Currently the node JS website is served by 2 cloudflare IP addresses, these being
Cisco have currently flagged the 104.20.22.46 address as serving up malware and therefore the ip addresses has been added to global block lists. you can find more information here https://talosintelligence.com/reputation_center/lookup?search=104.20.22.46
In our organisation we use Azure DevOps which has a CI/CD task to install node from https://nodejs.org/dist/. A lot of these requests fail as the companies Cisco firewalls blocks all of the requests. As you ip provider is cloudflare i assume you would need to speak with them but this is cuaisng multiple issues
Not sure if there is anything to do here, but I had to chuckle at hitting the Talos page and seeing that is also running on CloudFlare
We are seeing the same issue. Who can resolve? :)
Since the only way to "dispute" a rating requires a login via a Cisco account, I think it needs to be someone that is using their services.
I don't think it's really for us to dispute as we don't own the IP. I believe a Cisco login is free to create in order to create a dispute or this should be something you can contact cloudflare about as they are providing an IP to you that has been blacklisted for whatever reason
/cc @nodejs/build
I've pinged some internal GitHub folks to get a message to the Azure team to make sure they are aware of this issue.
I'm also going through my network of folks right now to see if I can find a contact at Cisco to escalate this to. Also pinging some folks I know at cloudflare.
Hi -- Head of Trust & Safety at Cloudflare here. I've reached out to folks at Cisco to get additional information about this listing.
UPDATE: spoke with a friend at Talos. They are reviewing now.
TYVM @xxdesmus
Sounds like we've got @xxdesmus investigating at Cloudflare. If we need to do anything else like open a ticket through the Node.js Cloudflare account just let me know and I'll take a look.
I'm seeing that it's flagged as neutral now, instead of malicious.Though looks like this change is still propagating.
https://talosintelligence.com/reputation_center/lookup?search=104.20.22.46 says "Questionable | Neutral" now -- should be fine.
Just checked now and can ping the ip again. great work guys! 馃憤
Most helpful comment
https://talosintelligence.com/reputation_center/lookup?search=104.20.22.46 says
"Questionable | Neutral"now -- should be fine.