demo-game-aviator-ua.pu020ev.com wheel-csn.pu020ev.com form.pu020ev.com greenman-ua.pu020ev.com bonus-2-ca.pu020ev.com nashville.edgemedianetwork.com tampa.edgemedianetwork.com keywest.edgemedianetwork.com indianapolis.edgemedianetwork.com fireisland.edgemedianetwork.com atlanticcity.edgemedianetwork.com all-sport-br.pu020ev.com socialcraft.me br-csn-sms.pu020ev.com sekasoft.com wheel-sweet-bonanza-br.pu020ev.com portal.outdoorelementsusa.com kashing.co.uk multislot-uz.pu020ev.com shiki-gapstyle.gaplo.tech admiralx-uz.pu020ev.com wheel-game-ca.pu020ev.com hkepcir.gaplo.tech pluto.edgemedianetwork.com www.oasisswap.com wheels-goold-girl-kz.pu020ev.com bonus-mx.pu020ev.com wolfgold-kz.pu020ev.com golden-wheel-ua.pu020ev.com bet88019.com sailsengine.com wheel-game-mx.pu020ev.com book-of-dead-ua.pu020ev.com abc.renotion.xyz wheel-cricket-ipl-en-in.pu020ev.com mercury.edgemedianetwork.com faq.mail.go.th joy-c.pu020ev.com wheel-game-in.pu020ev.com wheel-monkey-mx.pu020ev.com dev.powerasone.ca bonanza-br.pu020ev.com greenmantr.pu020ev.com wheel-sweet-br.pu020ev.com kene.co.th staging.pamisa.ch phoenix.edgemedianetwork.com oasisswap.com wheel-foot-per.pu020ev.com www.tyche.ae renotion.xyz bss.cr www.uschinagreeninstitute.org uschinagreeninstitute.org greenmanpt.pu020ev.com tyche.ae portland.edgemedianetwork.com mostbet-uz.pu020ev.com wheels-goold-girl.pu020ev.com api.renotion.xyz desiree.ns.cloudflare.com.campaignamericanfreedom.com www.campaignamericanfreedom.com campaignamericanfreedom.com www.prescription-swimming-goggles.com experiment.hobbii.dk india-wheel.pu020ev.com wheel-percas-cl.pu020ev.com card-selection-ru.pu020ev.com doomcorp.net wpstarter.responsiveweb.nz www.ingredien.com www.moogconnect.net wheels-greenman-geo.pu020ev.com ingredien.com status.overlandnavigator.co.nz mailv6.mail.go.th www.sboaaaa.bet sboaaaa.bet knx24.com mal-998.com www.passwitheuan.co.uk golden-wheel-uz-ru.pu020ev.com izmirkebabpizzahouse.co.uk wedabima.com www.furio.io overlandnavigator.co.nz meet.saladplate.com wheel-game-ru.pu020ev.com pamisa.ch www.pamisa.ch www.winsplays.com mail.go.th www.oxycuretherapy.com oxycuretherapy.com www.auto-handyhalter.de tarifaaldia.es new-year-ind.pu020ev.com powerasone.ca card-selection-br.pu020ev.com demo-game-aviator-kz.pu020ev.com demo-game-aviator-az.pu020ev.com world-champ-football-az.pu020ev.com www.strand-korb.com www.bunkerfitness.mx world-champ-football-cl.pu020ev.com worldcup.pu020ev.com world-champ-football-kz.pu020ev.com wcstarter.responsiveweb.nz canvas.responsiveweb.nz benchmarks.gaplo.tech world-champ-football-br.pu020ev.com x90t.com pachinko.pu020ev.com new-promo-land-green4.pu020ev.com furio.io land-wheel-monkey-ru.pu020ev.com server.playin.gg roll-the-dice-en.pu020ev.com sport-promo-br.pu020ev.com beta.magicport.ai worldnewspedia.com g2.winsplays.com intro.lginnotek-virtualshowroom.com football-kz.pu020ev.com bonus-boxes-per.pu020ev.com aviator-br.pu020ev.com girl-cl.pu020ev.com golden-wheel-pe.pu020ev.com sub.winsplays.com golden-wheel-br.pu020ev.com book-of-dead-pe.pu020ev.com www.trexrainescape.com boxes.pu020ev.com www.utop.vn fastblocks.com www.donttreadonme.com.br deal.utop.vn golden-wheel-in.pu020ev.com jetx-game-br.pu020ev.com playin.gg ind-cric-reg.pu020ev.com purplesmart.ai subagent.winsplays.com form-cricket-ind-girl2.pu020ev.com comminicazionstaff.com xxxporn678.com moogconnect.net midwestbottles.com donttreadonme.com.br haddon.me lginnotek-virtualshowroom.com wiki.revolgc.pro trexrainescape.com shkaf.win www.aeropuertoinfo.com play.winsplays.com demo-game-aviator-uz.pu020ev.com whm.pissplay.com book-of-dead-br.pu020ev.com aeropuertoinfo.com wheel-game-cl.pu020ev.com book-of-dead-cl.pu020ev.com greenman-cl.pu020ev.com hobbii.dk wheel-monkey-br.pu020ev.com saladplate.com wheel-monkey-cl.pu020ev.com wheel-game-pe.pu020ev.com pay-callback.diupanv88.com merchant.diupanv88.com admin.diupanv88.com roll-the-dice-tr.pu020ev.com roll-the-dice-hi.pu020ev.com pay-sandbox.diupanv88.com pay.diupanv88.com diupanv88.com photographylight.aspengrovestudios.com racingreels.info promo-girl.pu020ev.com demo-game-aviator-br.pu020ev.com form-cricket-ind-girl1.pu020ev.com old.saladplate.com spinbr.pu020ev.com www.pepesoupe.com cr-222.top wheel-monkey-kz.pu020ev.com wheel-game-az.pu020ev.com wheel-game-br.pu020ev.com docs.aspengrovestudios.com www.kkcedevitajunior.hr lightningsoul.com app-api-dev.fsstaging.com.au hlcydb.com www.sidhakuraprastab4.com admin.winsplays.com thefirstock.com winsplays.com wheel-game-kz.pu020ev.com img.tvfindr.com wheel-monkey-pe.pu020ev.com wheel-monkey-az.pu020ev.com wheel-game-ua.pu020ev.com www.verandadeck.com prescription-swimming-goggles.com kkcedevitajunior.hr livesex.link sidhakuraprastab4.com nemoj-test.thedevapps.com admin-test.thedevapps.com miagemo.thedevapps.com www.nemoj.net.thedevapps.com gestaendnisse.thedevapps.com icp.thedevapps.com nemoj.thedevapps.com admin.thedevapps.com www.thedevapps.com card-selection-ua.pu020ev.com m2.vinehousefarm.co.uk jenkins.ujeeb.com api.ujeeb.com www.atelierdeeventosbilbao.com.cdn.cloudflare.net mbm-multigaming.de www.aspengrovestudios.com maxpost.tv demo.aspengrovestudios.com assets.aspengrovestudios.com status.aspengrovestudios.com www.happy-breath.de rencontre.fenuahotspot.com www.saudade-jewels.com offlander.mx www.offlander.mx book-of-the-dead-kz.pu020ev.com photography.aspengrovestudios.com divifootereditordemo.aspengrovestudios.com 42themedemo.aspengrovestudios.com www.atelierdeeventosbilbao.com programaeducativo.fundacioncolacao.org a.financetopsurvey.top www.fenuahotspot.com aspengrovestudios.com accesspoint-cnt-ce1.xyz ingenium.la fundacioncolacao.org ncw2022.co.uk www.ncw2022.co.uk oldadmin.sexyshopping.it player25.xyz saudade-jewels.com m.rinnoo.net www.itexamanswers.net www.climboso.com www.boomliquidation.ca go.xn–mgbub2g.com book-of-the-dead-az.pu020ev.com wheel-monkey-ua.pu020ev.com wheel-monkey-ru.pu020ev.com www.e-facemaskshop.com washington.edgemedianetwork.com api.sonauto.fr wheel-monkey-uz.pu020ev.com rinnoo.net www.rinnoo.net daywigs.com newdissent.com dapperdaentje.nl boomliquidation.ca financetopsurvey.top new-year-promotion-kz.pu020ev.com themes.responsiveweb.nz aviator-az.pu020ev.com golden-wheel-ru.pu020ev.com www.baskoniaalavesstore.com www.pissplay.com pissplay.com baskoniaalavesstore.com www.lympo.com git.player25.xyz www.loveforpleasure.com wheel-percas.pu020ev.com grafana.sexyshopping.it sexytab.sexyshopping.it utop.vn www.orangetree.in www.independentshedgroup.com.au ability.lc cma.markvdmade.com vegaswinners.com gaplo.tech www.vegaswinners.com oceanearthchefs.com www.oceanearthchefs.com land-girl-loc-ru.pu020ev.com land072.pu020ev.com ua-land-bonus-cen.pu020ev.com int-land-in.pu020ev.com www.trhaber.com trhaber.com new.fenuahotspot.com old.fenuahotspot.com

Malware Detected on Host

Count: 8 38f5c2f526bd68b0d7914cb5bb451bb2b1037520ed6b6b2ab32b1b3cb76c4b4a 49fbb2f3cff93bf9e0746f72e48e1a23c02b6d50c75b164f675ddaac8f9d33bc 26fdb89aac8c99060f9c1c14abdcd2e87914065f7ac6f750ab0cedf8c36aeb7a 2757850baf7b2d6e69646893a681f4980ce21843f932345a9de1057f04cf868f 6a7a1c710f895467e88ef20ce6f37677998c3e4de0e23d00855201579de2eaab cd4281b5910eac49bd5f6b8b62945eef6205638876a70335c155f7b4fd15d035 055725793052a4b334ce60a479bb674c84e07a9172cfdd275a23a24bcd1cbd45 17a2271906b7edd5a4a857f6a5558bd9714478de85964e7005f4109b8403fd76

Open Ports Detected

2082 2083 2086 2087 2095 2096 443 80 8080 8443 8880

Map

Whois Information

• NetRange: 172.64.0.0 - 172.71.255.255
• CIDR: 172.64.0.0/13
• NetName: CLOUDFLARENET
• NetHandle: NET-172-64-0-0-1
• Parent: NET172 (NET-172-0-0-0-0)
• NetType: Direct Allocation
• OriginAS:
• Organization: Cloudflare, Inc. (CLOUD14)
• RegDate: 2015-02-25
• Updated: 2024-09-04
• Comment: All Cloudflare abuse reporting can be done via https://www.cloudflare.com/abuse
• Comment: Geofeed: https://api.cloudflare.com/local-ip-ranges.csv
• Ref: https://rdap.arin.net/registry/ip/172.64.0.0
• OrgName: Cloudflare, Inc.
• OrgId: CLOUD14
• Address: 101 Townsend Street
• City: San Francisco
• StateProv: CA
• PostalCode: 94107
• Country: US
• RegDate: 2010-07-09
• Updated: 2024-11-25
• Ref: https://rdap.arin.net/registry/entity/CLOUD14
• OrgRoutingHandle: CLOUD146-ARIN
• OrgRoutingName: Cloudflare-NOC
• OrgRoutingPhone: +1-650-319-8930
• OrgRoutingEmail: noc@cloudflare.com
• OrgRoutingRef: https://rdap.arin.net/registry/entity/CLOUD146-ARIN
• OrgTechHandle: ADMIN2521-ARIN
• OrgTechName: Admin
• OrgTechPhone: +1-650-319-8930
• OrgTechEmail: rir@cloudflare.com
• OrgTechRef: https://rdap.arin.net/registry/entity/ADMIN2521-ARIN
• OrgAbuseHandle: ABUSE2916-ARIN
• OrgAbuseName: Abuse
• OrgAbusePhone: +1-650-319-8930
• OrgAbuseEmail: abuse@cloudflare.com
• OrgAbuseRef: https://rdap.arin.net/registry/entity/ABUSE2916-ARIN
• OrgNOCHandle: CLOUD146-ARIN
• OrgNOCName: Cloudflare-NOC
• OrgNOCPhone: +1-650-319-8930
• OrgNOCEmail: noc@cloudflare.com
• OrgNOCRef: https://rdap.arin.net/registry/entity/CLOUD146-ARIN
• RAbuseHandle: ABUSE2916-ARIN
• RAbuseName: Abuse
• RAbusePhone: +1-650-319-8930
• RAbuseEmail: abuse@cloudflare.com
• RAbuseRef: https://rdap.arin.net/registry/entity/ABUSE2916-ARIN
• RTechHandle: ADMIN2521-ARIN
• RTechName: Admin
• RTechPhone: +1-650-319-8930
• RTechEmail: rir@cloudflare.com
• RTechRef: https://rdap.arin.net/registry/entity/ADMIN2521-ARIN
• RNOCHandle: NOC11962-ARIN
• RNOCName: NOC
• RNOCPhone: +1-650-319-8930
• RNOCEmail: noc@cloudflare.com
• RNOCRef: https://rdap.arin.net/registry/entity/NOC11962-ARIN

Links to attack logs

anonymous-proxy-ip-list-2024-05-13 anonymous-proxy-ip-list-2025-06-30 anonymous-proxy-ip-list-2025-07-02 anonymous-proxy-ip-list-2025-08-12 anonymous-proxy-ip-list-2025-08-13 anonymous-proxy-ip-list-2025-06-21 anonymous-proxy-ip-list-2025-07-18 anonymous-proxy-ip-list-2024-05-28 anonymous-proxy-ip-list-2023-06-28 anonymous-proxy-ip-list-2024-05-14 anonymous-proxy-ip-list-2025-06-26 anonymous-proxy-ip-list-2025-06-27 anonymous-proxy-ip-list-2025-08-03 anonymous-proxy-ip-list-2023-06-29 anonymous-proxy-ip-list-2023-07-18 anonymous-proxy-ip-list-2024-05-16 anonymous-proxy-ip-list-2024-05-20 anonymous-proxy-ip-list-2025-06-23 anonymous-proxy-ip-list-2025-07-13 ****** anonymous-proxy-ip-list-2025-07-11 anonymous-proxy-ip-list-2025-07-15 anonymous-proxy-ip-list-2025-07-30 anonymous-proxy-ip-list-2025-08-10 anonymous-proxy-ip-list-2024-05-23 anonymous-proxy-ip-list-2024-05-12 anonymous-proxy-ip-list-2025-08-14 anonymous-proxy-ip-list-2025-07-01 anonymous-proxy-ip-list-2025-07-06 anonymous-proxy-ip-list-2025-07-24 anonymous-proxy-ip-list-2025-08-11 anonymous-proxy-ip-list-2025-06-22 anonymous-proxy-ip-list-2025-07-07 anonymous-proxy-ip-list-2025-07-14 anonymous-proxy-ip-list-2025-07-23 anonymous-proxy-ip-list-2025-07-05 anonymous-proxy-ip-list-2023-07-10 anonymous-proxy-ip-list-2025-06-24 anonymous-proxy-ip-list-2025-06-28 anonymous-proxy-ip-list-2025-06-29 anonymous-proxy-ip-list-2025-07-27 anonymous-proxy-ip-list-2025-08-08 anonymous-proxy-ip-list-2025-08-17 anonymous-proxy-ip-list-2024-05-09 anonymous-proxy-ip-list-2024-05-15 anonymous-proxy-ip-list-2024-05-22 anonymous-proxy-ip-list-2025-07-12 anonymous-proxy-ip-list-2025-08-15 anonymous-proxy-ip-list-2023-06-30 anonymous-proxy-ip-list-2024-05-21 anonymous-proxy-ip-list-2025-07-17 anonymous-proxy-ip-list-2024-05-08 anonymous-proxy-ip-list-2025-07-22 anonymous-proxy-ip-list-2025-08-18 anonymous-proxy-ip-list-2024-05-26 anonymous-proxy-ip-list-2025-07-28 anonymous-proxy-ip-list-2025-07-31 anonymous-proxy-ip-list-2025-08-01 anonymous-proxy-ip-list-2025-08-02 anonymous-proxy-ip-list-2025-08-05 anonymous-proxy-ip-list-2025-07-19 ****** anonymous-proxy-ip-list-2023-06-22 anonymous-proxy-ip-list-2023-07-02 anonymous-proxy-ip-list-2023-07-03 anonymous-proxy-ip-list-2025-07-04 anonymous-proxy-ip-list-2025-07-08 anonymous-proxy-ip-list-2025-07-09 anonymous-proxy-ip-list-2025-07-10 anonymous-proxy-ip-list-2025-08-19 anonymous-proxy-ip-list-2023-07-13 anonymous-proxy-ip-list-2025-07-03 anonymous-proxy-ip-list-2025-07-29 anonymous-proxy-ip-list-2025-08-04 anonymous-proxy-ip-list-2025-08-07 anonymous-proxy-ip-list-2025-08-09 anonymous-proxy-ip-list-2025-07-16 anonymous-proxy-ip-list-2025-07-20 anonymous-proxy-ip-list-2025-07-25 anonymous-proxy-ip-list-2025-08-06 anonymous-proxy-ip-list-2025-08-16 ****** anonymous-proxy-ip-list-2025-06-25 anonymous-proxy-ip-list-2025-07-21 anonymous-proxy-ip-list-2025-07-26 anonymous-proxy-ip-list-2025-08-20