104.18.40.240 Threat Intelligence and Host Information

Oct 21, 2025 ipinfopage

General

IP Address

104.18.40.240

IPv4 Address

Location

Unknown

Network

AS13335

CLOUDFLARENET

Threat Score

60/100

High Risk

aaaaabxcdeacceptactiverelatedaddedactiveaddress

Attack Intelligence

MITRE ATT&CK Techniques

T1003.008 - /etc/passwd and /etc/shadow, T1003 - OS Credential Dumping, T1005 - Data from Local System, T1012 - Query Registry, T1027 - Obfuscated Files or Information, T1036 - Masquerading, T1041 - Exfiltration Over C2 Channel, T1047 - Windows Management Instrumentation, T1053 - Scheduled Task/Job, T1055 - Process Injection, T1057 - Process Discovery, T1060 - Registry Run Keys / Startup Folder, T1071 - Application Layer Protocol, T1081 - Credentials in Files, T1082 - System Information Discovery, T1105 - Ingress Tool Transfer, T1110.002 - Password Cracking, T1112 - Modify Registry, T1113 - Screen Capture, T1119 - Automated Collection, T1129 - Shared Modules, T1132 - Data Encoding, T1140 - Deobfuscate/Decode Files or Information, T1143 - Hidden Window, T1480 - Execution Guardrails, T1518 - Software Discovery, T1553 - Subvert Trust Controls, T1568 - Dynamic Resolution, T1583 - Acquire Infrastructure

Open Ports Detected

2053

Geographic Location

Country

Unknown

City

Unknown

Region

Unknown

Coordinates

0.0000, 0.0000

Geographic coordinates not available for this IP.

Network Information

ASN

AS13335

Organization

CLOUDFLARENET

Network

AS13335 CLOUDFLARENET

WHOIS Information

NetRange

104.16.0.0 - 104.31.255.255

CIDR

104.16.0.0/12

NetName

CLOUDFLARENET

NetHandle

NET-104-16-0-0-1

Parent

NET104 (NET-104-0-0-0-0)

NetType

Direct Allocation

OriginAS

Organization

Cloudflare, Inc. (CLOUD14)

RegDate

2010-07-09

Updated

2024-11-25

Comment

Geofeed: https://api.cloudflare.com/local-ip-ranges.csv

Ref

https://rdap.arin.net/registry/entity/CLOUD14

OrgName

Cloudflare, Inc.

OrgId

CLOUD14

Address

101 Townsend Street

City

San Francisco

StateProv

PostalCode

94107

Country

OrgNOCHandle

CLOUD146-ARIN

OrgNOCName

Cloudflare-NOC

OrgNOCPhone

+1-650-319-8930

OrgNOCEmail

noc@cloudflare.com

OrgNOCRef

https://rdap.arin.net/registry/entity/CLOUD146-ARIN

Country:
Network:
Noticed: 8 times
Protocols Attacked: Anonymous Proxy
Countries Attacked: Anguilla, Aruba, Bahamas, Barbados, Canada, Georgia, Guatemala, Ireland, Japan, Kenya, Mexico, Netherlands, Panama, Philippines, Poland, Sint Maarten (Dutch part), Slovakia, Tanzania United Republic of, Ukraine, United Arab Emirates, United Kingdom of Great Britain and Northern Ireland, United States of America
Passive DNS Results: smartsoft-api.luckyfish.co.za portal.lew-verteilnetz.de stake1032.com maintenance.luckyfish.co.za monevaluationfoncierenb.ca premium-demo01.luckyfish.co.za prep.molnlycke.us luckyfish.co.za payfast-payment.luckyfish.co.za statement-api.luckyfish.co.za register-prelive.luckyfish.co.za resulting-cache-api.luckyfish.co.za ownpaycapitec-payment.luckyfish.co.za results-cache-api.luckyfish.co.za signature.luckyfish.co.za tvbet-api.luckyfish.co.za peach-payment-eft.luckyfish.co.za zendesk-api.luckyfish.co.za premium-demo04.luckyfish.co.za northamerica.mondigroup.com inplaysignalr.luckyfish.co.za register.luckyfish.co.za www.luckyfish.co.za dev.transform-epi.oma.org dev.oma-epi-temp.oma.org.cdn.cloudflare.net staging.php-epi.oma.org.cdn.cloudflare.net intemy.molnlycke.us.cdn.cloudflare.net prod.learn-epi.oma.org.cdn.cloudflare.net staging.transform-epi-temp.oma.org.cdn.cloudflare.net dev.transform-epi-temp.oma.org.cdn.cloudflare.net staging.temp-epi.oma.org.cdn.cloudflare.net shop-cm.ringnes.no.cdn.cloudflare.net dev.php-epi-temp.oma.org.cdn.cloudflare.net prod-temp.php.oma.org.cdn.cloudflare.net staging.oma.org.cdn.cloudflare.net prod.oma-epi.oma.org prod.oma-epi.oma.org.cdn.cloudflare.net portal.lew-verteilnetz.de.cdn.cloudflare.net www.molnlycke.us.cdn.cloudflare.net intemy.molnlycke.us staging.temp-epi.oma.org url2149.stake1032.com js-na2.hs-banner.com prod.learn-epi.oma.org shop-cm.ringnes.no www.ringnes.no.cdn.cloudflare.net staging.php-epi.oma.org dev.php-epi-temp.oma.org prod-temp.php.oma.org dev.oma-epi-temp.oma.org Staging.oma.org dev.transform-epi-temp.oma.org staging.transform-epi-temp.oma.org mined.squizedge.cloud educationcounts.govt.nz content.oma.org staging.omf-epi-temp.oma.org dev.omf-epi-temp.oma.org js.hs-banner.com staging.omf-epi-temp.oma.org.cdn.cloudflare.net prod-temp.oma.org.cdn.cloudflare.net content.oma.org.cdn.cloudflare.net prod-temp.transform.oma.org.cdn.cloudflare.net dev.omf-epi-temp.oma.org.cdn.cloudflare.net staging.oma-epi-temp.oma.org prod.php-epi.oma.org staging.omf-epi.oma.org staging.omf-epi.oma.org.cdn.cloudflare.net prod.php-epi.oma.org.cdn.cloudflare.net dev.temp-epi.oma.org php.oma.org php.oma.org.cdn.cloudflare.net dev.oma-epi.oma.org dev.php-epi.oma.org commcloud.prod-bblb-gnc-com.cc-ecdn.net staging.php-epi-temp.oma.org lectinbarrier.com www.ringnes.no staging.oma-epi.oma.org prod-temp.transform.oma.org staging.transform-epi.oma.org prod-temp.oma.org www.oma.org fnbwinnsboro.com caninesuperherbs.com www.oma.org.cdn.cloudflare.net www.exvip17.com virtussharedservices.com globalhealth.com www.globalhealth.com www.whbanking.com whbanking.com www.vastauksesi-ratkaisevat.com erikseuro.com paslaugos.lt www.paslaugos.lt static.paslaugos.lt uat.api.eu.dexcomdev.com www.maispfizer.com.br.cdn.cloudflare.net cerave.com.es www.beta.paslaugos.lt beta.paslaugos.lt btcturk.com kerastaseetmoi.fr ra-rxmedicine.com www.ra-rxmedicine.com skycapstar.site modhorse.net snubabanre.ga ekacandles.com yh15g.com topfinding.store cpcalendars.wesocioo.com cpcontacts.wesocioo.com www.wesocioo.com lucarkyoty.ga iberryt.com columnwinno.com dergrubeducci.cf lelocu.ml bioglocbiogravde.tk niolarlutadeca.cf atuamsokemalri.tk xacouborpnega.cf dbzkan.xyz verresenroators.tk www.dragonclub.es dragonclub.es arlimilynn.ml www.escudosyheraldica.com vervezamalmy.ml www.ironmu.com.my ironmu.com.my cluetrace.co.uk www.donate.zoo.wtf donate.zoo.wtf cpcontacts.dlearning.gr cpcalendars.dlearning.gr amkvhechain.gq diaterigecewood.gq confidequalitysensation.cyou customassignments.org higold.com.hk reffacefider.ga kanijasex.icu rxuk.bcaqshs.top cooseni.xyz galife.com.tw vpayu.in sumlesscoolgltendisp.tk propquelbumovinil.cf jlxpis.co www.ydraft.top tienda.escudosyheraldica.com quojawbconfpresuab.ga tak534tiop6.cyou estranem.ga svererdemenbaki.tk metboza.tk monvireadusttopot.ml ozmotalirape.tk ydraft.top palmettodentalgroup.com sweetbeetexas.com getyourfuzebug.com sao-santomloei.go.th www.yorkchiropractors.com www.m.provinceespress.com gigi5.com fectseelerotutalk.tk urtermelero.ml appedaringjohn.tk nuputi.gq goodmethode.com xdelulbagua.tk u12j8a.vip 3dnature.aprclient.com www.thescreendepot.com fiftyfiftybottlestore.com www.slacklineinternational.org www.trustship.vn trustship.vn 607ok.com www.yyt26n.shop.cdn.cloudflare.net yyt26n.shop.cdn.cloudflare.net veroneekay.website aviacionsostenible.online tseladspacunber.tk fleetfeetbagsle.today witahatechan.tk vadconv.com www.mpcostumes.eu.org valanceprincipledsupplier.website staging2.marketdojo.com.cdn.cloudflare.net www.placeduparc.ca tinpaybomcohendpics.tk ketobrones.ml gadgetpintar.online www.shhh.by shhh.by discountgame.altervista.org.cdn.cloudflare.net www.shopq8kw.com cs-openi.money shopq8kw.com streamcommunintty.com 724livecasino.com ibuild.site www.ibuild.site redgaterecruit.co.uk roipaleteresen.cf newhitsonly.com elefococalot.ga succlapicheedi.cf natural-musclestoday.com asivsenmata.tk egotevin.tk speedyloans.com.co energy-190.ru tumzuikaze.icu bet-ly.xyz thewinter.co peersian360.com colortex.protexargentina.com enterradas.protexargentina.com allo-telephone-boulogne.fr ornfieldsuite.xyz www.asalicapital.co.za profsharemarketresearch.com cpcontacts.profsharemarketresearch.com cpcalendars.profsharemarketresearch.com www.profsharemarketresearch.com mt-gramkr.com watchfullmovies.space 757homeloans.com backmitecademo.ml www.mt-gramkr.com.cdn.cloudflare.net slacklineinternational.org fires-cookers.co.uk conthotssabverccomp.tk gamesio.space wecookittakeaway.com www.wecookittakeaway.com lpoirtskaz.site dlearning.gr www.dlearning.gr cepdaibeverpackdo.tk xinmurolarestcols.tk ticrirohetacan.tk layracmopohader.tk www.detektiv-nn.ru detektiv-nn.ru mkbjabalpur.in www.growthlabs.cc growthlabs.cc cpcontacts.thekibocodereviews.org www.thekibocodereviews.org cpcalendars.thekibocodereviews.org jncnhtc.com www.kontrolnaja.xyz 54dfa8504e1e95357c2a96519880977b.monster melanie-lynskey-nude.top binvest.live nightrunner.cf www.gardenplans.net www.pelicangolf.com.au pelicangolf.com.au aria-aria-na.com train-spagat.online sounds4you.eu fitnessreceitas.com www.fitnessreceitas.com cpcontacts.fitnessreceitas.com cpcalendars.fitnessreceitas.com growthequityreport.com pendigacitjote.tk seotubepro.website websitehostingpakistan.com vistawestproperties.com smvape.net ningnewsrimehelp.tk tembicytachimel.ga auezhiznivoram.xyz humansciencenews.club hhav83.com acaninve.tk hucimunijuf.ml leistilsinggiftdist.tk enepongloomandres.tk guyperliatervosi.cf emails.adr-int.com em.adr-int.com ealimentarium.ch w88nkx.tk comercial.personalizacursos.com hormigon.protexargentina.com extranet.protexargentina.com plantas.protexargentina.com protexargentina.com sincbiburbfoltingmo.ga odermf.com netclubzi.cf literatureclub.online lms.srvticket.co shop.annemettevoss.dk eyxqxk.cn tpagobgreenout.ga borjo5mar.xyz anrenicore.tk gluclutanlingti.ml asmosinerrei.ga icarparjapa.tk eurocitrus.it ovnaniracersa.tk theojoursamul.tk zaitecenli.tk you2views.com test-env-wk.de syfeavamaluft.tk dragoerungdomsskole.dk higiban.com.br chronicbuddha.io cnshengbo.com liamorgimcmen.ga gndivxnv.icu izemywar.tk alitewezuv.tk srvticket.co koinpokers888.com gradamatchap.tk zoo.wtf directpharmasales.com inmarbuiriobladta.tk enficalcor.tk kontrolnaja.xyz gatofledipo.ml discfreelophresec.tk gleanajpulbandro.cf cacecarcont.tk inskill.ru swarunlavi.tk azttcucp.cn oldcam.aprclient.com inetzofoberf.tk yqykiwawyk.ml unsomis.cf eqinoceya.ga ciehaiperrenic.tk wx.bi78.com cardulidype.tk handvaltihorhe.tk www.i9jv0yfuweb.xyz norbersmar.ml tyqosapusuxy.tk drepat.space betsumaeno.tk myeastudio.com bbjxbj.vip adr-int.com gardenplans.net pidiwosade.gq rigupojy.ml tulis.us niaperhellhis.tk uhyxekyzedir.tk horange.top olofodydug.cf mysteryart.nl bi78.com oodfndc.tk imesezfenneu.gq ringfranerizne.tk bonsbihecorbi.ga hlb24.xyz lahyjide.ga ewegumoqit.tk chaucaycanh.net uwigumazuyicu.tk vickiaugustine.com niuav27.com beaconwealthmanagement.com rencoontres.com democraticpeoplecominfo.ga video-etailing.com gresish.cf vecgeliastag.gq andreanieves.com netract.xyz marniworkcicompou.ga megapersonals1.com hypernetplus.com svarka-piter.tk www.empirerugcleaning.com stm-c.com www.f-11.it.cdn.cloudflare.net asalicapital.co.za wesocioo.com algonquinsports.org rjsenang.live vh6h666hb.com admin.wadzee.asportnoy.com chumma.dev cznovinky.fun trezorseries.space grandesconcursos.com.br www.plumeiptv.com plumeiptv.com ecpproduct.com www.globalpilote.com a-snag-intl-cloud-computing.zone roscbrewhenovmencess.tk yourbigpictures.com www.yourbigpictures.com www.annemettevoss.dk annemettevoss.dk kongtorrent9.space yournewgift9.casa na18.ru cpcalendars.skoomy.com cpcontacts.skoomy.com skoomy.com www.skoomy.com adidasultraboost.best redmondchristiancounseling.com pnd.one mylanados.gq balportsaddpropmab.ga cleaner2020.online www.cleaner2020.online www.rba.pl.cdn.cloudflare.net www.omni.com.pg cpcalendars.omni.com.pg cpcontacts.omni.com.pg cpcontacts.personalizacursos.com cpcalendars.personalizacursos.com javhduncensored.com piwinsofrcekarwa.tk laitroubgendotica.cf www.dentistainmilano.it.cdn.cloudflare.net scj6.top dunk11.ml cpcontacts.healingthroughcrystals.com www.healingthroughcrystals.com cpcalendars.healingthroughcrystals.com healingthroughcrystals.com cpcalendars.provinceespress.com cpcontacts.provinceespress.com designcult.com.br www.digimeme.com personalizacursos.com www.personalizacursos.com bcolak.com rierilesixti.ga www.weddingsolder.top weddingsolder.top courtycefetome.tk tlmagency.com pdpampulha.com www.pdpampulha.com.cdn.cloudflare.net kzzwhm.icu bankhoekhong.com xytmm.cn videosideasideas.cf cesparstibiterscomp.tk gliserpleathalac.tk 5i37.net recurrinetc.tk www.apple.zoo.wtf apple.zoo.wtf www.bonus.zoo.wtf bonus.zoo.wtf www.itunes.zoo.wtf itunes.zoo.wtf spotify.zoo.wtf www.spotify.zoo.wtf www.rss.zoo.wtf rss.zoo.wtf heartsteeling.dk bramasole-artesanosdelapizzamalaga.com www.meioambientebrasil.com.br.cdn.cloudflare.net meioambientebrasil.com.br gchzbgrs.icu slxey.cn kingarti.live grieffreak.aprclient.com tryhardik.eu brjxvgpy.icu rinkkomssesdi.tk www.cartenztactical.com cartenztactical.com journeysacademy.org 322an.com acorma.tk nnvzmgj.cn www.youcanexpandyourmind.com youcanexpandyourmind.com tiodimerlowalkro.tk dating-easy.ga ruptnetpa.gq www.downtowngrillemenu.com downtowngrillemenu.com

Malware Detected on Host

Count: 5 768e4c95d3690c90a86e6333a044abab734319bd43670e665ea2319521bacf0a a0c4cdaad3fc2bc598d76463b7634057141d27a4a8cd0f8fcc074fb5069abbd3 7d025f1f4bf71329fa27d5145e830d96712e274c9a238e63e9ddc93883c5f4e6 97e5b2325ff900bee2c059cacac0285911e0eb0d4adc100e08b05cec6191f90b 2d6fd2281b4c3b33f0687ca358211a8e0d48eca5eee070acb2767b9477c79088

Disclaimer

This page contains threat intelligence information for the IPv4 address 104.18.40.240 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.