104.16.204.191 Threat Intelligence and Host Information

General

This page contains threat intelligence information for the IPv4 address 104.16.204.191 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Possibly Malicious Host 🟢 10/100

Host and Network Information

• JARM: 27d40d40d00040d1dc42d43d000000301f8393fc168a361ae6c6de664c938c

• View other sources: Spamhaus VirusTotal

• Country:
• Network:
• Noticed: 1 times
• Protocols Attacked: Anonymous Proxy
• Passive DNS Results: webvpn.utc.com www.ccs.utc.com dev.ehsdesk.utc.com utas-etqstg-az.utc.com f-ess.utc.com f-utcess2.utc.com f-ess-staging2.utc.com caseportal.pw.utc.com activesync.pwfnremail.utc.com drmsubtierreg-s.utc.com utas.ehsdesk.utc.com pw.ehsdesk.utc.com drmsubtierreg.utc.com corp.ehsdesk.utc.com f-utcess.utc.com stage-mrf.utc.com www.supplierdiversity.utc.com www.investors.utc.com supplierdiversity.utc.com caseportal-uat.pw.utc.com stage-supplierscorecard.utc.com drmidmanage-staging.utc.com www.pw.utc.com ers.utc.com ersdev.utc.com owa.utc.com outlookaw.utc.com updates.utc.com mrf.utc.com status.utc.com drmidmanage.utc.com mattermost.utc.com fhk.utc.com supplierscorecard.utc.com openapi-myhome.utc.com api-myhome.utc.com customers-qa-hs.utas.utc.com digital.utc.com utap.utc.com pw.utc.com hubapi-myhome.utc.com tech.utc.com www.utrc.utc.com www.careers.utc.com utc.com www2.utc.com cdn.utc.com stg.utc.com investors.utc.com 2015ar.utc.com ccs.utc.com 2013ar.utc.com www.utc.com 2014ar.utc.com certified.ccs.utc.com edialog.confidential.utc.com 2011ar.utc.com www.cn.utc.com preview.utc.com careers.utc.com

Malware Detected on Host

Count: 14 4f53c9a5fde660082a0ef81e2cc34a1ed4c11905d8af53e4f3e9831c96896e5d 5495e6cabe51244f0a29df6c4164f8d81a61c1a4b8ffabb9ccc2a4b5d850b3bc f1485e51dcbdd459c379f6ef0dba0f09a34c50f6603149f1517662a7b935552d 61039cb26f689d74d1aa527f388325ea56586ab30154820521485d2fd2186664 1b6042d3bc489b42c3676a2bd4762a0f2aba6f224693c6c4a1c6611b25454095 4fede637e2a1826cea3a542144cf5024888cac26209de8aa699146061156d269 5c86efa7fdf2090e558fe9968056856c91629d20e4d1724fb2acfa56e59ffb03 6d6918aa518fe0f084568b46535df7291333fe392ac976cb0bc6bc6ed6bf428f 3a2c9eab020c3eb656da99b6af337348b9e7d3a23459c6bf8b434b244d7c4756 661ecccd0a7248eb16242ffafd608662a0201ddaa5e28182665a6b5692e85184

Open Ports Detected

2082 2083 2086 2087 2095 443 80 8080 8443 8880

Map

Whois Information

• NetRange: 104.16.0.0 - 104.31.255.255
• CIDR: 104.16.0.0/12
• NetName: CLOUDFLARENET
• NetHandle: NET-104-16-0-0-1
• Parent: NET104 (NET-104-0-0-0-0)
• NetType: Direct Allocation
• OriginAS: AS13335
• Organization: Cloudflare, Inc. (CLOUD14)
• RegDate: 2014-03-28
• Updated: 2024-09-04
• Comment: All Cloudflare abuse reporting can be done via https://www.cloudflare.com/abuse
• Comment: Geofeed: https://api.cloudflare.com/local-ip-ranges.csv
• Ref: https://rdap.arin.net/registry/ip/104.16.0.0
• OrgName: Cloudflare, Inc.
• OrgId: CLOUD14
• Address: 101 Townsend Street
• City: San Francisco
• StateProv: CA
• PostalCode: 94107
• Country: US
• RegDate: 2010-07-09
• Updated: 2024-11-25
• Ref: https://rdap.arin.net/registry/entity/CLOUD14
• OrgRoutingHandle: CLOUD146-ARIN
• OrgRoutingName: Cloudflare-NOC
• OrgRoutingPhone: +1-650-319-8930
• OrgRoutingEmail: noc@cloudflare.com
• OrgRoutingRef: https://rdap.arin.net/registry/entity/CLOUD146-ARIN
• OrgTechHandle: ADMIN2521-ARIN
• OrgTechName: Admin
• OrgTechPhone: +1-650-319-8930
• OrgTechEmail: rir@cloudflare.com
• OrgTechRef: https://rdap.arin.net/registry/entity/ADMIN2521-ARIN
• OrgNOCHandle: CLOUD146-ARIN
• OrgNOCName: Cloudflare-NOC
• OrgNOCPhone: +1-650-319-8930
• OrgNOCEmail: noc@cloudflare.com
• OrgNOCRef: https://rdap.arin.net/registry/entity/CLOUD146-ARIN
• OrgAbuseHandle: ABUSE2916-ARIN
• OrgAbuseName: Abuse
• OrgAbusePhone: +1-650-319-8930
• OrgAbuseEmail: abuse@cloudflare.com
• OrgAbuseRef: https://rdap.arin.net/registry/entity/ABUSE2916-ARIN
• RTechHandle: ADMIN2521-ARIN
• RTechName: Admin
• RTechPhone: +1-650-319-8930
• RTechEmail: rir@cloudflare.com
• RTechRef: https://rdap.arin.net/registry/entity/ADMIN2521-ARIN
• RNOCHandle: NOC11962-ARIN
• RNOCName: NOC
• RNOCPhone: +1-650-319-8930
• RNOCEmail: noc@cloudflare.com
• RNOCRef: https://rdap.arin.net/registry/entity/NOC11962-ARIN
• RAbuseHandle: ABUSE2916-ARIN
• RAbuseName: Abuse
• RAbusePhone: +1-650-319-8930
• RAbuseEmail: abuse@cloudflare.com
• RAbuseRef: https://rdap.arin.net/registry/entity/ABUSE2916-ARIN

Links to attack logs

anonymous-proxy-ip-list-2025-06-23 anonymous-proxy-ip-list-2025-06-22