104.20.198.102 Threat Intelligence and Host Information

Share on:
Jun 24, 2023 ipinfopage

General

This page contains threat intelligence information for the IPv4 address 104.20.198.102 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Possibly Malicious Host 🟢 10/100

Host and Network Information

  • View other sources: Spamhaus VirusTotal

  • Country:
  • Network: AS13335 cloudflare
  • Noticed: 1 times
  • Protcols Attacked: Anonymous Proxy
  • Passive DNS Results: work.amazon-aps.fountain.com amazon-aps.fountain.com app.amazon-aps.fountain.com chartmuseum-eu-central-1.fountain.com chartmuseum-ap-south-1.fountain.com kubeapps-ap-south-1.fountain.com chartmuseum-ap-south1.fountain.com pdf-filler.fountain.com performance-01.fountain.com internal.fountain.com braze.fountain.com api.fountain.com callbacks.fountain.com www.onboardiq.com deployments.fountain.com airflow-etl-flower.fountain.com dropship.fountain.com onboardiq.com app.performance-01.fountain.com work.performance-01.fountain.com qa-automation-01.fountain.com pgbouncer.qa-regression-01.fountain.com api.pentest-01.fountain.com pentest-01.fountain.com callbacks.pentest-01.fountain.com work.fountain-pentest.fountain.com sourcery.fountain-pentest.fountain.com app.amazon-eu.fountain.com amazon-eu.fountain.com www.fountain.com work.fountain-qa-01.fountain.com sourcery.fountain-qa-01.fountain.com pdf-filler.fountain-qa-01.fountain.com work-fountain-qa-01.fountain.com callbacks.qa-regression-01.fountain.com api.qa-regression-01.fountain.com app.qa-regression-01.fountain.com qa-regression-01.fountain.com amazon-us.fountain.com fountain.com app-test.fountain.com doc-signer-test.fountain.com pdf-filler-test.fountain.com ultipro-test.fountain.com braze-test.fountain.com app.amazon-us.fountain.com sourcery-fountain-qa-01.fountain.com sourcery-test.fountain.com work-test.fountain.com try.fountain.com app.fountain.com work.fountain.com lorgnette.fountain.com enterprise.fountain.com sourcery.fountain.com www.thyssenkrupp-mss.com.cdn.cloudflare.net

Open Ports Detected

2082 2086 2087 443 8443

Map

Whois Information

  • NetRange: 104.16.0.0 - 104.31.255.255
  • CIDR: 104.16.0.0/12
  • NetName: CLOUDFLARENET
  • NetHandle: NET-104-16-0-0-1
  • Parent: NET104 (NET-104-0-0-0-0)
  • NetType: Direct Allocation
  • OriginAS: AS13335
  • Organization: Cloudflare, Inc. (CLOUD14)
  • RegDate: 2014-03-28
  • Updated: 2021-05-26
  • Comment: All Cloudflare abuse reporting can be done via https://www.cloudflare.com/abuse
  • Ref: https://rdap.arin.net/registry/ip/104.16.0.0
  • OrgName: Cloudflare, Inc.
  • OrgId: CLOUD14
  • Address: 101 Townsend Street
  • City: San Francisco
  • StateProv: CA
  • PostalCode: 94107
  • Country: US
  • RegDate: 2010-07-09
  • Updated: 2021-07-01
  • Ref: https://rdap.arin.net/registry/entity/CLOUD14
  • OrgNOCHandle: CLOUD146-ARIN
  • OrgNOCName: Cloudflare-NOC
  • OrgNOCPhone: +1-650-319-8930
  • OrgNOCEmail: [email protected]
  • OrgNOCRef: https://rdap.arin.net/registry/entity/CLOUD146-ARIN
  • OrgAbuseHandle: ABUSE2916-ARIN
  • OrgAbuseName: Abuse
  • OrgAbusePhone: +1-650-319-8930
  • OrgAbuseEmail: [email protected]
  • OrgAbuseRef: https://rdap.arin.net/registry/entity/ABUSE2916-ARIN
  • OrgRoutingHandle: CLOUD146-ARIN
  • OrgRoutingName: Cloudflare-NOC
  • OrgRoutingPhone: +1-650-319-8930
  • OrgRoutingEmail: [email protected]
  • OrgRoutingRef: https://rdap.arin.net/registry/entity/CLOUD146-ARIN
  • OrgTechHandle: ADMIN2521-ARIN
  • OrgTechName: Admin
  • OrgTechPhone: +1-650-319-8930
  • OrgTechEmail: [email protected]
  • OrgTechRef: https://rdap.arin.net/registry/entity/ADMIN2521-ARIN
  • RNOCHandle: NOC11962-ARIN
  • RNOCName: NOC
  • RNOCPhone: +1-650-319-8930
  • RNOCEmail: [email protected]
  • RNOCRef: https://rdap.arin.net/registry/entity/NOC11962-ARIN
  • RTechHandle: ADMIN2521-ARIN
  • RTechName: Admin
  • RTechPhone: +1-650-319-8930
  • RTechEmail: [email protected]
  • RTechRef: https://rdap.arin.net/registry/entity/ADMIN2521-ARIN
  • RAbuseHandle: ABUSE2916-ARIN
  • RAbuseName: Abuse
  • RAbusePhone: +1-650-319-8930
  • RAbuseEmail: [email protected]
  • RAbuseRef: https://rdap.arin.net/registry/entity/ABUSE2916-ARIN

Links to attack logs

anonymous-proxy-ip-list-2023-06-22