104.16.201.191 Threat Intelligence and Host Information

General

This page contains threat intelligence information for the IPv4 address 104.16.201.191 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Possibly Malicious Host 🟢 10/100

Host and Network Information

• JARM: 27d40d40d00040d1dc42d43d00041d6183ff1bfae51ebd88d70384363d525c

• View other sources: Spamhaus VirusTotal

• Country:
• Network:
• Noticed: 1 times
• Protocols Attacked: Anonymous Proxy
• Passive DNS Results: webvpn.utc.com www.ccs.utc.com dev.ehsdesk.utc.com utas-etqstg-az.utc.com f-ess.utc.com f-utcess2.utc.com f-ess-staging2.utc.com caseportal.pw.utc.com activesync.pwfnremail.utc.com drmsubtierreg-s.utc.com utas.ehsdesk.utc.com pw.ehsdesk.utc.com drmsubtierreg.utc.com corp.ehsdesk.utc.com f-utcess.utc.com stage-mrf.utc.com www.supplierdiversity.utc.com www.investors.utc.com supplierdiversity.utc.com caseportal-uat.pw.utc.com stage-supplierscorecard.utc.com drmidmanage-staging.utc.com www.pw.utc.com ers.utc.com ersdev.utc.com outlookaw.utc.com updates.utc.com mrf.utc.com status.utc.com www2.utc.com drmidmanage.utc.com mattermost.utc.com fhk.utc.com supplierscorecard.utc.com openapi-myhome.utc.com api-myhome.utc.com customers-qa-hs.utas.utc.com digital.utc.com utap.utc.com utc.com pw.utc.com hubapi-myhome.utc.com tech.utc.com edialog.confidential.utc.com cdn.utc.com ccs.utc.com owa.utc.com 2013ar.utc.com certified.ccs.utc.com www.utrc.utc.com 2015ar.utc.com 2014ar.utc.com investors.utc.com stg.utc.com certified.km.ccs.utc.com 2011ar.utc.com www.cn.utc.com vip-xnwp524c-525c.utc.com careers.utc.com preview.utc.com www.utc.com www.careers.utc.com

Malware Detected on Host

Count: 12 6ed31cd2fd81b986c925d6dc9d7aa264e1bf7beecd2265d65fcf2f08da5e6a78 99fe956223ddb9a10583abde07109e60f4ee58cbcd7aaa56e6c53a1cf0fec695 c9579a2207056aad6e53a029f1fb9edc23be11f5d83bfe88b48dcb432f7cf41d e5a3a45fd1163470ffc5581c4b7e0bf303dc9d0037799f5620088c8b5b11403e 4de30f1d0e4e9579c7937506273d915e33473b11163b6a0c1826a5a8a97a6cf1 bf4b3bafa766e1acaa110aca1701339c81b8affe3c9b249c515df4ce1a292e0e de9c0c0e79ef3832c232320aa71eeb14edd05fdfc7323b7ed986173c7dd29d7a 0057ce66d5d579b77b7419bc75324d78a369509fb1f2ec98a20f366b21912bce 7ac15ded31aaaa84f7979508cb9941017f816f004edde8f4523ff87070f671cd b8733d2f4143cf097255f9e054e28065d1fa4a3d255c5c04b34622f135efe521

Open Ports Detected

2082 2083 2086 2087 2096 443 80 8080 8443 8880

Map

Whois Information

• NetRange: 104.16.0.0 - 104.31.255.255
• CIDR: 104.16.0.0/12
• NetName: CLOUDFLARENET
• NetHandle: NET-104-16-0-0-1
• Parent: NET104 (NET-104-0-0-0-0)
• NetType: Direct Allocation
• OriginAS: AS13335
• Organization: Cloudflare, Inc. (CLOUD14)
• RegDate: 2014-03-28
• Updated: 2024-09-04
• Comment: All Cloudflare abuse reporting can be done via https://www.cloudflare.com/abuse
• Comment: Geofeed: https://api.cloudflare.com/local-ip-ranges.csv
• Ref: https://rdap.arin.net/registry/ip/104.16.0.0
• OrgName: Cloudflare, Inc.
• OrgId: CLOUD14
• Address: 101 Townsend Street
• City: San Francisco
• StateProv: CA
• PostalCode: 94107
• Country: US
• RegDate: 2010-07-09
• Updated: 2024-11-25
• Ref: https://rdap.arin.net/registry/entity/CLOUD14
• OrgTechHandle: ADMIN2521-ARIN
• OrgTechName: Admin
• OrgTechPhone: +1-650-319-8930
• OrgTechEmail: rir@cloudflare.com
• OrgTechRef: https://rdap.arin.net/registry/entity/ADMIN2521-ARIN
• OrgRoutingHandle: CLOUD146-ARIN
• OrgRoutingName: Cloudflare-NOC
• OrgRoutingPhone: +1-650-319-8930
• OrgRoutingEmail: noc@cloudflare.com
• OrgRoutingRef: https://rdap.arin.net/registry/entity/CLOUD146-ARIN
• OrgNOCHandle: CLOUD146-ARIN
• OrgNOCName: Cloudflare-NOC
• OrgNOCPhone: +1-650-319-8930
• OrgNOCEmail: noc@cloudflare.com
• OrgNOCRef: https://rdap.arin.net/registry/entity/CLOUD146-ARIN
• OrgAbuseHandle: ABUSE2916-ARIN
• OrgAbuseName: Abuse
• OrgAbusePhone: +1-650-319-8930
• OrgAbuseEmail: abuse@cloudflare.com
• OrgAbuseRef: https://rdap.arin.net/registry/entity/ABUSE2916-ARIN
• RNOCHandle: NOC11962-ARIN
• RNOCName: NOC
• RNOCPhone: +1-650-319-8930
• RNOCEmail: noc@cloudflare.com
• RNOCRef: https://rdap.arin.net/registry/entity/NOC11962-ARIN
• RAbuseHandle: ABUSE2916-ARIN
• RAbuseName: Abuse
• RAbusePhone: +1-650-319-8930
• RAbuseEmail: abuse@cloudflare.com
• RAbuseRef: https://rdap.arin.net/registry/entity/ABUSE2916-ARIN
• RTechHandle: ADMIN2521-ARIN
• RTechName: Admin
• RTechPhone: +1-650-319-8930
• RTechEmail: rir@cloudflare.com
• RTechRef: https://rdap.arin.net/registry/entity/ADMIN2521-ARIN

Links to attack logs

anonymous-proxy-ip-list-2025-06-23 anonymous-proxy-ip-list-2025-06-22