104.18.37.248 Threat Intelligence and Host Information

Jun 22, 2025 ipinfopage

General

This page contains threat intelligence information for the IPv4 address 104.18.37.248 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Likely Malicious Host 🟠 56/100

Host and Network Information

Mitre ATT&CK IDs: T1027 - Obfuscated Files or Information, T1123 - Audio Capture, T1140 - Deobfuscate/Decode Files or Information, T1176 - Browser Extensions, T1566 - Phishing
Tags: acint, adam lee, adware, agent, alexa, alexa top, amazon02, america, android, anonymizer, api blog, apple, artemis, asn15169, asn16509, asn20446, asn54113, asp.net, asyncrat, august, azorult, back, bank, beach research, behav, blacklist, blacklist http, blacklist https, blacknet rat, browsing, centura health, cisco umbrella, cleaner, cobalt strike, coinminer, colorado jobs, communicating, conduit, contacted, control server, cookie, copyright, crack, cyber threat, danger, data.net, de indicators, detection list, docs pricing, domains, downldr, download, dropper, eeo public, emotet, engineering, erika lee, et, exchange, execution, exploit, facebook, fakealert, fastly, filetour, filing url, firehol, first, follow, frankfurt, fusioncore, gamehack, general full, generic, generic malware, genkryptik, germany, gesponsert url, get h2, ghost rat, gmbh version, google, google safe, hacktool, hash, hashes, heur, highwinds3, hiloti, historical ssl, hostname, hostnames, http, http attacker, ice fog, iframe, indonesia, industry and commerce, installpack, ip address, ip summary, jimburkedentistry, july, june, laplasclipper, leder-family, line, listen live, login, main, malicious, malicious site, malicious url, maltiverse, malvertizing, malware, malware site, metasploit, microsoft, million, mimikatz, miner, monitoring, msil, name value, netherlands, nircmd, no data, noname057, november, nr-data.net, nreum, october, oid2, opencandy, outputldjh, page url, pe resource, philadelphia, phishing, phishing site, pinnacol insurance, postrelease, prague, presenoker, protocol h2, ramnit, ransomware, redline stealer, reinsurance, relic, resolutions, resource, reverse dns, riskware, runescape, safe site, sample, samples, scam, search live, security tls, server, service, services, site, skynet, softcnapp, software, ssl certificate, state, states, stealer, steam, subdomains, summary, suppobox, swrort, systweak, tag count, tags, team, threat report, threat roundup, thu dec, thu nov, tiggre, trojan, trojanspy, trojanx, tsara brashears, uah1200, uaw1600, ucd24, uh1200, uhis2, union, united, unsafe, url http, url https, url summary, usd1, us summary, utz60, uw1600, value, variables, wacatac, warning, webtoolbar, whois record, win64, xrat, xtrat, zbot
View other sources: Spamhaus VirusTotal
Contained within other IP sets: hphosts_fsa

Country:
Network:
Noticed: 3 times
Protocols Attacked: Anonymous Proxy
Countries Attacked: United States of America
Passive DNS Results: 4mulherpg.com 7yrv.vip 777rab.com in99bet.com cbmsource-web-500.ytgcdn.com touropg7.com 1mulherpg.com betlua1.org betlua2.org 777sug.vip baronesapg7.com vivoid.vivo.com.br.cdn.cloudflare.net td7779.com goldsbetvip1.com 888slot0.top 888slot2.top 888slot4.top 888slot6.top 888slot9.top audemarspg.cc 222hot0.com 222hot8.com 222hot6.com 222hot7.com 222hot9.com br-enoisjogo.cc sgrs.vivo.com.br.cdn.cloudflare.net 30win05.com 30win09.com 30win07.com 30win08.com 30win02.com 30win06.com 30win04.com 30win03.com 30win01.com touropg-777.com pg-touro.com td7775.com bmsource-oss-500.ytgcdn.com ejcasino16.com ejcasino18.com 333bet18.com 333bet16.com cianopg.net 775bet30.com 775bet28.com ejcasino5.com fun278.com betlua77.org betluapoupar.com vn888slot.net selvapg777.com vn888slot.org vn888slot.online vn888slot.asia 888slot01a.vip 888slot01a.top 888slot01a.com bmsource-oss-7561.ytgcdn.com hellopg0.com hellopg7.com hellopg6.com hellopg8.com hellopg9.com bra99win.com 1929bet2.com 1929bet1.com 1929bet5.com 1929bet3.com 1929bet4.com 8888slot.top betlua55.org 667bet14.com 667bet12.com amigas123.com ejcasino55.com ejcasino33.com ejcasino99.com ejcasino11.com 667bet77.com 667bet99.com 667bet55.com 667bet11.com 667bet33.com mulher123.com bb361.vip bb361.com portaldeassinaturas.vivo.com.br.cdn.cloudflare.net wowjl77free.com cbf365f.com cbf365e.com d257bet.com gameqqq5.com brbrbr1.com 30win32.com kmg777.co pgbbbb.net pgbbbb.win pgcccc.cc vn888slot5.top vn888slot.top fbjogo3.com fbjogo8.com fbjogo5.com fbjogo10.com fbjogo2.com fbjogo1.com fbjogo9.com fbjogo7.com fbjogo4.com fbjogo6.com acemapa.net br-enoisjogo.com br-laelejogo.com 888slot11.com 888slot55.com 0084c.com pays.astonpgpay1.com pay.uu7770.com ogpodaila.aliadopg.me www.22mkbetpay.com www.dud777.me dud777.bet dsd777.com brbrbr1.win 3amigaspg.com 00620.top dsd777.cc www.888slot74.com v716xhz5.wowjllpgw002a.com 2amigaspg.com dompedroead.com.br ejcasino24.com ejcasino26.com 667bet24.com 667bet26.com 667bet20.com 666kfcpg.com wowjiliv4.com wowjiliv5.com 257bet1.com aaamk0.com www.td777.app asso777dt.td777api.com aca7775.com cbf362.com cdnapiif.hellopg.win faat9985.com aipateb266.662betapi.com tigerjogar3.com f88thb.com top881.com top881.co pgtpg.bet pgtpg.me pgtpg.com static1.stg.purepeople.com 881bet.app faat99159.com 999kkdapp.com 30win.cc burberrypg.vip dzd777.com aaamkxz.com www.club7716.com club7716.com fffjogos22.com 667hello.com hyzhifu.cc casinovip255.com web-ejcasino-vip-2025-a8-ejcasino-com.ejcasino-hello.com hkk777.live hellopg5.com amazon-tiger.com fbbr10.com fbbr7.com fbbr1.com fbbr9.com fbbr8.com fbbr6.com fbbr5.com fbbr3.com fbbr4.com fbbr2.com www.775bet.cm umwin.net hellopg.app oneapi.vivo-hml-torpedoempresas.vivo.com.br 97game02.com aaamk.bet 881bet.me jackpotsinaflashplayers.com 765598.com mulherbetpg.com oppo.667wook.com 777banana.cc www.brbrbr4.com 775bet.app awppg.app legalpg.app brbrbr.app brbrbr1.app legalpg.com cbf365j.com cbf365i.com cbf365k.com wowj88.com 30win.pro tigerjogar6.com m.abtvpg.com 333bet333.com www.ejcasinopay.cc www.menina777.com.br www.777banana.cc 9996beta.vip kmg777.top betlua22.org betlua11.org app.777dub.com app.1burberry.com www.mulherpg.com www.777mm4.com www.menina777.net www.uu7772.com elsa777.win uois-5327.saas.squiz.cloud 667bet.vip app.abtvpg.co app.coroarari.com www.400jogoappapp.com vip.mmdbet.bet mulherpg.com ee7772.com app.earth-pg.com www.casinovip055.com 333bet9.com 9533bet.com www.gameqqq.com 50jogoappapp.com q.1amigaswin.com elsa777.vip www.400jogo5.com app.abtvpg.com www.yep777.org www.fffjogos99.com app.777kim.org app.music-pg.com hellopg.casinovip678.com vip.abtvp.com hellopg.casinovip234.com www.mmdbet.bet 90jogo3.com 50jogo4.com 200jogo.com cdnapiif.earth-pg.com gemspg.vip m.7yrvs.com www.tigerjogar3.com casinovip655.com 88slots.vip api.yep777.vip www.casinovip955.com 777wzw.org app.777sug.vip cdnapiif.librapg.biz www.333bet333.com www.777sug.vip www.roma-pg.com 777plus.city www.aaamk.bet 22mkbet.win www.777rifa6.com m.7yrv.vip app.cora2024.com app.348bet3.com 777plus.club 777plus.com va1hpg.cc bfb7770.com aj-pgtpg.vip app.pgtpg.me app.pgtpg.bet zf.kftopb.com cbmsource-api.ytgcdn.com eagny.gamebatom.com zf.roma-pg.com www.kkpwin8.com www.aaamkpay.com yep777.pro top882.net dsd777.me dud777.vip www.dud777.cc top882.vip top882.bet brl55.shop brl55.com 333kfcpg.com top881.app top881.bet faat99165.com pgcccc.net gergvffd.ndbgh.com www.1929bet.news faat99166.com wowjiliv9.com hml-fibrasim.vivo.com.br wowjiliv8.com 5amigaspg.com www.rw88333.com wxej7b2.wowjlpay2.com faat99149.com rw88111.com faat99102.com www.rw8844.com selvapg.bet m.slot8888.top faat99108.com faat99150.com faat99152.com www.ying123.vip umwin.com umwin9.com fffjogos.com www.hellopg6.com music-pg.com www.mundopg.vip app.fffjogos66.com vividragonpg.app betlua22.com betlua11.com mundopg.vip w1-s-maxpg.com wegweiser-neurodermitis.de 333bet.bet ejcasino10.com 667bet16.com 667bet18.com 667bet10.com club7712.com club7713.com www.333bet16.com www.f88facai.com cdnapiif.selvapg.bet c5978-bmsource-api.ytgcdn.com 986177.com faat99132.com cdnapiif.gameqqq.com rw88777.com ejcasino12.com ejcasino14.com 22lua.vip pay.97game08.com www.888slot97.com amigas2024.com ejcasino77.com elsa777.cm 11lua.vip 33lua.vip rw8877.com 775bet38.com 775bet35.com q.amigas123.com minhasenha.pagseguro.uol.com.br took.ejwook.com 257bet.top www.775bet38.com 1mulherbetpg.com cbf365a.com cdnapiif.222hot8.com www.88slots55.com 775bet29.com 400jogo.com www.cbf365d.com cbmsource-web-5819.ytgcdn.com loja.pagseguro.uol.com.br.cdn.cloudflare.net 775bet45.com 777sug.cc 777rifa.me lovejogar.app www.222hot0.com www.222hot9.com 9996bet.xyz faat99151.com cadastro.pagseguro.uol.com.br.cdn.cloudflare.net rw8800.top beneficios.vivo.com.br www.aimo.se.cdn.cloudflare.net faat99110.com faithslote.vip www.257bet2.com rw8800.net rw8844.net static.purepeople.com ves777.me 58win3.bet rw88002.com rw88001.com rw88003.com ceupg.vip www.333bet12.com ceupg.pro 333bet10.com 333bet14.com garotapg555.com 333bet12.com menina777.am ee777.com uu7772.com umwin8.com 999kkdb.vip gameccc5.com aca7774.com garotapg222.com m.piagetbet.cc yep777.com gemsspg.com api.777plus.city www.elsa777.cm www.22mkpay.com www.ksbom.com www.ariesaj.co www.777dub.org app.piabetbet.vip app.777kim.win 667bet3.com www.hkk777.live app.touroaj.vip www.hkk777.bet vip.abtvpg.co www.200jogo4.com www.elsa777.net www.ggggame.com casinovip234.com m.earthpg.bet cdnapiif.amigaspg.com baronesapg.net q.2mulherpg.com www.garotapgapp.com umwin3.com www.aca7774.com cdnapiif.lindapg.com pay.lindapg.com www.coroarari.com q.2amigaswin.com app.elsa777.net www.lllboi.xyz www.775bet53.com www.400jogo6.com gameccc4.com www.ggggamepay3.com aaamk1.com cdnapiif.fffjogos22.com cdnapiif.garotapg111.com cdnapiif.777rab.win cdnapiif.club77app.com 777pe.com m.romapg.bet winjj.store www.777mm5.com ejcasino.vip pay.ee7770.com musicpg.bet cdnapiif.hellopg.com www.appaaamk.com www.aaamkapp.com zf.romapg.bet kkpwin9.com hellopg.com www.fffjogos00.com www.777rifa.vip api.yep777.pro librapg.bet m.mundopg.com cccgame.com zf.musicpg.bet aaamk7.com www.88slots.com www.777sug.cc 474bet6.com vip.romapg.bet www.777wzw.win www.777ns.net www.474bet6.com 777ns.win www.a7pg.biz 66casinovip.com 667bet.app 58win2.bet elsa777.ee vivovantagens.vivo.com.br dud777.co dud777.win dud777.cc gameqqqappapp.com joguejunto.vivo.com.br earthpg.bet ws.pagseguro.uol.com.br ws.pagseguro.uol.com.br.cdn.cloudflare.net

Malware Detected on Host

Count: 21 2b80beedc8cb7670097893fa5e9e7e4baba82add3f861512994c7e3bf5fc6196 ba4ed399f796b3213aa1715b93491a2652e908ac2a4b4c2715d93549ba2d2747 53515d1277e86607ef578fa0b89f7d00ea0789bf38fae4b20bd8907705f71d47 0cd90934ebabc8b42fb5c6b1a738b6f977a63f730f7ccaffcaa0b98d739e0f74 0d8e6c65980f7238364d19b67264600b2d6352003446938ea782e06fb140cec9 b272c97b881bc6e2c7f7988b1f251a0522bef339b1eca28128862d0390dcdb27 347611795243c1ef812316b8f36cd88a626a4e340a4e20c4f4f22fc46def40f0 d46d2cda922260e21c55359f870fad553929ddec523099ea0671594b5dffa6b0 4c1ea4e484ed43515dce630a0a3c3f10916765f6f35a352bcf1041c1a75e168f 334b0444abb739059082f78821e27838400f9d66c53163ea72cd86904ee8c9da

Open Ports Detected

2082 2083 2086 2087 2095 2096 443 80 8080 8443 8880

Map

Whois Information

NetRange: 104.16.0.0 - 104.31.255.255
CIDR: 104.16.0.0/12
NetName: CLOUDFLARENET
NetHandle: NET-104-16-0-0-1
Parent: NET104 (NET-104-0-0-0-0)
NetType: Direct Allocation
OriginAS: AS13335
Organization: Cloudflare, Inc. (CLOUD14)
RegDate: 2014-03-28
Updated: 2024-09-04
Comment: All Cloudflare abuse reporting can be done via https://www.cloudflare.com/abuse
Comment: Geofeed: https://api.cloudflare.com/local-ip-ranges.csv
Ref: https://rdap.arin.net/registry/ip/104.16.0.0
OrgName: Cloudflare, Inc.
OrgId: CLOUD14
Address: 101 Townsend Street
City: San Francisco
StateProv: CA
PostalCode: 94107
Country: US
RegDate: 2010-07-09
Updated: 2024-11-25
Ref: https://rdap.arin.net/registry/entity/CLOUD14
OrgTechHandle: ADMIN2521-ARIN
OrgTechName: Admin
OrgTechPhone: +1-650-319-8930
OrgTechEmail: rir@cloudflare.com
OrgTechRef: https://rdap.arin.net/registry/entity/ADMIN2521-ARIN
OrgAbuseHandle: ABUSE2916-ARIN
OrgAbuseName: Abuse
OrgAbusePhone: +1-650-319-8930
OrgAbuseEmail: abuse@cloudflare.com
OrgAbuseRef: https://rdap.arin.net/registry/entity/ABUSE2916-ARIN
OrgRoutingHandle: CLOUD146-ARIN
OrgRoutingName: Cloudflare-NOC
OrgRoutingPhone: +1-650-319-8930
OrgRoutingEmail: noc@cloudflare.com
OrgRoutingRef: https://rdap.arin.net/registry/entity/CLOUD146-ARIN
OrgNOCHandle: CLOUD146-ARIN
OrgNOCName: Cloudflare-NOC
OrgNOCPhone: +1-650-319-8930
OrgNOCEmail: noc@cloudflare.com
OrgNOCRef: https://rdap.arin.net/registry/entity/CLOUD146-ARIN
RTechHandle: ADMIN2521-ARIN
RTechName: Admin
RTechPhone: +1-650-319-8930
RTechEmail: rir@cloudflare.com
RTechRef: https://rdap.arin.net/registry/entity/ADMIN2521-ARIN
RAbuseHandle: ABUSE2916-ARIN
RAbuseName: Abuse
RAbusePhone: +1-650-319-8930
RAbuseEmail: abuse@cloudflare.com
RAbuseRef: https://rdap.arin.net/registry/entity/ABUSE2916-ARIN
RNOCHandle: NOC11962-ARIN
RNOCName: NOC
RNOCPhone: +1-650-319-8930
RNOCEmail: noc@cloudflare.com
RNOCRef: https://rdap.arin.net/registry/entity/NOC11962-ARIN

Links to attack logs

anonymous-proxy-ip-list-2025-06-21

Share on: