104.18.26.21 Threat Intelligence and Host Information

General

This page contains threat intelligence information for the IPv4 address 104.18.26.21 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Possibly Malicious Host 🟢 5/100

Host and Network Information

• View other sources: Spamhaus VirusTotal
• Contained within other IP sets: coinbl_hosts

• Country:
• Network:
• Noticed: 1 times
• Protocols Attacked: Anonymous Proxy
• Passive DNS Results: www.wholesalecentrals.cc ezwinph.com 789bet199.com sgravenlandautos.nl wholesalecentrals.cc hom-backoffice.carbuy.com.br preferred-parking.com 36661231.carbuy.com.br mario-lueder.com qa-gb-vny-fixfbmvp-24171-fixloggingissue.az.ssdgws.co.uk ballettstudiogratz-luftballonauto.de www.surfplay.co ip.trendo.vip www.jurisprudencia.gob.sv evento.carbuy.com.br hom-seguranca-frontend.carbuy.com.br rivcohws.org j88.soccer logistica.carbuy.com.br controle3h.carbuy.com.br controleh.carbuy.com.br hope2home.rivcohws.org burma.embassy.gov.au samoa.embassy.gov.au jordan.embassy.gov.au indonesia.embassy.gov.au turkey.embassy.gov.au hongkong.china.embassy.gov.au www.eachondepot.top eachondepot.top 6noo.com api-pan-test.carbuy.com.br bradesco.carbuy.com.br hom-pan.carbuy.com.br api-pan.carbuy.com.br austria.embassy.gov.au backoffice-bv-test.carbuy.com.br cadastro.carbuy.com.br api-temp.carbuy.com.br extranet.carbuy.com.br www.cadastro.carbuy.com.br t.trendo.vip qa-no-tvy-fixfbmvp-20004-fixinfoiconalli.az.ssdgws.co.uk malaysia.embassy.gov.au www.hope2home.rivcohws.org www.carbuy.com.br staging-app-sccctw.gatoradegear.ca app.gatoradegear.ca iraq.embassy.gov.au dash.trendo.vip chengdu.china.embassy.gov.au url3032.carbuy.com.br 6uurnm663o4n.carbuy.com.br monitor.trendo.vip kiahatfield.co.za order-api.activities-prod-7ttw.decathlon.net rs9bet.net vvjl.me appapi.trendo.vip appapi.trendo.vip.cdn.cloudflare.net orisoft.co.th www.orisoft.co.th bangladesh.embassy.gov.au china.embassy.gov.au thailand.embassy.gov.au afghanistan.embassy.gov.au timelessthreads.live saudiarabia.embassy.gov.au india.embassy.gov.au kiribati.embassy.gov.au 101511.com 101757.com 101787.com 101977.com 101711.com 101797.com 101822.com 101363.com 101233.com rose239.com philippines.embassy.gov.au 10149.in 10134.in 10152.in 10168.in 10169.in 101900.com 101966.com 10146.in 10144.in 10143.in 10142.in 10128.in 10127.in 10126.in 101266.com 10147.in kog3w.com www.stadsscen.com www.precisionmedicineonline.com.cdn.cloudflare.net qa-au-n6k-fbmvp-13047-sdisupplierlookup.az.ssdgws.co.uk www.sandoz.ua prod.sandoz.ua www.pilot.embassy.gov.au beawareofmenb.com rchvacparts.com wt.sec-rolesanywhere-test-20230313.auth0c.com edge.tenants.sec-rolesanywhere-test-20230313.auth0c.com sec-rolesanywhere-test-20230313.auth0c.com stg.sandoz.ua granit-parts.eu wt.promutuel-ca-dev-1.auth0app.com edge.tenants.promutuel-ca-dev-1.auth0app.com promutuel-ca-dev-1.auth0app.com uk.embassy.gov.au brazil.embassy.gov.au analytics-eng.prod1.cf.verkada.com analytics.prod1.cf.verkada.com etraining.kingston.com.tw vanalytics-shared.prod1.cf.verkada.com vtoolbox.global-staging.cf.verkada.com vtoolbox.staging2.cf.verkada.com tonga.embassy.gov.au vfintool.staging.cf.verkada.com carbuy.com.br qa-gb-dax-fbmvp-12021-alternativestoreba.az.ssdgws.co.uk danji-ssh.remote.cf.verkada.com r.greatcoveragenow.com embassy.gov.au www.netq.co.nz netq.co.nz www.pedigree.com.ar rita-ssh.remote.cf.verkada.com qa-ie-9n3-dsi-2234-addctatranslations.az.ssdgws.co.uk qa-au-v79-fbmvp–driversreportrafredirec.az.ssdgws.co.uk www.kingston.com.tw contractor-test.kingston.com.tw ehscheck.kingston.com.tw deals.getthephotostickomni.io twfecontacts.kingston.com.tw kingston.com.tw hrm.kingston.com.tw hcmc.vietnam.embassy.gov.au vietnam.embassy.gov.au qa-gb-61y-ecrp-10024-noscaledowneventhub.az.ssdgws.co.uk tacticalworld.com.br ge-snm.netq.co.nz kubernetes.staging.cf.verkada.com argocd.staging.cf.verkada.com int.dxp12.cairnscentral.com.au qa-gb-x9w-dsi-2060-createcamerabutton.az.ssdgws.co.uk cube-ssh.remote.cf.verkada.com proservia.pl buildjesus-ssh.remote.cf.verkada.com theliosmega-ssh.remote.cf.verkada.com wt.ktraff-tmp.auth0c.com edge.tenants.ktraff-tmp.auth0c.com ktraff-tmp.auth0c.com vquerybook.prod1.cf.verkada.com dev.dxp.cairnscentral.com.au int.dxp.cairnscentral.com.au pre.dxp.cairnscentral.com.au prod.dxp.cairnscentral.com.au vtoolbox.prod1.cf.verkada.com fetch.prod1.cf.verkada.com numbermuncher-ssh.remote.cf.verkada.com pypi-mirror.prod1.cf.verkada.com vtoolbox.staging.cf.verkada.com calculon-ssh.remote.cf.verkada.com louis-thinkpad-ssh.remote.cf.verkada.com prod.moneycorp.com evento2.carbuy.com.br backoffice-hom.carbuy.com.br web-hom.carbuy.com.br api-hom.carbuy.com.br numbermuncher.cf.verkada.com vtoolbox.staging-us-east-2.cf.verkada.com vtoolbox.prod1-us-east-2.cf.verkada.com schultecruise.com www.schultecruise.com siddarth-ssh.remote.cf.verkada.com lambda1-ssh.remote.cf.verkada.com live.pedigree.com.ar test.pedigree.com.ar dev.pedigree.com.ar superbuilder-ssh.remote.cf.verkada.com docs.prod1.cf.verkada.com build-webhooks-v2.camerafw.cf.verkada.com www.cairnscentral.com.au opal.security-opal.cf.verkada.com opal-db.security-opal.cf.verkada.com staging-web.cz.technics.com jyama.io 337b.net jc-ssh.remote.cf.verkada.com grafana.staging.cf.verkada.com grafana.prod1.cf.verkada.com smile-direct.es build-interview-a.plex.bz song-ssh.remote.cf.verkada.com ak-ssh.remote.cf.verkada.com dunn-ssh.remote.cf.verkada.com bugdaddy2.support.cf.verkada.com bradesco2.carbuy.com.br d9ba9b700c2fc2c90092184448d285315196abb6.vercel-workers.com 2470db9a85c2d6a63c745fef1298e3b85c385d61.vercel-workers.com argo-workflows-dev-us-east-1.plex.bz vstyleguide.prod1.cf.verkada.com mocha-ssh.remote.cf.verkada.com oss.solbox.com shimin-system76-ssh.remote.cf.verkada.com 823769d5a2a282288e186e131d381f9e41dfa02c.vercel-workers.com build.plex.bz suraj-buildm-ssh.remote.cf.verkada.com tsdb-grafana.camerafw.cf.verkada.com kubernetes.prod1.cf.verkada.com argocd.prod1.cf.verkada.com mithral-ssh.remote.cf.verkada.com cucumber-ssh.remote.cf.verkada.com bigblue-ssh.remote.cf.verkada.com kun-ssh.remote.cf.verkada.com seenn-ssh.remote.cf.verkada.com gilgamesh-ssh.remote.cf.verkada.com astra-ssh.remote.cf.verkada.com buildcrusher-ssh.remote.cf.verkada.com mason-ssh.remote.cf.verkada.com vauth-db.prod1.cf.verkada.com vprovision-replica-db.prod1.cf.verkada.com vprovision-db.prod1.cf.verkada.com vlog-db.prod1.cf.verkada.com build.camerafw.cf.verkada.com buildatomizer-ssh.remote.cf.verkada.com louis-rpi-ssh.remote.cf.verkada.com test-build.plex.bz vcerberus-db.prod1.cf.verkada.com vlog-db.staging.cf.verkada.com vcerberus-db.staging.cf.verkada.com vauth-db.staging.cf.verkada.com staging.getthephotostickomni.io command.staging.cf.verkada.com vweb.staging.cf.verkada.com theraiceheadreliefhat-innovations2livebetter.com dbsweb-s01-www.dbsvickers.com docker-internal.plex.bz sbcustom.site solbox.com v20dev.getthephotostickomni.io www.getthephotostickomni.io alation-dev.ss.arc.travel www.fussball.com getthephotostickomni.io nexusiq.ss.arc.travel nexus.ss.arc.travel alation-prod.ss.arc.travel 4hugg76.com whoami.plex.bz www.cramo.se integration-occ.cramo.se ecrent.cramo.se preproduction-occ.cramo.se test.ssh-test.cf www.bdo.com.pk www.ozarkawater.com fussball.com www.rmld.com ukvictoriassecrets.com okta.cloudflaresso.com 4hujj38.com blulineautomotive.com ci.plex.bz iphforum.com cetaphil.ca www.cetaphil.ca whoami.plex.bz.cdn.cloudflare.net 4huf72.com dxctngnadxcju579prod.paastest.co.uk.cdn.cloudflare.net cuoftexas.org c4s9.com iphforum.com.cdn.cloudflare.net eventsupus.com www.rmld.com.cdn.cloudflare.net 6567le.com 709ee.com www.ozarkawater.com.cdn.cloudflare.net nexus.ss.arc.travel.cdn.cloudflare.net jenkins.ss.arc.travel.cdn.cloudflare.net nexusiq.ss.arc.travel.cdn.cloudflare.net thehybridshop-bellflower.com autorepairschico.com lorealthailand.com alation-dev.ss.arc.travel.cdn.cloudflare.net www.iphforum.com.cdn.cloudflare.net artifactory.plex.bz.cdn.cloudflare.net ci.plex.bz.cdn.cloudflare.net xai5.com integration-occ.cramo.se.cdn.cloudflare.net ecrent.cramo.se.cdn.cloudflare.net www.cramo.se.cdn.cloudflare.net preproduction-occ.cramo.se.cdn.cloudflare.net www.avengerforumz.com.cdn.cloudflare.net avengerforumz.com artifactory-test.plex.bz.cdn.cloudflare.net attacketslovern.info pixel.attacketslovern.info

Open Ports Detected

2053 2082 2083 2086 2087 2096 443 80 8080 8443 8880

Map

Whois Information

• NetRange: 104.16.0.0 - 104.31.255.255
• CIDR: 104.16.0.0/12
• NetName: CLOUDFLARENET
• NetHandle: NET-104-16-0-0-1
• Parent: NET104 (NET-104-0-0-0-0)
• NetType: Direct Allocation
• OriginAS: AS13335
• Organization: Cloudflare, Inc. (CLOUD14)
• RegDate: 2014-03-28
• Updated: 2024-09-04
• Comment: All Cloudflare abuse reporting can be done via https://www.cloudflare.com/abuse
• Comment: Geofeed: https://api.cloudflare.com/local-ip-ranges.csv
• Ref: https://rdap.arin.net/registry/ip/104.16.0.0
• OrgName: Cloudflare, Inc.
• OrgId: CLOUD14
• Address: 101 Townsend Street
• City: San Francisco
• StateProv: CA
• PostalCode: 94107
• Country: US
• RegDate: 2010-07-09
• Updated: 2024-11-25
• Ref: https://rdap.arin.net/registry/entity/CLOUD14
• OrgAbuseHandle: ABUSE2916-ARIN
• OrgAbuseName: Abuse
• OrgAbusePhone: +1-650-319-8930
• OrgAbuseEmail: abuse@cloudflare.com
• OrgAbuseRef: https://rdap.arin.net/registry/entity/ABUSE2916-ARIN
• OrgNOCHandle: CLOUD146-ARIN
• OrgNOCName: Cloudflare-NOC
• OrgNOCPhone: +1-650-319-8930
• OrgNOCEmail: noc@cloudflare.com
• OrgNOCRef: https://rdap.arin.net/registry/entity/CLOUD146-ARIN
• OrgRoutingHandle: CLOUD146-ARIN
• OrgRoutingName: Cloudflare-NOC
• OrgRoutingPhone: +1-650-319-8930
• OrgRoutingEmail: noc@cloudflare.com
• OrgRoutingRef: https://rdap.arin.net/registry/entity/CLOUD146-ARIN
• OrgTechHandle: ADMIN2521-ARIN
• OrgTechName: Admin
• OrgTechPhone: +1-650-319-8930
• OrgTechEmail: rir@cloudflare.com
• OrgTechRef: https://rdap.arin.net/registry/entity/ADMIN2521-ARIN
• RAbuseHandle: ABUSE2916-ARIN
• RAbuseName: Abuse
• RAbusePhone: +1-650-319-8930
• RAbuseEmail: abuse@cloudflare.com
• RAbuseRef: https://rdap.arin.net/registry/entity/ABUSE2916-ARIN
• RNOCHandle: NOC11962-ARIN
• RNOCName: NOC
• RNOCPhone: +1-650-319-8930
• RNOCEmail: noc@cloudflare.com
• RNOCRef: https://rdap.arin.net/registry/entity/NOC11962-ARIN
• RTechHandle: ADMIN2521-ARIN
• RTechName: Admin
• RTechPhone: +1-650-319-8930
• RTechEmail: rir@cloudflare.com
• RTechRef: https://rdap.arin.net/registry/entity/ADMIN2521-ARIN

Links to attack logs

anonymous-proxy-ip-list-2023-07-15 anonymous-proxy-ip-list-2023-06-28 anonymous-proxy-ip-list-2023-07-28 anonymous-proxy-ip-list-2025-06-23 anonymous-proxy-ip-list-2023-06-29 anonymous-proxy-ip-list-2023-07-19 ****** anonymous-proxy-ip-list-2025-06-22 anonymous-proxy-ip-list-2023-07-10 anonymous-proxy-ip-list-2023-06-30 anonymous-proxy-ip-list-2023-07-08 anonymous-proxy-ip-list-2023-07-09 anonymous-proxy-ip-list-2023-06-22 anonymous-proxy-ip-list-2023-07-30 anonymous-proxy-ip-list-2023-07-02 ****** ****** anonymous-proxy-ip-list-2023-07-21