104.18.6.41 Threat Intelligence and Host Information

General

This page contains threat intelligence information for the IPv4 address 104.18.6.41 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Possibly Malicious Host 🟢 10/100

Host and Network Information

• View other sources: Spamhaus VirusTotal

• Country:
• Network:
• Noticed: 1 times
• Protocols Attacked: Anonymous Proxy
• Passive DNS Results: stage-accounts.avanquest.com goloopnews.com coaching24.de attrademusic.fi sch-dxctayligitns6k8prod-slot.paastest.epimore.com 57lsj4ak.com chicbagsindia.com live.kh.malimarcdn.com www.sofigamechangers.com moneypit.dev qa-dk-zdi-testfbmvp-21944-fixfailingtest.az.ssdgws.co.uk sofigamechangers.com qa-no-yx5-fbmvp-21592-addgtmscripts.az.ssdgws.co.uk bsn.study.evidation.com bsn.manager.evidation.com homevaultdeals.com fff-tavarezpg.com cheesecake.com smps-prod.study.evidation.com qa-ca-ot6-apd-3939-enableimplicitdenylog.az.ssdgws.co.uk www.totalethiopia.com frontnnet2.xyz api-gw.avanquest.com jiliapp77.me qti.avanquest.com avqgate.avanquest.com avqtools.avanquest.com www.polkaudio.com stage-avqservice.avanquest.com avqservice.avanquest.com stage-api-feedback.avanquest.com api-feedback.avanquest.com huglittle.com www.redeemsurvey.com redeemsurvey.com www.shipandsave.com www.tw-bestprize-54.com referral.lumihealth.sg pascal-admin.evidation.com cor.study.evidation.com vipxkz.shop services.avanquest.com webtools.avanquest.com webapp.foodpanda.sg aceitedigital.vivo.com.br.cdn.cloudflare.net api-equipamentos.vivo.com.br backoffice-equipamentos.vivo.com.br iaweb1.com dev.produitsrefresh.ca support.lumihealth.evidation.com siscom.vivo.com.br inte.ifminvestors.com api.vivo.com.br accounts.avanquest.com meuvivoapp.vivo.com.br serpro.vivo.com.br qa-nl-k8r-cmsrd-886-preview-changes.az.ssdgws.co.uk meuvivoempresas.vivo.com.br meuvivoempresas.vivo.com.br.cdn.cloudflare.net api04.digital.vivo.com.br www.nieuwe-casinos.com study-manager.evidation.com sgoe-esteira.vivo.com.br spdt.vivo.com.br author.vivotech.vivo.com.br vivotech.vivo.com.br perf-test-rds-prt-1071-1.auth0c.com wt.perf-test-rds-prt-1071-1.auth0c.com edge.tenants.perf-test-rds-prt-1071-1.auth0c.com qa-gb-pwc-apd-1870-addfunctionsfolder.az.ssdgws.co.uk beneficios.vivo.com.br unitedforair.in lyraasesores.biz go.evidation.com pascal.evidation.com conexaopessoasqa.vivo.com.br conexaopessoas.vivo.com.br online2.vivo.com.br nieuwe-casinos.com atendimento.vivo.com.br hansel-dev.manager.evidation.com eas16.gestaocontactcenter.vivo.com.br eas2.gestaocontactcenter.vivo.com.br eas17.gestaocontactcenter.vivo.com.br eas14.gestaocontactcenter.vivo.com.br eas11.gestaocontactcenter.vivo.com.br eas10.gestaocontactcenter.vivo.com.br eas12.gestaocontactcenter.vivo.com.br eas1.gestaocontactcenter.vivo.com.br gestaocontactcenter.vivo.com.br eas18.gestaocontactcenter.vivo.com.br eas9.gestaocontactcenter.vivo.com.br eas3.gestaocontactcenter.vivo.com.br eas20.gestaocontactcenter.vivo.com.br eas5.gestaocontactcenter.vivo.com.br eas8.gestaocontactcenter.vivo.com.br eas15.gestaocontactcenter.vivo.com.br eas13.gestaocontactcenter.vivo.com.br eas19.gestaocontactcenter.vivo.com.br eas4.gestaocontactcenter.vivo.com.br eas7.gestaocontactcenter.vivo.com.br eas6.gestaocontactcenter.vivo.com.br sk.pi.evidation.com sherlock-dev.study.evidation.com api.pi.evidation.com salt.evidation.com www.foodpanda.sg sk.qa.pi.evidation.com sk.dev.pi.evidation.com hansel-dev.study.evidation.com thehindugroup.com.cdn.cloudflare.net vigia.vivo.com.br legado.vivo.com.br lojaempresas-qa.vivo.com.br b2pro.w2m.travel digitaldelivery.vivo.com.br.cdn.cloudflare.net api.lumihealth.evidation.com api.stage.lumihealth.evidation.com support.stage.lumihealth.evidation.com sk.lumihealth.evidation.com snow.vivo.com.br oakhill.voh.mobilityauthority.com qa-au-rc6-fixapd-1193-v2resolveerrorswit.az.ssdgws.co.uk cellulant.com www.thehindugroup.com sk.beta.pi.evidation.com wt.test-aws-harsh-bluejay-5319.auth0c.com edge.tenants.test-aws-harsh-bluejay-5319.auth0c.com test-aws-harsh-bluejay-5319.auth0c.com sgrs.vivo.com.br nms-03-dc1.cellulant.com prod.183a.voh.mobilityauthority.com store.vivo.com.br.cdn.cloudflare.net vivovendas.vivo.com.br www.appstore.vivo.com.br api.dev.pi.evidation.com patientconversation.evidation.com scribe-qa.evidation.com pascal-dev.evidation.com pascal-stage.evidation.com gorilla.evidation.com extranet.vivo.com.br oauthtv.vivo.com.br direitoadevolucao.vivo.com.br mapadecobertura.vivo.com.br web-aceitedigital.vivo.com.br scribe-alpha.bsn.evidation.com sigitm.vivo.com.br sigitm3.vivo.com.br www.kapitalrs.com.cdn.cloudflare.net support.beta.lumihealth.evidation.com api.beta.lumihealth.evidation.com sk.beta.lumihealth.evidation.com qa-gb-ydh-mcl-589-topupnosoln.az.ssdgws.co.uk planosempresas.vivo.com.br planosempresas-hml.vivo.com.br efika.vivo.com.br prod.dev.mobilityauthority.com prod.staging.mobilityauthority.com vivocorp-parceiro.vivo.com.br vivo360.vivo.com.br atendimentoonline.vivo.com.br hovestreet.com www.hovestreet.com images.racetrackcentral.com honest1sancarlos.com lojaempresas-hml.vivo.com.br easy.vivo.com.br portaljud2.vivo.com.br rotkalk.de www.cellulant.com portaldeassinaturas.vivo.com.br portaldegovernancadocumental.vivo.com.br magazine.foodpanda.sg flow-stage.rmg.evidation.com backoffice-equipamentos01.vivo.com.br equipamentos01.vivo.com.br transmissionhero.com portalsmartgerencia.vivo.com.br personalize.vivo.com.br terms.foodpanda.sg assine.vivo.com.br.cdn.cloudflare.net flow.rmg.evidation.com meuvivofixo.vivo.com.br development.scott-bros.com protecao.vivo.com.br meuvivofixoapp.vivo.com.br b2dmc.w2m.travel.cdn.cloudflare.net compre.vivo.com.br joguejunto.vivo.com.br vivovantagens.vivo.com.br vpoweb.vivo.com.br widgetpre.redesegura.vivo.com.br carrinho-pos-familia.vivo.com.br omio.se www.omio.se dev.paytoll.mobilityauthority.com scribe.bsn.evidation.com ablink.rider.foodpanda.sg url3116.mail.foodpanda.sg www.partner.foodpanda.sg foodpanda.sg ablink.info.foodpanda.sg ablink.mail.foodpanda.sg mopac-south.voh.mobilityauthority.com 290130.voh.mobilityauthority.com 183a.voh.mobilityauthority.com qa-ie-nej-fbmvp-11297-addvuestoremockdat.az.ssdgws.co.uk backdmc.w2m.travel.cdn.cloudflare.net staging.mobilityauthority.com dad5779782845be4a19e4f9fd2e38db6.mail.mobilityauthority.com dev.mobilityauthority.com www.mobilityauthority.com review.mobilityauthority.com www.restaurant.foodpanda.sg voh.mobilityauthority.com qa-ca-x7c-caecom-4790-paidstate.az.ssdgws.co.uk qa-dk-fhf-caecom-4526-addedadditionalhea.az.ssdgws.co.uk mobilityauthority.com flexispot.kr analytics.wavelz.com h345g.com itw2m.w2m.travel inte-eu.daleofnorway.com hubfs.origin.hubspotstarter-h6-eu1.net snack.expo.dev cdp.expo.dev occasionhandel.com soc2.expo.dev staging-eas-build.expo.dev new-staging-apple-profile.expo.dev new-apple-profile.expo.dev eas-submit.expo.dev eas-build.expo.dev cflare.shop.bigbazaar.com b2dmc.w2m.travel imgdmc.w2m.travel backdmc.w2m.travel comparativas.w2m.travel gsa.w2m.travel hotelservices.w2m.travel reservasb2pro.w2m.travel backpro.w2m.travel evread9.net supply.ripcurl.com jamieoliverspizzeria.qa staging.expo.dev staging-apple-profile.expo.dev expo.dev stage.jamieoliversdiner.com www.chequerlane.com in.jamieoliverspizzeria.com www.daleofnorway.com us.daleofnorway.com prod-us.daleofnorway.com ca.daleofnorway.com staging-api.expo.dev prod-ca.daleofnorway.com prep-ca.daleofnorway.com test.giddir.se dev.giddir.se api.expo.dev eu.daleofnorway.com www.jamieoliverspizzeria.qa hu.jamieoliverspizzeria.com shipandsave.com no.daleofnorway.com www.neurologyadvisor.com prod.daleofnorway.com prod-eu.daleofnorway.com prod-no.daleofnorway.com staging-u.expo.dev cl-preview.jamieoliver-rg.com andorra21ports.com apple-profile.expo.dev prep-eu.daleofnorway.com www.keo168.com product.migration4.comventure.de order-mgmt.development4.comventure.de web.development4.comventure.de shop.migration4.comventure.de product.development4.comventure.de web.migration4.comventure.de checkout.development4.comventure.de app.development4.comventure.de order-mgmt.migration4.comventure.de shop.development4.comventure.de app.migration4.comventure.de checkout.migration4.comventure.de www.swegon.co.uk loyalty-partners.at www.jamiesitalian.no www.jamiesitalian.ru keo168.com www.jamiesitalian.com.cy live9.evread9.net inte-no.daleofnorway.com prep-us.daleofnorway.com prep-no.daleofnorway.com inte-us.daleofnorway.com www.jamiesitalian.is www.jamiesitalian.sg www.jamiesitalian.com.br vacationsbylaurie.com italian-stage.jamieoliver-rg.com www.jamiesitalian.in beta.og21.no www.og21.no inte.daleofnorway.com prep.daleofnorway.com t.hubspotstarter-h6-eu1.net u.expo.dev www.umi.com www.jamieoliversdiner.com.cy ae.jamieoliverspizzeria.com www.jamieoliverspizzeria.com pt.jamieoliverspizzeria.com au.jamieoliverspizzeria.com www.kystognaturturisme.dk cw.shipandsave.com staging-updates.expo.dev AutoDiscover.resnickfamilyoffice.com stage.jamieoliver-rg.com zapp-recipes.jamieoliver-rg.com solarcreations.net us-south.wh-vba.watson-health.ibm.com wh-vba.watson-health.ibm.com jamieoliver-rg.com tokenisation-services.de steelpacific.com www.og21.no.cdn.cloudflare.net kitchen-stage.jamieoliver-rg.com www.kystognaturturisme.dk.cdn.cloudflare.net cflare-assets.shop.bigbazaar.com.cdn.cloudflare.net cflare.shop.bigbazaar.com.cdn.cloudflare.net test.shop.bigbazaar.com.cdn.cloudflare.net empben.com gmslots24.online importautorepairs.com casinoslots500.com integritytransmission.net italian.jamieoliver-rg.com kitchen.jamieoliver-rg.com ji-au-stage.jamieoliver-rg.com beta.og21.no.cdn.cloudflare.net www.jamieoliver-rg.com cdn-stage.jamieoliver-rg.com cdn.jamieoliver-rg.com www.swegon.co.uk.cdn.cloudflare.net 711za.com totalethiopia.com

Malware Detected on Host

Count: 13 1a4f512703c964c68236b6f7fd78e209ca726ee9d7fcdb5b5b4e11f90ff42866 2fa84b5b1ff9f9140b0f3de983dd062a7886e317a41affb417f4cabf5f490029 f9238b15b6e69258f383aad7869ecccba1d1611025a7c1eddec85ce4a5f77c7d d324655c3d6a386cbbcb345925ecbcd99781981f654fb0c67a4bc220957d5c0a dd5e762d19b4fdee2f2ece06cb4f8a37555762324f109209308a68c1ba276443 7f8cb80ccbd650ce0d699799314df2f9bc8ca393bac7f6f481c883fc69d986ee 0baec35391a99992bb4a103ca8fd4e268f5dae8c4b39cae3c808f4e7f36d5446 51baa1bc5ca7fc72452987b53c3a69fd0c6865c8085fc0f613f3f97dad0e2ed6 8b97aeaa81584edb4ce0283225892096f86a01a1b4b82fd714e995b00714e206 a7a2747e1208bec487763089e4d184f8bee8ffbe2ff8d357ce0ab224735ae95e

Open Ports Detected

2082 2083 2086 2087 2095 2096 443 80 8080 8443 8880

Map

Whois Information

• NetRange: 104.16.0.0 - 104.31.255.255
• CIDR: 104.16.0.0/12
• NetName: CLOUDFLARENET
• NetHandle: NET-104-16-0-0-1
• Parent: NET104 (NET-104-0-0-0-0)
• NetType: Direct Allocation
• OriginAS: AS13335
• Organization: Cloudflare, Inc. (CLOUD14)
• RegDate: 2014-03-28
• Updated: 2024-09-04
• Comment: All Cloudflare abuse reporting can be done via https://www.cloudflare.com/abuse
• Comment: Geofeed: https://api.cloudflare.com/local-ip-ranges.csv
• Ref: https://rdap.arin.net/registry/ip/104.16.0.0
• OrgName: Cloudflare, Inc.
• OrgId: CLOUD14
• Address: 101 Townsend Street
• City: San Francisco
• StateProv: CA
• PostalCode: 94107
• Country: US
• RegDate: 2010-07-09
• Updated: 2024-11-25
• Ref: https://rdap.arin.net/registry/entity/CLOUD14
• OrgNOCHandle: CLOUD146-ARIN
• OrgNOCName: Cloudflare-NOC
• OrgNOCPhone: +1-650-319-8930
• OrgNOCEmail: noc@cloudflare.com
• OrgNOCRef: https://rdap.arin.net/registry/entity/CLOUD146-ARIN
• OrgAbuseHandle: ABUSE2916-ARIN
• OrgAbuseName: Abuse
• OrgAbusePhone: +1-650-319-8930
• OrgAbuseEmail: abuse@cloudflare.com
• OrgAbuseRef: https://rdap.arin.net/registry/entity/ABUSE2916-ARIN
• OrgRoutingHandle: CLOUD146-ARIN
• OrgRoutingName: Cloudflare-NOC
• OrgRoutingPhone: +1-650-319-8930
• OrgRoutingEmail: noc@cloudflare.com
• OrgRoutingRef: https://rdap.arin.net/registry/entity/CLOUD146-ARIN
• OrgTechHandle: ADMIN2521-ARIN
• OrgTechName: Admin
• OrgTechPhone: +1-650-319-8930
• OrgTechEmail: rir@cloudflare.com
• OrgTechRef: https://rdap.arin.net/registry/entity/ADMIN2521-ARIN
• RNOCHandle: NOC11962-ARIN
• RNOCName: NOC
• RNOCPhone: +1-650-319-8930
• RNOCEmail: noc@cloudflare.com
• RNOCRef: https://rdap.arin.net/registry/entity/NOC11962-ARIN
• RAbuseHandle: ABUSE2916-ARIN
• RAbuseName: Abuse
• RAbusePhone: +1-650-319-8930
• RAbuseEmail: abuse@cloudflare.com
• RAbuseRef: https://rdap.arin.net/registry/entity/ABUSE2916-ARIN
• RTechHandle: ADMIN2521-ARIN
• RTechName: Admin
• RTechPhone: +1-650-319-8930
• RTechEmail: rir@cloudflare.com
• RTechRef: https://rdap.arin.net/registry/entity/ADMIN2521-ARIN

Links to attack logs

anonymous-proxy-ip-list-2025-06-21