104.18.40.91 Threat Intelligence and Host Information

General

This page contains threat intelligence information for the IPv4 address 104.18.40.91 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Possibly Malicious Host 🟢 10/100

Host and Network Information

• View other sources: Spamhaus VirusTotal
• Contained within other IP sets: hphosts_psh

• Country:
• Network:
• Noticed: 1 times
• Protocols Attacked: Anonymous Proxy
• Passive DNS Results: duckappaftership.returnscenter.com guesswatches.returnscenter.com dev.return.americantrucks.com trymeshopcom.returnscenter.com returns.absolutefoxx.com unidep.edu.br temp-accountstest.aon.it returns.granitestone.com registrar.education-perf.wiley.com returnscenter.com dev.dol.herz-hirn-allianz.de merchmecca.returnscenter.com returns.prowoodmarket.com thealleyonlinez.returnscenter.com qa.orders.americantrucks.com forge.returnscentre.com edpub-authentication-service.education-perf.wiley.com returns.glamourmirrors.co.uk referrals.optum.com login.education-perf.wiley.com login.education-perf.wiley.com.cdn.cloudflare.net bigwnonprod.returnscenter.com returns.tasteeshop.com goodrreturnusa.returnscenter.com americantrucks.com orders.americantrucks.com retrospekt.returnscenter.com returns.crunchi.com oauth2.americantrucks.com returns.srface.com returns.christyhome.com cpimage.americantrucks.com monomishop.returnscenter.com mulberrythreads.returnscenter.com returns.minkpink.com withharperlu.returnscenter.com resource.education-perf.wiley.com processworld.emerson.com returns.touchupdirect.com lti.education-perf.wiley.com fab.qa-fi-luc-main.az.ssdgws.co.uk owusa.returnscenter.com schenleytech.returnscenter.com staging.americantrucks.com qa-au-d70-testfbmvp-25289-datalayerunsor.az.ssdgws.co.uk dev.orders.americantrucks.com dev-service-api.americantrucks.com corsair.returnscenter.com belmetricaftershipqs.returnscenter.com images.americantrucks.com keylessaccesslocks.returnscenter.com 24d55d2.returnscenter.com tristanstyle.returnscenter.com fmtcom.returnscenter.com k2874l.com mock65-az.thewhitehartpool.co.uk returns.hovrbracketsystem.com staging-api.americantrucks.com returns.koihappiness.com returns.kasaustralia.com getglowing.returnscenter.com buckssurfshop.returnscenter.com everythingcanam.returnscenter.com returns.hottubchemicals.ca toothlet.returnscenter.com compressionhealth.returnscenter.com drtn.ca europolene.returnscenter.com elgato.returnscenter.com karenkane.returnscenter.com returns.lifeofthepartystore.com guides.americantrucks.com advantage-nextgen.apac-stg.aon.com extremedates.com module.education-perf.wiley.com www.thewhitehartpool.co.uk ews-public-devint.fip.dev.finra.org api.americantrucks.com qa-api.americantrucks.com dev-api.americantrucks.com stucen.nl prod65-az.thewhitehartpool.co.uk stage65-az.thewhitehartpool.co.uk thewhitehartpool.co.uk edpub-account-service.education-perf.wiley.com edpub-entitlement-service.education-perf.wiley.com www.americantrucks.com lp.samuraiclick.com education-perf.wiley.com my.mbot.me prod-epi.lgima.com checkout.education-perf.wiley.com edpub-addtocart-service.education-perf.wiley.com myaccount.education-perf.wiley.com carinsurancequotes-now.com sso.lenovo.com r2.americantrucks.com periodicos.unidep.edu.br m.jwapp365.com www.betmnl.net r.carinsurancequotes-now.com pierregarniermusique.fr una.financial www.kappakappagamma.org loadtest.janssenselect.com uat.janssenselect.com edpub-enrollment-service.education-perf.wiley.com affinity.tryg.com sageimmobilisations.net prod.gardeners.com janssenselect.com www.janssenselect.com sitrcmsliprep4.paastest.co.uk sitrcmsliprep3.paastest.co.uk www.unidep.edu.br www.extremedates.com dev.sso.lenovo.com us.sso.lenovo.com cn.sso.lenovo.com neoexecutive.ltd www.neoexecutive.ltd repos.azul.com r2test.azul.com api.azul.com bifrost.azul.com cdn.azul.com www.abriggs.com abriggs.com dashboard.iad03-test.k8s.run azul.com www.azul.com dashboard.iad02.k8s.run prodlogin-helper.iad03.k8s.run rainmaker.fra04.k8s.run dashboard.iad03.k8s.run homerunbet.net dashboard.fra04.k8s.run prodlogin-helper.iad02.k8s.run dashboard.fra03.k8s.run amandaocean2.com foreman.iad02.k8s.run foreman.fra03.k8s.run foreman.fra04.k8s.run foreman.iad03.k8s.run totalinelabel.com www.glaucomainfo.com crowdpay.autobooking-dev.skypicker.com api.aurorapush.cc ytbetapafound.tk www.ay-shaparak.tk ay-shaparak.tk fortuneclock-171.ru qualifyexcellentexemplary.top k9shop.ch bookmyveg.com nusphovi.ml ruigauvesci.tk www.festivalpuja.com viwebspat.tk www.baksteen.sk baksteen.sk fencelevigticont.tk parentcreativeyeve.cyou tryketohealth.com prosveskohuancya.tk stercutesmo.ga srmaojbb.tk alcarseutful.tk lidoramobokme.gq ensienisib.tk doulisbi.tk consjaderocherm.tk surffertemi.tk batmedextro.tk barbychan.tk julieraeengelsman.xyz liopredelca.ga demo.wyldcode.com postmullearnnylobuchs.tk www.woundedwarriorhomes.org niscemilnewssel.tk www.princesselitewholsale.club volkphobu.tk www.painfreediett.com painfreediett.com motercvalan.gq repnahamici.ga urbanwoodworksltd.com top-vipvip.com iasvending.com wsoslptr.store thecargo.trade www.kleinburgclinic.ca pockgoldconsacycbi.tk eventfrachter.de adaleccide.tk theradoub.tk siodunivasa.gq garrokezim.tk www.vistasonthepark.com burghyticamanpe.tk 7876876.com isindetursi.gq theartnews.site nettlucwithd.tk cylilibefother.tk kaufassmider.ml comgyzsgang.tk thenorthfacenz.com fluclersminihy.gq pertvebevetake.tk adytrearmers.tk taidadunacar.tk rebarcad.com phdinteriors.co wendroffcanarsie.fun ministry-of-massage.com rentlangmaxcadisp.gq shopapi.wyldcode.com thingcocessvidrano.tk tha58game.com www.asestetika.si asestetika.si zwlvx.shop clavnirema.tk propunojimmoiweck.tk marfy4.ga brandoffers.live healtket.tk dankomusic.ru allaboutdogs.site loginkxf.ml zzz167.com spbazanowice.pl usavitamines.cf vioreakcchennodeme.tk telfonda-ara.cf www.hd-smotri.org contirehorjepp.tk australianwildlife.com.au idcalaperdo.tk bridgingandcommercialdistributor.co.uk cpcontacts.bridgingandcommercialdistributor.co.uk cpcalendars.bridgingandcommercialdistributor.co.uk www.bridgingandcommercialdistributor.co.uk goenettarole.tk malolasersi.ga cpcontacts.australianwildlife.com.au cpcalendars.australianwildlife.com.au appserver.wyldcode.com www.ufnish.today ufnish.today 5jg3ka.com cioskipsotemuchre.ml www.englandpharmacy.co.uk happyroad.com.tw cpcontacts.briggsda.com cpcalendars.briggsda.com www.briggsda.com briggsda.com apadpanopest.tk wyldcode.com wamevolsu.ga compositedeckcleaner.com quarcontheatudingfu.tk princesselitewholsale.club www.buycialisnbv.com buycialisnbv.com store.ism-security.com fplay4.pw wpudnsm.pw eoc.me kleinburgclinic.ca englandpharmacy.co.uk keyvpn.io globalmobilelegends.com getemsigns.com.au www.getemsigns.com.au www.pokedeck.com.cdn.cloudflare.net www.banhbaoeabxx555.ml banhbaoeabxx555.ml torchwsyq.xyz kigc-exchange.com show.wholistique.com vrouwen-versieren-leren.nl tahirf.ru the-hunt.com hopgulum.cf www.whelholonrasumtha.tk derssericounttumo.ml ovskinpilghardknapgun.tk faurrilguntide.tk congpictoceso.ml eljomysninsdel.gq germany-site-partnersuche.buzz setbrilliant.com www.setbrilliant.com mienzzapizzagrill.com searfisipintorac.tk www.1012saddleback.com 1012saddleback.com sesirased.ml www.martinpatz.com martinpatz.com floasq.xyz k8mx6r.site lnstagram-copyright-notice-verify.ga ott.pink dayculisata.tk www.casualshoesonsale.co.uk casualshoesonsale.co.uk ilnoztofasxigon.ml winslynchgoggluslonggogg.ml bioprodasthrivinthed.tk tersfanelomdifi.tk www.aliceserrano.com.br cpcalendars.aliceserrano.com.br cpcontacts.aliceserrano.com.br festivalpuja.com pantofulmeu.ro www.kalerm.com.br schercanonremar.ga olnersaphylfo.ml whelholonrasumtha.tk najufixywykah.ga findgernails.tk ophtilungsenti.tk legowyla.cf www.my2424u.com.cdn.cloudflare.net abtx90x.com analob.gq zobo.fun exkyn.com.br cruntiogissades.cf vistasonthepark.com biamanetjackresu.tk hd-smotri.org dadehamooz.com emoftizhongni.cf jonathanhardwick.me www.jonathanhardwick.me quibaldahoge.ga www.chatamikos.com chatamikos.com www.greatbooksgreatminds.com greatbooksgreatminds.com bobby-samuel.com dacyclinu.com quisporalactech.tk stopabantai.gq wickpectapativa.ml cutabquitemge.ga cisyssuppfeb.tk cuaoarg.online firpadobiritu.tk tokosel.com dowtebuddvingpa.ml scarasoncom.tk berbhidelibu.ga formllenunchrisum.tk sampgelartenshol.tk www.cafetiere.org redminssysel.cf s3b6.com hatemdlindadest.ga funvilitigde.cf gothis-open.website caresynchfirmze.tk wzrxup.com pepmetecompvest.ml mcsxxe.icu 98080.net leyla.cf chairstairrepeat.buzz compdenkalam.ga friendsdare.online reagrlanandligh.tk provurirenla.tk rhkoxtools.gq worlhumbnise.gq godeschoti.tk mulheradmiravel.com www.mulheradmiravel.com ponphoruankingmima.ml www.hbv-vtconline.ga hbv-vtconline.ga 81bbd.com dragevdenahigh.tk reaunapahgho.tk seamecanqueta.tk lubewyqofev.tk dreambox.ml saychesire.gq imadylog.tk biorajolthodetr.cf ykdaawz.top consubsmagagu.tk nostglesovat.tk supplerare.tk erbreakcal.ml ateneelax.tk speksynchtuadacar.ga igrovie-avtomaty24-official.ru jkanime.su jackcothampprepti.tk asraste.tk navasistingver.tk tandheartlenslgatta.ml 5lf53.space gannordsyngua.gq desiphoto.ml urercakanpitt.ga xiqenidejufu.cf tiodimorwebsro.gq archivesphatpr.cf unaryfopen.tk gracnostroundcanta.tk aimvn.uk.com ofymelaj.tk uhynydybuqyj.ga spanmetburn.cf fcznamya.ru www.jkanime.su saktesa.gq liquadhowsdi.tk 10000juegos.com too-many-things.club houcalpievicom.tk icyfuryveduf.tk erefexim.tk ricy.me api.scoutingame.com goat22.pw www.goat22.pw prestoy.tk chenotycel.cf discsebarncidi.gq acsonrapicha.gq kovsredtiohisho.tk marpginstuagibpau.tk ulacafijit.tk bylygerapyza.ml b99odwy6cswcxck.xyz www.jcavery.com.cdn.cloudflare.net www.ecovillagedesign.se diasonik.pp.ua lugci.info www.postdune.com wecont.it habersiziz.com springmusicacademy.net ecovillagedesign.se ru-re.host tiedibecenrozhou.tk www.alfalyra.com alfalyra.com autocbdvape.com www.autocbdvape.com www.goodsn.pw goodsn.pw cbmktg.com cams4008tube.xyz automotiverepairpro.com p5020.site incestporngames.com hostelo.es acsolar.de kalerm.com.br haddonfieldorthodontics.com ramdoun.com ibet789.net www.ibet789.net franchise.remax.hu wepodluftpravmacc.tk cpcontacts.proserviceleads.com www.proserviceleads.com proserviceleads.com cpcalendars.proserviceleads.com igeorgy.ru liesv.com.br www.liesv.com.br.cdn.cloudflare.net subsudio.com bngsrch.com litbrecreanachraihu.tk giolanighracnedo.tk www.kdperde.com aliceserrano.com.br mfilmesonline.com riosmartadringres.tk ciemamdikungpic.tk do-pest-control-ok.live minisq.ru arisoninenom.ml work.martinpatz.com pranoterapia-ancona.com go-disability-scooter-medicaid-ok.live kanected.tv 515765.icu brilakerrolma.tk www.grendahuset.com

Malware Detected on Host

Count: 5 2b11a6f9ab936eb83a51e22d88e69470b9a1cda16d41acf27eb53534cdfeb313 b3f4d019853c18475cbc7e02f03834f8969f69e1f0e6cfc61d31b43817e8c115 c27ea82b490dbc1ee61a4fd05c59aaa809e1a7deb67a49bb156cde6f192b72ae 33fd5b049800a77007c72c14bd4f8f4b88cd4a691ddd956beace6b2d41c15ee1 ab8f98e87634d32a005f43a26cc2a2f0db086ed394eb5a4cc563aea59d059534

Open Ports Detected

2052 2082 2083 2086 2087 2095 443 80 8080 8443 8880

Map

Whois Information

• NetRange: 104.16.0.0 - 104.31.255.255
• CIDR: 104.16.0.0/12
• NetName: CLOUDFLARENET
• NetHandle: NET-104-16-0-0-1
• Parent: NET104 (NET-104-0-0-0-0)
• NetType: Direct Allocation
• OriginAS:
• Organization: Cloudflare, Inc. (CLOUD14)
• RegDate: 2014-03-28
• Updated: 2024-09-04
• Comment: All Cloudflare abuse reporting can be done via https://www.cloudflare.com/abuse
• Comment: Geofeed: https://api.cloudflare.com/local-ip-ranges.csv
• Ref: https://rdap.arin.net/registry/ip/104.16.0.0
• OrgName: Cloudflare, Inc.
• OrgId: CLOUD14
• Address: 101 Townsend Street
• City: San Francisco
• StateProv: CA
• PostalCode: 94107
• Country: US
• RegDate: 2010-07-09
• Updated: 2024-11-25
• Ref: https://rdap.arin.net/registry/entity/CLOUD14
• OrgNOCHandle: CLOUD146-ARIN
• OrgNOCName: Cloudflare-NOC
• OrgNOCPhone: +1-650-319-8930
• OrgNOCEmail: noc@cloudflare.com
• OrgNOCRef: https://rdap.arin.net/registry/entity/CLOUD146-ARIN
• OrgTechHandle: ADMIN2521-ARIN
• OrgTechName: Admin
• OrgTechPhone: +1-650-319-8930
• OrgTechEmail: rir@cloudflare.com
• OrgTechRef: https://rdap.arin.net/registry/entity/ADMIN2521-ARIN
• OrgAbuseHandle: ABUSE2916-ARIN
• OrgAbuseName: Abuse
• OrgAbusePhone: +1-650-319-8930
• OrgAbuseEmail: abuse@cloudflare.com
• OrgAbuseRef: https://rdap.arin.net/registry/entity/ABUSE2916-ARIN
• OrgRoutingHandle: CLOUD146-ARIN
• OrgRoutingName: Cloudflare-NOC
• OrgRoutingPhone: +1-650-319-8930
• OrgRoutingEmail: noc@cloudflare.com
• OrgRoutingRef: https://rdap.arin.net/registry/entity/CLOUD146-ARIN
• RTechHandle: ADMIN2521-ARIN
• RTechName: Admin
• RTechPhone: +1-650-319-8930
• RTechEmail: rir@cloudflare.com
• RTechRef: https://rdap.arin.net/registry/entity/ADMIN2521-ARIN
• RNOCHandle: NOC11962-ARIN
• RNOCName: NOC
• RNOCPhone: +1-650-319-8930
• RNOCEmail: noc@cloudflare.com
• RNOCRef: https://rdap.arin.net/registry/entity/NOC11962-ARIN
• RAbuseHandle: ABUSE2916-ARIN
• RAbuseName: Abuse
• RAbusePhone: +1-650-319-8930
• RAbuseEmail: abuse@cloudflare.com
• RAbuseRef: https://rdap.arin.net/registry/entity/ABUSE2916-ARIN

Links to attack logs

anonymous-proxy-ip-list-2025-10-20