104.16.184.241 Threat Intelligence and Host Information

General

This page contains threat intelligence information for the IPv4 address 104.16.184.241 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Potentially Malicious Host 🟡 34/100

Host and Network Information

• Tags: 1996, af81 http, mm28, mnsnj5o7dn7e, msnvh, mt1627120573, mvi4, shardbypassyes, VBS

• JARM: 27d40d40d00040d1dc42d43d00041d6183ff1bfae51ebd88d70384363d525c

• View other sources: Spamhaus VirusTotal

• Country:
• Network:
• Noticed: 2 times
• Protocols Attacked: Anonymous Proxy
• Countries Attacked: Canada, United States of America
• Passive DNS Results: www.icanhazip.com ipv4.icanhazip.com icanhazip.com

Malware Detected on Host

Count: 5542 b60bce55863c4d3181c79aa5471dc021132539ee2621afb4b42df2d61523564e ebf00b015e129f3b182733ff848e0d329837e05e559cd2ac1e4bb1f67e13debd 3d7955d958c4fb4b1487481bf8a43c6272a2d15f0ae8ed636c1104f827fcf47b 8204d69aa7c83da8aee9e9762f5f3e4ce13bf1f79f50aa0800aaef1f22733d3f 21626c07c3d3176a7ae8ba16a20ae56c04b27836328385bdb2e21fcfc0db080f 40156cb1340775803eef80fbfdb77e8155420573b8fb5d9f8aa1762892c6a886 e6247182ed8b842745dba3ebebff8841568c9129c75ec06d4b4ca7e105b38e5c e97a34d214c00d0a9fb7d648a8f44f01d55c2316053c19e56ed283a2f45d723f 53cbe8edbc5c28eb7dad04ee14dbc1b07109c8415d119a2040f61a7189b07898 22092cdf7c38bd9df1884af44ff4e110c41d6ef0ddd576ab457fe337a40a1e3e

Open Ports Detected

2053 2082 2083 2086 2087 443 80 8080 8443 8880

Map

Whois Information

• NetRange: 104.16.0.0 - 104.31.255.255
• CIDR: 104.16.0.0/12
• NetName: CLOUDFLARENET
• NetHandle: NET-104-16-0-0-1
• Parent: NET104 (NET-104-0-0-0-0)
• NetType: Direct Allocation
• OriginAS: AS13335
• Organization: Cloudflare, Inc. (CLOUD14)
• RegDate: 2014-03-28
• Updated: 2024-09-04
• Comment: All Cloudflare abuse reporting can be done via https://www.cloudflare.com/abuse
• Comment: Geofeed: https://api.cloudflare.com/local-ip-ranges.csv
• Ref: https://rdap.arin.net/registry/ip/104.16.0.0
• OrgName: Cloudflare, Inc.
• OrgId: CLOUD14
• Address: 101 Townsend Street
• City: San Francisco
• StateProv: CA
• PostalCode: 94107
• Country: US
• RegDate: 2010-07-09
• Updated: 2024-11-25
• Ref: https://rdap.arin.net/registry/entity/CLOUD14
• OrgAbuseHandle: ABUSE2916-ARIN
• OrgAbuseName: Abuse
• OrgAbusePhone: +1-650-319-8930
• OrgAbuseEmail: abuse@cloudflare.com
• OrgAbuseRef: https://rdap.arin.net/registry/entity/ABUSE2916-ARIN
• OrgNOCHandle: CLOUD146-ARIN
• OrgNOCName: Cloudflare-NOC
• OrgNOCPhone: +1-650-319-8930
• OrgNOCEmail: noc@cloudflare.com
• OrgNOCRef: https://rdap.arin.net/registry/entity/CLOUD146-ARIN
• OrgRoutingHandle: CLOUD146-ARIN
• OrgRoutingName: Cloudflare-NOC
• OrgRoutingPhone: +1-650-319-8930
• OrgRoutingEmail: noc@cloudflare.com
• OrgRoutingRef: https://rdap.arin.net/registry/entity/CLOUD146-ARIN
• OrgTechHandle: ADMIN2521-ARIN
• OrgTechName: Admin
• OrgTechPhone: +1-650-319-8930
• OrgTechEmail: rir@cloudflare.com
• OrgTechRef: https://rdap.arin.net/registry/entity/ADMIN2521-ARIN
• RAbuseHandle: ABUSE2916-ARIN
• RAbuseName: Abuse
• RAbusePhone: +1-650-319-8930
• RAbuseEmail: abuse@cloudflare.com
• RAbuseRef: https://rdap.arin.net/registry/entity/ABUSE2916-ARIN
• RNOCHandle: NOC11962-ARIN
• RNOCName: NOC
• RNOCPhone: +1-650-319-8930
• RNOCEmail: noc@cloudflare.com
• RNOCRef: https://rdap.arin.net/registry/entity/NOC11962-ARIN
• RTechHandle: ADMIN2521-ARIN
• RTechName: Admin
• RTechPhone: +1-650-319-8930
• RTechEmail: rir@cloudflare.com
• RTechRef: https://rdap.arin.net/registry/entity/ADMIN2521-ARIN

Links to attack logs

anonymous-proxy-ip-list-2025-06-22