104.28.164.250
IP Intelligence Briefing: 104.28.164.250
Date: 2026-06-11
---
**1. Core Profile**
- Risk Score: 80 (High Risk)
- Ownership: Cloudflare, Inc. (ASN 13335, CLOUDFLARENET)
- Geolocation: France (Aulnay-sous-Bois, Île-de-France region)
- Network Role: CDN infrastructure (no services detected)
- Threat Indicators: No malicious activity observed; no blacklists, campaigns, or DNS anomalies.
---
**2. Historical Observations**
- Recent Activity (2026-06-11):
- Confirmed as a CDN IP with no residential/mobile characteristics.
- Stability score: 0 (unstable or newly registered).
- No persistent malicious behavior detected.
---
**3. Relationships & Subnet**
- Network Relationships:
- Linked to Cloudflareβs CLOUDFLARENET /12 prefix.
- No direct ties to known malicious organizations or domains.
- Subnet Analysis (104.28.164.0/24):
- Abuse Density: 0% (low risk).
- Neighbor Risk: 20 IPs in subnet; 19 low-risk, 1 medium-risk.
- No suspicious activity in adjacent IPs.
---
**4. Threat & Security Context**
- Threat Feeds: No indicators of spam, phishing, or malware distribution.
- DNS & Services: No open ports, TLS certs, or HTTP services detected.
- Routing: BGP prefix stable; no route changes in 30 days.
---
**5. Recommendations**
- Monitor: Track changes in subnet abuse density or unexpected service activation.
- Firewall: Consider allowing traffic from this CDN IP if itβs part of legitimate infrastructure.
- Verify: Cross-check with internal threat feeds to confirm no missed indicators.
Conclusion: This IP is a legitimate Cloudflare CDN node with no direct malicious activity. However, its high risk score and unstable stability suggest further monitoring is warranted.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
π’ Ownership & Registration
| Organization | Cloudflare, Inc. |
| ASN | AS13335 |
| Network Name | CLOUDFLARENET |
| CIDR Block | 104.16.0.0/12 |
| RIR | ARIN |
| Country | United States |
| Abuse Contact | Available via RDAP |
π DNS Intelligence
| PTR Record | No PTR |
| Forward Confirmed | No β PTR hostname does not resolve back to this IP (weak signal) |
π DNS Hygiene
| Hygiene Score | 20% (Poor) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Not verified |
| DNSSEC | Valid |
| CAA | Not configured |
βοΈ Network Classification
| Infrastructure | Infrastructure / Datacenter |
| Service Purpose | Firewalled / No Services |
| Network Tier | Hosting β Infrastructure provider without advanced routing |
π Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Server | β |
| HTTP Title | β |
π TLS Certificate
| SANs | None |
| Valid From | β |
| Valid Until | β |
π― Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 13% | 1 | 1 |
| routing | 13% | 1 | 1 |
| services | 13% | 1 | 1 |
| ownership | 27% | 2 | 3 |
| reputation | 0% | 0 | 0 |
| geolocation | 13% | 1 | 1 |
| Overall | 13% | 6 | 7 |
| Data Coherence | Mostly Consistent (85%) β 1 contradiction(s) |
| Attribution | Moderate (50%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
π Observation Timeline π Live
| First Seen | 2026-05-26 18:56:27 UTC |
| Last Seen | 2026-06-11 05:47:18 UTC |
| Profile Built | 2026-06-11 05:54:46 UTC |
| Data Freshness | Live |
| Signal Types | 15 |
| Total Observations | 15 |
Full dossier details are available via our API.