198.41.215.66 Threat Intelligence and Host Information

Share on:
Jul 11, 2023 ipinfopage

General

This page contains threat intelligence information for the IPv4 address 198.41.215.66 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Possibly Malicious Host 🟢 10/100

Host and Network Information

  • View other sources: Spamhaus VirusTotal

  • Country:
  • Network: AS13335 cloudflare
  • Noticed: 1 times
  • Protcols Attacked: Anonymous Proxy
  • Passive DNS Results: insight-labs.org http2demo.cloudflare.com api.cloudflare.com developers.cloudflare.com blog.cloudflare.com cdn-static.cloudflare.com jp.cloudflare.com partners.cloudflare.com www.cloudflare.com ko.cloudflare.com origin-pull.cloudflare.com de.cloudflare.com it.cloudflare.com fr.cloudflare.com.cdn.cloudflare.net fr.cloudflare.com js.cloudflare.com blog.cloudflare.com.cdn.cloudflare.net ajax.cloudflare.com cdnjs.cloudflare.com support.cloudflare.com ajax.cloudflare.com.cdn.cloudflare.net cdnjs.cloudflare.com.cdn.cloudflare.net

Malware Detected on Host

Count: 104 1ed5782414b1d198377d7c0e80b14b720e7da599ca6524610139b824930f3dff a7ac2d6c612f5b0ae0a4d560d4b581f9da1a12ea6c8340081232f4c37cde2109 60e8e00a6cbb125bcebbaff3ef59732320656112f7303c10b6f30a39e8ee53d8 c194e56e9a6ba848dcdfc91798e27777d9a56d978b78bd5215e01f63accc856e 5c122210767d159a9b3a4647bee539f03eaf39c90f05421f58ba5dbc10c3dfc8 0c81bcb2c92afaabc7ebbd55b8c3491631cdd179cb482659403226d48a788a99 37a2137c9039d17e9cedb673f9f9ff370517114c8916263b7ea3e86a59989df4 bd2e2bd8f2e31ab720a6d0e4e9ce7e8d39e0eb2c0d074174470485e26d1a46f5 ee5eeaab2b6cc9e3e8a02825081bec777efad63e27bf28135d90270f17942c03 fd83ab7601fc2d4405509e19ceb5231380b5ac7096a389f1f0ad949b2b16ba30

Open Ports Detected

2053 2082 2083 2086 2087 2095 443 80 8080 8880

Map

Whois Information

  • NetRange: 198.41.128.0 - 198.41.255.255
  • CIDR: 198.41.128.0/17
  • NetName: CLOUDFLARENET
  • NetHandle: NET-198-41-128-0-1
  • Parent: NET198 (NET-198-0-0-0-0)
  • NetType: Direct Allocation
  • OriginAS: AS13335
  • Organization: Cloudflare, Inc. (CLOUD14)
  • RegDate: 2012-10-09
  • Updated: 2021-05-26
  • Comment: All Cloudflare abuse reporting can be done via https://www.cloudflare.com/abuse
  • Ref: https://rdap.arin.net/registry/ip/198.41.128.0
  • OrgName: Cloudflare, Inc.
  • OrgId: CLOUD14
  • Address: 101 Townsend Street
  • City: San Francisco
  • StateProv: CA
  • PostalCode: 94107
  • Country: US
  • RegDate: 2010-07-09
  • Updated: 2021-07-01
  • Ref: https://rdap.arin.net/registry/entity/CLOUD14
  • OrgAbuseHandle: ABUSE2916-ARIN
  • OrgAbuseName: Abuse
  • OrgAbusePhone: +1-650-319-8930
  • OrgAbuseEmail: [email protected]
  • OrgAbuseRef: https://rdap.arin.net/registry/entity/ABUSE2916-ARIN
  • OrgNOCHandle: CLOUD146-ARIN
  • OrgNOCName: Cloudflare-NOC
  • OrgNOCPhone: +1-650-319-8930
  • OrgNOCEmail: [email protected]
  • OrgNOCRef: https://rdap.arin.net/registry/entity/CLOUD146-ARIN
  • OrgTechHandle: ADMIN2521-ARIN
  • OrgTechName: Admin
  • OrgTechPhone: +1-650-319-8930
  • OrgTechEmail: [email protected]
  • OrgTechRef: https://rdap.arin.net/registry/entity/ADMIN2521-ARIN
  • OrgRoutingHandle: CLOUD146-ARIN
  • OrgRoutingName: Cloudflare-NOC
  • OrgRoutingPhone: +1-650-319-8930
  • OrgRoutingEmail: [email protected]
  • OrgRoutingRef: https://rdap.arin.net/registry/entity/CLOUD146-ARIN
  • RTechHandle: ADMIN2521-ARIN
  • RTechName: Admin
  • RTechPhone: +1-650-319-8930
  • RTechEmail: [email protected]
  • RTechRef: https://rdap.arin.net/registry/entity/ADMIN2521-ARIN
  • RAbuseHandle: ABUSE2916-ARIN
  • RAbuseName: Abuse
  • RAbusePhone: +1-650-319-8930
  • RAbuseEmail: [email protected]
  • RAbuseRef: https://rdap.arin.net/registry/entity/ABUSE2916-ARIN
  • RNOCHandle: NOC11962-ARIN
  • RNOCName: NOC
  • RNOCPhone: +1-650-319-8930
  • RNOCEmail: [email protected]
  • RNOCRef: https://rdap.arin.net/registry/entity/NOC11962-ARIN

Links to attack logs

anonymous-proxy-ip-list-2023-07-10 anonymous-proxy-ip-list-2023-07-09