104.18.4.195 Threat Intelligence and Host Information

General

This page contains threat intelligence information for the IPv4 address 104.18.4.195 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Possibly Malicious Host 🟢 5/100

Host and Network Information

• View other sources: Spamhaus VirusTotal

• Country:
• Network:
• Noticed: 1 times
• Protocols Attacked: Anonymous Proxy
• Passive DNS Results: stjamesparish.geniussis.com darkfoxmarket24.com kyworkforce.geniussis.com tdem.geniussis.com utahonline.geniussis.com taskaa.in ivla.geniussis.com ohsu.geniussis.com lcv.geniussis.com scva.geniussis.com wvosa.geniussis.com enterprise-test.geniuslearning.com cadir-test.geniussis.com saalburg-ferienwohnung.de www.cloacademy.online qa-nl-htn-apd-4936-nightlyprstestsourceb.az.ssdgws.co.uk cybervance.geniussis.com qa-ca-92l-testfbmvp-23201-removedrupalco.az.ssdgws.co.uk chicbagindia.com edm.geniussis.com www.zrobank.com.br capost.geniussis.com qsivirtual.geniussis.com learn.nmcourts.gov mresa.geniussis.com microlins.geniussis.com fhwanhi.geniussis.com sis.ethosschool.org usafsos.geniussis.com download.discom.de cfdemolab-zone-0000012637.cfdemolab.xyz onamatics.com governanceinstitute.geniussis.com vhs.geniussis.com zro.com.br ecu.geniussis.com qa-gb-ulb-fixfbmvp-21851-fixtrailingslas.az.ssdgws.co.uk fdic.geniussis.com moric.geniussis.com scwhitmore.geniussis.com ibet365.bet vvasandbox.geniussis.com accamargo.geniussis.com clo3d.geniussis.com kubetaz.club discoveryofgrill.top dot.geniussis.com aapc.geniussis.com vtvlc.geniussis.com www.discoveryofgrill.top byuohs.geniussis.com mtda.geniussis.com dor.geniussis.com nitalaska.geniussis.com discom.de upskilling.gvsu.edu idxlosangeles.com continuingstudies-test.alaska.edu dseu.geniussis.com azed.geniussis.com dysva.geniussis.com gavssandbox.geniussis.com bped.geniussis.com forhealthconsultinglearning.org demo.geniussis.com advancecaregivers.geniussis.com qbcc.geniussis.com fdacs.geniussis.com h233q.copy.paastest.co.uk de-ie-kqf-sc-26846-eod-generation-error4.socrates.ssdgws.co.uk ncat.geniussis.com pwcdfr.geniussis.com waterfront.geniussis.com flamingolearning.geniussis.com anthcbha.geniussis.com shsu.geniussis.com uaa.geniussis.com ccldacb.geniussis.com mivu.geniussis.com dc3cta.geniussis.com firesafetydivision.com astravo.myschool.org sunwest.geniussis.com www.semiconeuropa.org dgs.geniussis.com ue.geniussis.com cova.myschool.org fl.geniussis.com laurelsprings.geniussis.com blyth.geniussis.com nsa.geniussis.com jedi.geniussis.com qa-no-rxt-fbmvp-14157-tempincreasebuildt.az.ssdgws.co.uk gs-verein.eu bellevuesandbox.geniussis.com bellevue.geniussis.com stage.bookshop.adventistbiblicalresearch.org qa-no-8un-apd-1900-postgresflexibleavail.az.ssdgws.co.uk qa-nz-zun-apd-1875-upliftdgwsversion.az.ssdgws.co.uk store.adventistbiblicalresearch.org uat.elmers.com.au pausaparavida.com.br tylertestingfive.com.rmistest.com www.tylertestingfive.com.rmistest.com archive.adventistbiblicalresearch.org qa-se-9xo-cmsrd-000-test-automation-env.az.ssdgws.co.uk www.ozurdexprecisionprogram.com greenbush.geniussis.com cdss.geniussis.com api.azpoccloudlot23.iasp.tgscloud.net adventistbiblicalresearch.org genius.flamingolearning.com vva.geniussis.com learn.qbcc.qld.gov.au csa.regalrexnord.com mctft.geniussis.com cfsd.geniussis.com learn.infotech.com geniussis.advancecaregivers.org connectdev1.entrustdatacard.com test2.entrustdatacard.com www.entrustdatacard.com testtlac.entrustdatacard.com test.entrustdatacard.com tko.entrustdatacard.com tlac.entrustdatacard.com testtlac2.entrustdatacard.com testtko2.entrustdatacard.com tvo.geniussis.com caparks.geniussis.com virtualscpd.geniussis.com qa-ie-ylg-fbmvp-10847-nlopicaltranslatio.az.ssdgws.co.uk www.misspap.com connecttest.entrustdatacard.com api.expert.ai wen.geniussis.com campeonatoalagoano.bradotv.com alagoano.bradotv.com tvlec.bradotv.com server1.tcceast.qa1.xconnect.v2.kc-childcare.com server1.tcceast.qa3.xconnect.v2.kc-childcare.com server1.tccwest.qa3.xconnect.v2.kc-childcare.com server1.qa2.xconnect.v2.kc-childcare.com server1.tccwest.qa2.xconnect.v2.kc-childcare.com server1.qa3.xconnect.v2.kc-childcare.com server2.tcceast.qa2.xconnect.v2.kc-childcare.com server2.tcceast.qa1.xconnect.v2.kc-childcare.com server2.qa2.xconnect.v2.kc-childcare.com qa3.xconnect.v2.kc-childcare.com qa1.xconnect.v2.kc-childcare.com server2.qa3.xconnect.v2.kc-childcare.com tcceast.qa3.xconnect.v2.kc-childcare.com tccwest.qa3.xconnect.v2.kc-childcare.com tccwest.qa1.xconnect.v2.kc-childcare.com server1.tccwest.qa1.xconnect.v2.kc-childcare.com server1.qa1.xconnect.v2.kc-childcare.com server1.tcceast.qa2.xconnect.v2.kc-childcare.com server2.tccwest.qa1.xconnect.v2.kc-childcare.com server2.qa1.xconnect.v2.kc-childcare.com tcceast.qa1.xconnect.v2.kc-childcare.com tcceast.qa2.xconnect.v2.kc-childcare.com qa2.xconnect.v2.kc-childcare.com server2.tccwest.qa3.xconnect.v2.kc-childcare.com server2.tcceast.qa3.xconnect.v2.kc-childcare.com tccwest.qa2.xconnect.v2.kc-childcare.com server2.tccwest.qa2.xconnect.v2.kc-childcare.com qa.xconnect.v2.kc-childcare.com qa-fi-ep7-fixfbmvp-10387-addheaderstoreq.az.ssdgws.co.uk adp.entrustdatacard.com www.adp.entrustdatacard.com dwws.geniussis.com governmenttraining.geniussis.com fiori.expert.ai cityofhope.geniussis.com networkhealth.com dcsslearn.geniussis.com gsn.geniussis.com configurator.regalrexnord.com faq.regalrexnord.com myhr.regalrexnord.com sunwestcap.geniussis.com myrr.regalrexnord.com sitecore93stage.heart.org io.geniussis.com www.brookfield.k12.ct.us.cdn.cloudflare.net regalrexnord.com sps-bb.mcphs.edu etoro.net.cn gatech.geniussis.com autobedrijfluesink.nl chs.geniussis.com daje.expert.ai riemersma-autos.nl www.dxctngnadxc77po5inte.meetingpoint.vn dgsu.geniussis.com oedmtraining.ct.gov plp.michiganvirtual.org noncredit.online.uconn.edu azure-testone.expert.ai azure-testone.api.expert.ai azure-test.api.expert.ai azure-test.expert.ai expert.ai www.expert.ai trainingqa.disney.com dbrlogcarriers.rmistest.com nwiccarriers.rmistest.com fridgiocarrieronboarding.rmistest.com skinportmedia.com prod.lucidsound.com usda.geniussis.com maintenance.regalrexnord.com san.tribal.credit www.pausaparavida.com.br doclearn.geniussis.com gavs.geniussis.com myhr.regalrexnord.com.cdn.cloudflare.net whitehatcarrierstestonly.rmistest.com media.regalrexnord.com uwsi.geniussis.com 11afe6536ca7ba47205935d6be1ef3abc58c1363.vercel-workers.com b373a0c600260bd931d18642e163413fb8e866bf.vercel-workers.com mn.geniussis.com cdnflv.net ids.regalrexnord.com adomal.geniussis.com datapack.regalrexnord.com images.heycolor.com do-content.heycolor.com www.ccrl.co.in gmail.hoxhunt-sre.dev admin.hoxhunt-sre.dev public.hoxhunt-sre.dev www.regalrexnord.com www.regalrexnord.com.cdn.cloudflare.net heycolor.com myhrselfservice.regalrexnord.com edge.tenants.verif-58f03596e3fbdb75c2e7.auth0app.com verif-58f03596e3fbdb75c2e7.auth0app.com flair.rapidascent.com genius.rapidascent.com sense.hoxhunt-sre.dev my-test.sourcewellstream.org my.sourcewellstream.org www.lucidsound.com ptcadmin.com sub.dxctngnadxc3p9u4prod.paastest.co.uk portal.myschool.org scs.geniussis.com observability.hoxhunt-sre.dev ccrl.co.in dev-cloudflare-cdn.contentstack.com int.yara.rs portal.ged.ilc.tvo.org kyeducourses.ky.gov cova.astravo.org freedom.astravo.org coda.astravo.org training.disney.com sis.responsiveed-arkansas.com www.eplearners.com blackboard.dcss.ca.gov cacwt.dss.ca.gov cdsslearningmanagement.dss.ca.gov sis.vlacs.org www.dlcgo.ca portal.ilc.tvo.org portal.ilc.org www.adidasprelines.com www.adidasmeetings.com sis.eliteopenschool.org my.vhslearning.org mymizzouk12.missouri.edu learn.ue.org learn.sccourts.org learning.dgs.ca.gov education.statistics.com www.lisbonct.com www.brookfield.k12.ct.us wtma.geniussis.com geniussis.com www.virginiaems.training dev.lucidsound.com inte.lucidsound.com pre.lucidsound.com www.visitvejle.de velocitize.com www.velocitize.com oauth.hoxhunt-sre.dev insights.hoxhunt-sre.dev auth.hoxhunt-sre.dev www.ratu303m.com ratu303m.com email-client.hoxhunt-sre.dev dev.tappable.io dash.hoxhunt-sre.dev dev-api.tappable.io freemusictribe.com dash-beta.hoxhunt-sre.dev officejs.hoxhunt-sre.dev api.hoxhunt-sre.dev www.lisbonct.com.cdn.cloudflare.net game.hoxhunt-sre.dev app.hoxhunt-sre.dev response.hoxhunt-sre.dev www.visitvejle.de.cdn.cloudflare.net star-stable.fi legacy-app.hoxhunt-sre.dev www.simplymigrate.com.cdn.cloudflare.net www.hellofresh.be.cdn.cloudflare.net pre.yara.rs.cdn.cloudflare.net admiral-sloty.co z6g1prod.paastest.nl 5g9s179kfgx9wn8tqwj9-xu3z3t-cfl.p5cdn.com.cdn.cloudflare.net 933ye.com www.50s.com.cn

Malware Detected on Host

Count: 1 67c438df1b532b111d74f8ffdd435795494fe37cf135a6cc563a4b5bc4c34c95

Open Ports Detected

2052 2082 2083 2086 2087 2095 443 80 8080 8443 8880

Map

Whois Information

• NetRange: 104.16.0.0 - 104.31.255.255
• CIDR: 104.16.0.0/12
• NetName: CLOUDFLARENET
• NetHandle: NET-104-16-0-0-1
• Parent: NET104 (NET-104-0-0-0-0)
• NetType: Direct Allocation
• OriginAS: AS13335
• Organization: Cloudflare, Inc. (CLOUD14)
• RegDate: 2014-03-28
• Updated: 2024-09-04
• Comment: All Cloudflare abuse reporting can be done via https://www.cloudflare.com/abuse
• Comment: Geofeed: https://api.cloudflare.com/local-ip-ranges.csv
• Ref: https://rdap.arin.net/registry/ip/104.16.0.0
• OrgName: Cloudflare, Inc.
• OrgId: CLOUD14
• Address: 101 Townsend Street
• City: San Francisco
• StateProv: CA
• PostalCode: 94107
• Country: US
• RegDate: 2010-07-09
• Updated: 2024-11-25
• Ref: https://rdap.arin.net/registry/entity/CLOUD14
• OrgNOCHandle: CLOUD146-ARIN
• OrgNOCName: Cloudflare-NOC
• OrgNOCPhone: +1-650-319-8930
• OrgNOCEmail: noc@cloudflare.com
• OrgNOCRef: https://rdap.arin.net/registry/entity/CLOUD146-ARIN
• OrgTechHandle: ADMIN2521-ARIN
• OrgTechName: Admin
• OrgTechPhone: +1-650-319-8930
• OrgTechEmail: rir@cloudflare.com
• OrgTechRef: https://rdap.arin.net/registry/entity/ADMIN2521-ARIN
• OrgAbuseHandle: ABUSE2916-ARIN
• OrgAbuseName: Abuse
• OrgAbusePhone: +1-650-319-8930
• OrgAbuseEmail: abuse@cloudflare.com
• OrgAbuseRef: https://rdap.arin.net/registry/entity/ABUSE2916-ARIN
• OrgRoutingHandle: CLOUD146-ARIN
• OrgRoutingName: Cloudflare-NOC
• OrgRoutingPhone: +1-650-319-8930
• OrgRoutingEmail: noc@cloudflare.com
• OrgRoutingRef: https://rdap.arin.net/registry/entity/CLOUD146-ARIN
• RAbuseHandle: ABUSE2916-ARIN
• RAbuseName: Abuse
• RAbusePhone: +1-650-319-8930
• RAbuseEmail: abuse@cloudflare.com
• RAbuseRef: https://rdap.arin.net/registry/entity/ABUSE2916-ARIN
• RNOCHandle: NOC11962-ARIN
• RNOCName: NOC
• RNOCPhone: +1-650-319-8930
• RNOCEmail: noc@cloudflare.com
• RNOCRef: https://rdap.arin.net/registry/entity/NOC11962-ARIN
• RTechHandle: ADMIN2521-ARIN
• RTechName: Admin
• RTechPhone: +1-650-319-8930
• RTechEmail: rir@cloudflare.com
• RTechRef: https://rdap.arin.net/registry/entity/ADMIN2521-ARIN

Links to attack logs

anonymous-proxy-ip-list-2025-06-23 anonymous-proxy-ip-list-2025-06-22