104.18.12.65 Threat Intelligence and Host Information

Share on:
Jul 10, 2023 ipinfopage

General

This page contains threat intelligence information for the IPv4 address 104.18.12.65 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Possibly Malicious Host 🟢 5/100

Host and Network Information

  • View other sources: Spamhaus VirusTotal

  • Country:
  • Network: AS13335 cloudflare
  • Noticed: 1 times
  • Protcols Attacked: Anonymous Proxy
  • Passive DNS Results: distribution-auth-test.int.promo.com design-system.int.promo.com test-aws-careless-clownfish-1752.auth0c.com skooner.int.promo.com keycloak.int.promo.com support.promo.com www.nako55.fi animations-configs.int.promo.com prometheus.monit.int.promo.com promotoolsn.promo.com k8s-pvg.int.promo.com jerzyb.localenv.promo.com invoices-summary-a3-migration-fix.localenv.promo.com wordpress1.int.promo.com wt.test-aws-macho-eagle-2488.auth0c.com edge.tenants.test-aws-macho-eagle-2488.auth0c.com test-aws-macho-eagle-2488.auth0c.com stripe-checkout-service-test02.int.promo.com stripe-checkout-service-test01.int.promo.com stripe-checkout-service-test04.int.promo.com stripe-checkout-service-test05.int.promo.com stripe-checkout-service-poland01.int.promo.com stripe-checkout-service-test06.int.promo.com aiclusterv2.int2.promo.com vidsharepoland01.promo.com gitlab.prd.promo.com opsmngtestenvs.int.promo.com promote-admin-mobile-preprd1.promo.com flelibrary.org services.int.promo.com go-pricing-prod.promo.com billing-service-prod.promo.com apple-service-prod.promo.com qa.int.promo.com vidsharetest04.promo.com promote-mobile-preprd1.promo.com ez-media-dev.s3.promo.com cdntest03.promo.com test02.promo.com test05.promo.com cdntest05.promo.com cdntest02.promo.com test03.promo.com test06.promo.com cdntest06.promo.com cdnpoland01.promo.com marvin-dbt.int.promo.com test-upload-bucket.s3.promo.com animations-configs-staging.s3.promo.com 123.writeboard-staging.com distribution-uploader-test06.promo.com test07.promo.com www.staycoronado.com staycoronado.com support-kb-test.promo.com qa-ie-beo-apd-1095-deploysdistoredgswest.az.ssdgws.co.uk www.generaltruckbodyla.com dxctngnadxc6f7s1prod.paastest.co.uk sub.dxctngnadxc6f7s1prod.paastest.co.uk secure.mystayplanner.com sierradosimetry.com osmiudos.pt www.takedapro.com pop.richki-gromada.gov.ua smtp.richki-gromada.gov.ua www.ochsnerjournal.org bncservices.com qa-gb-zwz-fixapd-699-revert-fbmvp-10912.az.ssdgws.co.uk www.her2treatmentoptions.com generaltruckbodyla.com wt.aws-test-15.auth0sbx.com edge.tenants.aws-test-15.auth0sbx.com aws-test-15.auth0sbx.com www.toxinz.com.cdn.cloudflare.net richki-gromada.gov.ua www.toxinz.com qa-au-4vp-dsi-2082-fittingboxstorybook.az.ssdgws.co.uk dev-gifting.s.aws.economist.com dpgfund.com byrfb.cc preprod.boxon.fi.cdn.cloudflare.net verif-7ddea5d114416a9d5c61.auth0app.com prep.toxinz.com prod.toxinz.com qa-ca-uat-testcaecom-0000-defaultsellonw.az.ssdgws.co.uk cib.com.ua it-microsites-proxy-fallback.com qa-www.sunbeltrentals.com prod.boxon.fi integration.boxon.fi preprod.boxon.fi gas1-e4.remoteservice.navify.com royalspinz.com www.kitchennow.com.tw kitchennow.com.tw uat-ebank.mscu.net staging-egw.xl.co.id egw.xl.co.id www.grandchallenges.org www.siouxerosioncontrol.com stg-royalcanin-cm-01.royalcanin.com ciam-rajaampat.xl.co.id comet.xl.co.id ciam-derawan.xl.co.id grandchallenges.org aherzog2-11-30.auth0c.com edge.tenants.aherzog2-11-30.auth0c.com www.global.afinitor.com gcgh.grandchallenges.org my.xl.co.id flexiway.flexigroup.co.nz flexirent.flexigroup.co.nz easylease.flexigroup.co.nz equico.flexigroup.co.nz flexirentfs.flexigroup.co.nz flexiline.flexigroup.co.nz trlleasing.flexigroup.co.nz adusadistribution-internal.careerswithus.com www.adusadistribution-internal.careerswithus.com satu.xl.co.id satu.xl.co.id.cdn.cloudflare.net staging.comet.xl.co.id.cdn.cloudflare.net web.fir-dev.toyota.co.th fir-dev.toyota.co.th www.aloftbursa.com www.strategicplanning.biz www.qa.usfinancialcapability.org www.visithaderslev.dk www.hcp-piqray.com edit.neutrogena.com.br neutrogena.com.br www.neutrogena.com.br www.itnonline.com www.hcp-piqray.com.cdn.cloudflare.net buat.comet.xl.co.id.cdn.cloudflare.net ciam-rajaampat.xl.co.id.cdn.cloudflare.net comet.xl.co.id.cdn.cloudflare.net ciam-derawan.xl.co.id.cdn.cloudflare.net www.xl.co.id.cdn.cloudflare.net edit.neutrogena.com.br.cdn.cloudflare.net carrierrentalsystem.net www.qa.usfinancialcapability.org.cdn.cloudflare.net neutrogena.com.br.cdn.cloudflare.net itnonline.com www.strategicplanning.biz.cdn.cloudflare.net pun0.com 967uy.com marketbook.com.py siouxerosioncontrol.com subcortonedy.pro www.neutrogena.com.br.cdn.cloudflare.net vdelux-legal.com www.visithaderslev.dk.cdn.cloudflare.net puntodigioco.it www.regalforums.com.cdn.cloudflare.net www.suzukigw250.org.cdn.cloudflare.net

Open Ports Detected

2052 2053 2082 2083 2086 2087 2095 443 80 8080 8443 8880

Map

Whois Information

  • NetRange: 104.16.0.0 - 104.31.255.255
  • CIDR: 104.16.0.0/12
  • NetName: CLOUDFLARENET
  • NetHandle: NET-104-16-0-0-1
  • Parent: NET104 (NET-104-0-0-0-0)
  • NetType: Direct Allocation
  • OriginAS: AS13335
  • Organization: Cloudflare, Inc. (CLOUD14)
  • RegDate: 2014-03-28
  • Updated: 2021-05-26
  • Comment: All Cloudflare abuse reporting can be done via https://www.cloudflare.com/abuse
  • Ref: https://rdap.arin.net/registry/ip/104.16.0.0
  • OrgName: Cloudflare, Inc.
  • OrgId: CLOUD14
  • Address: 101 Townsend Street
  • City: San Francisco
  • StateProv: CA
  • PostalCode: 94107
  • Country: US
  • RegDate: 2010-07-09
  • Updated: 2021-07-01
  • Ref: https://rdap.arin.net/registry/entity/CLOUD14
  • OrgNOCHandle: CLOUD146-ARIN
  • OrgNOCName: Cloudflare-NOC
  • OrgNOCPhone: +1-650-319-8930
  • OrgNOCEmail: [email protected]
  • OrgNOCRef: https://rdap.arin.net/registry/entity/CLOUD146-ARIN
  • OrgAbuseHandle: ABUSE2916-ARIN
  • OrgAbuseName: Abuse
  • OrgAbusePhone: +1-650-319-8930
  • OrgAbuseEmail: [email protected]
  • OrgAbuseRef: https://rdap.arin.net/registry/entity/ABUSE2916-ARIN
  • OrgRoutingHandle: CLOUD146-ARIN
  • OrgRoutingName: Cloudflare-NOC
  • OrgRoutingPhone: +1-650-319-8930
  • OrgRoutingEmail: [email protected]
  • OrgRoutingRef: https://rdap.arin.net/registry/entity/CLOUD146-ARIN
  • OrgTechHandle: ADMIN2521-ARIN
  • OrgTechName: Admin
  • OrgTechPhone: +1-650-319-8930
  • OrgTechEmail: [email protected]
  • OrgTechRef: https://rdap.arin.net/registry/entity/ADMIN2521-ARIN
  • RNOCHandle: NOC11962-ARIN
  • RNOCName: NOC
  • RNOCPhone: +1-650-319-8930
  • RNOCEmail: [email protected]
  • RNOCRef: https://rdap.arin.net/registry/entity/NOC11962-ARIN
  • RTechHandle: ADMIN2521-ARIN
  • RTechName: Admin
  • RTechPhone: +1-650-319-8930
  • RTechEmail: [email protected]
  • RTechRef: https://rdap.arin.net/registry/entity/ADMIN2521-ARIN
  • RAbuseHandle: ABUSE2916-ARIN
  • RAbuseName: Abuse
  • RAbusePhone: +1-650-319-8930
  • RAbuseEmail: [email protected]
  • RAbuseRef: https://rdap.arin.net/registry/entity/ABUSE2916-ARIN

Links to attack logs

anonymous-proxy-ip-list-2023-07-08