IOC Radar
IPMediumSignal 0/100

104.28.212.115

Location
United StatesUnited States
Aurora, Illinois
ASN
AS13335
Cloudflare WARP
First Seen
Jan 28, 2026
Last Seen
Feb 1, 2026
Jan 28
First Seen
144d ago
Feb 1
Last Seen
140d ago
2
Reports
source reports
0%
Confidence
medium
Found in 2 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
0%
Signal Score
0 / 100
IDS Rule
No
Threat Context
Tags

Network Information

CountryUSUnited States
RegionAurora, Illinois
ASNAS13335
OrganizationCloudflare WARP

Feed Intelligence Summary

2 reports0% confidence
2
Source reports
0%
Confidence score
Category tags
networkproxyresearched

Activity Timeline

1 total obs
Feb 1Feb 1

Threat Activity Heatmap

· Peak: 2026-02-01
Less
More
Mon
Wed
Fri
Jun
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
·
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
0
Dormant
Intelligence SummaryAI Generated

This IPv4 address, 104.28.212.115, is currently whitelisted and has a low-risk score of 0.0. Its presence in threat intelligence feeds like AlienVault OTX and SOCRadar Threat Exchange Services does not inherently indicate malicious activity, as its whitelisted status suggests it's considered benign. The address was whitelisted by Appealer Whitelist Service, further supporting its low-risk assessment. No corroborating evidence suggests this IP is involved in hostile behavior; its inclusion in thr…

Threat ScoreLow Risk
0
SIGNAL
Signal Score
0%
Confidence
2
Reports
First seenJan 28, 2026
Last seenFeb 1, 2026
GeolocationUS
CountryUnited States
LocationAurora, Illinois
ASNAS13335
OrgCloudflare WARP
Coords41.7572, -88.3177

VirusTotal

Not checked

WHOIS

raw
NetRange: 104.16.0.0 - 104.31.255.255 CIDR: 104.16.0.0/12 NetName: CLOUDFLARENET NetHandle: NET-104-16-0-0-1 Parent: NET104 (NET-104-0-0-0-0) NetType: Direct Allocation OriginAS: Organization: Cloudflare, Inc. (CLOUD14) RegDate: 2014-03-28 Updated: 2024-09-04 Comment: All Cloudflare abuse reporting can be done via https://www.cloudflare.com/abuse Comment: Geofeed: https://api.cloudflare.com/local-ip-ranges.csv Ref: https://rdap.arin.net/registry/ip/104.16.0.0 OrgName: Cloudflare, Inc. OrgId: CLOUD14 Address: 101 Townsend Street City: San Francisco StateProv: CA PostalCode: 94107 Country: US RegDate: 2010-07-09 Updated: 2024-11-25 Ref: https://rdap.arin.net/registry/entity/CLOUD14 OrgNOCHandle: CLOUD146-ARIN OrgNOCName: Cloudflare-NOC OrgNOCPhone: +1-650-319-8930 OrgNOCEmail: [email protected] OrgNOCRef: https://rdap.arin.net/registry/entity/CLOUD146-ARIN OrgTechHandle: ADMIN2521-ARIN OrgTechName: Admin OrgTechPhone: +1-650-319-8930 OrgTechEmail: [email protected] OrgTechRef: https://rdap.arin.net/registry/entity/ADMIN2521-ARIN OrgAbuseHandle: ABUSE2916-ARIN OrgAbuseName: Abuse OrgAbusePhone: +1-650-319-8930 OrgAbuseEmail: [email protected] OrgAbuseRef: https://rdap.arin.net/registry/entity/ABUSE2916-ARIN OrgRoutingHandle: CLOUD146-ARIN OrgRoutingName: Cloudflare-NOC OrgRoutingPhone: +1-650-319-8930 OrgRoutingEmail: [email protected] OrgRoutingRef: https://rdap.arin.net/registry/entity/CLOUD146-ARIN RTechHandle: ADMIN2521-ARIN RTechName: Admin RTechPhone: +1-650-319-8930 RTechEmail: [email protected] RTechRef: https://rdap.arin.net/registry/entity/ADMIN2521-ARIN RNOCHandle: NOC11962-ARIN RNOCName: NOC RNOCPhone: +1-650-319-8930 RNOCEmail: [email protected] RNOCRef: https://rdap.arin.net/registry/entity/NOC11962-ARIN RAbuseHandle: ABUSE2916-ARIN RAbuseName: Abuse RAbusePhone: +1-650-319-8930 RAbuseEmail: [email protected] RAbuseRef: https://rdap.arin.net/registry/entity/ABUSE2916-ARIN

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 4 months ago · Last seen 4 months ago
Appeared in 2 threat reports