104.28.162.218
IP Intelligence Briefing: 104.28.162.218
Date: 2026-06-07
---
**1. Core Profile**
- Risk Score: 25 (Low Risk)
- Ownership:
- ASN: 13335 (Cloudflare, Inc.)
- Network: CLOUDFLARENET (ARIN)
- Geolocation:
- Country: United States (US)
- Region: Hesse (Germany)
- City: Dreieich (approximate, 2500km accuracy radius)
- Threat Indicators:
- No malicious activity detected (no blacklists, spam, or known attacker associations).
- CDN Role: Identified as a Cloudflare CDN node (firewalled, no services exposed).
---
**2. Observation History**
- Recent Activity (2026-06-07):
- DNSSEC Valid: Confirmed.
- Routing Stability: Minimal operator risk (score: 0.13).
- Threat Signals: No active threats or abuse reports.
- Historical Trends:
- Stable ownership (Cloudflare) with no recent changes.
- No persistent malicious behavior detected.
---
**3. Network Relationships**
- Connected Entities:
- Linked to CLOUDFLARENET (same network).
- No direct ties to organizations, domains, or certificates.
- Subnet: 104.28.162.0/24
- Abuse Density: 0.26 (moderate risk, 6 of 23 IPs in subnet flagged).
- High-Risk Neighbors:
- 104.28.162.7 (65 risk score)
- 104.28.162.57 (70 risk score)
- 104.28.162.115 (40 risk score)
---
**4. Actionable Insights**
- SOC Recommendations:
- Monitor Subnet: Focus on high-risk neighbors (e.g., 104.28.162.7, 104.28.162.57) for potential lateral movement.
- Allow Cloudflare Traffic: Legitimate CDN traffic (no blocking required).
- Verify DNSSEC: Confirm DNS validation for subdomains if used in security policies.
- Firewall Rules:
- Allow: 104.28.162.0/24 (Cloudflare CDN) if traffic is legitimate.
- Block: High-risk neighbors if they exceed threshold in threat intelligence tools.
---
Conclusion:
104.28.162.218 is a low-risk Cloudflare CDN node with no direct malicious indicators. However, its subnet contains moderate abuse density, warranting closer scrutiny of neighboring IPs. No immediate action required for this IP itself, but monitor for anomalies in the 104.28.162.0/24 subnet.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
π’ Ownership & Registration
| Organization | Cloudflare, Inc. |
| ASN | AS13335 |
| Network Name | β |
| CIDR Block | β |
| RIR | ARIN |
| Country | β |
| Abuse Contact | Available via RDAP |
π DNS Intelligence
| PTR Record | No PTR |
| Forward Confirmed | No β PTR hostname does not resolve back to this IP (weak signal) |
π DNS Hygiene
| Hygiene Score | 20% (Poor) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Not verified |
| DNSSEC | Valid |
| CAA | Not configured |
βοΈ Network Classification
| Infrastructure | Infrastructure / Datacenter |
| Service Purpose | Firewalled / No Services |
| Network Tier | Hosting β Infrastructure provider without advanced routing |
π Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Server | β |
| HTTP Title | β |
π TLS Certificate
| SANs | None |
| Valid From | β |
| Valid Until | β |
π― Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 19% | 2 | 2 |
| routing | 13% | 1 | 1 |
| services | 13% | 1 | 1 |
| ownership | 27% | 2 | 3 |
| reputation | 13% | 1 | 2 |
| geolocation | 19% | 2 | 2 |
| Overall | 17% | 9 | 11 |
| Data Coherence | Mostly Consistent (85%) β 1 contradiction(s) |
| Attribution | Moderate (50%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
π Observation Timeline π Live
| First Seen | 2026-05-15 08:42:42 UTC |
| Last Seen | 2026-06-07 11:47:22 UTC |
| Profile Built | 2026-06-07 11:55:14 UTC |
| Data Freshness | Live |
| Signal Types | 14 |
| Total Observations | 15 |
Full dossier details are available via our API.