104.18.1.196 Threat Intelligence and Host Information

General

This page contains threat intelligence information for the IPv4 address 104.18.1.196 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Possibly Malicious Host 🟢 5/100

Host and Network Information

• View other sources: Spamhaus VirusTotal

• Country:
• Network:
• Noticed: 1 times
• Protocols Attacked: Anonymous Proxy
• Passive DNS Results: slc.db.stg.banking.swap.rocks success.gsu.edu.cdn.cloudflare.net excenweb.gsu.edu.cdn.cloudflare.net rialto.gsu.edu.cdn.cloudflare.net socialwork.gsu.edu.cdn.cloudflare.net unraepg.cyou h4.processing.prod.cards.swap.rocks gerontology.gsu.edu.cdn.cloudflare.net blueline.gsu.edu.cdn.cloudflare.net security-module.prod.banking.swap.rocks pcaga.gsu.edu.cdn.cloudflare.net security-module.db.staging.banking.swap.rocks wizard-dev.meetdory.com fan0909.com portal.dimep.prod.financial.swap.rocks b-1.swapkafkaproduction.kafka.prod.cards.swap.rocks open-finance.db.prod.banking.swap.rocks portal.cardix.prod.financial.swap.rocks cldflar-wfm-app-dv1.jdadelivers.com partners-dev.meetdory.com ludo-cf.wenext.plus api.qa.swapcards.com.br anti-fraud.qa.cards.swap.rocks api.facisc.prod.financial.swap.rocks logistics.db.staging.cards.swap.rocks blockbond.top portal-rds-swap-1.db.staging.financial.swap.rocks backstage.qa.banking.swap.rocks b-2.kafka-schumi-staging.kafka.staging.cards.swap.rocks portal.hub4pay.prod.financial.swap.rocks norbert-staging.db.staging.cards.swap.rocks invoice-render-aurora-qa-cluster.db.qa.cards.swap.rocks api.interfaces.prod.financial.swap.rocks dev-app.meetdory.com norbert.prod.cards.swap.rocks infiniti-bank.portal.staging.financial.swap.rocks kalibrev2.coyoterts.com redis-cards.db.prod.cards.swap.rocks static.betgamestv.de prod-funds-manager.db.prod.cards.swap.rocks funds-transfer.db.staging.banking.swap.rocks kubernetes-dashboard.prod.banking.swap.rocks tcv.gsu.edu.cdn.cloudflare.net rggold.kz logistics.prod.cards.swap.rocks clearing.prod.cards.swap.rocks etfsim.qa.cards.swap.rocks pix-production.db.prod.banking.swap.rocks www-10.web.prod.walter-business-park.com aacert2.vdcacsr.visa.com bastion-cards-prd.swap.rocks statement.qa.cards.swap.rocks cavaloqqpg.com fb68vn.site fallback.testsecurity-api.swap.rocks client-admin.db.prod.cards.swap.rocks api.valuu.swap.financial pix-staging.db.staging.banking.swap.rocks api.sankhya.prod.financial.swap.rocks aa04-eut1-wmlm-svc-ts1.jdadelivers.com portal.beneficio-digital.prod.financial.swap.rocks ta08-aztms-tmic-tr2.jdadelivers.com portal.valuu.prod.financial.swap.rocks gruenden-aus-arbeitslosigkeit.de clearing.db.qa.cards.swap.rocks authentication-service.db.prod.banking.swap.rocks funds-manager-rw.db.prod.cards.swap.rocks vault.prod.security.swap.rocks ssh.eliabe.swap.rocks km88pwa2.cc docs.security.swap.rocks Dosatron.com api.localiza-benefits.prod.financial.swap.rocks open-finance.db.staging.banking.swap.rocks localiza.api.staging.financial.swap.rocks alt.vilnozaporizka-gromada.gov.ua belonging.gsu.edu.cdn.cloudflare.net kubernetes-dashboard.qa.financial.swap.rocks campusdirectory.gsu.edu.cdn.cloudflare.net facisc.portal.staging.financial.swap.rocks webservices.gsu.edu.cdn.cloudflare.net chrd.gsu.edu chrd.gsu.edu.cdn.cloudflare.net *.beta.gsu.edu.cdn.cloudflare.net portal.swap.prod.financial.swap.rocks downtown.gsu.edu.cdn.cloudflare.net policies.oie.gsu.edu.cdn.cloudflare.net family-chat.co.uk invoice-render.db.qa.cards.swap.rocks qlweox.com legalaffairs.gsu.edu.cdn.cloudflare.net psychology.gsu.edu.cdn.cloudflare.net religiousstudies.gsu.edu.cdn.cloudflare.net cslf.gsu.edu cslf.gsu.edu.cdn.cloudflare.net hr.gsu.edu.cdn.cloudflare.net visa-et-iskb.info prc.gsu.edu.cdn.cloudflare.net ghpc.gsu.edu.cdn.cloudflare.net publichealth.gsu.edu.cdn.cloudflare.net statement.db.prod.cards.swap.rocks portal-rds-swap.cluster.db.prod.financial.swap.rocks daenerys-internal.prod.banking.swap.rocks console.swapcards.com.br api.mtls.staging.banking.swap.rocks sftp-mobi.prod.cards.swap.rocks neuroinflammation.gsu.edu.cdn.cloudflare.net www-10.web.dev.walter-business-park.com proxy-hsm.qa.cards.swap.rocks fairpresidentin.top xworldvirtual.com authentication.qa.banking.swap.rocks access.gsu.edu.cdn.cloudflare.net success.students.gsu.edu.cdn.cloudflare.net api.swap.prod.financial.swap.rocks compliance-services.db.qa.cards.swap.rocks dxctrunnerpnu76sprodfo01-slot.paastest.epimore.com statement-qa.cluster.db.qa.cards.swap.rocks dict-internal.qa.banking.swap.rocks barte.api.staging.financial.swap.rocks sansec.pl processing.swap.rocks www.phy-astr.gsu.edu physics-astro.gsu.edu.cdn.cloudflare.net www.phy-astr.gsu.edu.cdn.cloudflare.net researchlanglit.gsu.edu.cdn.cloudflare.net docs.meetdory.com swap.api.qa.financial.swap.rocks news.gsu.edu.cdn.cloudflare.net bestpractices.gsu.edu.cdn.cloudflare.net bism5yaw.xyz portal.localiza-benefits.prod.financial.swap.rocks pix.staging.banking.swap.rocks shared-development-database.db.qa.cards.swap.rocks portal.localiza.prod.financial.swap.rocks api.staging.swapcards.com.br copastur.api.staging.financial.swap.rocks cckspt.co security-portal-test.db.qa.financial.swap.rocks valuu.api.qa.financial.swap.rocks military.gsu.edu.cdn.cloudflare.net k8s-dashboard.qa.cards.swap.rocks zenith-pay.portal.staging.financial.swap.rocks cartao.solides.com.br africana.gsu.edu.cdn.cloudflare.net logistics.db.prod.cards.swap.rocks platform-qa-cluster.db.qa.cards.swap.rocks keycloak.db.prod.cards.swap.rocks embossing-app.db.prod.cards.swap.rocks history.gsu.edu.cdn.cloudflare.net invoice-api.staging.cards.swap.rocks b-2.kafkastaging.kafka.staging.cards.swap.rocks cards.staging.cards.swap.rocks redis-cards.db.staging.cards.swap.rocks statement.staging.cards.swap.rocks vts.qa.cards.swap.rocks cards-k8s.staging.cards.swap.rocks client-tester.staging.cards.swap.rocks norbert.staging.cards.swap.rocks b-2.kafka-qa.kafka.qa.cards.swap.rocks platform-db.qa.cards.swap.rocks embossing.staging.cards.swap.rocks k8s-dashboard.staging.cards.swap.rocks h3.processing.prod.cards.swap.rocks statement.prod.cards.swap.rocks esplatform.prod.cards.swap.rocks invoice-service.db.qa.cards.swap.rocks credit-accounts.db.qa.cards.swap.rocks lisa.api.qa.financial.swap.rocks csds.gsu.edu.cdn.cloudflare.net api.qa.banking.swap.rocks portal.facisc.prod.financial.swap.rocks dining.gsu.edu.cdn.cloudflare.net mathstat.gsu.edu mathstat.gsu.edu.cdn.cloudflare.net convocationcenter.gsu.edu convocationcenter.gsu.edu.cdn.cloudflare.net vdesign.sansec.pl api.staging.cards.swap.rocks online.gsu.edu online.gsu.edu.cdn.cloudflare.net events.gsu.edu events.gsu.edu.cdn.cloudflare.net hub4pay.api.staging.financial.swap.rocks cabi.gsu.edu.cdn.cloudflare.net neuroscience.gsu.edu.cdn.cloudflare.net dataplatform.prod.data.swap.rocks collegetocareer.gsu.edu collegetocareer.gsu.edu.cdn.cloudflare.net counseling.gsu.edu.cdn.cloudflare.net cms-upgrade.web.test.walter-business-park.com qa-fi-nfi-fbmvp-22100-investigateqamockp.az.ssdgws.co.uk norbert.qa.cards.swap.rocks processing-qa.cards.swap.rocks open-finance.prod.banking.swap.rocks swap.portal.staging.financial.swap.rocks artdesign.gsu.edu artdesign.gsu.edu.cdn.cloudflare.net cas.gsu.edu cas.gsu.edu.cdn.cloudflare.net thearts.gsu.edu thearts.gsu.edu.cdn.cloudflare.net copastur.portal.staging.financial.swap.rocks kubernetes-dashboard.prod.financial.swap.rocks psychologyclinic.gsu.edu psychologyclinic.gsu.edu.cdn.cloudflare.net dxctadmini9rd7v1prod.paastest.epimore.com mgrdxctadmini9rd7v1prep.paastest.epimore.com funds-manager.qa.cards.swap.rocks commkit.gsu.edu.cdn.cloudflare.net portal.zenith-pay.prod.financial.swap.rocks kubernetes-dashboard.staging.banking.swap.rocks president.gsu.edu.cdn.cloudflare.net aofw.gsu.edu.cdn.cloudflare.net funds-manager-db.qa.cards.swap.rocks cetloe.gsu.edu.cdn.cloudflare.net library.gsu.edu.cdn.cloudflare.net betregency.ag strategic.gsu.edu.cdn.cloudflare.net prod-norbert-read-replica.db.prod.cards.swap.rocks vpn-admin.swap.rocks app.meetdory.com 96dhaka.com cdn-cnj.si api.beneficio-digital.prod.financial.swap.rocks filetransfer.qa.security.swap.rocks client-admin.staging.cards.swap.rocks platform-clearing.staging.cards.swap.rocks swap.portal.qa.financial.swap.rocks testsecurity-api.swap.rocks safety.gsu.edu.cdn.cloudflare.net nextgen.gsu.edu.cdn.cloudflare.net dojo.swap.rocks www.cs.gsu.edu.cdn.cloudflare.net welcome.gsu.edu welcome.gsu.edu.cdn.cloudflare.net vn.qh780.com pagos.infile.com uzzipay.api.staging.financial.swap.rocks api.prod.cards.swap.rocks www.walter-business-park.com.cdn.cloudflare.net apicuadres.infile.com filetransfer.security.swap.rocks hub4pay.portal.staging.financial.swap.rocks localiza-benefits.portal.staging.financial.swap.rocks www-upgrade.web.prod.walter-business-park.com www.prosperabeneficios.com risk-services.staging.cards.swap.rocks beneficio-digital.portal.staging.financial.swap.rocks api.prospera.prod.financial.swap.rocks portal.prospera.prod.financial.swap.rocks fixespoint.com jpn-integration-apac.gtil-dxc.com mys-integration-apac.gtil-dxc.com facisc.api.staging.financial.swap.rocks notifications.qa.banking.swap.rocks daenerys-read-replica.db.prod.banking.swap.rocks dict.db.prod.banking.swap.rocks dict-internal.prod.banking.swap.rocks norbert-internal.staging.banking.swap.rocks oie.gsu.edu hr.gsu.edu lewis.gsu.edu robinson.gsu.edu h1.processing.prod.cards.swap.rocks portal.interfaces.prod.financial.swap.rocks www.talion-plus.com.ua qh780.com embossing.prod.cards.swap.rocks rcld.gsu.edu rcld.gsu.edu.cdn.cloudflare.net jasonwrightrealestate.com cloudflare.ramseyparty.org funds-transfer.prod.banking.swap.rocks talion-plus.com.ua metrics.qa.banking.swap.rocks portal-rds-swap-qa-1.db.qa.financial.swap.rocks localiza-benefits.api.staging.financial.swap.rocks robinson.gsu.edu.cdn.cloudflare.net mtls.swap.rocks api.vegas.prod.financial.swap.rocks api.localiza.prod.financial.swap.rocks bluepay.api.staging.financial.swap.rocks gestao.bionio.com.br cld.gsu.edu.cdn.cloudflare.net disability.publichealth.gsu.edu.cdn.cloudflare.net console-api.qa.cards.swap.rocks b1.kafka.qa.cards.swap.rocks proxy-hsm.qa.cards.swap.swap.rocks b2.kafka.qa.cards.swap.rocks b3.kafka.qa.cards.swap.rocks www.gsu.edu.cdn.cloudflare.net onlinestampsales.com casting.gsu.edu.cdn.cloudflare.net norbert-es.prod.cards.swap.rocks prod-clearing-application.db.prod.cards.swap.rocks painel.valuu.com.br icepp.gsu.edu.cdn.cloudflare.net tcors.publichealth.gsu.edu.cdn.cloudflare.net api-stag.contaswap.io test-gcp2.swap.rocks safecare.publichealth.gsu.edu.cdn.cloudflare.net cradl.gsu.edu.cdn.cloudflare.net arctic.gsu.edu.cdn.cloudflare.net sociology.gsu.edu.cdn.cloudflare.net research.gsu.edu.cdn.cloudflare.net crim.education.gsu.edu.cdn.cloudflare.net technology.dev.gsu.edu.cdn.cloudflare.net swap-portal.qa.contaswap.io aysps.gsu.edu.cdn.cloudflare.net notifications.staging.banking.swap.rocks www.infile.com cdn.noiceid.cc images-v2.noiceid.cc qa-gb-wvi-fbmvp-14286-prepopfailureretri.az.ssdgws.co.uk edge.tenants.stage-space-0604-01.auth0app.com wt.stage-space-0604-01.auth0app.com stage-space-0604-01.auth0app.com probecloudflare.deetz7.net probecloudflare.deetz7.net.cdn.cloudflare.net www-upgrade.web.test.walter-business-park.com cms-upgrade.web.prod.walter-business-park.com slotvibe24.com landingpages.kaizengaming.com www.lcprofiles.com watchme.co.nz edge.tenants.test-aws-romantic-barracuda-1692.auth0c.com wt.test-aws-romantic-barracuda-1692.auth0c.com test-aws-romantic-barracuda-1692.auth0c.com cellphonebenchmarksettlement.com www.hardwick-ma.gov nisbets.de prod.ethiconanalytics.com qa.ethiconanalytics.com keljob.com auth-staging.meetdory.com authbackend-staging-api.meetdory.com visuals.kaizengaming.com cms.web.prod.walter-business-park.com images.noiceid.cc customers.meetdory.com partners.meetdory.com le.ca.aws-test-112.auth0c.com gts.ca.aws-test-112.auth0c.com www.meetdory.com meetdory.com dev.meetdory.com aws-test-112.auth0c.com edge.tenants.aws-test-112.auth0c.com wt.aws-test-112.auth0c.com westenddraught.com.au inte.aktiviasker.no marketplace.netvisor.fi yourpec.com 36pharmacies.com www.walter-business-park.com cms.web.test.walter-business-park.com cibinqoefficacy.com www.cibinqoefficacy.com www.kiehls.be kiehls.be development.buffalo-boots.com gitlab.infile.com www.bgt-grantthornton.it www.netvisor.fi stopwarinukraine.fcdynamo.com berkeley-bowl.pbis-cf.instacart.com smtp.fcdynamo.com www.fcdynamo.com fcdynamo.com careers.majestic.co.uk netvisor.fi participants.dr.finra.org t.sidekickopen05-eu1.com www.paxlovideducation.cy paxlovideducation.cy 283e2eb4c3ee28a77a50ff88b6cc708328a33f88.vercel-workers.com blog.majestic.co.uk ferbersauto.com recordscultureart.com majestic.co.uk www.majestic.co.uk www.web.test.walter-business-park.com cms.web.dev.walter-business-park.com wine-club.majestic.co.uk www.sfs.co.uk scim.rd-corp.net www.toujoursenviedepipi.com www.reliefwithlyrica.com icompassion-international.com leyes.infile.com infile.com nlweb-api.rd-corp.net nlweb.rd-corp.net nlweb-files.rd-corp.net sq.rd-corp.net 2020commencement.qu.edu 2020commencement.qu.edu.cdn.cloudflare.net www.mediathek.video mediathek.video thesouledstore.com www.yubawater.org 4huee13.com rbcautovantage.com www.retro-bars.co.uk sfs.co.uk www.qu.edu.cdn.cloudflare.net stage-demo.thesouledstore.com retro-bars.co.uk.cdn.cloudflare.net inte.aktiviasker.no.cdn.cloudflare.net blog.thesouledstore.com us-south.devops.cloud.ibm.com images.thesouledstore.com api.thesouledstore.com www.yubawater.org.cdn.cloudflare.net colenfleurs.fr optics.thesouledstore.com wp.thesouledstore.com objst0r.thesouledstore.com ezhddx.thesouledstore.com toujoursenviedepipi.com www.6677at.com www.advancedformulacentrum.com.cdn.cloudflare.net www.toujoursenviedepipi.com.cdn.cloudflare.net reliefwithlyrica.com z1f.com.cn www.z1f.com.cn www.yuanfencity.com www.bgt-grantthornton.it.cdn.cloudflare.net

Open Ports Detected

2052 2053 2082 2083 2086 2087 2095 2096 443 80 8080 8443 8880

Map

Whois Information

• NetRange: 104.16.0.0 - 104.31.255.255
• CIDR: 104.16.0.0/12
• NetName: CLOUDFLARENET
• NetHandle: NET-104-16-0-0-1
• Parent: NET104 (NET-104-0-0-0-0)
• NetType: Direct Allocation
• OriginAS:
• Organization: Cloudflare, Inc. (CLOUD14)
• RegDate: 2014-03-28
• Updated: 2024-09-04
• Comment: All Cloudflare abuse reporting can be done via https://www.cloudflare.com/abuse
• Comment: Geofeed: https://api.cloudflare.com/local-ip-ranges.csv
• Ref: https://rdap.arin.net/registry/ip/104.16.0.0
• OrgName: Cloudflare, Inc.
• OrgId: CLOUD14
• Address: 101 Townsend Street
• City: San Francisco
• StateProv: CA
• PostalCode: 94107
• Country: US
• RegDate: 2010-07-09
• Updated: 2024-11-25
• Ref: https://rdap.arin.net/registry/entity/CLOUD14
• OrgRoutingHandle: CLOUD146-ARIN
• OrgRoutingName: Cloudflare-NOC
• OrgRoutingPhone: +1-650-319-8930
• OrgRoutingEmail: noc@cloudflare.com
• OrgRoutingRef: https://rdap.arin.net/registry/entity/CLOUD146-ARIN
• OrgNOCHandle: CLOUD146-ARIN
• OrgNOCName: Cloudflare-NOC
• OrgNOCPhone: +1-650-319-8930
• OrgNOCEmail: noc@cloudflare.com
• OrgNOCRef: https://rdap.arin.net/registry/entity/CLOUD146-ARIN
• OrgAbuseHandle: ABUSE2916-ARIN
• OrgAbuseName: Abuse
• OrgAbusePhone: +1-650-319-8930
• OrgAbuseEmail: abuse@cloudflare.com
• OrgAbuseRef: https://rdap.arin.net/registry/entity/ABUSE2916-ARIN
• OrgTechHandle: ADMIN2521-ARIN
• OrgTechName: Admin
• OrgTechPhone: +1-650-319-8930
• OrgTechEmail: rir@cloudflare.com
• OrgTechRef: https://rdap.arin.net/registry/entity/ADMIN2521-ARIN
• RAbuseHandle: ABUSE2916-ARIN
• RAbuseName: Abuse
• RAbusePhone: +1-650-319-8930
• RAbuseEmail: abuse@cloudflare.com
• RAbuseRef: https://rdap.arin.net/registry/entity/ABUSE2916-ARIN
• RNOCHandle: NOC11962-ARIN
• RNOCName: NOC
• RNOCPhone: +1-650-319-8930
• RNOCEmail: noc@cloudflare.com
• RNOCRef: https://rdap.arin.net/registry/entity/NOC11962-ARIN
• RTechHandle: ADMIN2521-ARIN
• RTechName: Admin
• RTechPhone: +1-650-319-8930
• RTechEmail: rir@cloudflare.com
• RTechRef: https://rdap.arin.net/registry/entity/ADMIN2521-ARIN

Links to attack logs

anonymous-proxy-ip-list-2025-11-13