104.18.28.190 Threat Intelligence and Host Information

General

This page contains threat intelligence information for the IPv4 address 104.18.28.190 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Possibly Malicious Host 🟢 10/100

Host and Network Information

• View other sources: Spamhaus VirusTotal

• Country:
• Network:
• Noticed: 1 times
• Protocols Attacked: Anonymous Proxy
• Passive DNS Results: app-gpe.com alessiaa_basilee.basecamphq.com clevelandcountync.gov sacebt.it api.chiligrafx-stg.com stg.platform-api.chiligrafx-stg.com runzonez.com wt.test-aws-elderly-jellyfish-2441.auth0c.com edge.tenants.test-aws-elderly-jellyfish-2441.auth0c.com staging-api.bqecore.com trundley.basecamphq.com basecamphq.com deven-schuller.com cmsauto1142cm826inte.paastest.epimore.com www.myveritext.com 2882win.club reportapp-yodalab.bqecore.com coreapi-ecolab.bqecore.com opdemeir.net reportapp-batlab.bqecore.com hostapi-staging-syd.bqecore.com coreapi-analyticslab.bqecore.com gameone111.com staging-api-explorer.bqecore.com portolaplace.com yodalab.bqecore.com hollyfrontier.gsgcloud.net coreapi-fdnlab-syd.bqecore.com hostapi-fdnlab-syd.bqecore.com sprint-admin.bqecore.com.cdn.cloudflare.net www.bqecore.com.cdn.cloudflare.net batlab-syd.bqecore.com staging-syd.bqecore.com staging.bqecore.com ecolab-api-developer.bqecore.com klaasco.basecamphq.com gemtailor.com icanlocalize.basecamphq.com hostapi-ecolab.bqecore.com brainpulsetechnologies.basecamphq.com coreapi-caplab-syd.bqecore.com fearlessdallas.basecamphq.com avma.basecamphq.com masterrealm777.com www.creditocae.cl wap1-01.bqecore.com qa-se-r5l-apd-3932-azurefunctionapplogde.az.ssdgws.co.uk hostapi-caplab-syd.bqecore.com simulator.riskid-dev.io 61lottery.co creditocae.cl gsg.gsgcloud.net www.bqecore.com caplab-syd.bqecore.com raytheon.gsgcloud.net wap140.bqecore.com.cdn.cloudflare.net stratplan.basecamphq.com qa-dk-to7-apd-3332-storagetabletomain.az.ssdgws.co.uk asset1.basecamphq.com schawkcolorcoe.basecamphq.com tkssolutions.basecamphq.com crmdev.bqecore.com www.trendyol.de mobiloitte.basecamphq.com syscad-users.basecamphq.com stage-customs-cargo2.mars.com app.uat.builder-svcs.domain.com blog-api.dev.builder-svcs.domain.com buildit.dev.builder-svcs.domain.com smart-blog.uat.builder-svcs.domain.com dev-marsacss.mars.com api-explorer.bqecore.com apptest.exvgame.com m.trendyol.de dmsap.mars.com ppjcmsdev.mars.com canaldev.mars.com ucesprotectionplan.com cadeau1225.com smart-blog.builder-svcs.domain.com express-editor.dev.builder-svcs.domain.com re-api.uat.builder-svcs.domain.com app.dev.builder-svcs.domain.com buildit.qa.builder-svcs.domain.com express-editor.uat.builder-svcs.domain.com blog-api.qa.builder-svcs.domain.com mc.mars.com www.dataandportfolio.app.kimclark.com agnosticportalapi-sit.mars.com newdms-portal.mars.com agnosticportalapi-uat.mars.com commcloud.prod-bcqw-deckers-com.cc-ecdn.net usedcarlease.nl preprod.bain.tw deliverymanagement.je-apis.com restaurantcapabilities.je-apis.com restauranteventsapi.je-apis.com agnostic-sit.mars.com api-dev.mars.com agnostic-stg.mars.com www.ucesprotectionplan.com uk-zeusexternal.je-apis.com svk.mars.com zaf.mars.com aus.mars.com nld.mars.com grc.mars.com esp.mars.com ombudsman.mars.com hun.mars.com devenv.mars.com aut.mars.com chn.mars.com swe.mars.com jpn.mars.com gfsc.mars.com ppjcmstest.mars.com fra.mars.com dnk.mars.com nor.mars.com digitalstandardstest.mars.com fin.mars.com ltu.mars.com prt.mars.com bel.mars.com canal.mars.com arg.mars.com idn.mars.com can.mars.com gbr.mars.com kor.mars.com mex.mars.com ire.mars.com ita.mars.com www.mars.com ind.mars.com pol.mars.com gkttest.mars.com bra.mars.com twn.mars.com che.mars.com ppjcms.mars.com rus.mars.com qaenv.mars.com deu.mars.com ppjcmsqa.mars.com cze.mars.com upfront.scholastic.com prudentialridelondon.org.uk qa-ca-lvc-shrsvc-250-performanceecomm.az.ssdgws.co.uk www.propindiaexpo.com brandsitedemo.mars.com www.acuvue.hu acuvue.hu qa-se-jbc-cmsrd-159-add-data-layer-event.az.ssdgws.co.uk es.smfstore.com tmatchlog.exvgame.com agnostic-dev.mars.com blob.mars.com my.casevacanza.it sso.casevacanza.it api-auto.riskid-dev.io developer.mars.com api.mars.com myaccounts-qa.scholastic.com qa-au-cde-testfbmvp-12761-improveintegra.az.ssdgws.co.uk che.mars.com.cdn.cloudflare.net kucoin.plus dnk.mars.com.cdn.cloudflare.net explorekingman.net prod-sitecorerc-cd-sportingdog.mars.com chn.mars.com.cdn.cloudflare.net www.kanserleyasam-tr.com kanserleyasam-tr.com mapi1.bqecore.com iadslb-webapp.bqecore.com bc-iad01-web01-uri01.bqecore.com bc-iad01-web01-hostapilb.bqecore.com bc-iad01-web01.bqecore.com bc-iad01-web01-hostapi.bqecore.com api120.bqecore.com propindiaexpo.com stage-sitecorerc-cd-sportingdog.mars.com reportapp-demo.bqecore.com api.bqecore.com api150.bqecore.com hlb-slb-webapp.bqecore.com iad-ai-bridgeapp.bqecore.com jenkins.bqecore.com help.bqecore.com help2.bqecore.com hapn4.bqecore.com rptt1-corerptapp-demo.bqecore.com outlookaddin.bqecore.com hlb-slb-coreapi.bqecore.com mapi2.bqecore.com mrpt1.bqecore.com hlb-slb-hostapi.bqecore.com iadslb-hostapi.bqecore.com iadslb-coreapi.bqecore.com developer.bqecore.com bc-syd01-rptp1-corerptapp.bqecore.com bc-lax01-web03-corewebapp.bqecore.com bc-lax01-web03-payment.bqecore.com bc-iad02-rptp1-corerptapp.bqecore.com bc-iad01-rptt4-corerptapp.bqecore.com bc-iad01-sqlr01-corerptapp.bqecore.com bc-iad01-rptt3-corerptapp.bqecore.com bc-iad02-web02-coreapi.bqecore.com bc-iad02-sqlr02-corerptapp.bqecore.com api-identity.bqecore.com apin4.bqecore.com api-developer.bqecore.com api-coreapi.bqecore.com prestage-customs-cargo.mars.com www.termsandconditions.mars.com www.mars.com.cdn.cloudflare.net admin.bqecore.com reportapp1-sprint.bqecore.com smtp.zdovbgromada.gov.ua pop.zdovbgromada.gov.ua lighthouse-api-dev.mars.com www.tuplerfinancial.com pyf567.com sportscallcenter.com reportapp-uat.bqecore.com uat-api.bqecore.com uat-api-explorer.bqecore.com uat-api-developer.bqecore.com uat-api-documentation.bqecore.com uat-api-identity.bqecore.com uat.bqecore.com coreapi-uat.bqecore.com hostapi-uat.bqecore.com reportapp2-sprint.bqecore.com api.ocpaas.cengn.io hello.apps.okdm.cengn.io testproxy.cengn.io confluence.staging.mrs.cengn.io tunnel.apps.okdm.cengn.io router-default.apps.ocpaas.cengn.io openstack.pzokd.staging.cengn.io netbox-staging.cengn.io macalusodds.com buienalarm.nl www.buienalarm.nl m.buienalarm.nl reportapp-qa.bqecore.com qa.bqecore.com alt.zdovbgromada.gov.ua zdovbgromada.gov.ua sprint.bqecore.com sprint-api.bqecore.com hostapi-sprint.bqecore.com coreapi-sprint.bqecore.com sprint-api-explorer.bqecore.com sprint-api-documentation.bqecore.com sprint-admin.bqecore.com sprint-api-identity.bqecore.com sprint-api-developer.bqecore.com hw088.copy.paastest.co.uk noaccountbet-ci.se verspachteln.de shop-front-cl.linio.cl.cdn.cloudflare.net www.amazone.vc amazone.vc www.raynerevents.com dxctngnadxch8n3bprep.paastest.nl app-nonp.cbrehost.com www.linio.cl envysion.us raynerevents.com opsdocumentmanagement.je-apis.com cla.yaksa.org dxp-dev.westernpower.com.au public.je-apis.com www.supermetrics.com ab.kucoin.plus design.tribal.credit ronisia.com robot.kucoin.plus m.kucoin.plus futures.kucoin.plus www.kucoin.plus api.supermetrics.com api-feliper.ipvanish.com www.hunt-insurance.com 8fe8f44ad6f34757a9a5762cc15149b117df53a1.vercel-workers.com www-cloudflare.ipvanish.com bigdata-scfx-push.kucoin.plus dxctngnadxca180pinte.paastest.nl wap.30hu.com auth-orca.stage.k8s.onepeloton.com.au everythingischanging.org m.ideal-green-uat.dbs.com peyback-reisen.de stg.omigrene.cz dev.omigrene.cz www.kaplanfinancialgroup.com affiliate.supermetrics.com gql-graphql-gateway.stage.k8s.onepeloton.com.au www.bain.tw prod.bain.tw www.omigrene.cz prod.omigrene.cz www.my-gooddeals.com davinci.tools commcloud.prod-aaqp-valentino-beauty-de.cc-ecdn.net www.savewithcopaytoday.com app-qa.cbrehost.com.cdn.cloudflare.net app-qa.cbrehost.com my-gooddeals.com supermetrics.com uat.omigrene.cz graph-4.stage.k8s.onepeloton.com.au graph-3.stage.k8s.onepeloton.com.au graph-2.stage.k8s.onepeloton.com.au graph.stage.k8s.onepeloton.com.au jenkins.supermetrics.com.cdn.cloudflare.net api.supermetrics.com.cdn.cloudflare.net apiv1.supermetrics.com.cdn.cloudflare.net devcf.supermetrics.com.cdn.cloudflare.net team.supermetrics.com.cdn.cloudflare.net buy.supermetrics.com.cdn.cloudflare.net try.supermetrics.com.cdn.cloudflare.net www.jaguar33.org cms.visaonline.com dev.omigrene.cz.cdn.cloudflare.net stg.omigrene.cz.cdn.cloudflare.net jaguar33.org netexchangeclient.cn preprod.bain.tw.cdn.cloudflare.net prod.bain.tw.cdn.cloudflare.net utcsecurity.com dev.zoobio.lu www.savewithcopaytoday.com.cdn.cloudflare.net 5y3z.meetingpoint.vn.cdn.cloudflare.net ttt144.com www.zoobio.lu m.zoobio.lu zoobio.lu 677ii.com hunt-insurance.com franciscabrel.com brucespringsteen.net cms.visaonline.com.cdn.cloudflare.net www.riverviewsuiteswilmington.com.cdn.cloudflare.net www.omigrene.cz.cdn.cloudflare.net prod.omigrene.cz.cdn.cloudflare.net omigrene.cz prod.dol.omigrene.cz.cdn.cloudflare.net www.kaplanfinancialgroup.com.cdn.cloudflare.net vmstherapyfacts.com savewithcopaytoday.com www.nissankicksforum.com.cdn.cloudflare.net www.hepsibahis56.com hepsibahis56.com

Open Ports Detected

2053 2082 2083 2086 2087 2096 443 80 8080 8443 8880

Map

Whois Information

• NetRange: 104.16.0.0 - 104.31.255.255
• CIDR: 104.16.0.0/12
• NetName: CLOUDFLARENET
• NetHandle: NET-104-16-0-0-1
• Parent: NET104 (NET-104-0-0-0-0)
• NetType: Direct Allocation
• OriginAS: AS13335
• Organization: Cloudflare, Inc. (CLOUD14)
• RegDate: 2014-03-28
• Updated: 2024-09-04
• Comment: All Cloudflare abuse reporting can be done via https://www.cloudflare.com/abuse
• Comment: Geofeed: https://api.cloudflare.com/local-ip-ranges.csv
• Ref: https://rdap.arin.net/registry/ip/104.16.0.0
• OrgName: Cloudflare, Inc.
• OrgId: CLOUD14
• Address: 101 Townsend Street
• City: San Francisco
• StateProv: CA
• PostalCode: 94107
• Country: US
• RegDate: 2010-07-09
• Updated: 2024-11-25
• Ref: https://rdap.arin.net/registry/entity/CLOUD14
• OrgNOCHandle: CLOUD146-ARIN
• OrgNOCName: Cloudflare-NOC
• OrgNOCPhone: +1-650-319-8930
• OrgNOCEmail: noc@cloudflare.com
• OrgNOCRef: https://rdap.arin.net/registry/entity/CLOUD146-ARIN
• OrgAbuseHandle: ABUSE2916-ARIN
• OrgAbuseName: Abuse
• OrgAbusePhone: +1-650-319-8930
• OrgAbuseEmail: abuse@cloudflare.com
• OrgAbuseRef: https://rdap.arin.net/registry/entity/ABUSE2916-ARIN
• OrgRoutingHandle: CLOUD146-ARIN
• OrgRoutingName: Cloudflare-NOC
• OrgRoutingPhone: +1-650-319-8930
• OrgRoutingEmail: noc@cloudflare.com
• OrgRoutingRef: https://rdap.arin.net/registry/entity/CLOUD146-ARIN
• OrgTechHandle: ADMIN2521-ARIN
• OrgTechName: Admin
• OrgTechPhone: +1-650-319-8930
• OrgTechEmail: rir@cloudflare.com
• OrgTechRef: https://rdap.arin.net/registry/entity/ADMIN2521-ARIN
• RNOCHandle: NOC11962-ARIN
• RNOCName: NOC
• RNOCPhone: +1-650-319-8930
• RNOCEmail: noc@cloudflare.com
• RNOCRef: https://rdap.arin.net/registry/entity/NOC11962-ARIN
• RAbuseHandle: ABUSE2916-ARIN
• RAbuseName: Abuse
• RAbusePhone: +1-650-319-8930
• RAbuseEmail: abuse@cloudflare.com
• RAbuseRef: https://rdap.arin.net/registry/entity/ABUSE2916-ARIN
• RTechHandle: ADMIN2521-ARIN
• RTechName: Admin
• RTechPhone: +1-650-319-8930
• RTechEmail: rir@cloudflare.com
• RTechRef: https://rdap.arin.net/registry/entity/ADMIN2521-ARIN

Links to attack logs

anonymous-proxy-ip-list-2025-06-23 anonymous-proxy-ip-list-2025-06-22