172.67.70.42 Threat Intelligence and Host Information

General

This page contains threat intelligence information for the IPv4 address 172.67.70.42 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Possibly Malicious Host 🟢 10/100

Host and Network Information

• View other sources: Spamhaus VirusTotal

• Country: United States
• Network:
• Noticed: 1 times
• Protocols Attacked: Anonymous Proxy
• Passive DNS Results: lps.adenuniversity.edu.pa blog.dvaexpress.it vm-group01.pulse8.co.uk favoritely.com staging.aedexpert.co.uk bafybeiaab2jolgzzu3bzyhdc4nt7kyvvcyedlkw3ygy753sfv422mulrky.eth.sucks secure.dev.catalyst.c-4analytics.com gptkit.eth.sucks www.gptkit.eth.sucks go.tickadoo.com portal.dotsure.co.za iweb.eth.sucks vm-secret01.pulse8.co.uk dotsure.co.za vm-legacyphp01.pulse8.co.uk napoli.dvaexpress.it bafybeiajyxm3xrvoudnlm3tngqqre5xneheoeqhnnvocufpvosutksd5ka.eth.sucks assets.scouttly.com bafybeih3sllf7jaomq4fwff7js5vl32b3rannvgu2sr4h6trxnvr6o6spy.eth.sucks k51qzi5uqu5dk2x9tbwj1ccaaxpcu3mel201n0fwt6rpvn0h7qck9onp4grcz1.eth.sucks horizon-mobile.shadowdragon.io www.eth.sucks tickadoo.com cron8.dvaexpress.it t-ogxesg.prodeos.com bcre.kz rev.eth.sucks croptop.eth.sucks ds761tbf-pl.fina.guru bhsx8d2b-kz.fina.guru k51qzi5uqu5diyfyvgupu606y1fiq980dld20whryksz2u5grkihuux3axdzmd.eth.sucks bafybeigvltbj6h3uwmxspreh2g7wnmy5cfsq3u4iarpt2a7bvi5mn4sx3i.eth.sucks www.apothekerkammer.de qc22bxz4-pl.fina.guru fsave.net api.unifans.io apothekerkammer.de seatedlabs.com app.shadowdragon.io ftp.lean.org.br xgny86w2-kz.fina.guru emailmkt.lean.org.br www.fina.guru www.smart1383.com smart1383.com api.pulse8.co.uk portal.pulse8.co.uk zf5a4b74-lk.fina.guru loanvstoto.com admisiones.adenuniversity.edu.pa gamedb.eth.sucks kendrickhome.b2bdirect.io admin8.dvaexpress.it 4jbvhpbw-ua.fina.guru 6p8heabg-ua.fina.guru cnp.go.cr help.sharedspace.co.nz passievoortwee.nl app.unifans.io aktienfinancial.de www.lean.org.br clickemailmkt.lean.org.br manage.b2bdirect.io ary58192n.com mypartnerforever.net www.mypartnerforever.net marketing.dotsure.co.za minionpro2.com feature.ecd.rs h3nqtbz8-lk.fina.guru ostra.dvaexpress.it 63ofh2az-vn.fina.guru tjnki27w-sp.fina.guru wallet-stage.ecd.rs plesk.dvaexpress.it www.seturl.in seturl.in 5xzbf3xt-ua.fina.guru kw4dnu55-ua.fina.guru 4wg7cguv-lk.fina.guru offida.dvaexpress.it sm-852.com foggia.dvaexpress.it messina.dvaexpress.it hellohelpr.com pharmaflexrx.com admin.dvaexpress.it tlschat.com fina.guru pulse8.co.uk vector.astra.finance streamvi.io worker.streamvi.io mel.dvaexpress.it jdbaa-casino.com mkt-landings.adenuniversity.edu.pa joyabuy.com reggio-calabria.dvaexpress.it legacytrust.com.hk andria.dvaexpress.it pay.pgs.limited warranty.dotsure.co.za www.qpmarkets.com partner.qpmarkets.com events.tickadoo.com cron7.dvaexpress.it new.pulse8.co.uk jgz.quicko.eu vm-benbowgroup01.pulse8.co.uk avr.quicko.eu abt.quicko.eu warehouseiq.com panel.merlinarchery.co.uk vm-buildconsultants02.pulse8.co.uk nde.quicko.eu rls.quicko.eu amazonasvirtual.com.br rewards-qa.ecd.rs www.salamisshipping.com lungtusu51.xyz pay.ogymogy.com www.lammle.com boatshows.com r2wind.cn lammle.com pgs.limited api.km100video.com pielegnacja.hellozdrowie.pl new.hellozdrowie.pl zycie.hellozdrowie.pl krotkieinstrukcje.hellozdrowie.pl hellozdrowie.pl opinie.hellozdrowie.pl www.hellozdrowie.pl krotkainstrukcja.hellozdrowie.pl dvaexpress.it newlookvision.ca pingdom.onlinepress.gr onlinepress.gr www.onlinepress.gr eth.sucks blog.eafit.com odzywianie.hellozdrowie.pl grc.cnp.go.cr www.cnp.go.cr www.dvaexpress.it mariomenna.com ramzinex.com tigerintears.com bubblegumcrackerjack.com beta.assettv.ca r2wind.com moffice2.com www.boatshows.com classifieds.portugalresident.com exchange.ecd.rs salesproducersinc.b2bdirect.io jamestonsons.com acreditacionesconmebol.com planejadorweb.com.br dev.vivuhalong.com tmp.eafit.com isgmetaverse.io www.szgor.com bdo-clg.com dashboard.astra.finance wk.prodeos.com coaching.righttechsoft.com szgor.com pleasantmattress.b2bdirect.io api.minecraftcapes.net xjiujiu99.com mfa-dev.ecd.rs 616tl.top audreysyourheartsdelight.b2bdirect.io portugalresident.com snedai.prodeos.com blog.vignetteapp.org precairadmin.righttechsoft.com pw-proxy-dev.ecd.rs fonts.vignetteapp.org shadowdragon.io admin.publicze.com www.publicze.com project.righttechsoft.com admin-stage.ecd.rs strainstarzz.com www.strainstarzz.com wallet-feature.ecd.rs qa.ecd.rs admin-qa.ecd.rs join.clubstroke.net wallet-qa.ecd.rs admin-dev.ecd.rs docmein.com pw-proxy-feature.ecd.rs www.wondercdn.com.cn wondercdn.com.cn juwelenorogem.be frontend.minecraftcapes.net wiki.vignetteapp.org gshopv1.online gestoci.prodeos.com rsauto.prodeos.com ecd.rs myfinddownloadleader.com app-testing.astra.finance app-sandbox.astra.finance dbgate.righttechsoft.com kaurimotel.com admin-m2.allotests.com allotests.com admin.allotests.com eafit.com toollawnadmin.righttechsoft.com api-feature.ecd.rs admin-feature.ecd.rs ihierba.site qa.inregister.com dev.ecd.rs stage.ecd.rs wallet-dev.ecd.rs api-stage.ecd.rs api-dev.ecd.rs tcbg-dev.ecd.rs easypanel.righttechsoft.com www.inregister.com sh.burqup.com wordpress.burqup.com burqup.com www.astra.finance vignetteapp.org qpmarkets.com rewards-dev.ecd.rs countrysidepurewater.com web-sdk-sandbox.astra.finance heartandsoulflavour.com web-sdk-staging.astra.finance neousys-tech.com reports-dev.ecd.rs dashboard-staging.astra.finance docs-legacy.astra.finance app-staging.astra.finance captcha-zoo.botd.xyz game.038505.com www.meo.de sinooceanblue.com erp.tritoninnovation.com files.tritoninnovation.com vault.tritoninnovation.com ignition.tritoninnovation.com alphadiscounters.com sogara.prodeos.com iogc.prodeos.com movus.prodeos.com theblockchainassociation.org test.cctvcentral.co.uk www.mezcotoyz.com prelive.cctvcentral.co.uk dekamarktoranjeshirt.nl blessing.prodeos.com hacc.prodeos.com cbtp.prodeos.com azur.prodeos.com seru.vip cnpsci.prodeos.com dashboard-sandbox.astra.finance web-sdk-testing.astra.finance www.puurcreative.com sil.prodeos.com silohfarms.prodeos.com markstone.prodeos.com rl.prodeos.com flv.prodeos.com ogplatin.prodeos.com try.prodeos.com relisheats.co.uk esg.prodeos.com alphamead.prodeos.com tracker.merlinarchery.co.uk aes.prodeos.com vector-testing.astra.finance vector-sandbox.astra.finance app.astra.finance ogp.prodeos.com docs.astra.finance dashboard-testing.astra.finance propertysummit.ie os.prodeos.com dhi.prodeos.com www.prodeos.com demo.prodeos.com fimex.prodeos.com safechaf.prodeos.com soft.prodeos.com malega.prodeos.com bankhacks.com engen.prodeos.com 038505.com prodeos.com trumtruyen.vn clubstroke.net www.toycentral.com.sg pontodobicho.com www.lrefoundationrepair.com astra.finance tenderdranken.com truistauthclient.com www.yupoonghats.com yupoonghats.com www.todo.cx store.libus.cl www.cryptoeconlab.io cryptoeconlab.io ampasa.com cdn.meo.de www.coolspools.com coolspools.com lrefoundationrepair.com toycentral.com.sg puurr.eu workplacechemistry.com.au adenuniversity.edu.pa www.careerup.com www.itraders24.com itraders24.com backoffice.itraders24.com oimonitor.shadowdragon.io opopgirl24.com km100video.com 07137.com assettv.ca careerup.com dev.cornellanddiehl.com monitoring.gomining.com account-monitoring.gomining.com api.test.monitoring.gomining.com bellinimodernliving.b2bdirect.io medminder.pharmacy djappfun.com www.merlinarchery.co.uk test.carriagehouseviolins.com www.rjeconsulting.uk thaionairetakeaway.co.uk anneguimaraesaesthetics.com www.sharedspace.co.nz www.downloadfonts.io www.luxweb-france.fr avanta.ask-yug.com www.ask-yug.com test.medminder.pharmacy oxygenlighting.b2bdirect.io www.freenationusa.com horizon.shadowdragon.io lalupaboutique.nl www.charityconnect.co.uk greenlandmarket.b2bdirect.io www.downloadfonts.io.cdn.cloudflare.net www.wellmanstrata.com.au rstech.cl game.07137.com www.pexon-consulting.de sharedspace.co.nz wholesale.mezcotoyz.com rfid.drivesavers.com www.eleafworld.co.uk lisasyummy.com support.logiscool.com www.debedout.co www.hondronasios.gr phpmyadmin.hondronasios.gr hondronasios.gr blog.ogymogy.com grillkebabd14.com clk85.com www.verecbd.com preprod.datascience.movie admin.datascience.movie cyberchris.wales verecbd.com www.bouwplaatsirm.nl juniorspatisserie.nl en.psprices.com pexon-consulting.de bouwplaatsirm.nl club.ogymogy.com www.datascience.movie lordfilma1.net formation.instema.fr ec2.thejungleapp.com api.jackmobiletire.com email.mg.psprices.com tradexp.net www.assettv.ca passion4sport.nl bashyashop.nl sterling.shadowdragon.io stagingprod.membermouse.net pragmaticplaygames.com demo.ogymogy.com mobeenstakeaway.co.uk ubisend.com thejungleapp.com dev.prepostseo.com luxeyfashion.nl ghostofdivinity.com www.turkcellsuperonline-basvuru.com www.jackmobiletire.com citetour.com eleafworld.co.uk boycam24.com alpha-capital.io charityconnect.co.uk webkorea-01.link merlinarchery.co.uk b2bdirect.io discoverysummer.co.uk mashsoberhousing.org amanopizzeria.co.uk jackmobiletire.com management-dev.mashsoberhousing.org staging.mashsoberhousing.org server.mashsoberhousing.org app.ogymogy.com cdn.ogymogy.com www.i-to-i.com www.newandalus.com www.drivesavers.com www.ogymogy.com ogymogy.com soulmateng.net www.soulmateng.net spoluv.host turkcellsuperonline-basvuru.com fasttracktojoy.com umami-view.com spicefusionderby.com www.shadowdragon.io www.tesbihsergisi.com hentai3t.org whitepouches.com www.whitepouches.com www.termeaq.it www.caindesignsllc.com tajmahalspiceonline.com steamery.dk www.steamery.dk www.prepostseo.com lbuy.hk meo.de ohiogascompanies.com cornellanddiehl.com inregister.com minecraftcapes.net mezcotoyz.com community.soulmateng.net www.locations-cap.com www.aedexpert.co.uk img.mitunolens.com imfluid.cl ultradevice.online www.communicationsteam.com falof.xyz www.facethesound.com cdn.bukugt.com promo.maximarkets.org best4kpornsites.com www.best4kpornsites.com facethesound.com cecilkemperink-shop.nl web.ultraiptv.org www.ultraiptv.org player.ultraiptv.org xxx.ultraiptv.org www.chrismarker.org chrismarker.org www.poresto.net aedexpert.co.uk staging-www.gta4.net staging.gta4.net booking.discoverysummer.co.uk www.wrzutka.co www.neousys-tech.com acadianavenue.com taiwentest.com family-selection-at-grand-palladium-costa-mujeres-all-inclusive.faceprice.com.mx puerto-de-luna-pet-friendly-and-family-suites.faceprice.com.mx buenaventura-grand-hotel-great-moments-all-inclusive.faceprice.com.mx hotel-rosita-malecon.faceprice.com.mx pescador-hotel-puerto-vallarta.faceprice.com.mx dreams-villamagna-all-inclusive.faceprice.com.mx sunscape-resort-spa-all-inclusive.faceprice.com.mx blue-chairs-resort-by-the-sea.faceprice.com.mx paradise-village-beach-resort-spa.faceprice.com.mx villa-premiere-boutique-hotel-all-inclusive.faceprice.com.mx costa-club-punta-arena-beach-resort-all-inclusive.faceprice.com.mx villa-varadero-hotel-family-beach.faceprice.com.mx friendly-vallarta-all-inclusive-family-resort-convention-center.faceprice.com.mx trs-coral-hotel-all-inclusive.faceprice.com.mx cabanas-el-cielito.faceprice.com.mx

Malware Detected on Host

Count: 5 cdca83bfeb02b47e81460a5acca7b0603d270bce4962e46213d6529bc388be8c 98be702220b538f44dd19e29a372dce660c7f5a151d465f27c8dbfaeb04d83ae e74fda0bd424b05d18d34f28d135563d45a9f631ce59f3e81a980ff3a9d52c74 09613836e211ed00448f38aa0980638edd27cea73c6323bfdb102c30d19a9645 8c97f7e86eaafd5c36f80b7dd9bb883f5c8d8a69d42de1f7b5d9eec0fe4690a6

Open Ports Detected

2052 2053 2082 2083 2086 2087 443 80 8080 8443 8880

Map

Whois Information

• NetRange: 172.64.0.0 - 172.71.255.255
• CIDR: 172.64.0.0/13
• NetName: CLOUDFLARENET
• NetHandle: NET-172-64-0-0-1
• Parent: NET172 (NET-172-0-0-0-0)
• NetType: Direct Allocation
• OriginAS:
• Organization: Cloudflare, Inc. (CLOUD14)
• RegDate: 2015-02-25
• Updated: 2024-09-04
• Comment: All Cloudflare abuse reporting can be done via https://www.cloudflare.com/abuse
• Comment: Geofeed: https://api.cloudflare.com/local-ip-ranges.csv
• Ref: https://rdap.arin.net/registry/ip/172.64.0.0
• OrgName: Cloudflare, Inc.
• OrgId: CLOUD14
• Address: 101 Townsend Street
• City: San Francisco
• StateProv: CA
• PostalCode: 94107
• Country: US
• RegDate: 2010-07-09
• Updated: 2024-11-25
• Ref: https://rdap.arin.net/registry/entity/CLOUD14
• OrgRoutingHandle: CLOUD146-ARIN
• OrgRoutingName: Cloudflare-NOC
• OrgRoutingPhone: +1-650-319-8930
• OrgRoutingEmail: noc@cloudflare.com
• OrgRoutingRef: https://rdap.arin.net/registry/entity/CLOUD146-ARIN
• OrgNOCHandle: CLOUD146-ARIN
• OrgNOCName: Cloudflare-NOC
• OrgNOCPhone: +1-650-319-8930
• OrgNOCEmail: noc@cloudflare.com
• OrgNOCRef: https://rdap.arin.net/registry/entity/CLOUD146-ARIN
• OrgTechHandle: ADMIN2521-ARIN
• OrgTechName: Admin
• OrgTechPhone: +1-650-319-8930
• OrgTechEmail: rir@cloudflare.com
• OrgTechRef: https://rdap.arin.net/registry/entity/ADMIN2521-ARIN
• OrgAbuseHandle: ABUSE2916-ARIN
• OrgAbuseName: Abuse
• OrgAbusePhone: +1-650-319-8930
• OrgAbuseEmail: abuse@cloudflare.com
• OrgAbuseRef: https://rdap.arin.net/registry/entity/ABUSE2916-ARIN
• RTechHandle: ADMIN2521-ARIN
• RTechName: Admin
• RTechPhone: +1-650-319-8930
• RTechEmail: rir@cloudflare.com
• RTechRef: https://rdap.arin.net/registry/entity/ADMIN2521-ARIN
• RNOCHandle: NOC11962-ARIN
• RNOCName: NOC
• RNOCPhone: +1-650-319-8930
• RNOCEmail: noc@cloudflare.com
• RNOCRef: https://rdap.arin.net/registry/entity/NOC11962-ARIN
• RAbuseHandle: ABUSE2916-ARIN
• RAbuseName: Abuse
• RAbusePhone: +1-650-319-8930
• RAbuseEmail: abuse@cloudflare.com
• RAbuseRef: https://rdap.arin.net/registry/entity/ABUSE2916-ARIN

Links to attack logs

anonymous-proxy-ip-list-2024-05-13 anonymous-proxy-ip-list-2025-06-30 anonymous-proxy-ip-list-2025-07-02 anonymous-proxy-ip-list-2025-08-12 anonymous-proxy-ip-list-2025-08-13 anonymous-proxy-ip-list-2025-08-22 anonymous-proxy-ip-list-2025-09-16 anonymous-proxy-ip-list-2025-06-21 anonymous-proxy-ip-list-2025-07-18 anonymous-proxy-ip-list-2023-07-28 anonymous-proxy-ip-list-2024-05-14 anonymous-proxy-ip-list-2025-06-26 anonymous-proxy-ip-list-2025-06-27 anonymous-proxy-ip-list-2025-08-03 anonymous-proxy-ip-list-2025-08-26 anonymous-proxy-ip-list-2025-08-31 anonymous-proxy-ip-list-2025-09-01 anonymous-proxy-ip-list-2025-09-02 anonymous-proxy-ip-list-2024-05-28 anonymous-proxy-ip-list-2023-07-18 anonymous-proxy-ip-list-2025-06-23 anonymous-proxy-ip-list-2025-07-13 anonymous-proxy-ip-list-2025-08-23 anonymous-proxy-ip-list-2025-09-05 ****** anonymous-proxy-ip-list-2024-05-20 anonymous-proxy-ip-list-2025-07-15 anonymous-proxy-ip-list-2025-07-11 anonymous-proxy-ip-list-2025-07-30 anonymous-proxy-ip-list-2025-08-10 anonymous-proxy-ip-list-2025-09-11 anonymous-proxy-ip-list-2024-05-12 anonymous-proxy-ip-list-2024-05-23 anonymous-proxy-ip-list-2024-05-24 anonymous-proxy-ip-list-2025-08-14 anonymous-proxy-ip-list-2025-08-21 anonymous-proxy-ip-list-2023-07-27 anonymous-proxy-ip-list-2025-07-01 anonymous-proxy-ip-list-2025-07-06 anonymous-proxy-ip-list-2025-07-24 anonymous-proxy-ip-list-2025-08-11 anonymous-proxy-ip-list-2025-08-27 anonymous-proxy-ip-list-2025-08-30 anonymous-proxy-ip-list-2025-09-04 anonymous-proxy-ip-list-2025-06-22 anonymous-proxy-ip-list-2025-07-07 anonymous-proxy-ip-list-2025-07-14 anonymous-proxy-ip-list-2025-07-23 anonymous-proxy-ip-list-2025-09-15 anonymous-proxy-ip-list-2025-06-24 anonymous-proxy-ip-list-2025-06-28 anonymous-proxy-ip-list-2025-06-29 anonymous-proxy-ip-list-2025-07-05 anonymous-proxy-ip-list-2025-08-28 anonymous-proxy-ip-list-2025-09-07 anonymous-proxy-ip-list-2025-07-27 anonymous-proxy-ip-list-2025-08-08 anonymous-proxy-ip-list-2025-08-25 anonymous-proxy-ip-list-2024-05-09 anonymous-proxy-ip-list-2024-05-15 anonymous-proxy-ip-list-2024-05-22 anonymous-proxy-ip-list-2025-07-12 anonymous-proxy-ip-list-2025-08-15 anonymous-proxy-ip-list-2025-08-17 anonymous-proxy-ip-list-2025-08-29 anonymous-proxy-ip-list-2025-09-08 anonymous-proxy-ip-list-2025-09-18 anonymous-proxy-ip-list-2025-07-17 anonymous-proxy-ip-list-2025-08-24 anonymous-proxy-ip-list-2025-09-10 anonymous-proxy-ip-list-2024-05-25 anonymous-proxy-ip-list-2024-05-08 anonymous-proxy-ip-list-2024-05-21 anonymous-proxy-ip-list-2025-07-22 anonymous-proxy-ip-list-2025-08-18 anonymous-proxy-ip-list-2023-07-09 anonymous-proxy-ip-list-2024-05-11 anonymous-proxy-ip-list-2024-05-26 anonymous-proxy-ip-list-2025-07-28 anonymous-proxy-ip-list-2025-07-31 anonymous-proxy-ip-list-2025-08-01 anonymous-proxy-ip-list-2025-08-02 anonymous-proxy-ip-list-2025-08-05 anonymous-proxy-ip-list-2025-09-19 anonymous-proxy-ip-list-2025-07-19 anonymous-proxy-ip-list-2025-09-06 anonymous-proxy-ip-list-2025-07-08 anonymous-proxy-ip-list-2025-07-09 anonymous-proxy-ip-list-2025-07-10 anonymous-proxy-ip-list-2025-08-19 anonymous-proxy-ip-list-2025-09-12 ****** anonymous-proxy-ip-list-2025-07-03 anonymous-proxy-ip-list-2025-07-04 anonymous-proxy-ip-list-2025-07-29 anonymous-proxy-ip-list-2025-08-04 anonymous-proxy-ip-list-2025-08-07 anonymous-proxy-ip-list-2025-08-09 anonymous-proxy-ip-list-2025-09-03 anonymous-proxy-ip-list-2025-09-09 anonymous-proxy-ip-list-2024-05-18 anonymous-proxy-ip-list-2025-07-16 anonymous-proxy-ip-list-2025-07-25 anonymous-proxy-ip-list-2025-08-06 anonymous-proxy-ip-list-2025-08-16 ****** anonymous-proxy-ip-list-2025-06-25 anonymous-proxy-ip-list-2025-07-20 anonymous-proxy-ip-list-2025-07-21 anonymous-proxy-ip-list-2025-07-26 anonymous-proxy-ip-list-2025-08-20 anonymous-proxy-ip-list-2025-09-13 anonymous-proxy-ip-list-2025-09-17 anonymous-proxy-ip-list-2025-09-14