172.67.72.12 Threat Intelligence and Host Information

General

This page contains threat intelligence information for the IPv4 address 172.67.72.12 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Possibly Malicious Host 🟢 10/100

Host and Network Information

• View other sources: Spamhaus VirusTotal

• Country: United States
• Network:
• Noticed: 1 times
• Protocols Attacked: Anonymous Proxy
• Passive DNS Results: site-melhor-casino.com www.eblogx.com eblogx.com cabon119.com www.isthisfraud.com amnuvola.com beta.dex-trade.com www.beads-wholesale-online.com orionanalytical.com dealsspy.com cia.com politepages.io interlir.com seacretdirect.com zauers.lv quantumknowledgebase.com socket.dex-trade.com www.aiyifan.tv apkdl.wareztv.io aplapollo.imast.in files.pornworks.com t.pornworks.com a.2001.pt aljaras.com pornworks.com xpo.markets conincotower.com status-api.aleeva.io 5f4.info redonionbristol.co.uk www.5f4.info acid-house.net xiaohaola.com bakerenogkokken.no ru-meteo.com www.icorsi.ch www.signaturetours.com anvilbrewing.com aiyifan.tv chippit.app whatthatmeans.net mobile.chippit.app dash-api-beta.urbanpiper.com www.bakerenogkokken.no www.casinoways1.com www.music-man.com.mx www.foodiecard.com foodiecard.com science-teaching.org shopspacechews.com max4u.ru www.max4u.ru privatecoin.net www.linklr.net www.acid-house.net test.science-teaching.org docs.dex-trade.com rmappnutrition.com data.2001.pt admin.aggsmart.co.uk australianretirementvillages.com.au cdn.public.feetfix.com feetfix.com eagleecondev.org ueiwsp.com gdlotto.com vglobalmarkets.com api.gdlotto.com bclub1515.com massagechairnorcal.com allegraleopold.com.au harimau333.net signaturetours.com icorsi.ch it.nomorigine.com transdigm.com maintenance.promods.net m-x.com.mx m.fotbolti.net mix-show.com cryptofiat.finance francisgallery.com api-beta.aleeva.io staging-collective.com status.fanz.io www.nettruyenvv.com qmiaxwh.com grafana.zksync.org winbet69.net camisetasfutbolybaloncesto.com contropusa.com pmagentur.com ofza.com brk7d3ns8.wareztv.io autodetailer.co www.citarella.com manager.signaturetours.com www.absolutewaterpumps.com www.nomorigine.com casinoways1.com mcamart.com jusopang18.com parachezvous.ma rtvi.us iowagambler.com lightningbolt-ix.net www.lightningbolt-ix.net www.transdigm.com smartbigpoint.com xo6x.org dex-trade.com billionairebrainwave.com www.fotbolti.net trumpet.urbanpiper.com test.aisle.co data.promods.net www.idealautoprotect.com mrmasalaonline.co.uk api-docs.urbanpiper.com apidocs.urbanpiper.com dash-api.urbanpiper.com dehn-international.com testoffers.aisle.co pds.urbanpiper.com s6.wldcdn.net maintenance.phonelcdparts.com s4.wldcdn.net sweetnow.co.uk www.aggsmart.co.uk games1.glitch.ge www.etc.io sandbox-api-manage.fanz.io gammasurf.com freedl.promods.net uat.isabellagarcia.co.za www.bdsmgirl.nl diablochairs.fr bonitachica.nl dmx.glitch.ge www.ssg.asia falloutcraft.ru calamityislands.com maintenance.wldcdn.net www.kebbada.com kebbada.com www.pointemagazine.com www.raiseyourdog101.com zh.casinoshunter.com staging-api-pos.fanz.io api-pos.fanz.io fr.casinoshunter.com www.casinoshunter.com casinoshunter.com s.casinoshunter.com thedynastyonline.co.uk www.colestudios.com.au colestudios.com.au www.trendblog.net trendblog.net pl.casinoshunter.com www.bb3003.com pointemagazine.com bb3003.com stage.casinoshunter.com s-stage.casinoshunter.com camo2.buildkiteusercontent.com www.modeshine.com autohaus-luchtenberg.de otoloka.id www.ping.pt ping.pt www.beahero.gg legaltile.com yk-game.com winisp.net base.ping.pt ideas.list.aleeva.io whm.orioninitiative.com www.orioninitiative.com www.emprosnet.gr modeshine.com phonelcdparts.com www.phonelcdparts.com www.yuepaly555.com yuepaly555.com 2019.ping.pt www.sammonitor.com 3d.glitch.ge wkpe82.gy988d.com wkpe81.gy988d.com www.bestpriceshop.pk fitbit.bestpriceshop.pk tch.tools popeyeswelfordroad.com tastytaberdeen.co.uk beybekbaby.com tradein.se annuaire.aide-sociale.fr www.b2b-light.nl ufa079.com fxforyouandme.com de.duckandsail.com digops.net www.promods.net alessiacara.glitch.ge invite.aleeva.io web.aleeva.io api.aleeva.io mq.aleeva.io data.aleeva.io me.aleeva.io translate.aleeva.io learn.doubleblindmag.com home-techgadgets.com nthu.cc staging207.foodies.community neweastendcafetakeaway.co.uk www.bestwestagent.com diamondpaintingnederland.nl www.dressdistrict.com www.marcheguyanais.com foodies.community discord.aleeva.io coinchase.com app.fnnldb.com ridemovi.com bitladon.fr www.allgaragedoorsrepair.com myportal-admin.logan.qld.gov.au cliptalyx.dev orioninitiative.com glitch.ge duckandsail.com emprosnet.gr tiffinsrestaurantonline.co.uk karmarestaurantonline.co.uk www.doubleblindmag.com doubleblindmag.com giannispizzas.co.uk georgeharrison.glitch.ge mereba.glitch.ge survey.healthexchange.org.uk mgo.urbanpiper.com dashboard.aisle.co tuf.urbanpiper.com umusic.glitch.ge anjahomeandliving.nl nienza.nl dev.beahero.gg myportal.logan.qld.gov.au beahero.gg brimarfashion.com www.demo.vehicatheme.com demo.vehicatheme.com afcexpress.co.uk br-mannesmann.com.ua www.staging1.b2b-light.nl staging1.b2b-light.nl dwp.glitch.ge caravans.broadlane.co.uk motorhomes.broadlane.co.uk www.shemalepornsites.net exchange.beeswap.bz liveeasy.app maksipara.com e-commerce.wmdstudio.com develop-api-pos.fanz.io aggsmart.co.uk veekequalitycars.nl beeswap.bz mt.10toinfinity.com jacobcollier.glitch.ge shemalepornsites.net suussies.nl buildyourcart.com www.acelerun.com www.heerenleed.com idealautoprotect.com stl2.urbanpiper.com pos-int.urbanpiper.com assets.beta.isabellagarcia.co.za assets.isabellagarcia.co.za eu.ipqualityscore.com www.isabellagarcia.co.za fanz.io profielen.bdsmgirl.nl www.maboutik.fr.cdn.cloudflare.net webhook.maboutik.fr.cdn.cloudflare.net www.raiseyourdog101.com.cdn.cloudflare.net southbankresearch.com www.southbankresearch.com provide.glitch.ge rca.glitch.ge geazy.glitch.ge spotifytest.glitch.ge catalogs.ssg.asia www.fanz.io jitta.com www.zott-dairy.com zott-dairy.com order-lite.urbanpiper.com bahsegel286.com socket.aisle.co www.eaglearms.com eaglearms.com newspaper.emprosnet.gr test-chpc.urbanpiper.com stats.aisle.co www.jitta.com www.vehicatheme.com www.intellicoach.com movil.grupochat.com ads.emprosnet.gr stg.10toinfinity.com blog.aisle.co files.vehicatheme.com www.b2b-light.nl.cdn.cloudflare.net www.staging1.b2b-light.nl.cdn.cloudflare.net app.bdsmgirl.nl www.stokesbonds.com stokesbonds.com www.futurodorado.com futurodorado.com us.ipqualityscore.com ee.bike reports.aisle.co web2sex.com www.info.web2sex.com info.web2sex.com www.pcchandraindia.com pcchandraindia.com tvojvideo.me simulateurs.aide-sociale.fr legado.comidaboa.delivery cashido.cdn.arti.fi shop.zverinus.ru clickgem.app www.clickgem.app s3.clickgem.app allsafe.com.pa www.ipqualityscore.com xn–lnutanuc-9za.se intellicoach.com www.bukmeker-expert.info bukmeker-expert.info promods.net vehicatheme.com www.aide-sociale.fr www.uniroma2-specializzazionemedica.it learn.freelancehustle.com www.freelancehustle.com www.aquabid.com satellite-b1.urbanpiper.com www.pacific-logistics.com pacific-logistics.com carmenmarcvalvoswim.com www.carmenmarcvalvoswim.com ipqualityscore.com staging.glitch.ge main.glitch.ge subone.glitch.ge subtwo.glitch.ge camo.buildkiteusercontent.com casinoelit24.com staging.zott-dairy.com ss-2478.com www.renehering.de.cdn.cloudflare.net shop.renehering.de.cdn.cloudflare.net status.fnnldb.com www.zverinus.ru pinup-bet872.com kg.blogostock.com www.7afz9.cn.cdn.cloudflare.net vulcan-24kasino.org ilpozzo.net www.ilpozzo.net nutrisoy.com.sg testsocket.aisle.co chesno.org test.chesno.org www.vectortemplates.com octantdigital.com forum.aide-sociale.fr www.thesole.com zakriaa.club coxandcox-staging.co.uk www.dressdistrict.com.cdn.cloudflare.net nozelheden.nl vo.blogostock.com fnnldb.com anklav.ua www.broadlane.co.uk www.heerenleed.com.cdn.cloudflare.net uniroma2-specializzazionemedica.it zverinus.ru ordnance.co barmethodstudiostore.com fotbolti.net isabellagarcia.co.za innovadoresdeamerica.org thesole.com app.aisle.co www.aisle.co etc.io drydentechnical.com ssg.asia prommote.me heelsteal.com.au aisle.co bdsmgirl.nl broadlane.co.uk aide-sociale.fr vectortemplates.com skinbrasil.com www.marketstatsanalytics.com marketstatsanalytics.com s.wldcdn.net comidaboa.delivery www.terp8.com.cdn.cloudflare.net ddosbooter.to driiinkonline.co.uk pinupbet228.com music-man.com.mx myportal.logan.qld.gov.au.cdn.cloudflare.net buildkiteusercontent.com api.ordnance.co sabongpilipinas.net 10toinfinity.com aquabid.com www.allgaragedoorsrepair.com.cdn.cloudflare.net passiveway.jitta.com api.liveeasy.app testa2.aisle.co testvideo.aisle.co staging.nutrisoy.com.sg epista.com www.epista.com freelancehustle.com

Malware Detected on Host

Count: 92 9595c4385d12858ad1a103bd5ac481156be8d057595f620fedae426121f95c7c a00309d14fca4bcdd967141c04910ba28959d775d4f6abefd74bbe5a4cdbd792 e411108f961e52e58e4a1d085ec0e35d97401b486db4e34b05cc35d08df8faee 8412334c8e17d029e9c17eee45968e368d0f58509f6f03389874d0a9425f75c9 ecf37acc8166afd2d20e757ce48b9268cb69a3a7f8aa0cb29e95da99bc6b35e5 9c9cdb438163a2e64adcb398a6f1f1abcdc81c1cf35ab5728441104a151240fd 57e2f9ee6aaad4097ac2b1151fe1cf9546c8fbc470670b73c8039285f4fd4db5 7c15deb40ac5e035bce294e27219209411eac30209212cea9d6df4f23e3cc581 9217d926826128058e86a2a2bba020ea38062503648e320194b22d1ade0ffee9 24e73e485857368cf7ec4e1b44b5d9cf86a16fbb8eafd89626b47703256db22d

Open Ports Detected

2053 2082 2083 2086 2087 2095 2096 443 80 8080 8443 8880

Map

Whois Information

• NetRange: 172.64.0.0 - 172.71.255.255
• CIDR: 172.64.0.0/13
• NetName: CLOUDFLARENET
• NetHandle: NET-172-64-0-0-1
• Parent: NET172 (NET-172-0-0-0-0)
• NetType: Direct Allocation
• OriginAS: AS13335
• Organization: Cloudflare, Inc. (CLOUD14)
• RegDate: 2015-02-25
• Updated: 2024-09-04
• Comment: All Cloudflare abuse reporting can be done via https://www.cloudflare.com/abuse
• Comment: Geofeed: https://api.cloudflare.com/local-ip-ranges.csv
• Ref: https://rdap.arin.net/registry/ip/172.64.0.0
• OrgName: Cloudflare, Inc.
• OrgId: CLOUD14
• Address: 101 Townsend Street
• City: San Francisco
• StateProv: CA
• PostalCode: 94107
• Country: US
• RegDate: 2010-07-09
• Updated: 2024-11-25
• Ref: https://rdap.arin.net/registry/entity/CLOUD14
• OrgNOCHandle: CLOUD146-ARIN
• OrgNOCName: Cloudflare-NOC
• OrgNOCPhone: +1-650-319-8930
• OrgNOCEmail: noc@cloudflare.com
• OrgNOCRef: https://rdap.arin.net/registry/entity/CLOUD146-ARIN
• OrgAbuseHandle: ABUSE2916-ARIN
• OrgAbuseName: Abuse
• OrgAbusePhone: +1-650-319-8930
• OrgAbuseEmail: abuse@cloudflare.com
• OrgAbuseRef: https://rdap.arin.net/registry/entity/ABUSE2916-ARIN
• OrgRoutingHandle: CLOUD146-ARIN
• OrgRoutingName: Cloudflare-NOC
• OrgRoutingPhone: +1-650-319-8930
• OrgRoutingEmail: noc@cloudflare.com
• OrgRoutingRef: https://rdap.arin.net/registry/entity/CLOUD146-ARIN
• OrgTechHandle: ADMIN2521-ARIN
• OrgTechName: Admin
• OrgTechPhone: +1-650-319-8930
• OrgTechEmail: rir@cloudflare.com
• OrgTechRef: https://rdap.arin.net/registry/entity/ADMIN2521-ARIN
• RTechHandle: ADMIN2521-ARIN
• RTechName: Admin
• RTechPhone: +1-650-319-8930
• RTechEmail: rir@cloudflare.com
• RTechRef: https://rdap.arin.net/registry/entity/ADMIN2521-ARIN
• RAbuseHandle: ABUSE2916-ARIN
• RAbuseName: Abuse
• RAbusePhone: +1-650-319-8930
• RAbuseEmail: abuse@cloudflare.com
• RAbuseRef: https://rdap.arin.net/registry/entity/ABUSE2916-ARIN
• RNOCHandle: NOC11962-ARIN
• RNOCName: NOC
• RNOCPhone: +1-650-319-8930
• RNOCEmail: noc@cloudflare.com
• RNOCRef: https://rdap.arin.net/registry/entity/NOC11962-ARIN

Links to attack logs

anonymous-proxy-ip-list-2024-05-13 anonymous-proxy-ip-list-2024-05-29 anonymous-proxy-ip-list-2024-05-14 anonymous-proxy-ip-list-2024-05-28 anonymous-proxy-ip-list-2025-06-23 anonymous-proxy-ip-list-2024-05-16 anonymous-proxy-ip-list-2024-05-20 ****** anonymous-proxy-ip-list-2024-05-24 anonymous-proxy-ip-list-2024-05-23 anonymous-proxy-ip-list-2024-05-12 anonymous-proxy-ip-list-2025-06-22 anonymous-proxy-ip-list-2025-06-24 anonymous-proxy-ip-list-2024-05-09 anonymous-proxy-ip-list-2024-05-15 anonymous-proxy-ip-list-2024-05-22 anonymous-proxy-ip-list-2024-05-21 anonymous-proxy-ip-list-2024-05-25 anonymous-proxy-ip-list-2024-05-08 anonymous-proxy-ip-list-2024-05-11 anonymous-proxy-ip-list-2024-05-26 ****** anonymous-proxy-ip-list-2023-07-03 anonymous-proxy-ip-list-2024-05-18 ****** anonymous-proxy-ip-list-2025-06-25