104.18.236.68 Threat Intelligence and Host Information
General
This page contains threat intelligence information for the IPv4 address 104.18.236.68 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.
Possibly Malicious Host 🟢 10/100
Host and Network Information
-
JARM: 27d40d40d00040d1dc42d43d00041d6183ff1bfae51ebd88d70384363d525c
-
View other sources: Spamhaus VirusTotal
- Country:
- Network:
- Noticed: 1 times
- Protocols Attacked: Anonymous Proxy
- Passive DNS Results: wq.apnic.net.cdn.cloudflare.net rrdp.sub.apnic.net api.rex.io.apnic.net twnic-rdap.gke-sydney.prod.xyz.apnic.net idnic-rdap.gke-virginia.prod.xyz.apnic.net apnic-rdap.gke-virginia.prod.xyz.apnic.net cgi1.gke-sydney-test.nonprod.xyz.apnic.net dash.stg.xyz.apnic.net cgi2.gke-sydney-test.nonprod.xyz.apnic.net 7ytns9en.com orbit.apnic.net.cdn.cloudflare.net rex-server.gke-sydney-test.nonprod.xyz.apnic.net api-webapp.notification.io.apnic.net api-slack.notification.io.apnic.net idnic-rdap.gke-sydney.prod.xyz.apnic.net rdap.gke-virginia.prod.xyz.apnic.net reconnect.apnic.net reconnect-test.apnic.net kk.jhgame.online ouzhoubei.com nk2j7u.com ysk5mh0.com x1ju7z6mk.com w5khu3.com syeb7jkq.com hv3u0jo9.com 8vy5gw.com ri9xsh5aj0.com jikcl.com img.saas.7779888.shop registry-api.apnic.net notification.apnic.net chencd97.com rrdp-r2.apnic.net submit.apnic.net conference.apnic.net bylaws.apnic.net api.netox.io.apnic.net fun.chencd97.com cgi1.apnic.net meetings.apnic.net meetings.apnic.net.cdn.cloudflare.net conference.apnic.net.cdn.cloudflare.net api.dash.io.apnic.net analytics-api.apnic.net jpnic.rdap.apnic.net.cdn.cloudflare.net rex.apnic.net rex-measurements.apnic.net rrdp2.apnic.net rrdp.tst.xyz.apnic.net comment.apnic.net krnic-rdap.tst.xyz.apnic.net rdap-web.apnic.net 48e48.com community.apnic.net orbit.apnic.net rpki-as0-web.apnic.net event-hooks.apnic.net notification.stg.xyz.apnic.net www.survey.apnic.net webdist.data.apnic.net archive.apnic.net survey.apnic.net rrdp-as0.apnic.net events.apnic.net training.apnic.net nfh.apnic.net rrdp.apnic.net mailman.innog.net stats.stg.xyz.apnic.net netox.stg.xyz.apnic.net dash-web.stg.xyz.apnic.net mailman.apnic.net registry-monitoring.apnic.net rrdp-cf.apnic.net wiki-old.apnic.net analytics.apnic.net gitlab-pipeline-template.tst.xyz.apnic.net jira-old.apnic.net legacy-stats.apnic.net idnic-rdap.tst.xyz.apnic.net jpnic-rdap.tst.xyz.apnic.net twnic-rdap.tst.xyz.apnic.net rdap-test.apnic.net status.apnic.net netox.tst.xyz.apnic.net rpki-as0-web.tst.xyz.apnic.net rex.tst.xyz.apnic.net rex.stg.xyz.apnic.net rrdp-as0.tst.xyz.apnic.net unblockme.apnic.net netox.apnic.net www.apnic.net cdn.data.apnic.net jira.apnic.net blog.apnic.net wiki.apnic.net krnic.rdap.apnic.net directory.apnic.net webdist.tst.xyz.apnic.net submission.apnic.net ripestat.apnic.net jpnic.rdap.apnic.net kvwriter.apnic.net dash.apnic.net membership-application.tst.xyz.apnic.net stats.apnic.net upload.apnic.net academy-cf.apnic.net cdn.data.tst.xyz.apnic.net twnic.rdap.apnic.net membership-application.apnic.net idnic.rdap.apnic.net api-docs.tst.xyz.apnic.net rdap-web.tst.xyz.apnic.net stats.tst.xyz.apnic.net dash-web.tst.xyz.apnic.net id-v3.tst.xyz.apnic.net livechat.apnic.net directory.apnic.net.cdn.cloudflare.net rdap.apnic.net fellowship.apnic.net rrdp-as0.tst.xyz.apnic.net.cdn.cloudflare.net fellowship.apnic.net.cdn.cloudflare.net unblockme.apnic.net.cdn.cloudflare.net ts.tst.xyz.apnic.net.cdn.cloudflare.net rrdp-as0.apnic.net.cdn.cloudflare.net events.apnic.net.cdn.cloudflare.net krnic.rdap-worker.apnic.net.cdn.cloudflare.net rdap-cf.apnic.net.cdn.cloudflare.net stats.stg.xyz.apnic.net.cdn.cloudflare.net rsar-web.stg.xyz.apnic.net.cdn.cloudflare.net dash-web.stg.xyz.apnic.net.cdn.cloudflare.net rsar-web.tst.xyz.apnic.net.cdn.cloudflare.net netox.tst.xyz.apnic.net.cdn.cloudflare.net stats.tst.xyz.apnic.net.cdn.cloudflare.net dash-web.tst.xyz.apnic.net.cdn.cloudflare.net submission.apnic.net.cdn.cloudflare.net nfh.apnic.net.cdn.cloudflare.net upload.apnic.net.cdn.cloudflare.net jpnic.rdap-worker.apnic.net.cdn.cloudflare.net jira.apnic.net.cdn.cloudflare.net wiki.apnic.net.cdn.cloudflare.net rdap-web.apnic.net.cdn.cloudflare.net dash.apnic.net.cdn.cloudflare.net cdn.data.tst.xyz.apnic.net.cdn.cloudflare.net twnic.rdap.apnic.net.cdn.cloudflare.net archive.apnic.net.cdn.cloudflare.net stats.apnic.net.cdn.cloudflare.net webdist.tst.xyz.apnic.net.cdn.cloudflare.net training.apnic.net.cdn.cloudflare.net api-docs.tst.xyz.apnic.net.cdn.cloudflare.net idnic.rdap.apnic.net.cdn.cloudflare.net rpki-stats.apnic.net.cdn.cloudflare.net membership-application.apnic.net.cdn.cloudflare.net cdn.data.apnic.net.cdn.cloudflare.net netox.apnic.net.cdn.cloudflare.net membership-application.tst.xyz.apnic.net.cdn.cloudflare.net gcp.rdap.apnic.net.cdn.cloudflare.net krnic.rdap.apnic.net.cdn.cloudflare.net webdist.data.apnic.net.cdn.cloudflare.net www.apnic.net.cdn.cloudflare.net blog.apnic.net.cdn.cloudflare.net rdap.apnic.net.cdn.cloudflare.net account.337.com
Malware Detected on Host
Count: 18 b05267bac22a5ef005e86c3fedf9376076d51a2b78905c9048fb94f3b0c66f0a f7ae4a03fe57f26d48e96e4bdc1886f3e538c2f8133ce641bddb82173954889b 3e2a6454219b8ec7136a3defb8c05e66349667f42066314d87b5b771266fe71d 5b29f492959a54c98ca72473b58c267f3a8d2feb5e668d1cbdbca8c0ddeae4e4 632ffb660f10989dfdfb9f843b8994682e00bc11855db17fe71c81c82b23660f 046898bb533792f77ffd4c7568d63b95c91c45c7b20b5088b603d5705f7cccd2 e2a0f85db8574872fda5ceef5af73f3b4a820d58039894d90fe82c4ec8522368 3be8bd20a4f0411c6cf1311ad2c6614ac89733a73d732ce085a9b530091c5209 ecf0e829003b8256bb83cebfa9fbe0a8256ffde9ab03e56392270f96bc37960f 96873f5208c7e8691064d3775eca589ae18b899e68a141f33b6901137d6bac9d
Open Ports Detected
2053 2082 2083 2086 2087 443 80 8080 8443 8880
Map
Whois Information
- NetRange: 104.16.0.0 - 104.31.255.255
- CIDR: 104.16.0.0/12
- NetName: CLOUDFLARENET
- NetHandle: NET-104-16-0-0-1
- Parent: NET104 (NET-104-0-0-0-0)
- NetType: Direct Allocation
- OriginAS: AS13335
- Organization: Cloudflare, Inc. (CLOUD14)
- RegDate: 2014-03-28
- Updated: 2024-09-04
- Comment: All Cloudflare abuse reporting can be done via https://www.cloudflare.com/abuse
- Comment: Geofeed: https://api.cloudflare.com/local-ip-ranges.csv
- Ref: https://rdap.arin.net/registry/ip/104.16.0.0
- OrgName: Cloudflare, Inc.
- OrgId: CLOUD14
- Address: 101 Townsend Street
- City: San Francisco
- StateProv: CA
- PostalCode: 94107
- Country: US
- RegDate: 2010-07-09
- Updated: 2024-11-25
- Ref: https://rdap.arin.net/registry/entity/CLOUD14
- OrgTechHandle: ADMIN2521-ARIN
- OrgTechName: Admin
- OrgTechPhone: +1-650-319-8930
- OrgTechEmail: rir@cloudflare.com
- OrgTechRef: https://rdap.arin.net/registry/entity/ADMIN2521-ARIN
- OrgAbuseHandle: ABUSE2916-ARIN
- OrgAbuseName: Abuse
- OrgAbusePhone: +1-650-319-8930
- OrgAbuseEmail: abuse@cloudflare.com
- OrgAbuseRef: https://rdap.arin.net/registry/entity/ABUSE2916-ARIN
- OrgRoutingHandle: CLOUD146-ARIN
- OrgRoutingName: Cloudflare-NOC
- OrgRoutingPhone: +1-650-319-8930
- OrgRoutingEmail: noc@cloudflare.com
- OrgRoutingRef: https://rdap.arin.net/registry/entity/CLOUD146-ARIN
- OrgNOCHandle: CLOUD146-ARIN
- OrgNOCName: Cloudflare-NOC
- OrgNOCPhone: +1-650-319-8930
- OrgNOCEmail: noc@cloudflare.com
- OrgNOCRef: https://rdap.arin.net/registry/entity/CLOUD146-ARIN
- RTechHandle: ADMIN2521-ARIN
- RTechName: Admin
- RTechPhone: +1-650-319-8930
- RTechEmail: rir@cloudflare.com
- RTechRef: https://rdap.arin.net/registry/entity/ADMIN2521-ARIN
- RAbuseHandle: ABUSE2916-ARIN
- RAbuseName: Abuse
- RAbusePhone: +1-650-319-8930
- RAbuseEmail: abuse@cloudflare.com
- RAbuseRef: https://rdap.arin.net/registry/entity/ABUSE2916-ARIN
- RNOCHandle: NOC11962-ARIN
- RNOCName: NOC
- RNOCPhone: +1-650-319-8930
- RNOCEmail: noc@cloudflare.com
- RNOCRef: https://rdap.arin.net/registry/entity/NOC11962-ARIN
Links to attack logs
anonymous-proxy-ip-list-2025-06-23 anonymous-proxy-ip-list-2025-06-22
Share on: