104.18.2.2 Threat Intelligence and Host Information

General

This page contains threat intelligence information for the IPv4 address 104.18.2.2 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Potentially Malicious Host 🟡 50/100

Host and Network Information

• Tags: cyber security, historical ssl, ioc, malicious, Nextray, phishing, referrer

• View other sources: Spamhaus VirusTotal

• Contained within other IP sets: coinbl_hosts, hphosts_ats, hphosts_fsa, stopforumspam_365d

• Country:
• Network:
• Noticed: 30 times
• Protocols Attacked: Anonymous Proxy
• Countries Attacked: Canada, Czechia, Denmark, Estonia, France, Germany, Latvia, Lithuania, Norway, Poland, Romania, Turkey, Ukraine, United Kingdom of Great Britain and Northern Ireland, United States of America
• Passive DNS Results: kcn443.com o11qil.com 1fsuye.com 6nufcr.com smcu3z.com zw4nsr.com 54jkyy.com hchvso.com hkewlr.com txtpqs.com punriw.com nvr7dj.com xnjvs5.com f3s1lo.com kwbsdx.com lsdffm.com k6ybf5.com offbkq.com klyn1p.com lgw41v.com kpocye.com hdl41a.com oftmlb.com 1zzi2u.com yxwpof.com uqjv29.com ofbtbc.com ph198.app vyazen.dev 5wk0lu.com yl4nxu.com qpu5r9.com vyqr7y.com kkgyo7.com ww6rsr.com 82my9t.com ofx3qf.com fv1yjs.com k4z2tt.com wx2dkm.com elal7n.com ugdund.com wsnxvn.com oa08dl.com kpsgvd.com paebyv.com elnbwx.com qldrg4.com 0doagk.com gaivxv.com ztb7a9.com eoy3gp.com sdy5uu.com eka5hc.com h55rbl.com ts649u.com ph19.com e5wsx5.com www.b3t9yh.com www.ph19888.com ph19877.com www.ph19877.com ph198.pro ph19888.com www.ph198.pro ph19822.com www.ph198.info www.ph19855.com www.ph19844.com ph19811.com patientdirect.net ok-dr.patientdirect.net sg8hh5.com xffczj.com wfxxmj.com tjv4wk.com tdgxmo.com d0wfsv.com d84bzf.com vuwufz.com sw1s12.com mq961v.com hje5bz.com lkk4gg.com lnpvcv.com irmrrn.com iyh0h8.com yppdxx.com irure4.com yxcjqj.com qoditv.com q3bvic.com ywjgep.com jfqjkh.com ubtewr.com egnjol.com e8ust2.com 7jbd7z.com 3xvfto.com 7ptdv6.com 51xj7q.com 4pzukx.com ks63ho.com 0pswms.com rplo7g.com rpssyw.com rej0sf.com r1vc8u.com flfhia.com ffbese.com fe57xg.com cityemployeepharmacy.com xs0hz6.com xlqm16.com x9yiby.com xndvzr.com xqamej.com wqdjt.com a3jv7l.com x8eil2.com whksaw.com xwqeb.com aixngk.com an3jo7.com affcw0.com tn1jfg.com t57kmi.com trqjmk.com dlsmv.com d6iixi.com dna3il.com czypx.com v9jta0.com cwhnz.com v90zkt.com vrmqa.com sapw3u.com snfnhg.com smhkv.com hkriov.com h3r4ro.com sfx1cr.com hehhuh.com hk1g4f.com h6gkcd.com hkspq.com mdoz5y.com mgp9wb.com h0gimr.com mgjzka.com mklwqs.com mhzpk.com mctlrv.com m6muqa.com mgf0oe.com m2myfd.com mbdfki.com lbvjr.com zthwp.com loav1b.com lj5qrf.com phcwne.com ltfhii.com i9ddw8.com phbmn.com psxjm.com zxzawy.com idobfp.com qggyce.com qf7wx9.com ijnsmf.com ypiiw8.com yc0wuq.com qvtrx.com phztps.com yss0qt.com phrlk.com phqzrt.com phqzr.com phrdlw.com phmtz.com pelgiu.com ynrqc.com phknjq.com yyrpvx.com pmruob.com phdqx.com phsjt.com phknr.com phvnt.com bjkdu.com phvwm.com phvmka.com gzrybb.com gxjbic.com gchadt.com gu6xbg.com gibcfd.com jhl86b.com uyl7ev.com uqmw72.com u3isfv.com oyh39b.com o4kd9f.com etpoem.com nsrnt2.com nyj7ch.com 8ca73p.com 6ptzg2.com ncukpj.com 6duwks.com 9as9uz.com 769dxb.com 6d81ju.com 8kwmta.com 0rasly.com 8lcgw9.com 03jor3.com 5e06na.com 2hujny.com k74qpr.com kk836v.com kgckia.com kksy56.com rgptm.com rxvnt.com rthilc.com rz37tz.com kitvyg.com rbx5hs.com fqazqb.com f3ezsc.com ft5bf7.com fcq06g.com fbwesz.com www.c2l9sm.com www.o4s9ch.com www.k2m9yt.com xznxmg.com xyhuvc.com xs5ce3.com xgsdmt.com wlkcq4.com wt5nju.com wwnjqo.com wrrayc.com wlznst.com arqric.com axzhe4.com atmls9.com aprwkd.com ap9dr9.com agfyvu.com a8vkhc.com tsa7ai.com tvuxjo.com to42gq.com dwhfbh.com dsxoxv.com d0qopo.com dzhca3.com dcrigk.com c6re84.com czmte5.com spcyxv.com coshzi.com cvor3f.com vimzgm.com cfiz0o.com ceg98j.com cjwdfe.com vdzxjm.com vv8zgx.com vjqar9.com vmvkw3.com vuintr.com siyhn0.com shtfms.com hb7r2o.com mgntxq.com mhgr2f.com lujc18.com laqnmr.com lmfqz4.com zme7c3.com lcxz5h.com lcpcjh.com zrqiae.com zthby3.com znmxuq.com zmn2ap.com zcjay6.com zh0jsz.com i63roy.com zb4mmg.com y3cfes.com qq7bzj.com qf4aea.com iitore.com qejr25.com ydcwc2.com y8y8j1.com yr9sta.com q5fcy9.com q87itc.com qmomc3.com ywweig.com px486q.com prujwh.com yveiud.com yi27nz.com yshqfn.com yfle3m.com p4qybq.com pggrai.com bbfoxy.com bcfeg2.com gv2p6u.com bnb3vs.com b7snmu.com bs9rxz.com groaz3.com b5pdxr.com bc8plz.com gogjzg.com uvty4i.com jzp708.com j226s2.com jybjkj.com orti4n.com obicqb.com uvagdb.com uw3en1.com uhblz9.com eqguxu.com ufvdua.com e3s0az.com e5dov8.com eazqkv.com efm1fr.com nhfqol.com nwl06p.com nluxrk.com e3syyu.com nbvniv.com 8qbgqs.com 7adxyi.com 9hqgnp.com 6jbczb.com 4l9gzx.com 77vvaf.com 3nkars.com 9oh6mu.com 6zuif0.com 8evh3d.com 74qfnn.com 0dnhtl.com 1llrlj.com 39vggd.com 0klv76.com 3hv6ji.com 1xizhp.com 1njj2l.com 4b4jdo.com 0uaxfv.com 6x6dxq.com kufxin.com 3hnlqe.com kws9gj.com 0fyzbe.com 1n7ghs.com 1imq6v.com ks72c9.com klsb8c.com kjoxii.com k1avil.com kpu0dz.com kcesu0.com rtxrsu.com rztlgp.com regepn.com rbqbhz.com fvlede.com ft5zzl.com ftvjgv.com f8u9rw.com fdgrzb.com f4b4uu.com ojj8kh.com americanas-bko.bcarddigital.com.br www.ph198.club www.ph198.biz ph198.vip ph198.one ph198.info x1g9ur.com w9a2ne.com a7m2qp.com t5m8vk.com t4v6wn.com d3w6fq.com c2l9sm.com v6d3zn.com s7x4pe.com h8q1bw.com m7a2wc.com z3q9pf.com l8k5rb.com q6p1xr.com z8k5dn.com ph198.com y5r8jl.com p1y7gx.com b6h2yt.com b3t9yh.com g1p7uz.com j3r5vq.com u9f2ka.com o4s9ch.com e5v8hq.com n4j3ub.com n2x6jd.com k2m9yt.com r9k3tz.com r7c4lw.com f2s8je.com banner-rehabhospitals.com nu778.com sandbox.planful.com sandbox.planful.com.cdn.cloudflare.net links.gotodsi.com tmsdev-aztms-lp-ts35.jdadelivers.com www.bet88.ph cltemssvct.jdadelivers.com mega.bet88.ph rainlouisa.top ba99-lowe-wms-web-pra67-3968.jdadelivers.com bc10-wes-mod-waf-dv3.jdadelivers.com na11.planful.com na11.planful.com.cdn.cloudflare.net www.realvalleezcaray.com realvalleezcaray.com ba42-sai-wms-app-pra1.jdadelivers.com na07.planful.com na07.planful.com.cdn.cloudflare.net qax.pre.supdeluxe.com app.sixnationsrugby.com bet88.ph kchr.co 88b.shop dxctayingit73z1wprod-slot.paastest.epimore.com xoilacvacp.cc uat.pre.supdeluxe.com de-nl-rui-testsc-34711-cdrpautomation.socrates.ssdgws.co.uk dev-account.sixnationsrugby.com h5.ongamingo.com predictpysbx.planful.com du-bist-banker.de tdfinancedaily.com piqray-dosing.com bongdaluu.cc qa.pre.supdeluxe.com motus-tataselect.co.za qa-no-k7i-apd-4167-browseandsearchuplift.az.ssdgws.co.uk qa-no-fxv-fbmvp-19915-playwrighttests2.az.ssdgws.co.uk globall.my.id gotodsi.com www.ugrad.med.monash.edu.au volunteer.monash.edu.au www.ugrad.med.monash.edu ugrad.med.monash.edu.au ugrad.med.monash.edu mrs.monash.edu.au www.volunteer.monash.edu.au www.volunteer.monash.edu www.start.monash volunteer.monash.edu mrs.monash.edu www.webtoolkit.monash cen-fares.online ggbetcity.com test.ongamingo.com qa-ie-qoa-fbmvp-19701-updatemonetateclie.az.ssdgws.co.uk cdn.ongamingo.com cneticsdata.net sixnationsrugby.com www.hazelwoodhealthstudy.org.au www.monashtalent.com.au precutpro.com bcarddigital.com.br stats.sixnationsrugby.com monash.squizedge.cloud 47phwin.life www.ifastgp.com.hk www.sixnationsrugby.com kampus.ruangguru.com siga.uniritter.edu.br.cdn.cloudflare.net liveteaching.ruangguru.com ongamingo.com baltcosavings.com

Open Ports Detected

2052 2082 2086 2087 2095 443 80 8080 8443 8880

Map

Whois Information

• NetRange: 104.16.0.0 - 104.31.255.255
• CIDR: 104.16.0.0/12
• NetName: CLOUDFLARENET
• NetHandle: NET-104-16-0-0-1
• Parent: NET104 (NET-104-0-0-0-0)
• NetType: Direct Allocation
• OriginAS:
• Organization: Cloudflare, Inc. (CLOUD14)
• RegDate: 2014-03-28
• Updated: 2024-09-04
• Comment: All Cloudflare abuse reporting can be done via https://www.cloudflare.com/abuse
• Comment: Geofeed: https://api.cloudflare.com/local-ip-ranges.csv
• Ref: https://rdap.arin.net/registry/ip/104.16.0.0
• OrgName: Cloudflare, Inc.
• OrgId: CLOUD14
• Address: 101 Townsend Street
• City: San Francisco
• StateProv: CA
• PostalCode: 94107
• Country: US
• RegDate: 2010-07-09
• Updated: 2024-11-25
• Ref: https://rdap.arin.net/registry/entity/CLOUD14
• OrgNOCHandle: CLOUD146-ARIN
• OrgNOCName: Cloudflare-NOC
• OrgNOCPhone: +1-650-319-8930
• OrgNOCEmail: noc@cloudflare.com
• OrgNOCRef: https://rdap.arin.net/registry/entity/CLOUD146-ARIN
• OrgAbuseHandle: ABUSE2916-ARIN
• OrgAbuseName: Abuse
• OrgAbusePhone: +1-650-319-8930
• OrgAbuseEmail: abuse@cloudflare.com
• OrgAbuseRef: https://rdap.arin.net/registry/entity/ABUSE2916-ARIN
• OrgTechHandle: ADMIN2521-ARIN
• OrgTechName: Admin
• OrgTechPhone: +1-650-319-8930
• OrgTechEmail: rir@cloudflare.com
• OrgTechRef: https://rdap.arin.net/registry/entity/ADMIN2521-ARIN
• OrgRoutingHandle: CLOUD146-ARIN
• OrgRoutingName: Cloudflare-NOC
• OrgRoutingPhone: +1-650-319-8930
• OrgRoutingEmail: noc@cloudflare.com
• OrgRoutingRef: https://rdap.arin.net/registry/entity/CLOUD146-ARIN
• RAbuseHandle: ABUSE2916-ARIN
• RAbuseName: Abuse
• RAbusePhone: +1-650-319-8930
• RAbuseEmail: abuse@cloudflare.com
• RAbuseRef: https://rdap.arin.net/registry/entity/ABUSE2916-ARIN
• RNOCHandle: NOC11962-ARIN
• RNOCName: NOC
• RNOCPhone: +1-650-319-8930
• RNOCEmail: noc@cloudflare.com
• RNOCRef: https://rdap.arin.net/registry/entity/NOC11962-ARIN
• RTechHandle: ADMIN2521-ARIN
• RTechName: Admin
• RTechPhone: +1-650-319-8930
• RTechEmail: rir@cloudflare.com
• RTechRef: https://rdap.arin.net/registry/entity/ADMIN2521-ARIN

Links to attack logs

anonymous-proxy-ip-list-2025-08-22 anonymous-proxy-ip-list-2025-09-16 anonymous-proxy-ip-list-2025-09-21 anonymous-proxy-ip-list-2025-09-27 anonymous-proxy-ip-list-2025-08-12 anonymous-proxy-ip-list-2025-08-13 anonymous-proxy-ip-list-2025-06-30 anonymous-proxy-ip-list-2025-07-02 anonymous-proxy-ip-list-2023-07-15 anonymous-proxy-ip-list-2025-07-18 anonymous-proxy-ip-list-2023-06-28 anonymous-proxy-ip-list-2023-07-28 anonymous-proxy-ip-list-2025-08-26 anonymous-proxy-ip-list-2025-08-31 anonymous-proxy-ip-list-2025-09-01 anonymous-proxy-ip-list-2025-09-02 anonymous-proxy-ip-list-2025-10-06 anonymous-proxy-ip-list-2025-08-03 anonymous-proxy-ip-list-2025-06-26 anonymous-proxy-ip-list-2025-06-27 anonymous-proxy-ip-list-2023-07-19 anonymous-proxy-ip-list-2025-08-23 anonymous-proxy-ip-list-2025-09-05 anonymous-proxy-ip-list-2025-10-03 anonymous-proxy-ip-list-2025-10-04 anonymous-proxy-ip-list-2025-06-23 anonymous-proxy-ip-list-2025-07-13 ****** anonymous-proxy-ip-list-2023-06-29 anonymous-proxy-ip-list-2023-07-18 anonymous-proxy-ip-list-2025-09-11 anonymous-proxy-ip-list-2025-07-30 anonymous-proxy-ip-list-2025-08-10 anonymous-proxy-ip-list-2025-07-11 anonymous-proxy-ip-list-2025-07-15 anonymous-proxy-ip-list-2023-05-27 anonymous-proxy-ip-list-2025-08-14 anonymous-proxy-ip-list-2025-08-21 anonymous-proxy-ip-list-2023-07-26 anonymous-proxy-ip-list-2023-07-27 anonymous-proxy-ip-list-2025-08-27 anonymous-proxy-ip-list-2025-08-30 anonymous-proxy-ip-list-2025-09-04 anonymous-proxy-ip-list-2025-10-02 anonymous-proxy-ip-list-2025-10-07 anonymous-proxy-ip-list-2025-07-24 anonymous-proxy-ip-list-2025-08-11 anonymous-proxy-ip-list-2025-07-01 anonymous-proxy-ip-list-2025-07-06 anonymous-proxy-ip-list-2025-09-15 anonymous-proxy-ip-list-2025-07-23 anonymous-proxy-ip-list-2025-06-22 anonymous-proxy-ip-list-2025-07-07 anonymous-proxy-ip-list-2025-07-14 anonymous-proxy-ip-list-2023-07-10 anonymous-proxy-ip-list-2025-08-28 anonymous-proxy-ip-list-2025-10-05 anonymous-proxy-ip-list-2025-06-28 anonymous-proxy-ip-list-2025-06-29 anonymous-proxy-ip-list-2025-07-05 anonymous-proxy-ip-list-2023-05-26 anonymous-proxy-ip-list-2025-08-25 anonymous-proxy-ip-list-2025-09-07 anonymous-proxy-ip-list-2025-09-20 anonymous-proxy-ip-list-2025-09-22 anonymous-proxy-ip-list-2025-09-25 anonymous-proxy-ip-list-2025-10-10 anonymous-proxy-ip-list-2025-07-27 anonymous-proxy-ip-list-2025-08-08 anonymous-proxy-ip-list-2025-06-24 anonymous-proxy-ip-list-2025-08-29 anonymous-proxy-ip-list-2025-09-08 anonymous-proxy-ip-list-2025-09-18 anonymous-proxy-ip-list-2025-09-30 anonymous-proxy-ip-list-2025-10-12 anonymous-proxy-ip-list-2025-08-15 anonymous-proxy-ip-list-2025-08-17 anonymous-proxy-ip-list-2025-07-12 anonymous-proxy-ip-list-2025-08-24 anonymous-proxy-ip-list-2025-09-10 anonymous-proxy-ip-list-2025-07-17 anonymous-proxy-ip-list-2023-05-24 anonymous-proxy-ip-list-2023-06-30 anonymous-proxy-ip-list-2025-09-28 anonymous-proxy-ip-list-2025-07-22 anonymous-proxy-ip-list-2025-08-18 anonymous-proxy-ip-list-2025-10-16 anonymous-proxy-ip-list-2025-09-19 anonymous-proxy-ip-list-2025-10-13 anonymous-proxy-ip-list-2025-07-28 anonymous-proxy-ip-list-2025-07-31 anonymous-proxy-ip-list-2025-08-01 anonymous-proxy-ip-list-2025-08-05 anonymous-proxy-ip-list-2025-10-17 anonymous-proxy-ip-list-2023-07-09 anonymous-proxy-ip-list-2025-09-06 anonymous-proxy-ip-list-2025-10-09 anonymous-proxy-ip-list-2025-07-19 anonymous-proxy-ip-list-2025-08-02 anonymous-proxy-ip-list-2023-06-22 anonymous-proxy-ip-list-2023-07-02 anonymous-proxy-ip-list-2023-07-30 anonymous-proxy-ip-list-2025-09-12 anonymous-proxy-ip-list-2025-09-23 anonymous-proxy-ip-list-2025-10-11 anonymous-proxy-ip-list-2025-08-19 anonymous-proxy-ip-list-2025-07-09 anonymous-proxy-ip-list-2025-07-10 ****** anonymous-proxy-ip-list-2023-05-23 anonymous-proxy-ip-list-2023-07-03 anonymous-proxy-ip-list-2025-09-09 anonymous-proxy-ip-list-2025-09-26 anonymous-proxy-ip-list-2025-09-29 anonymous-proxy-ip-list-2025-07-29 anonymous-proxy-ip-list-2025-08-04 anonymous-proxy-ip-list-2025-08-07 anonymous-proxy-ip-list-2025-08-09 anonymous-proxy-ip-list-2025-07-03 anonymous-proxy-ip-list-2025-07-04 anonymous-proxy-ip-list-2025-07-08 anonymous-proxy-ip-list-2023-07-13 anonymous-proxy-ip-list-2025-09-03 anonymous-proxy-ip-list-2025-07-25 anonymous-proxy-ip-list-2025-08-06 anonymous-proxy-ip-list-2025-07-16 anonymous-proxy-ip-list-2023-07-14 ****** anonymous-proxy-ip-list-2025-09-13 anonymous-proxy-ip-list-2025-09-17 anonymous-proxy-ip-list-2025-10-08 anonymous-proxy-ip-list-2025-10-15 anonymous-proxy-ip-list-2025-07-20 anonymous-proxy-ip-list-2025-07-26 anonymous-proxy-ip-list-2025-08-16 anonymous-proxy-ip-list-2025-08-20 anonymous-proxy-ip-list-2025-06-25 anonymous-proxy-ip-list-2023-07-21 anonymous-proxy-ip-list-2025-09-14 anonymous-proxy-ip-list-2025-09-24 anonymous-proxy-ip-list-2025-10-01 anonymous-proxy-ip-list-2025-10-14 anonymous-proxy-ip-list-2025-07-21 anonymous-proxy-ip-list-2025-10-18