104.18.3.116 Threat Intelligence and Host Information

General

This page contains threat intelligence information for the IPv4 address 104.18.3.116 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Potentially Malicious Host 🟡 40/100

Host and Network Information

• Tags: cyber security, ioc, malicious, Nextray, phishing

• View other sources: Spamhaus VirusTotal

• Contained within other IP sets: coinbl_hosts

• Country:
• Network:
• Noticed: 29 times
• Protocols Attacked: Anonymous Proxy
• Countries Attacked: Canada, Czechia, Denmark, Estonia, France, Germany, Latvia, Lithuania, Norway, Poland, Romania, Turkey, Ukraine, United Kingdom of Great Britain and Northern Ireland, United States of America
• Passive DNS Results: results.superpatch.com lifecounseling.superpatch.com dianelaure.superpatch.com michelle.superpatch.com qa-gb-ynm-fbmvp-24772-submarket-mappings.az.ssdgws.co.uk brianjames.superpatch.com grosse-freude.com wwwnew.tc-helicon.com radianthealth.superpatch.com stg-oraco.lion-apps.jp allysonkellar007.superpatch.com tools.superpatch.com cnicholson.superpatch.com suzette.superpatch.com savingyou.superpatch.com karensnell.superpatch.com zafer.superpatch.com hoh.superpatch.com alive.superpatch.com quantumhealing1.superpatch.com 111202027.superpatch.com thesuper.superpatch.com clare.superpatch.com search.goodfavornews.com onlineshopping.superpatch.com www.superpatch.com 111115011.superpatch.com mencia.superpatch.com hu.superpatch.com dsci.net.au john.adison.cloud stamina.superpatch.com ledenicheur.fr nos-empresas.pt www.thewindmillwindlesham.co.uk propertybrands.com healthbytouch.superpatch.com blue.adison.cloud skin2brain.superpatch.com gooutdoorsflorida.com yourpatchcode.com www.outflank.nl.cdn.cloudflare.net www.afun.pe www.outflank.nl edge.tenants.test-aws-kind-frog-5687.auth0c.com wt.test-aws-kind-frog-5687.auth0c.com test-aws-kind-frog-5687.auth0c.com dr-az.thewindmillwindlesham.co.uk test65-az.thewindmillwindlesham.co.uk stage65-az.thewindmillwindlesham.co.uk stronger.superpatch.com license.gooutdoorsflorida.com link.gooutdoorsflorida.com homekidneyhealth.com cdn3.bestcontenttechnology.top b.bestcontenttechnology.top homefeed-beta02.qa.bestsecret.com ncdurham.tenmast.com nyalbany.tenmast.com bcs.superpatch.com infinitehealthzone.com patchneurocode.superpatch.com pacumberlandco.tenmast.com ziliao96.com www.oikia.it michellecrann.superpatch.com rochesternyhousing.tenmast.com lafourchehousing.tenmast.com fremover.no eub.no lyngdalsavis.no ranablad.no retten.no isandnessjoen.no rockvillehe.tenmast.com nidaros.no ringsaker-blad.no ringblad.no lofotposten.no iharstad.no bezbryli.cz snasningen.no ridika-casino.com bs-mails.prod.bestsecret.com instyle-black.bestsecret.com wt.test-aws-magical-otter-0704.auth0c.com test-aws-magical-otter-0704.auth0c.com edge.tenants.test-aws-magical-otter-0704.auth0c.com vp.no nationen.no smaalenene.no beta.nationalunderwriter.com store.nationalunderwriter.com stats.nationalunderwriter.com tk.no moss-avis.no kv.no sb.no www.arreterdefumeravecaide.be dt.no pd.no arreterdefumeravecaide.be amta.no minmenuett.no extranet.superpatch.com shop.superpatch.com gd.no nord24.no totenidag.no vestviken24.no mittloerenskog.no nordlys.no tvedestrandsposten.no ha-halden.no sandnesposten.no sandeavis.no firdaposten.no firda.no oikia.it oa.no h-a.no auraavis.no ao.no ifinnmark.no inderoyningen.no namdalsavisa.no helg.no avisa-valdres.no nt24.no hadeland.no ifinnmarkdebatten.no ilevanger.no web-spa-cluster.staging.bestsecret.com web-bff-cluster.staging.bestsecret.com budstikka.no podcast.bitcoin.com superpatch.com de-ie-u1e-sc-5968-select-the-dispense-re.socrates.ssdgws.co.uk senja247.no merakerposten.no rb.no telen.no mittlillehammer.no sa.no norsklandbruk.no traktor.no bondebladet.no mmocs.nationalunderwriter.com nwocs.nationalunderwriter.com akersposten.no enebakkavis.no tb.no glomdalen.no ba.no norddalen.no solungavisa.no jarlsbergavis.no r-a.no tronderdebatt.no strandbuen.no ostlendingen.no laagendalsposten.no gjengangeren.no vestbyavis.no ta.no bygdeposten.no blv.no jobstest.bestsecret.com ir.bestsecret.com vest24.no f-b.no kvinnheringen.no jbl.no bodoby.no aasavis.no mittjessheim.no nordhordland.no avisenagder.no dalane-tidende.no gdhytte.no sognavis.no mittlillestrom.no varingen.no finnmarksposten.no lierposten.no lofot-tidende.no h-avis.no solabladet.no op.no oyene.no gbnett.no lokal-avisa.no bygdebladet.no an.no stangeavisa.no avisa-hordaland.no news.q8electric.lu rumbarapporten.no polkaposten.no swupay.com salsaposten.no freestylefolkeblad.no t-a.no fourmusic.com news.oikia.it avisnavn.no engineering10.com nationalunderwriter.com tangotidende.no plp.prod.bestsecret.com qa-gb-x23-fixmcl-447-orderhistorylistsor.az.ssdgws.co.uk thewindmillwindlesham.co.uk theautodoctor.net qa-ca-bug-caecom-5260-azfuncandnodeupgra.az.ssdgws.co.uk www.nationalunderwriter.com nyski3.com plp.dev.bestsecret.com rmm.capitolitgroup.com adison.cloud apps-bff.prod.bestsecret.com web-bff-gamma.qa.bestsecret.com dashboard.cybersleuthusa.com rmm.phoenixlimited.net support.doitnj.com rmm.infraprime.com rmm.turners.com rmm.keestack.com suporte.cabralsystems.com.br rmm.thesystemadmin.com apps-bff.staging-release.bestsecret.com web-spa-gamma.qa.bestsecret.com rmm.winonait.com rmm.coreongroup.com dashboard.wesimplifit.com rnm.hilotech.ca web-bff.prod.bestsecret.com rmm.goldbeartech.com portal.fetzerhaus.com apple-wallet.prod.bestsecret.com www.bezbryli.cz remote.aldenimage.net nable.infraprime.com rmm.winfra.management notary-api.bitcoin.com dashboard.newbury.tech gamesnew.bitcoin.com rmm.slable.com am001.tech-guide.uk apps-bff-beta02.qa.bestsecret.com monitore.all2net.com.br rmm.calfrac.com idmm.idplus.net.br rmm.electricred.com dashboard.infotechservllc.com rmm.weareatomic.com support.weldstech.com dashboard.mt-data.com tech.simafinancialgroup.com rmm.tekswork.com rmm.biodigital.com.br dashboard.logicsoftmanagement.com rmm.prospercorp.com.br rmm.jevsupport.com manage.mysecurity.solutions noc.wra.com.br msp.cogentdigital.com dashboard.envisionittech.com rmm.tekzenit.com rmm.relieve.com.br dashboard.tribetecnologia.com.br www.4hub.com.br gerencia.portnet.com.br rmm.zamak.com.br rmm.pbnj.ca rmm.portnet.com.br vrchat.net mint.bitcoin.com support.bitcoin.com dashboard.fireflyanythingtech.com rmm.lextechn.com rmm.secu.red rmm.fortify24x7.com rmm.cybersleuthusa.com monitor.blumshapiro.com rmm.syztec.net rmm.standarditsecurity.com central.starsys.com.br rmm.sladeshipping.com dxctngnadxc3xh3wprep.paastest.nl web-bff-alpha02.qa.bestsecret.com web-bff-alpha01.qa.bestsecret.com index-api.bitcoin.com slots.bitcoin.com keno.bitcoin.com homeb.bitcoin.com slack.bitcoin.com walletsupport.bitcoin.com blackjack.bitcoin.com web-bff.staging-release.bestsecret.com web-bff-beta01.qa.bestsecret.com q8electric.lu apps-bff-alpha02.qa.bestsecret.com apps-bff-alpha01.qa.bestsecret.com apps-bff-gamma.qa.bestsecret.com apps-bff-beta01.qa.bestsecret.com bs-mails.qa.bestsecret.com bs-mails.dev.bestsecret.com www.cegahpneumokokus.com cegahpneumokokus.com www.justbet.co matomostats.bitcoin.com e-circulo.pt web-spa.prod.bestsecret.com web-spa-alpha02.qa.bestsecret.com web-spa-alpha01.qa.bestsecret.com web-spa-beta02.qa.bestsecret.com web-bff-beta02.qa.bestsecret.com apple-wallet.dev.bestsecret.com apps-bff.qa02.bestsecret.com apps-bff.staging-master.bestsecret.com askhomex.ca apps-bff.qa.bestsecret.com web-spa.staging-release.bestsecret.com web-spa.staging-master.bestsecret.com web-bff.staging-master.bestsecret.com web-bff.qa02.bestsecret.com web-spa-beta01.qa.bestsecret.com web-spa.qa.bestsecret.com web-bff.qa.bestsecret.com email.bitcoin.com.cdn.cloudflare.net gatescorporation.com apps.bestsecret.com www.getschoolos.com dashboard.exceedofjackson.com rmm.digicom.com endpoint.cortacgroup.com rmm.redshirt.xyz dashboard.castawayit.com rmm.socialwt.com rmm.integrityt3ch.com noc.somaxi.com.br rmm.clickoncenow.com remote.marylandit.com monitoring.dominguezfirm.com rmm.networksix.net cliente.tribetecnologia.com.br dashboard.am.remote.management rmm.beyondtechnology.org rmm.talbottechnologies.ca dashboard.cc.x7tc.com rmm.infobconsulting.com rmm.c-ore.com rmm.computechnny.com rmm.sallessolutions.com.br rmm.aptu.com.br rmm.toditech.com dashboard.allianzit.com.br rmm.stuff-tech.com service.mts-support.com rmm.staterati.com.br dashboard.tech-guide.uk rmm.itoffice.tech rmm.nesr.com mng.npxit.com.br dashboard.integritech.io rmm.techpeer.ca msp.astronautsecurity.com supervision.dodier.info rmm.weldstech.com rmm.colemanis.ca rmm.cst1.ca dashboard.techdms.com rmm.klit.com.br sw.gyver.com painel.amintas.com.br painel.atuanti.com.br login.deviceassistllc.com mycustomdash-am.system-monitor.com rmm.hans-ontechnology.com msp.ast.net msprmm.kaimetrix.com rmm.quantasi.com msp.vertare.com.br rmm.natii.com rmm.synextech.net help.rebtech.com dashboard.intrep-it.com rmm.0it.us remote.trumboindustries.com emm.exactsolution.com.br rmm.thegrind.ca rmm.newrockit.com monitoramento.htsconsult.com.br smart.microserviceit.com.br joinme.stardailyit.com monitor.skylan.com.br tech.oortcloudsolutions.com rmm.ipnetpr.com it.osb.mx rmm.m3x.co managed.carrnell.tech rmm.consultcity.com rmm.hilotech.ca mtsdashboard.mauitechsolutions.com msp.qualitysi.com.br rmm.olytechguys.com service.midwestspec.com rmm.protechsmsp.com dashboard.loudnclearllc.com dashboard.4summits.ca rmm.wardellappservices.com noc.rbntecnologia.com.br rmm.goinfotek.com rmm.serviredworking.com monitoring.inrsys.com rmm.tagit08.com rmm.evarotech.ca dash.manntechnologies.net support.forcetechnical.com service.midwest-technology-specialists.com dashboard.asgardindy.com rmm.captiveitsolutions.com dash.mann.cloud dashboard.renovatioit.com.br rmm.microeetc.com.br rmm.bitscorps.com rmm.firstbyte.co rmm.remotechase.com rmm.t3crew.com rmm.texnetservices.com dashboard.firefly-internet.com cliente.somaxi.com.br rmm.cws365.net dashboard.creativetechltd.com dashboard.aptu.com.br dash.kptechnologyservices.com gerencia.altitecnologia.com rmm.atomicinfotech.com rmm.premsoftsolutions.com rmm.intrep-it.com remote.visionos.com rmm.mncopy.com rmm.rustintech.com rmm.integotec.com manage.securedbycss.com monitor.informo.app 43b84dca669e2df347bcec41ef5bc1c1827880cf.vercel-workers.com cashier.justbet.co 4hu44c.com upload1.am.remote.management.cdn.cloudflare.net aherzog-10-08.auth0c.com edge.tenants.aherzog-10-08.auth0c.com staging.bestsecret.com www.am.remote.management upload3.am.remote.management upload4.am.remote.management upload2.am.remote.management upload1.am.remote.management email.bitcoin.com lottery.bitcoin.com cf.exitus-aulavirtual.com api.exchange.bitcoin.com slpdb.bitcoin.com st.exchange.bitcoin.com gifts.bitcoin.com www.ashasandbox2.org prep.ashasandbox2.org games-api.bitcoin.com freed.vip www.valleyparkmo.org privproxy.bitcoin.com vidaxl.co.uk affiliates.bitcoin.com www.greenfield-nh.gov www.belknapcounty.org us.exchange.bitcoin.com reg.exchange.bitcoin.com play01.cdn.bitcoin.com reg.br.exchange.bitcoin.com webtest.br.exchange.bitcoin.com webtest.us.exchange.bitcoin.com st.br.exchange.bitcoin.com auth.us.exchange.bitcoin.com br.exchange.bitcoin.com auth.br.exchange.bitcoin.com api.br.exchange.bitcoin.com api.us.exchange.bitcoin.com s3.us.exchange.bitcoin.com.cdn.cloudflare.net st.us.exchange.bitcoin.com.cdn.cloudflare.net reg.us.exchange.bitcoin.com.cdn.cloudflare.net reg.br.exchange.bitcoin.com.cdn.cloudflare.net webtest.us.exchange.bitcoin.com.cdn.cloudflare.net kyc.us.exchange.bitcoin.com.cdn.cloudflare.net broffice.br.exchange.bitcoin.com.cdn.cloudflare.net kyc.exchange.bitcoin.com.cdn.cloudflare.net broffice.us.exchange.bitcoin.com.cdn.cloudflare.net auth.us.exchange.bitcoin.com.cdn.cloudflare.net api.us.exchange.bitcoin.com.cdn.cloudflare.net admin-api.local.bitcoin.com pooltest.bitcoin.com

Malware Detected on Host

Count: 10 df69a8179c8f88070e032b4f0df53deab23f190a229b4ef4176d752b0bf607a0 b5e731c9b16cad8ea589f43410a5443e7e3930c9840f5210610c9282d7f6cc67 edfc50e5540a62f88157a9118fac1f6cf2f77c76963c73f290377ead3ca3f262 5d8c9aa9679447b5d8bb28c2fc3a86fa44347a2cce6c6162dc858f1399d60a2b e5686c93411ed9631408a34a39750ddc32f3f13404208dac21754d497bdc0849 32c0b2bc82bfaa3186db587272a829bb35e4b2452554d59c81cc51c320aa7079 43b17312f1e6ebb5c67a704a8a35bd10cd8ace9eb16a4f199467cdceb468cb08 5856c174383c5e411353070258db50dc3a3820b749174f6e4e53a194d7de1ee2 d6395cae28dc8db6b47cafaef5e721a63a8383c25d46331b616bfabc4902b2db 08a8ed995b89f7da44198f043d0540bf5d8f501b9696611f9cacbbc2a75f7a40

Open Ports Detected

2082 2083 2086 2087 2095 443 80 8080 8443 8880

Map

Whois Information

• NetRange: 104.16.0.0 - 104.31.255.255
• CIDR: 104.16.0.0/12
• NetName: CLOUDFLARENET
• NetHandle: NET-104-16-0-0-1
• Parent: NET104 (NET-104-0-0-0-0)
• NetType: Direct Allocation
• OriginAS: AS13335
• Organization: Cloudflare, Inc. (CLOUD14)
• RegDate: 2014-03-28
• Updated: 2024-09-04
• Comment: All Cloudflare abuse reporting can be done via https://www.cloudflare.com/abuse
• Comment: Geofeed: https://api.cloudflare.com/local-ip-ranges.csv
• Ref: https://rdap.arin.net/registry/ip/104.16.0.0
• OrgName: Cloudflare, Inc.
• OrgId: CLOUD14
• Address: 101 Townsend Street
• City: San Francisco
• StateProv: CA
• PostalCode: 94107
• Country: US
• RegDate: 2010-07-09
• Updated: 2024-11-25
• Ref: https://rdap.arin.net/registry/entity/CLOUD14
• OrgTechHandle: ADMIN2521-ARIN
• OrgTechName: Admin
• OrgTechPhone: +1-650-319-8930
• OrgTechEmail: rir@cloudflare.com
• OrgTechRef: https://rdap.arin.net/registry/entity/ADMIN2521-ARIN
• OrgAbuseHandle: ABUSE2916-ARIN
• OrgAbuseName: Abuse
• OrgAbusePhone: +1-650-319-8930
• OrgAbuseEmail: abuse@cloudflare.com
• OrgAbuseRef: https://rdap.arin.net/registry/entity/ABUSE2916-ARIN
• OrgRoutingHandle: CLOUD146-ARIN
• OrgRoutingName: Cloudflare-NOC
• OrgRoutingPhone: +1-650-319-8930
• OrgRoutingEmail: noc@cloudflare.com
• OrgRoutingRef: https://rdap.arin.net/registry/entity/CLOUD146-ARIN
• OrgNOCHandle: CLOUD146-ARIN
• OrgNOCName: Cloudflare-NOC
• OrgNOCPhone: +1-650-319-8930
• OrgNOCEmail: noc@cloudflare.com
• OrgNOCRef: https://rdap.arin.net/registry/entity/CLOUD146-ARIN
• RTechHandle: ADMIN2521-ARIN
• RTechName: Admin
• RTechPhone: +1-650-319-8930
• RTechEmail: rir@cloudflare.com
• RTechRef: https://rdap.arin.net/registry/entity/ADMIN2521-ARIN
• RAbuseHandle: ABUSE2916-ARIN
• RAbuseName: Abuse
• RAbusePhone: +1-650-319-8930
• RAbuseEmail: abuse@cloudflare.com
• RAbuseRef: https://rdap.arin.net/registry/entity/ABUSE2916-ARIN
• RNOCHandle: NOC11962-ARIN
• RNOCName: NOC
• RNOCPhone: +1-650-319-8930
• RNOCEmail: noc@cloudflare.com
• RNOCRef: https://rdap.arin.net/registry/entity/NOC11962-ARIN

Links to attack logs

anonymous-proxy-ip-list-2025-06-23 anonymous-proxy-ip-list-2025-06-22