66.235.200.112

United States

0

Resolved hostnames

2

Contacting malwares

0

Online malicious URLs allocated

0

Offline malicious URLs allocated

Current activity of this IP:


Hosting

This IP is considered to be hosting, as 2151 hostnames are pointing here. 2140 whitelisted hostnames are pointing here.


Blacklist timeline


First seen: Sun Jul 02 2023 19:49:54 GMT+0000
Last seen: Fri May 31 2024 20:35:53 GMT+0000
Period: a year

Whois information


Autonomous System
AS Name:
AS13335 Cloudflare, Inc.

Registrant information
Postal Code:
32202
Country Code:
US (United States)
City:
Jacksonville

Dates
Indexed:
Wed Jan 13 2021 13:15:50 GMT+0000
Last modified:
Fri May 31 2024 20:35:53 GMT+0000

Location - Jacksonville - United States


Developers can check API Specification here:


Request:

          
curl -H "Authorization: Bearer <API_KEY>" https://api.maltiverse.com/ip/66.235.200.112
        

Request:

Alternatively you can use Maltiverse Python3 Library:
          
import requests
import json

url = 'https://api.maltiverse.com/ip/66.235.200.112'
response = requests.get(url)
print(json.dumps(response.json(), indent=4, sort_keys=True))
        

Request:

          
$url = 'https://api.maltiverse.com/ip/66.235.200.112'
$headers =  @{Authorization=("Bearer {0}" -f "<API_KEY>")}
$response = Invoke-RestMethod $url -Headers $headers
Write-Output $response
        

Response:

      
{
    "as_name": "AS13335 Cloudflare, Inc.",
    "as_number": "13335",
    "blacklist": [
        {
            "count": 22,
            "description": "Proxy",
            "first_seen": "2023-07-02 19:49:54",
            "labels": [
                "anonymization"
            ],
            "last_seen": "2024-05-31 20:35:53",
            "ref": [
                1
            ],
            "source": "FireHOL"
        },
        {
            "count": 1,
            "description": "Malware",
            "first_seen": "2021-08-17 09:01:50",
            "last_seen": "2021-08-18 09:01:07",
            "source": "Hybrid-Analysis"
        },
        {
            "count": 1,
            "description": "Social Engineering",
            "first_seen": "2021-04-24 01:43:20",
            "labels": [
                "malicious-activity"
            ],
            "last_seen": "2021-04-24 01:43:20",
            "source": "Maltiverse"
        },
        {
            "count": 1,
            "description": "Phishing",
            "first_seen": "2021-04-24 01:43:20",
            "labels": [
                "compromised"
            ],
            "last_seen": "2021-04-24 01:43:20",
            "source": "Maltiverse"
        },
        {
            "count": 1,
            "description": "virut",
            "first_seen": "2021-04-18 00:52:41",
            "labels": [
                "malicious-activity"
            ],
            "last_seen": "2021-04-18 00:52:41",
            "source": "Maltiverse Research Team"
        },
        {
            "count": 1,
            "description": "Phishing Other",
            "first_seen": "2021-02-11 06:20:16",
            "labels": [
                "compromised",
                "malicious-activity"
            ],
            "last_seen": "2021-02-27 02:38:29",
            "source": "Phishtank"
        },
        {
            "count": 1,
            "description": "Social Engineering",
            "first_seen": "2021-02-11 06:20:16",
            "labels": [
                "malicious-activity"
            ],
            "last_seen": "2021-02-22 04:36:44",
            "source": "Phishtank"
        },
        {
            "count": 1,
            "description": "Emotet",
            "first_seen": "2021-01-13 13:15:50",
            "labels": [
                "malicious-activity"
            ],
            "last_seen": "2021-01-13 13:15:50",
            "source": "Abuse.ch"
        },
        {
            "count": 1,
            "description": "Phishing",
            "first_seen": "2022-06-04 12:40:29",
            "labels": [
                "compromised"
            ],
            "last_seen": "2022-06-04 12:40:29",
            "source": "OpenPhish"
        }
    ],
    "city": "Jacksonville",
    "classification": "whitelist",
    "country_code": "US",
    "creation_time": "2021-01-13 13:15:50",
    "ip_addr": "66.235.200.112",
    "ip_version": 4,
    "is_cdn": false,
    "is_cnc": false,
    "is_distributing_malware": false,
    "is_hosting": true,
    "is_iot_threat": false,
    "is_known_attacker": false,
    "is_known_scanner": false,
    "is_mining_pool": false,
    "is_open_proxy": false,
    "is_sinkhole": false,
    "is_tor_node": false,
    "is_vpn_node": false,
    "location": {
        "lat": 30.2711816,
        "lon": -81.5788361
    },
    "modification_time": "2024-05-31 20:35:53",
    "number_of_blacklisted_domains_resolving": 1,
    "number_of_domains_resolving": 2151,
    "number_of_offline_malicious_urls_allocated": 0,
    "number_of_online_malicious_urls_allocated": 0,
    "number_of_whitelisted_domains_resolving": 2140,
    "postal_code": "32202",
    "tag": [
        "anonymization",
        "phishing",
        "emotet",
        "c&c",
        "c2",
        "dga"
    ],
    "type": "ip"
}
    

Malware that contacts this IP

Date Filename Blacklist
Wed Aug 18 2021 08:29:51 GMT+0000 VTDLa0d931191be2d4b3311c746d9e8753541cf7e0a7db3eab7d7171d76ec5ee2.exe
  • Generic Malware (Hybrid-Analysis)
  • Tue Aug 17 2021 08:28:41 GMT+0000 VTDLa0d931191be2d4b3311c746d9e8753541cf7e0a7db3eab7d7171d76ec5ee2.exe