104.17.49.74 Threat Intelligence and Host Information

General

This page contains threat intelligence information for the IPv4 address 104.17.49.74 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Possibly Malicious Host 🟢 10/100

Host and Network Information

• JARM: 27d40d40d00040d00042d43d00041df04c41293ba84f6efe3a613b22f983e6

• View other sources: Spamhaus VirusTotal

• Country:
• Network:
• Noticed: 1 times
• Protocols Attacked: Anonymous Proxy
• Passive DNS Results: server1.dev3.cm.global.kimberly-clark.com server1.tccwest.dev3.cm.global.kimberly-clark.com tcceast.dev1.cm.global.kimberly-clark.com tccwest.dev3.cm.global.kimberly-clark.com server2.tccwest.dev2.cm.global.kimberly-clark.com server1.tcceast.dev3.cm.global.kimberly-clark.com dev1.cm.global.kimberly-clark.com tccwest.dev1.cm.global.kimberly-clark.com dev4.cm.global.kimberly-clark.com server1.tcceast.dev1.cm.global.kimberly-clark.com tccwest.dev2.cm.global.kimberly-clark.com server2.tccwest.dev3.cm.global.kimberly-clark.com server2.tcceast.dev4.cm.global.kimberly-clark.com server1.tccwest.dev1.cm.global.kimberly-clark.com tcceast.dev4.cm.global.kimberly-clark.com tcceast.dev3.cm.global.kimberly-clark.com server2.tcceast.dev1.cm.global.kimberly-clark.com server1.tccwest.dev2.cm.global.kimberly-clark.com server1.dev4.cm.global.kimberly-clark.com server2.dev2.cm.global.kimberly-clark.com server1.tcceast.dev2.cm.global.kimberly-clark.com server1.tcceast.dev4.cm.global.kimberly-clark.com server2.tcceast.dev2.cm.global.kimberly-clark.com server1.dev1.cm.global.kimberly-clark.com server2.tccwest.dev1.cm.global.kimberly-clark.com server2.dev3.cm.global.kimberly-clark.com debug2.nordvpn.com cm.nordvpn.com turbocache.nordvpn.com links1.nordvpn.com ref.nordvpn.com ssr.nordvpn.com debug.nordvpn.com c.nordvpn.com bugs-notify.nordvpn.com downloads.nordvpn.com checkout.nordvpn.com account.nordvpn.com www.nordvpn.com join.nordvpn.com offers.nordvpn.com ucp.nordvpn.com nordvpn.com links.nordvpn.com prevention.nordvpn.com repo.nordvpn.com free.nordvpn.com api.nordvpn.com support.nordvpn.com visit.nordvpn.com

Malware Detected on Host

Count: 19 84bfef73115781f43502a553c59a13d109d543b555d3d9cfaab3cfbe06b08b4a 1f4cdc171e960eb1f71ad41e38d40a782451c4239e43d82ebfb28840a9abfde7 2b3121f75f64fbdb2450d8639ceff85688cce36bdcfb85090760f84100c0f689 56efa77a288226e97c9acb8f6c5a04f56cc5e63db280a14dce35eea1e8e36bdb 57d3e9eb8014d8e98b233ea9d57561d5fc16613ff7da27ec9da82558a753aff6 b990c5c34e592554625f2243aaaa15de18455ca0e54a83ed20282710b7399aa1 41f8d000827bf275656edc0d50fd02d3d8a0ba12d45944303d90f5eb17e0ed8e 46dffd481bebc696b794c97fc40b60561d5a11659c10512bb63e11a5e517e4b9 0f0e48f08b56cf506988255c7bfc9e861b7bdde78f7896fafbc83e77a5fe1017 041fe48889e59d05c4c83a4f47ef275ff90cb435fdc710061eeeff7d5d0d2552

Open Ports Detected

2052 2053 2082 2083 2086 2087 2096 443 80 8080 8880

Map

Whois Information

• NetRange: 104.16.0.0 - 104.31.255.255
• CIDR: 104.16.0.0/12
• NetName: CLOUDFLARENET
• NetHandle: NET-104-16-0-0-1
• Parent: NET104 (NET-104-0-0-0-0)
• NetType: Direct Allocation
• OriginAS: AS13335
• Organization: Cloudflare, Inc. (CLOUD14)
• RegDate: 2014-03-28
• Updated: 2024-09-04
• Comment: All Cloudflare abuse reporting can be done via https://www.cloudflare.com/abuse
• Comment: Geofeed: https://api.cloudflare.com/local-ip-ranges.csv
• Ref: https://rdap.arin.net/registry/ip/104.16.0.0
• OrgName: Cloudflare, Inc.
• OrgId: CLOUD14
• Address: 101 Townsend Street
• City: San Francisco
• StateProv: CA
• PostalCode: 94107
• Country: US
• RegDate: 2010-07-09
• Updated: 2024-11-25
• Ref: https://rdap.arin.net/registry/entity/CLOUD14
• OrgTechHandle: ADMIN2521-ARIN
• OrgTechName: Admin
• OrgTechPhone: +1-650-319-8930
• OrgTechEmail: rir@cloudflare.com
• OrgTechRef: https://rdap.arin.net/registry/entity/ADMIN2521-ARIN
• OrgRoutingHandle: CLOUD146-ARIN
• OrgRoutingName: Cloudflare-NOC
• OrgRoutingPhone: +1-650-319-8930
• OrgRoutingEmail: noc@cloudflare.com
• OrgRoutingRef: https://rdap.arin.net/registry/entity/CLOUD146-ARIN
• OrgNOCHandle: CLOUD146-ARIN
• OrgNOCName: Cloudflare-NOC
• OrgNOCPhone: +1-650-319-8930
• OrgNOCEmail: noc@cloudflare.com
• OrgNOCRef: https://rdap.arin.net/registry/entity/CLOUD146-ARIN
• OrgAbuseHandle: ABUSE2916-ARIN
• OrgAbuseName: Abuse
• OrgAbusePhone: +1-650-319-8930
• OrgAbuseEmail: abuse@cloudflare.com
• OrgAbuseRef: https://rdap.arin.net/registry/entity/ABUSE2916-ARIN
• RNOCHandle: NOC11962-ARIN
• RNOCName: NOC
• RNOCPhone: +1-650-319-8930
• RNOCEmail: noc@cloudflare.com
• RNOCRef: https://rdap.arin.net/registry/entity/NOC11962-ARIN
• RAbuseHandle: ABUSE2916-ARIN
• RAbuseName: Abuse
• RAbusePhone: +1-650-319-8930
• RAbuseEmail: abuse@cloudflare.com
• RAbuseRef: https://rdap.arin.net/registry/entity/ABUSE2916-ARIN
• RTechHandle: ADMIN2521-ARIN
• RTechName: Admin
• RTechPhone: +1-650-319-8930
• RTechEmail: rir@cloudflare.com
• RTechRef: https://rdap.arin.net/registry/entity/ADMIN2521-ARIN

Links to attack logs

anonymous-proxy-ip-list-2025-06-23 anonymous-proxy-ip-list-2025-06-22