104.18.2.149 Threat Intelligence and Host Information

Jun 24, 2025 ipinfopage

General

This page contains threat intelligence information for the IPv4 address 104.18.2.149 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Possibly Malicious Host 🟢 10/100

Host and Network Information

View other sources: Spamhaus VirusTotal

Country:
Network:
Noticed: 1 times
Protocols Attacked: Anonymous Proxy
Passive DNS Results: 7hhw7c.com njhtt63v.com u643gywtr.com tuwe3we.com dgrz73495.com ciy53yr6.com bcgzcsy2u5.com oassft37.com 463yet3.com 743fewt4t.com 1t9sefss.com 824yer85.com 06734dr5w.com jewelleryfair.in bernstein-badshop.de yourphillyliving.com www.aegs.ca climate.ny.gov wearesdepot.top link.m.slingshot.co.nz tjuvholmenstorage.com www.cinemark-peru.com www.yourphillyliving.com betkom130.com upload-dev.roche.com api.upload-dev.roche.com www2.thehealthiestfat.com bet668634.com www.kissofdepot.top kissofdepot.top bvcxzbvfdsrty.shop scheduledepo.com de-nl-wkr-sc-27816-changecfgroupvars.socrates.ssdgws.co.uk cinemark-peru.com advantagesales.net acuityhealthcareapps.net ahcjv.com myaccount.slingshot.co.nz.cdn.cloudflare.net lendcare.ca m.pujm4vhcqtvlsd.com cfdemolab-zone-0000000253.cfdemolab.xyz r2sportsbook.com www.driftlighttampa.com artstationcom.dev zwoc.nl carrier.ca askgamblers.info gastroenterologiapro.com.br qa-au-utx-testfbmvp-12006-audioattupdate.az.ssdgws.co.uk qa-no-du0-mcl-579-apierror.az.ssdgws.co.uk qa-no-wgh-fixmcl-458-topuplogic.az.ssdgws.co.uk www.omio.jp omio.jp clearbridge.net.cn pujm4vhcqtvlsd.com bhblhm.com www.gastroenterologiapro.com.br mbs-survey.com qa-ca-uhc-fixcaecom-3384-backbutton.az.ssdgws.co.uk www.selectcamp.com mycompassionsunday.com test.pecan.stjude.cloud www.molicare.at talosintelligence-eu.com x5c22.com twtr.new ccbm.aatl-prod.cc-bm.net.cdn.cloudflare.net rscarsbv.nl sagecrm.ch roasearch.sdcourt.ca.gov.cdn.cloudflare.net roa.sdcourt.ca.gov.cdn.cloudflare.net jwebsol.sdcourt.ca.gov jurywebsol.sdcourt.ca.gov ijcalc.sdcourt.ca.gov roagov.sdcourt.ca.gov ef13wbsprod2.sdcourt.ca.gov ef13wbsprodsupportj.sdcourt.ca.gov rasc.sdcourt.ca.gov racd.sdcourt.ca.gov stoneriver.showmeyourdig.ga sce.sdcourt.ca.gov flfdev.sdcourt.ca.gov resideo.cloudflaresso.com sorry.sdcourt.ca.gov joshie.sdcourt.ca.gov roasearch.sdcourt.ca.gov pilot.sdcourt.ca.gov ejuror.sdcourt.ca.gov dxctngnadxcsbw53inte.meetingpoint.vn muzicnate.com www.ramadadowntownhollywood.com.cdn.cloudflare.net nai.insurance-rates-now.com www.smictomdesflandres.fr.cdn.cloudflare.net wwwprod.sdcourt.ca.gov wwwdev.sdcourt.ca.gov cas.prod.odyssey.sdcourt.ca.gov portal.prod2.odyssey.sdcourt.ca.gov itours.sdcourt.ca.gov www.ramadadowntownhollywood.com stephane.ga sce.test.sdcourt.ca.gov roa.sdcourt.ca.gov ans.sdcourt.ca.gov insurance-rates-now.com auto.insurance-rates-now.com www.gandlwealth.com www.vaccinatethechildren.com www.northreadingma.gov qa2.advancementcourses.com.cdn.cloudflare.net wenhai-test5.sparkgamesk.com qa2.advancementcourses.com www.smictomdesflandres.fr sdcourt.ca.gov r.insurance-rates-now.com mfb-be.easycompute.systems www.sdcourt.ca.gov courtindex.sdcourt.ca.gov.cdn.cloudflare.net www.sdcourt.ca.gov.cdn.cloudflare.net www.northreadingma.gov.cdn.cloudflare.net betlima106.com semimi.tv 17semimiav.com smm88888.com sebaba.tv 91heisiwa.com www.vaccinatethechildren.com.cdn.cloudflare.net cl94k.com zoom9191.com sisisi91sss.com wuliaow91.com smm666666.com sssmmm91.com smmxy360.com sbaba1024.com semimi9191.com s10s20s30.com semba512.com sbb66666.com sbbxy520.com shipingzhaowo.com mmsmm91.com 592aksw.com 1314sebaba.com 9995ytsmm.com 17sss866.com numss666.com sebaba365.com 553cf.com kaskade-christmas.com gcbc.gcu.edu protonmafio.com www.gandlwealth.com.cdn.cloudflare.net vaccinatethechildren.com 722xi.com 311si.com www.311si.com www.133ya.com 133ya.com ec1t.com www.ec1t.com 0a9v.com

Open Ports Detected

2052 2082 2083 2086 2087 2095 443 80 8080 8443 8880

Map

Whois Information

NetRange: 104.16.0.0 - 104.31.255.255
CIDR: 104.16.0.0/12
NetName: CLOUDFLARENET
NetHandle: NET-104-16-0-0-1
Parent: NET104 (NET-104-0-0-0-0)
NetType: Direct Allocation
OriginAS: AS13335
Organization: Cloudflare, Inc. (CLOUD14)
RegDate: 2014-03-28
Updated: 2024-09-04
Comment: All Cloudflare abuse reporting can be done via https://www.cloudflare.com/abuse
Comment: Geofeed: https://api.cloudflare.com/local-ip-ranges.csv
Ref: https://rdap.arin.net/registry/ip/104.16.0.0
OrgName: Cloudflare, Inc.
OrgId: CLOUD14
Address: 101 Townsend Street
City: San Francisco
StateProv: CA
PostalCode: 94107
Country: US
RegDate: 2010-07-09
Updated: 2024-11-25
Ref: https://rdap.arin.net/registry/entity/CLOUD14
OrgTechHandle: ADMIN2521-ARIN
OrgTechName: Admin
OrgTechPhone: +1-650-319-8930
OrgTechEmail: rir@cloudflare.com
OrgTechRef: https://rdap.arin.net/registry/entity/ADMIN2521-ARIN
OrgAbuseHandle: ABUSE2916-ARIN
OrgAbuseName: Abuse
OrgAbusePhone: +1-650-319-8930
OrgAbuseEmail: abuse@cloudflare.com
OrgAbuseRef: https://rdap.arin.net/registry/entity/ABUSE2916-ARIN
OrgRoutingHandle: CLOUD146-ARIN
OrgRoutingName: Cloudflare-NOC
OrgRoutingPhone: +1-650-319-8930
OrgRoutingEmail: noc@cloudflare.com
OrgRoutingRef: https://rdap.arin.net/registry/entity/CLOUD146-ARIN
OrgNOCHandle: CLOUD146-ARIN
OrgNOCName: Cloudflare-NOC
OrgNOCPhone: +1-650-319-8930
OrgNOCEmail: noc@cloudflare.com
OrgNOCRef: https://rdap.arin.net/registry/entity/CLOUD146-ARIN
RTechHandle: ADMIN2521-ARIN
RTechName: Admin
RTechPhone: +1-650-319-8930
RTechEmail: rir@cloudflare.com
RTechRef: https://rdap.arin.net/registry/entity/ADMIN2521-ARIN
RAbuseHandle: ABUSE2916-ARIN
RAbuseName: Abuse
RAbusePhone: +1-650-319-8930
RAbuseEmail: abuse@cloudflare.com
RAbuseRef: https://rdap.arin.net/registry/entity/ABUSE2916-ARIN
RNOCHandle: NOC11962-ARIN
RNOCName: NOC
RNOCPhone: +1-650-319-8930
RNOCEmail: noc@cloudflare.com
RNOCRef: https://rdap.arin.net/registry/entity/NOC11962-ARIN

Links to attack logs

anonymous-proxy-ip-list-2025-06-23 anonymous-proxy-ip-list-2025-06-22

Share on: