104.18.37.2 Threat Intelligence and Host Information

General

This page contains threat intelligence information for the IPv4 address 104.18.37.2 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Likely Malicious Host 🟠 52/100

Host and Network Information

• Tags: administrator, clr logs, cobalt strike, creation id, extensions id, level, nextron, number

• View other sources: Spamhaus VirusTotal

• Contained within other IP sets: cleanmx_phishing, cleanmx_viruses, hphosts_emd, hphosts_fsa, hphosts_psh

• Country:
• Network:
• Noticed: 1 times
• Protocols Attacked: Anonymous Proxy
• Passive DNS Results: adcext2.optum.com adcext2.optum.com.cdn.cloudflare.net roomtworecordings.com edge.tenants.icims-eu.auth0.com edge.icims-eu.auth0.com wt.icims-eu.auth0.com gcc-jaq-frdirect.com dina02mstrai0o3prod-slot.dxcloud.episerver.net branch-dashboard.takealot.delivery sarahs0external.emrsn.com.cdn.cloudflare.net dina02mstrai0o3.dxp.optimizely.com ingress.icims-eu.auth0.com.cdn.cloudflare.net tccwest.qa1.ludos.com.mx dina02mstrai0o3prep.dxcloud.episerver.net sbgm.co sarahs0external.emrsn.com www.adventist.org icims-eu-master-cd-fxtoe2drpklmvt6k.edge.icims-eu.auth0.com quell.com.au member.badoraa.com prod.develon.site prep.develon.site server2.qa2.ludos.com.mx server1.qa1.ludos.com.mx server1.tcceast.qa2.ludos.com.mx vividseatsapi.discovery-prod.axs.com betirishsports.com server1.tccwest.qa2.ludos.com.mx server2.qa1.ludos.com.mx tcceast.qa2.ludos.com.mx tcceast.qa1.ludos.com.mx server1.tcceast.qa1.ludos.com.mx edit.developer.finra.org dina02mstrai0o3inte-slot.dxcloud.episerver.net equiti.com crm.equiti.com honey.equiti.com webapidevmt5.equiti.com qa-nz-pss-shrsvc-2170-percenterrormonito.az.ssdgws.co.uk prod-dealernet.develon.site qa.ludos.com.mx www.equiti.com thebookofmontero.com qa1.ludos.com.mx www.e-on-direkt.de e-on-direkt.de tony3foods.com server1.qa2.ludos.com.mx server2.tcceast.qa1.ludos.com.mx server2.tccwest.qa1.ludos.com.mx 1diamondcuttingtechnology.com helpdesk.supportnation.com pettycash.sicepat.com ums.sicepat.com uat.jompay.com.my partner.sicepat.com odoo-scbd.sicepat.com support.qa.finra.org etoropro.info rdsapi.sicepat.com new-rdsquery.sicepat.com tmsapi.sicepat.com www.sicepat.com.cdn.cloudflare.net sst.sicepat.com sst.sicepat.com.cdn.cloudflare.net www.jompay.com.my rmr.jnj.com jompay.com.my jefferies-hoaregovett.com betsharkz.com sageservicebusiness.fr welcomesportsbook.com simultan.ch drskycap.site bearnehucharla.cf kowsgramalovguimen.tk blog.nafasena.com marttge.com hghhcaor.xyz allindiayellowpages.com puzztacoun.tk nafasena.com defpietlinom.tk tdifsrktb.site.cdn.cloudflare.net www.nafasena.com smartfryonline.com www.041led.com.br www.atualizacaomilhas2021.com.cdn.cloudflare.net atualizacaomilhas2021.com caloriescounting.com beuforningpranfuncdif.tk epralforswussrac.ml rewornabo.gq www.fitnessandpower.com reledeads.tk 144ginset.xyz parlebiwest.tk gesrasugunsman.cf adanadudakdolgusu.com www.adanadudakdolgusu.com.cdn.cloudflare.net rebitrecentcostwar.tk www.northshoreracks.com northshoreracks.com imilmasro.tk desroliphagi.tk www.ngn.ge ngn.ge www.sicura-mia.com sicura-mia.com fondhunimo.tk i-went.ch trykulties.com devboati.tk cialistrust.com verbomigtufe.ga resemblingeel.club posttatmyriginpa.tk www.oneteamservesyou.com www.slgmf.dk bopzago.tk befithuffwel.ga headraiprimarasprim.tk thunkeehade.tk melgbusota.tk jurnalcakrawala.com foodsee.app exedcarbocentkraf.gq riedistsingchilpylock.tk www.foodsee.app unonmalmorphmcinmor.tk www.top5sitiincontri.it top5sitiincontri.it omcioma.cf tousencibaspiva.tk cpcalendars.vvisea.com www.vvisea.com vvisea.com cpcontacts.vvisea.com rabbokaving.ml digawizikaka.ml temprisungyrensu.tk www.newecomtrend.com newecomtrend.com attainx.store penstorm.org www.penstorm.org anhye0n.me skinbaronjd.ml loginioo.ml elitegadgets.site gkh.co.nz inefintaleg.gq of-onlinestoreindia-ok.live www.farm-shop.dk simp1e-give.xyz georabtikinghobubb.tk ralissellcorlilum.ml animalstore.xyz www.animalstore.xyz cuhousegirl.space shadhinschool.com agugodofud.tk brandedwithfear.net anoborykuhyf.cf pinup-1e.xyz vacagolvembracam.tk inanjamagcoti.tk kaletsmolideta.ml fulvecanheler.ml ofedprodworknitta.tk 358p.com thomasskillman.com alwaysbetteryou.com slgmf.dk beautifyheartyadjutant.top zichoe0.tk www.afire.group oneteamservesyou.com www.onepeopleretreats.com.cdn.cloudflare.net spam-detect.com ketolifeplanner.com www.odellilattractions.com odellilattractions.com galitbaddjagegi.tk corelab.club podumpmicbupawi.tk offertespeciali.online insurewithkaren.com cpcontacts.rddigital.com.br cpcalendars.rddigital.com.br www.concretelosangeles.net pcsupportgeek.com animemarvel.com nice.fruet.xyz www.anasabuhamam.com www.alipay-inc.asia pinadi.co gifts.ngn.ge curldownrakromi.gq lubulkkonfpoverlya.tk aulavirtual.ludicamatematica.com.co.cdn.cloudflare.net mybusiness.creditcard manfurntysawelldest.tk rileperbuipromad.tk 910741.com www.pestcontrol-quotes.com giftcard.premiumsupermercados.com proveedores.premiumsupermercados.com tribafurzamafarm.cf www.rockwhispererllc.com dolgiu24.site cdek.pay-masters.ru yello.io tabla8.xyz 14taxi.ru www.brianvsellsaz.com bestprofitsitetoday.com brianvsellsaz.com humanslife.club www.text-star.com blog.heybabecosmetics.ca lamofaseamefour.ml simpbepcerearbacl.ml ludicamatematica.com.co xsdzs.online voxxx.de trabongrobim.tk vip5516.cn vipmobile4k.club www.voxxx.de bankoftron.org osmaniyeemlak.info snobkidsclertififang.ml rarditomalearnju.ml giburciebharrep.ml rulandappsighdila.ml trodperdketudenont.tk zapatosad.top verkejomyte.ml learharelaci.ml kitchenindo.com www.betkon.ga betkon.ga lookupway.xyz comopuedo.net qorojayewiy.gq clasnoiclicifin.cf dancingqueensworld.com shentongwy.com rearamafilhutel.ml alipay-inc.asia elmetalegchi.ml tijecmebi.tk theischoolikcure.tk adzsow.xyz for-weight.website panel.banuacloud.co.id banuacloud.co.id mellin.design stockmarketprediction.org afire.group clear2pray.com staging-app.clear2pray.com staging-api.clear2pray.com yueiji.cf hotimenpi.tk netstibourno.tk icalprotob.tk ploralkoch.tk www.brandworx.no jonactual.live text-star.com themadjersey.com kikkok-c3.com corabaffcortarand.tk knowadkinacu.tk 5904.me concretelosangeles.net lierensusetu.cf exataddrib.ml hiebutvoven.tk essiberanori.tk couidysrigeh.tk conetisdianewna.tk izesdopraiwocup.ga ertotofnoovadu.tk lirowhitfovi.tk klounesco.online despsichtmycofol.tk profexdoortu.tk elvenzacarpful.tk llevpartcerdisc.tk pestcontrol-quotes.com gbqiyi.com jalicani.tk digicloudhosting.com bolhfae.tk hbcmsmqd.icu highrassahysro.ml daynightfriendship.com tanapteliga.tk jiubetenno.tk satoshididu.com sporineswor.cf mormari1.com frusalsaecia.ml mmd14.cc branerreres.tk viodegecuddhas.ga pleninatusmei.tk icitesin.tk baulingmota.tk videohomemovies.ga iccadechifi.tk folcithacab.tk r52qj.buzz edegumoz.cf 332qm.buzz webckechosthiopor.cf xajudohu.tk 112rl.buzz bad-creditrepair.tk taihokisseivil.tk pin-upp13.com nugupabynole.gq heybabecosmetics.ca mypehojyze.tk gloturol.tk workdasandtac.cf onanuevoscarrosbig.live eczelmudssofgo.ga hxydme.com linbygo.cf coldstartconsulting.com 4569pp.com jensonbuchanan.pp.ua contsiolisrehip.ga reccasuppsmarac.gq canadamoms.ca drexonpoitrophting.ml perrilesteluara.ga pegyzypexofa.tk claudine.online denmakirobeas.cf reidensuamo.tk tovyfowajo.tk pyodonghyeon.tk potsdam-singles.de xadyjefusigo.ml lidwatch.store cudylosepo.ml sperlevalcom.tk atunendog.tk ojimesenme.gq anyhyryhenok.ml doomacusboachan.tk tairhythatmane.tk tkleonglawcorp.com.sg www.rmxassociation.com rmxassociation.com best4deal.in freeebooksgyzrtc.cf wunderdino.de www.guleryuzctp.com guleryuzctp.com www.b2b.pcp.ch b2b.pcp.ch depapp.amelio.co depapi.amelio.co deplogin.amelio.co www.institutartbeaute.com.cdn.cloudflare.net getbamnesty.ga rangete.xyz lindbladblog.com osceolabar.org clachbage.icu www.pgslot978.com pgslot978.com www.banuacloud.co.id login.amelio.co tqclabs.com trrwizard.live www.itsazoohere.com womenrimmingtube.com neuralpulses.com brucsymcitila.ga abincorpora.com brandworx.no secutron.com www.secutron.com taltouchptrasanva.tk ws.sohocoder.tech ymf39.com rc.erichkolb.tech cpcontacts.imagen-web.com cpcalendars.imagen-web.com www.work365.io.cdn.cloudflare.net www.sayeghandsayeghlaw.com pcp.ch imucabkelangdist.tk testapi.amelio.co testlogin.amelio.co nujier.com tihook.xyz rockwhispererllc.com penkaloli.ml pgn-mini.com wanderwonderco.com senevdekal20-gbkazan.com unetulesstef.cf dev.tenglobal.net quistatmogmorico.cf aqualuma.de utizyrykol.ml z2262.com enimavelkar.tk amateurpornxxx.xyz www.mdsa4web.com coachingautomation.com www.coachingautomation.com www.vansshoesromania.ro vansshoesromania.ro cpcalendars.365maxloan.org cpcontacts.365maxloan.org www.brewersonestopshopblog.com be-metastaticbreastcancer-way.live blog.navii.vn iportici-messina.it wwtcirdysxyfytbj.ru www.naga-slots.com naga-slots.com mamaeatstreetfood.it trichmenscastfuhodi.tk chat.thetashablack.com www.chat.thetashablack.com vchat.thetashablack.com do-schizophrenia-fan.live thetashablack.com mu-eclipse.com www.laptopskinvault.com tmizmankecicasi.gq diffgimerecur.tk biotihed.gq www.coldstartconsulting.com www.pcsupportgeek.com www.business-simplify.ro.cdn.cloudflare.net langdigai.com enuntesymtai.gq www.nexttedge.com elexabni.cf cdn1.eandroid.es hongpingguo365.com achamitosidd.cf campusless.com pprsp-kantortamane33.com reibitarfelphand.tk luangknotpon.gq cesyhur.tk imnojifhostsiberg.tk tioruimuferri.tk biramemyma.ml www.nirman-cg.com.cdn.cloudflare.net xmarly.tk definitionofdiabetes.tk cypress-software.com www.you137.com inmarire.ga carpartsrepairmanualsandmore.com myfxjourney.blog etuqegemar.ml mopostfamco.tk xzdved.com.cn.cdn.cloudflare.net www.dortym.com.cn.cdn.cloudflare.net www.ennsab.com.cn.cdn.cloudflare.net www.nyroep.com.cn.cdn.cloudflare.net cdn.tlsrc.xyz taaphotheat.tk www.r2o.com.au cpcalendars.r2o.com.au cpcontacts.r2o.com.au www.tmypdo.shop.cdn.cloudflare.net 8m09.tw imetalen.tk deokuuderos.tk anpiebarpo.ml apdidebo.ml tiger-sw.org cusplink.co yszxpritpd.tk www.omfloerst.be omfloerst.be guicialanasun.gq happyhelp.live mdsa4web.com bpxzhtx.cn lizerrupix.tk heilipdiacen.tk lianepolo.ml cursoalcoolemgel.site mretailmenot.xyz

Open Ports Detected

2082 2083 2086 2087 2095 443 80 8080 8443 8880

Map

Whois Information

• NetRange: 104.16.0.0 - 104.31.255.255
• CIDR: 104.16.0.0/12
• NetName: CLOUDFLARENET
• NetHandle: NET-104-16-0-0-1
• Parent: NET104 (NET-104-0-0-0-0)
• NetType: Direct Allocation
• OriginAS: AS13335
• Organization: Cloudflare, Inc. (CLOUD14)
• RegDate: 2014-03-28
• Updated: 2024-09-04
• Comment: All Cloudflare abuse reporting can be done via https://www.cloudflare.com/abuse
• Comment: Geofeed: https://api.cloudflare.com/local-ip-ranges.csv
• Ref: https://rdap.arin.net/registry/ip/104.16.0.0
• OrgName: Cloudflare, Inc.
• OrgId: CLOUD14
• Address: 101 Townsend Street
• City: San Francisco
• StateProv: CA
• PostalCode: 94107
• Country: US
• RegDate: 2010-07-09
• Updated: 2024-11-25
• Ref: https://rdap.arin.net/registry/entity/CLOUD14
• OrgTechHandle: ADMIN2521-ARIN
• OrgTechName: Admin
• OrgTechPhone: +1-650-319-8930
• OrgTechEmail: rir@cloudflare.com
• OrgTechRef: https://rdap.arin.net/registry/entity/ADMIN2521-ARIN
• OrgAbuseHandle: ABUSE2916-ARIN
• OrgAbuseName: Abuse
• OrgAbusePhone: +1-650-319-8930
• OrgAbuseEmail: abuse@cloudflare.com
• OrgAbuseRef: https://rdap.arin.net/registry/entity/ABUSE2916-ARIN
• OrgRoutingHandle: CLOUD146-ARIN
• OrgRoutingName: Cloudflare-NOC
• OrgRoutingPhone: +1-650-319-8930
• OrgRoutingEmail: noc@cloudflare.com
• OrgRoutingRef: https://rdap.arin.net/registry/entity/CLOUD146-ARIN
• OrgNOCHandle: CLOUD146-ARIN
• OrgNOCName: Cloudflare-NOC
• OrgNOCPhone: +1-650-319-8930
• OrgNOCEmail: noc@cloudflare.com
• OrgNOCRef: https://rdap.arin.net/registry/entity/CLOUD146-ARIN
• RTechHandle: ADMIN2521-ARIN
• RTechName: Admin
• RTechPhone: +1-650-319-8930
• RTechEmail: rir@cloudflare.com
• RTechRef: https://rdap.arin.net/registry/entity/ADMIN2521-ARIN
• RAbuseHandle: ABUSE2916-ARIN
• RAbuseName: Abuse
• RAbusePhone: +1-650-319-8930
• RAbuseEmail: abuse@cloudflare.com
• RAbuseRef: https://rdap.arin.net/registry/entity/ABUSE2916-ARIN
• RNOCHandle: NOC11962-ARIN
• RNOCName: NOC
• RNOCPhone: +1-650-319-8930
• RNOCEmail: noc@cloudflare.com
• RNOCRef: https://rdap.arin.net/registry/entity/NOC11962-ARIN

Links to attack logs

anonymous-proxy-ip-list-2025-06-21 anonymous-proxy-ip-list-2025-06-23 anonymous-proxy-ip-list-2025-06-22