198.41.209.142 Threat Intelligence and Host Information

General

This page contains threat intelligence information for the IPv4 address 198.41.209.142 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Possibly Malicious Host 🟢 5/100

Host and Network Information

• View other sources: Spamhaus VirusTotal

• Country:
• Network:
• Noticed: 1 times
• Protocols Attacked: Anonymous Proxy
• Passive DNS Results: mzhfz.com www.mzhfz.com gsqyh.com www.gsqyh.com gsqgf.com www.gsqgf.com gskyq.com www.gskyq.com cn3-img-cdn.119119.top cn2-txt-cdn.119119.top cn3-txt-cdn.119119.top hk-cn2.119119.top xin-us-cn3.119119.top cn3-txt.119119.top xin-us-cn2.119119.top cn3-img.119119.top xin-hk-cn3.119119.top cn3-txt-img.119119.top xin-hk-cn2.119119.top cn2-txt-img.119119.top www.355723.com www.289113.com www.263218.com www.263128.com www.259218.com www.216528.com sports.gamebookers.com livebetting.gamebookers.com www.reddit.com.cdn.cloudflare.net ec.reddit.com nd.reddit.com teamsolomid.reddit.com dc.reddit.com pizza.reddit.com m.reddit.com personalfinance.reddit.com ns2.ns2.ns2.sasse.ru ho.reddit.com aa-be.reddit.com i.reddit.com childfree.reddit.com lo.reddit.com ii.reddit.com ns4.reddit.com sc.reddit.com ac.reddit.com freefolk.reddit.com greece.reddit.com dumbphone.reddit.com romania.reddit.com rule34.reddit.com 7knightsglobal.reddit.com londonsocialjamclub.reddit.com gaystoriesgonewild.reddit.com pa.reddit.com wtf.reddit.com xi.reddit.com edh.reddit.com portal.reddit.com unexpectedthuglife.reddit.com minionhate.reddit.com oauth.reddit.com tinder.reddit.com adobe-dns-2.reddit.com pb.reddit.com thumbs.reddit.com youtubehaiku.reddit.com postrock.reddit.com re.reddit.com paladins.reddit.com smite.reddit.com api.reddit.com to.reddit.com mf.reddit.com al.reddit.com mtgo.reddit.com movies.reddit.com minnesota.reddit.com twincites.reddit.com minneapolis.reddit.com miamidolphins.reddit.com enlightenment.reddit.com us.reddit.com pathofexile.reddit.com bicycletouring.reddit.com iy.reddit.com ud.reddit.com wired.reddit.com kendo.reddit.com playstationplus.reddit.com cc.reddit.com surface.reddit.com adventuretime.reddit.com android.reddit.com pay.reddit.com gj.reddit.com canucks.reddit.com zh.reddit.com hb.reddit.com dk.reddit.com coyotes.reddit.com xa.reddit.com nb.reddit.com np.reddit.com at.reddit.com fr.reddit.com redditama.reddit.com ra.reddit.com nq.reddit.com pc.reddit.com rc.reddit.com oe.reddit.com sl.reddit.com rr.reddit.com blog.reddit.com code.reddit.com dg.reddit.com me.reddit.com sp.reddit.com ssl.reddit.com iu.reddit.com se.reddit.com fe.reddit.com as.reddit.com it.reddit.com en-us.reddit.com sharedota2.reddit.com static.reddit.com en.reddit.com buttons.reddit.com reddit.com buttons.reddit.com.cdn.cloudflare.net www.reddit.com

Malware Detected on Host

Count: 1 8c8faf610eee2d72d7c5ef8021be8d395e96809fb5131eab9d5eb739e24954d8

Open Ports Detected

2052 2053 2082 2083 2086 2087 443 80 8080 8443 8880

Whois Information

• NetRange: 198.41.128.0 - 198.41.255.255
• CIDR: 198.41.128.0/17
• NetName: CLOUDFLARENET
• NetHandle: NET-198-41-128-0-1
• Parent: NET198 (NET-198-0-0-0-0)
• NetType: Direct Allocation
• OriginAS: AS13335
• Organization: Cloudflare, Inc. (CLOUD14)
• RegDate: 2012-10-09
• Updated: 2024-09-04
• Comment: All Cloudflare abuse reporting can be done via https://www.cloudflare.com/abuse
• Comment: Geofeed: https://api.cloudflare.com/local-ip-ranges.csv
• Ref: https://rdap.arin.net/registry/ip/198.41.128.0
• OrgName: Cloudflare, Inc.
• OrgId: CLOUD14
• Address: 101 Townsend Street
• City: San Francisco
• StateProv: CA
• PostalCode: 94107
• Country: US
• RegDate: 2010-07-09
• Updated: 2024-11-25
• Ref: https://rdap.arin.net/registry/entity/CLOUD14
• OrgNOCHandle: CLOUD146-ARIN
• OrgNOCName: Cloudflare-NOC
• OrgNOCPhone: +1-650-319-8930
• OrgNOCEmail: noc@cloudflare.com
• OrgNOCRef: https://rdap.arin.net/registry/entity/CLOUD146-ARIN
• OrgTechHandle: ADMIN2521-ARIN
• OrgTechName: Admin
• OrgTechPhone: +1-650-319-8930
• OrgTechEmail: rir@cloudflare.com
• OrgTechRef: https://rdap.arin.net/registry/entity/ADMIN2521-ARIN
• OrgAbuseHandle: ABUSE2916-ARIN
• OrgAbuseName: Abuse
• OrgAbusePhone: +1-650-319-8930
• OrgAbuseEmail: abuse@cloudflare.com
• OrgAbuseRef: https://rdap.arin.net/registry/entity/ABUSE2916-ARIN
• OrgRoutingHandle: CLOUD146-ARIN
• OrgRoutingName: Cloudflare-NOC
• OrgRoutingPhone: +1-650-319-8930
• OrgRoutingEmail: noc@cloudflare.com
• OrgRoutingRef: https://rdap.arin.net/registry/entity/CLOUD146-ARIN
• RTechHandle: ADMIN2521-ARIN
• RTechName: Admin
• RTechPhone: +1-650-319-8930
• RTechEmail: rir@cloudflare.com
• RTechRef: https://rdap.arin.net/registry/entity/ADMIN2521-ARIN
• RNOCHandle: NOC11962-ARIN
• RNOCName: NOC
• RNOCPhone: +1-650-319-8930
• RNOCEmail: noc@cloudflare.com
• RNOCRef: https://rdap.arin.net/registry/entity/NOC11962-ARIN
• RAbuseHandle: ABUSE2916-ARIN
• RAbuseName: Abuse
• RAbusePhone: +1-650-319-8930
• RAbuseEmail: abuse@cloudflare.com
• RAbuseRef: https://rdap.arin.net/registry/entity/ABUSE2916-ARIN

Links to attack logs

anonymous-proxy-ip-list-2025-06-23 anonymous-proxy-ip-list-2025-06-22 anonymous-proxy-ip-list-2025-06-24 anonymous-proxy-ip-list-2025-06-25