104.20.5.134 Threat Intelligence and Host Information

General

This page contains threat intelligence information for the IPv4 address 104.20.5.134 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Potentially Malicious Host 🟡 37/100

Host and Network Information

• Tags: acku new, amazon02, amazonaes, ascio, cdck, cloud, cloudflare, cloudflarenet, collection, com laude, crowdsourced, entity, facebook, fastly, first ioc, gandi sas, github, gmbh, google, iocs, javascript, level3, ltd dba, malware unread, namecheap, namecheap inc, namecheapnet, please, premium, registrarsafe, seen, service, share, spaceship, threat, tucows, updated

• JARM: 27d40d40d00040d1dc42d43d00041d6183ff1bfae51ebd88d70384363d525c

• View other sources: Spamhaus VirusTotal

• Country:
• Network:
• Noticed: 1 times
• Protocols Attacked: Anonymous Proxy
• Countries Attacked: Canada, United States of America
• Passive DNS Results: stage.creativecommons.org slack-signup.creativecommons.org pl.creativecommons.org oldsearch.creativecommons.org br.creativecommons.org donate.creativecommons.org support.creativecommons.org newsearch.creativecommons.org it.creativecommons.org ca.creativecommons.org mx-beta.creativecommons.org ccsearch.creativecommons.org e-donate.creativecommons.org code.creativecommons.org nl-beta.creativecommons.org mx.creativecommons.org nl.creativecommons.org ca-beta.creativecommons.org jp.creativecommons.org chapters.creativecommons.org za.creativecommons.org sv.creativecommons.org sotc.creativecommons.org ke-beta.creativecommons.org co.creativecommons.org au-beta.creativecommons.org legaldb.creativecommons.org i.creativecommons.org alsoanswer.com certificates.creativecommons.org certificate.creativecommons.org de.creativecommons.org mirrors.creativecommons.org network.creativecommons.org www.creativecommons.org wiki.creativecommons.org creativecommons.org www.zoro.de.cdn.cloudflare.net media-stage.zoro.de media-prod.zoro.de www.zoro.de media-stage.zoro.de.cdn.cloudflare.net mx.world www.givemegossip.com givemegossip.com

Malware Detected on Host

Count: 1 ac20993ad86e3262d8d0d41c05683798c0a41313efeee8587098e9b315523bdb

Open Ports Detected

2082 2083 2086 2087 443 80 8080 8443 8880

CVEs Detected

CVE-2019-12466 CVE-2019-12467 CVE-2019-12468 CVE-2019-12469 CVE-2019-12470 CVE-2019-12471 CVE-2019-12472 CVE-2019-12473 CVE-2019-12474 CVE-2019-16738 CVE-2019-19709 CVE-2020-10534 CVE-2020-10959 CVE-2020-10960 CVE-2020-15005 CVE-2020-25813 CVE-2020-25814 CVE-2020-25827 CVE-2020-25869 CVE-2020-26120 CVE-2020-26121 CVE-2020-27621 CVE-2020-27957 CVE-2020-29002 CVE-2020-29003 CVE-2020-29004 CVE-2020-29005 CVE-2020-35474 CVE-2020-35475 CVE-2020-35477 CVE-2020-35479 CVE-2020-35480 CVE-2020-35622 CVE-2020-35623 CVE-2020-35624 CVE-2020-35625 CVE-2020-35626 CVE-2021-30152 CVE-2021-30153 CVE-2021-30154 CVE-2021-30155 CVE-2021-30156 CVE-2021-30157 CVE-2021-30158 CVE-2021-30159 CVE-2021-31545 CVE-2021-31546 CVE-2021-31547 CVE-2021-31548 CVE-2021-31549 CVE-2021-31550 CVE-2021-31551 CVE-2021-31552 CVE-2021-31553 CVE-2021-31554 CVE-2021-31555 CVE-2021-31556 CVE-2021-35197 CVE-2021-36125 CVE-2021-36126 CVE-2021-36127 CVE-2021-36128 CVE-2021-36129 CVE-2021-36130 CVE-2021-36131 CVE-2021-36132 CVE-2021-41798 CVE-2021-41799 CVE-2021-41800 CVE-2021-41801 CVE-2021-42040 CVE-2021-42041 CVE-2021-42042 CVE-2021-42043 CVE-2021-42044 CVE-2021-42045 CVE-2021-42046 CVE-2021-42047 CVE-2021-42048 CVE-2021-42049 CVE-2021-44854 CVE-2021-44855 CVE-2021-44856 CVE-2021-44857 CVE-2021-44858 CVE-2021-45038 CVE-2021-45471 CVE-2021-45472 CVE-2021-45474 CVE-2021-46146 CVE-2021-46147 CVE-2021-46148 CVE-2021-46149 CVE-2021-46150 CVE-2022-28201 CVE-2022-28202 CVE-2022-28203 CVE-2022-28205 CVE-2022-28206 CVE-2022-28209 CVE-2022-28323 CVE-2022-29903 CVE-2022-29904 CVE-2022-29905 CVE-2022-29906 CVE-2022-29907 CVE-2022-34750 CVE-2022-34911 CVE-2022-34912 CVE-2022-39194 CVE-2022-41765 CVE-2022-41766 CVE-2022-41767 CVE-2022-47927 CVE-2023-22909 CVE-2023-22910 CVE-2023-22911 CVE-2023-22912 CVE-2023-22945 CVE-2023-29137 CVE-2023-29139 CVE-2023-29140 CVE-2023-29141 CVE-2023-36674 CVE-2023-36675 CVE-2023-37251 CVE-2023-37254 CVE-2023-37255 CVE-2023-37256 CVE-2023-37300 CVE-2023-37301 CVE-2023-37302 CVE-2023-37303 CVE-2023-37304 CVE-2023-37305 CVE-2023-45360 CVE-2023-45362 CVE-2023-45363 CVE-2023-45367 CVE-2023-45369 CVE-2023-45370 CVE-2023-45371 CVE-2023-45372 CVE-2023-45373 CVE-2023-45374 CVE-2023-51704 CVE-2024-23171 CVE-2024-23172 CVE-2024-23173 CVE-2024-23174 CVE-2024-23177 CVE-2024-23178 CVE-2024-23179 CVE-2024-34500 CVE-2024-40596 CVE-2024-40598 CVE-2024-40599 CVE-2024-40600 CVE-2024-40601 CVE-2024-40602 CVE-2024-40603 CVE-2024-40604 CVE-2024-40605

Map

Whois Information

• NetRange: 104.16.0.0 - 104.31.255.255
• CIDR: 104.16.0.0/12
• NetName: CLOUDFLARENET
• NetHandle: NET-104-16-0-0-1
• Parent: NET104 (NET-104-0-0-0-0)
• NetType: Direct Allocation
• OriginAS: AS13335
• Organization: Cloudflare, Inc. (CLOUD14)
• RegDate: 2014-03-28
• Updated: 2024-09-04
• Comment: All Cloudflare abuse reporting can be done via https://www.cloudflare.com/abuse
• Comment: Geofeed: https://api.cloudflare.com/local-ip-ranges.csv
• Ref: https://rdap.arin.net/registry/ip/104.16.0.0
• OrgName: Cloudflare, Inc.
• OrgId: CLOUD14
• Address: 101 Townsend Street
• City: San Francisco
• StateProv: CA
• PostalCode: 94107
• Country: US
• RegDate: 2010-07-09
• Updated: 2024-11-25
• Ref: https://rdap.arin.net/registry/entity/CLOUD14
• OrgRoutingHandle: CLOUD146-ARIN
• OrgRoutingName: Cloudflare-NOC
• OrgRoutingPhone: +1-650-319-8930
• OrgRoutingEmail: noc@cloudflare.com
• OrgRoutingRef: https://rdap.arin.net/registry/entity/CLOUD146-ARIN
• OrgTechHandle: ADMIN2521-ARIN
• OrgTechName: Admin
• OrgTechPhone: +1-650-319-8930
• OrgTechEmail: rir@cloudflare.com
• OrgTechRef: https://rdap.arin.net/registry/entity/ADMIN2521-ARIN
• OrgNOCHandle: CLOUD146-ARIN
• OrgNOCName: Cloudflare-NOC
• OrgNOCPhone: +1-650-319-8930
• OrgNOCEmail: noc@cloudflare.com
• OrgNOCRef: https://rdap.arin.net/registry/entity/CLOUD146-ARIN
• OrgAbuseHandle: ABUSE2916-ARIN
• OrgAbuseName: Abuse
• OrgAbusePhone: +1-650-319-8930
• OrgAbuseEmail: abuse@cloudflare.com
• OrgAbuseRef: https://rdap.arin.net/registry/entity/ABUSE2916-ARIN
• RTechHandle: ADMIN2521-ARIN
• RTechName: Admin
• RTechPhone: +1-650-319-8930
• RTechEmail: rir@cloudflare.com
• RTechRef: https://rdap.arin.net/registry/entity/ADMIN2521-ARIN
• RNOCHandle: NOC11962-ARIN
• RNOCName: NOC
• RNOCPhone: +1-650-319-8930
• RNOCEmail: noc@cloudflare.com
• RNOCRef: https://rdap.arin.net/registry/entity/NOC11962-ARIN
• RAbuseHandle: ABUSE2916-ARIN
• RAbuseName: Abuse
• RAbusePhone: +1-650-319-8930
• RAbuseEmail: abuse@cloudflare.com
• RAbuseRef: https://rdap.arin.net/registry/entity/ABUSE2916-ARIN

Links to attack logs

anonymous-proxy-ip-list-2025-06-21