104.18.12.79 Threat Intelligence and Host Information

General

This page contains threat intelligence information for the IPv4 address 104.18.12.79 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Possibly Malicious Host 🟢 5/100

Host and Network Information

• View other sources: Spamhaus VirusTotal

• Country:
• Network:
• Noticed: 1 times
• Protocols Attacked: SSH
• Passive DNS Results: www.erfolgdealer.de superalloygames-tw.com crickexapp.com cli-train.emdeon.com poplarhealthcare.com crickexin.com 2mostplay.com cxlive777.com mostplay777.com crickexpro.com the-prince-albert.co.uk mostplaybdt.com jeetwe.com jeetwayaffiliates.com jeetwayaffiliate.com crickexch.com betjili.vip crickexvip.com marvelbet.com marvelbet88.com crickex365.club crickex.com portlandpress.com service-offering-public-api.worldremit.com clpslop.com clpsdev.com clpspro.com clpecfx.com qa-se-n5m-ge-3048-updatecorerepo.az.ssdgws.co.uk cxroyal.com crickex.group mostplay.fun marvelbetdi1.com marvelbetdi8.com 3mostplay.com 10mostplay.com southafrican-rewards.com mostplayvip.com mvb88.com criketsixes.fun crickex.club betjili.online betjili.live marvlebet.com 5marvelbet.com 1mostplay.com 6marvelbet.com cxwin.vip 6mostplay.com www.egypt-portal.site egypt-portal.site 10crickex.com mostplayipl.com crickexipl.live mostplayipl.live mostplay365.live crickex247.club crickexipl.club mostplayipl.club crickexipl.buzz betjili.life 2betjili.com 4betjili.com 5betjili.com 1betjili.com 3betjili.com mostply.com xenophonlinus.com hippolyteedit.com 11crickex.com 13crickex.com 12crickex.com 20crickex.com 15crickex.com 19crickex.com 17crickex.com 18crickex.com 16crickex.com 14crickex.com mostplay.vip marvelbetdi3.com marvelbetdi9.com marvelbetdi7.com marvelbetdi2.com crickex.live clpsame.com clpswrd.com 5e52u5e.fbdd8cg83.com mostplay.online www.jewishnews.co.uk www.jewishnews.co.uk.cdn.cloudflare.net theepochtimes.com api.ashcon.app link.theepochtimes.com yuan.clpecfx.com ca.theepochtimes.com www.theepochtimes.com clpsokl.com clpsril.com clpszat.com clpsunt.com clpsuuz.com clpseei.com clpslpa.com clpslli.com clpskki.com clpsjsk.com clpsyyi.com clpsud.com clpscgh.com clpsep.com clpsnap.com clpsaas.com prod.corinthia.com enovationsolutions.pl ushealthworks.com 23platinum.net lcc-stg.hlrptech.com wt.plf-fastlypoc-0.auth0c.com edge.tenants.plf-fastlypoc-0.auth0c.com static.jewishnews.co.uk kropyva.nettlecloud.com www.yourapparelsource.com resources-stage.nettlecloud.com www.munters.com.br resources.nettlecloud.com resources-demo.nettlecloud.com qa-no-8xr-fbmvp-13880-temptestenvironmen.az.ssdgws.co.uk a370a9658141.pipeline-mgr.skyflowapis-preview.com plf-fastlypoc-0.auth0c.com xxxlutz.hu qa-nl-nhg-testfbmvp-13637-increasecompon.az.ssdgws.co.uk sunlyseltzer.com.au marketing-api.worldremit.com perks-sg.com uat-online.bankingonyoucu.org admin.uat-online.bankingonyoucu.org cbb9d6135f69.gateway.skyflowapis-preview.com cbb9d6135f69.vault.skyflowapis-preview.com cbb9d6135f69.vault-beffe.skyflowapis-preview.com manage-nomihealth.skyflowapis-preview.com repo.ashcon.app a370a9658141.vault-beffe.skyflowapis-preview.com a370a9658141.vault.skyflowapis-preview.com a370a9658141.gateway.skyflowapis-preview.com tigredepapel.pt vivaskinaesthetics.com haisvoltato.it www.xxxlutz.hu www.worldremit.com ns.worldremit.com www.perks-sg.com worldremit.com dabrafenib.com www.haisvoltato.it allamericanauto.repair qa-sso.hlrptech.com sso.hlrptech.com yg19l.copy.paastest.co.uk clarionlionpropertiesfund.com ashcon.app npm.ashcon.app qa-fi-3gk-cmsrd-148-datafetchingchanges.az.ssdgws.co.uk breachresponse.com lmp-qa.hlrptech.com qa-ie-ikn-fbmvp-10341-roimockdata.az.ssdgws.co.uk insights.voxbone.com www.ogilvypr.com.au www.ogilvypr.com.au.cdn.cloudflare.net dev.bungeag.com uat.bungeag.com bungeag.com www.bungeag.com vsim-dev.hlrptech.com vsim-demo.hlrptech.com amphire.net chronologiq.ca f45training.id autobedrijflwolters.nl secure.ashbournemanagement.co.uk sub.dxctngnadxc57zqcprod.paastest.co.uk www.dxctngnadxc57zqcprod.paastest.co.uk api.mobile.mlbinfra.com www.planetwatch.io.cdn.cloudflare.net www.dabrafenib.com ef914a9e27e972fc2190956017f802ecceca48bc.vercel-workers.com handelsondernemingsarlemijn.nl mygetbanked.com support.planetwatch.io www.ecophon.ae www.planetwatch.io secure.ashbournemanagement.co.uk.cdn.cloudflare.net comprarfrenos.es www.comprarfrenos.es test.comprarfrenos.es setupsoftclub.com cibinqohcp.com mytampadreamhome.com www.ecophon.ae.cdn.cloudflare.net clubwulkan-online.site 5123la.com makeup.africa epic.de fyilife.com platincfd.com fukavertal.pro

Malware Detected on Host

Count: 1 32d5fe550b4f8fc355230b9a6e9b848fb88eb5e929cda3c900b15e262a874a7c

Open Ports Detected

2082 2083 2086 2087 443 80 8080 8443 8880

Map

Whois Information

• NetRange: 104.16.0.0 - 104.31.255.255
• CIDR: 104.16.0.0/12
• NetName: CLOUDFLARENET
• NetHandle: NET-104-16-0-0-1
• Parent: NET104 (NET-104-0-0-0-0)
• NetType: Direct Allocation
• OriginAS: AS13335
• Organization: Cloudflare, Inc. (CLOUD14)
• RegDate: 2014-03-28
• Updated: 2024-09-04
• Comment: All Cloudflare abuse reporting can be done via https://www.cloudflare.com/abuse
• Comment: Geofeed: https://api.cloudflare.com/local-ip-ranges.csv
• Ref: https://rdap.arin.net/registry/ip/104.16.0.0
• OrgName: Cloudflare, Inc.
• OrgId: CLOUD14
• Address: 101 Townsend Street
• City: San Francisco
• StateProv: CA
• PostalCode: 94107
• Country: US
• RegDate: 2010-07-09
• Updated: 2024-11-25
• Ref: https://rdap.arin.net/registry/entity/CLOUD14
• OrgTechHandle: ADMIN2521-ARIN
• OrgTechName: Admin
• OrgTechPhone: +1-650-319-8930
• OrgTechEmail: rir@cloudflare.com
• OrgTechRef: https://rdap.arin.net/registry/entity/ADMIN2521-ARIN
• OrgNOCHandle: CLOUD146-ARIN
• OrgNOCName: Cloudflare-NOC
• OrgNOCPhone: +1-650-319-8930
• OrgNOCEmail: noc@cloudflare.com
• OrgNOCRef: https://rdap.arin.net/registry/entity/CLOUD146-ARIN
• OrgRoutingHandle: CLOUD146-ARIN
• OrgRoutingName: Cloudflare-NOC
• OrgRoutingPhone: +1-650-319-8930
• OrgRoutingEmail: noc@cloudflare.com
• OrgRoutingRef: https://rdap.arin.net/registry/entity/CLOUD146-ARIN
• OrgAbuseHandle: ABUSE2916-ARIN
• OrgAbuseName: Abuse
• OrgAbusePhone: +1-650-319-8930
• OrgAbuseEmail: abuse@cloudflare.com
• OrgAbuseRef: https://rdap.arin.net/registry/entity/ABUSE2916-ARIN
• RNOCHandle: NOC11962-ARIN
• RNOCName: NOC
• RNOCPhone: +1-650-319-8930
• RNOCEmail: noc@cloudflare.com
• RNOCRef: https://rdap.arin.net/registry/entity/NOC11962-ARIN
• RAbuseHandle: ABUSE2916-ARIN
• RAbuseName: Abuse
• RAbusePhone: +1-650-319-8930
• RAbuseEmail: abuse@cloudflare.com
• RAbuseRef: https://rdap.arin.net/registry/entity/ABUSE2916-ARIN
• RTechHandle: ADMIN2521-ARIN
• RTechName: Admin
• RTechPhone: +1-650-319-8930
• RTechEmail: rir@cloudflare.com
• RTechRef: https://rdap.arin.net/registry/entity/ADMIN2521-ARIN

Links to attack logs

****** ****** ******