104.18.7.41 Threat Intelligence and Host Information

General

This page contains threat intelligence information for the IPv4 address 104.18.7.41 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Possibly Malicious Host 🟢 10/100

Host and Network Information

• View other sources: Spamhaus VirusTotal

• Country:
• Network:
• Noticed: 1 times
• Protocols Attacked: Anonymous Proxy
• Passive DNS Results: stage-accounts.avanquest.com goloopnews.com coaching24.de attrademusic.fi sch-dxctayligitns6k8prod-slot.paastest.epimore.com 57lsj4ak.com vpnmax2.shop chicbagsindia.com live.kh.malimarcdn.com www.sofigamechangers.com moneypit.dev qa-dk-zdi-testfbmvp-21944-fixfailingtest.az.ssdgws.co.uk sofigamechangers.com qa-no-yx5-fbmvp-21592-addgtmscripts.az.ssdgws.co.uk bsn.study.evidation.com bsn.manager.evidation.com homevaultdeals.com fff-tavarezpg.com cheesecake.com smps-prod.study.evidation.com qa-ca-ot6-apd-3939-enableimplicitdenylog.az.ssdgws.co.uk www.totalethiopia.com frontnnet2.xyz api-gw.avanquest.com jiliapp77.me qti.avanquest.com avqgate.avanquest.com avqtools.avanquest.com www.polkaudio.com stage-avqservice.avanquest.com avqservice.avanquest.com stage-api-feedback.avanquest.com api-feedback.avanquest.com huglittle.com www.redeemsurvey.com redeemsurvey.com www.shipandsave.com www.tw-bestprize-54.com referral.lumihealth.sg pascal-admin.evidation.com cor.study.evidation.com vipxkz.shop services.avanquest.com webtools.avanquest.com flukesnowssh.online webapp.foodpanda.sg easysnowssh.cloud aceitedigital.vivo.com.br.cdn.cloudflare.net api-equipamentos.vivo.com.br backoffice-equipamentos.vivo.com.br iaweb1.com dev.produitsrefresh.ca support.lumihealth.evidation.com siscom.vivo.com.br inte.ifminvestors.com api.vivo.com.br accounts.avanquest.com meuvivoapp.vivo.com.br serpro.vivo.com.br qa-nl-k8r-cmsrd-886-preview-changes.az.ssdgws.co.uk meuvivoempresas.vivo.com.br meuvivoempresas.vivo.com.br.cdn.cloudflare.net api04.digital.vivo.com.br www.nieuwe-casinos.com study-manager.evidation.com sgoe-esteira.vivo.com.br spdt.vivo.com.br author.vivotech.vivo.com.br vivotech.vivo.com.br perf-test-rds-prt-1071-1.auth0c.com wt.perf-test-rds-prt-1071-1.auth0c.com edge.tenants.perf-test-rds-prt-1071-1.auth0c.com qa-gb-pwc-apd-1870-addfunctionsfolder.az.ssdgws.co.uk beneficios.vivo.com.br unitedforair.in lyraasesores.biz go.evidation.com pascal.evidation.com conexaopessoasqa.vivo.com.br conexaopessoas.vivo.com.br online2.vivo.com.br nieuwe-casinos.com atendimento.vivo.com.br hansel-dev.manager.evidation.com eas16.gestaocontactcenter.vivo.com.br eas2.gestaocontactcenter.vivo.com.br eas17.gestaocontactcenter.vivo.com.br eas14.gestaocontactcenter.vivo.com.br eas11.gestaocontactcenter.vivo.com.br eas10.gestaocontactcenter.vivo.com.br eas12.gestaocontactcenter.vivo.com.br eas1.gestaocontactcenter.vivo.com.br gestaocontactcenter.vivo.com.br eas18.gestaocontactcenter.vivo.com.br eas9.gestaocontactcenter.vivo.com.br eas3.gestaocontactcenter.vivo.com.br eas20.gestaocontactcenter.vivo.com.br eas5.gestaocontactcenter.vivo.com.br eas8.gestaocontactcenter.vivo.com.br eas15.gestaocontactcenter.vivo.com.br eas13.gestaocontactcenter.vivo.com.br eas19.gestaocontactcenter.vivo.com.br eas4.gestaocontactcenter.vivo.com.br eas7.gestaocontactcenter.vivo.com.br eas6.gestaocontactcenter.vivo.com.br sk.pi.evidation.com sherlock-dev.study.evidation.com api.pi.evidation.com salt.evidation.com www.foodpanda.sg sk.qa.pi.evidation.com sk.dev.pi.evidation.com hansel-dev.study.evidation.com thehindugroup.com.cdn.cloudflare.net vigia.vivo.com.br legado.vivo.com.br lojaempresas-qa.vivo.com.br b2pro.w2m.travel digitaldelivery.vivo.com.br.cdn.cloudflare.net api.lumihealth.evidation.com api.stage.lumihealth.evidation.com support.stage.lumihealth.evidation.com sk.lumihealth.evidation.com snow.vivo.com.br oakhill.voh.mobilityauthority.com qa-au-rc6-fixapd-1193-v2resolveerrorswit.az.ssdgws.co.uk cellulant.com www.thehindugroup.com sk.beta.pi.evidation.com wt.test-aws-harsh-bluejay-5319.auth0c.com edge.tenants.test-aws-harsh-bluejay-5319.auth0c.com test-aws-harsh-bluejay-5319.auth0c.com sgrs.vivo.com.br nms-03-dc1.cellulant.com prod.183a.voh.mobilityauthority.com store.vivo.com.br.cdn.cloudflare.net vivovendas.vivo.com.br www.appstore.vivo.com.br api.dev.pi.evidation.com patientconversation.evidation.com scribe-qa.evidation.com pascal-dev.evidation.com pascal-stage.evidation.com gorilla.evidation.com extranet.vivo.com.br oauthtv.vivo.com.br direitoadevolucao.vivo.com.br mapadecobertura.vivo.com.br web-aceitedigital.vivo.com.br scribe-alpha.bsn.evidation.com sigitm.vivo.com.br sigitm3.vivo.com.br www.kapitalrs.com.cdn.cloudflare.net support.beta.lumihealth.evidation.com api.beta.lumihealth.evidation.com sk.beta.lumihealth.evidation.com qa-gb-ydh-mcl-589-topupnosoln.az.ssdgws.co.uk planosempresas.vivo.com.br planosempresas-hml.vivo.com.br efika.vivo.com.br prod.dev.mobilityauthority.com prod.staging.mobilityauthority.com vivocorp-parceiro.vivo.com.br vivo360.vivo.com.br atendimentoonline.vivo.com.br hovestreet.com www.hovestreet.com images.racetrackcentral.com honest1sancarlos.com lojaempresas-hml.vivo.com.br easy.vivo.com.br portaljud2.vivo.com.br rotkalk.de www.cellulant.com portaldeassinaturas.vivo.com.br portaldegovernancadocumental.vivo.com.br magazine.foodpanda.sg flow-stage.rmg.evidation.com backoffice-equipamentos01.vivo.com.br equipamentos01.vivo.com.br transmissionhero.com portalsmartgerencia.vivo.com.br personalize.vivo.com.br terms.foodpanda.sg assine.vivo.com.br.cdn.cloudflare.net flow.rmg.evidation.com meuvivofixo.vivo.com.br development.scott-bros.com protecao.vivo.com.br meuvivofixoapp.vivo.com.br b2dmc.w2m.travel.cdn.cloudflare.net compre.vivo.com.br joguejunto.vivo.com.br vivovantagens.vivo.com.br vpoweb.vivo.com.br widgetpre.redesegura.vivo.com.br carrinho-pos-familia.vivo.com.br omio.se www.omio.se dev.paytoll.mobilityauthority.com scribe.bsn.evidation.com ablink.rider.foodpanda.sg url3116.mail.foodpanda.sg www.partner.foodpanda.sg foodpanda.sg ablink.info.foodpanda.sg ablink.mail.foodpanda.sg mopac-south.voh.mobilityauthority.com 290130.voh.mobilityauthority.com 183a.voh.mobilityauthority.com qa-ie-nej-fbmvp-11297-addvuestoremockdat.az.ssdgws.co.uk backdmc.w2m.travel.cdn.cloudflare.net staging.mobilityauthority.com dad5779782845be4a19e4f9fd2e38db6.mail.mobilityauthority.com dev.mobilityauthority.com www.mobilityauthority.com review.mobilityauthority.com www.restaurant.foodpanda.sg voh.mobilityauthority.com qa-ca-x7c-caecom-4790-paidstate.az.ssdgws.co.uk qa-dk-fhf-caecom-4526-addedadditionalhea.az.ssdgws.co.uk mobilityauthority.com flexispot.kr analytics.wavelz.com h345g.com itw2m.w2m.travel inte-eu.daleofnorway.com hubfs.origin.hubspotstarter-h6-eu1.net snack.expo.dev cdp.expo.dev occasionhandel.com soc2.expo.dev staging-eas-build.expo.dev new-staging-apple-profile.expo.dev new-apple-profile.expo.dev eas-submit.expo.dev eas-build.expo.dev cflare.shop.bigbazaar.com b2dmc.w2m.travel imgdmc.w2m.travel backdmc.w2m.travel comparativas.w2m.travel gsa.w2m.travel hotelservices.w2m.travel reservasb2pro.w2m.travel backpro.w2m.travel evread9.net supply.ripcurl.com jamieoliverspizzeria.qa staging.expo.dev staging-apple-profile.expo.dev expo.dev stage.jamieoliversdiner.com www.chequerlane.com in.jamieoliverspizzeria.com www.daleofnorway.com us.daleofnorway.com prod-us.daleofnorway.com ca.daleofnorway.com staging-api.expo.dev prod-ca.daleofnorway.com prep-ca.daleofnorway.com test.giddir.se dev.giddir.se api.expo.dev eu.daleofnorway.com www.jamieoliverspizzeria.qa hu.jamieoliverspizzeria.com shipandsave.com no.daleofnorway.com www.neurologyadvisor.com prod.daleofnorway.com prod-eu.daleofnorway.com prod-no.daleofnorway.com staging-u.expo.dev cl-preview.jamieoliver-rg.com andorra21ports.com apple-profile.expo.dev prep-eu.daleofnorway.com www.keo168.com product.migration4.comventure.de order-mgmt.development4.comventure.de web.development4.comventure.de shop.migration4.comventure.de product.development4.comventure.de web.migration4.comventure.de checkout.development4.comventure.de app.development4.comventure.de order-mgmt.migration4.comventure.de shop.development4.comventure.de app.migration4.comventure.de checkout.migration4.comventure.de www.swegon.co.uk loyalty-partners.at www.jamiesitalian.no www.jamiesitalian.ru keo168.com www.jamiesitalian.com.cy live9.evread9.net inte-no.daleofnorway.com prep-us.daleofnorway.com prep-no.daleofnorway.com inte-us.daleofnorway.com www.jamiesitalian.is www.jamiesitalian.sg www.jamiesitalian.com.br vacationsbylaurie.com italian-stage.jamieoliver-rg.com www.jamiesitalian.in beta.og21.no www.og21.no inte.daleofnorway.com prep.daleofnorway.com t.hubspotstarter-h6-eu1.net u.expo.dev www.umi.com www.jamieoliversdiner.com.cy ae.jamieoliverspizzeria.com www.jamieoliverspizzeria.com pt.jamieoliverspizzeria.com au.jamieoliverspizzeria.com www.kystognaturturisme.dk cw.shipandsave.com staging-updates.expo.dev AutoDiscover.resnickfamilyoffice.com stage.jamieoliver-rg.com zapp-recipes.jamieoliver-rg.com solarcreations.net us-south.wh-vba.watson-health.ibm.com wh-vba.watson-health.ibm.com jamieoliver-rg.com tokenisation-services.de steelpacific.com www.og21.no.cdn.cloudflare.net kitchen-stage.jamieoliver-rg.com www.kystognaturturisme.dk.cdn.cloudflare.net cflare-assets.shop.bigbazaar.com.cdn.cloudflare.net cflare.shop.bigbazaar.com.cdn.cloudflare.net test.shop.bigbazaar.com.cdn.cloudflare.net empben.com gmslots24.online importautorepairs.com casinoslots500.com integritytransmission.net italian.jamieoliver-rg.com kitchen.jamieoliver-rg.com ji-au-stage.jamieoliver-rg.com beta.og21.no.cdn.cloudflare.net www.jamieoliver-rg.com cdn-stage.jamieoliver-rg.com cdn.jamieoliver-rg.com www.swegon.co.uk.cdn.cloudflare.net 711za.com totalethiopia.com

Malware Detected on Host

Count: 18 842847f1f3da6ca6240c612a17e0df71934b69f1faaef9059e2d9b4495e79691 45f6b396045c9ea2bddf669f0f4d1408fd55734ef31cdfc2c1c4c7d3fd052e38 0ee5bc8f00c22f021a77ca2133c448e2fc0b09fe84ddf2b28c6759173e00b5cd 260e1c8136fb6f6ebcfeb461405a1428f1aaa8fc8f8ba7ee7cd148e8ad84b15d 94c182655621f2cc2956f7f9a3f9eca53f0f1389b95f05e2ea384a3470cae036 8a1fe2712d24a951ded9db0c1a5404bb306cc7f5a5e450c38aaf7fc8d79040d6 d983479c248295bbef3e26e7aa014d41a2f66c0b737b324fa55279913567c94b 4c564245b5a2a7d39adf25579f4b5c4b5043d4444fd4c668c4eac508b38469f5 2dd85be021b68c0f3257be3ee18ca95a36f65277aed32b8852bbba46a9302cf1 819a32fb6cf2b27ca0aea1bb9addbbbdb655c29ad028a52d8671d9b593fe100f

Open Ports Detected

2052 2082 2083 2086 2087 443 80 8080 8443 8880

Map

Whois Information

• NetRange: 104.16.0.0 - 104.31.255.255
• CIDR: 104.16.0.0/12
• NetName: CLOUDFLARENET
• NetHandle: NET-104-16-0-0-1
• Parent: NET104 (NET-104-0-0-0-0)
• NetType: Direct Allocation
• OriginAS: AS13335
• Organization: Cloudflare, Inc. (CLOUD14)
• RegDate: 2014-03-28
• Updated: 2024-09-04
• Comment: All Cloudflare abuse reporting can be done via https://www.cloudflare.com/abuse
• Comment: Geofeed: https://api.cloudflare.com/local-ip-ranges.csv
• Ref: https://rdap.arin.net/registry/ip/104.16.0.0
• OrgName: Cloudflare, Inc.
• OrgId: CLOUD14
• Address: 101 Townsend Street
• City: San Francisco
• StateProv: CA
• PostalCode: 94107
• Country: US
• RegDate: 2010-07-09
• Updated: 2024-11-25
• Ref: https://rdap.arin.net/registry/entity/CLOUD14
• OrgTechHandle: ADMIN2521-ARIN
• OrgTechName: Admin
• OrgTechPhone: +1-650-319-8930
• OrgTechEmail: rir@cloudflare.com
• OrgTechRef: https://rdap.arin.net/registry/entity/ADMIN2521-ARIN
• OrgAbuseHandle: ABUSE2916-ARIN
• OrgAbuseName: Abuse
• OrgAbusePhone: +1-650-319-8930
• OrgAbuseEmail: abuse@cloudflare.com
• OrgAbuseRef: https://rdap.arin.net/registry/entity/ABUSE2916-ARIN
• OrgRoutingHandle: CLOUD146-ARIN
• OrgRoutingName: Cloudflare-NOC
• OrgRoutingPhone: +1-650-319-8930
• OrgRoutingEmail: noc@cloudflare.com
• OrgRoutingRef: https://rdap.arin.net/registry/entity/CLOUD146-ARIN
• OrgNOCHandle: CLOUD146-ARIN
• OrgNOCName: Cloudflare-NOC
• OrgNOCPhone: +1-650-319-8930
• OrgNOCEmail: noc@cloudflare.com
• OrgNOCRef: https://rdap.arin.net/registry/entity/CLOUD146-ARIN
• RTechHandle: ADMIN2521-ARIN
• RTechName: Admin
• RTechPhone: +1-650-319-8930
• RTechEmail: rir@cloudflare.com
• RTechRef: https://rdap.arin.net/registry/entity/ADMIN2521-ARIN
• RAbuseHandle: ABUSE2916-ARIN
• RAbuseName: Abuse
• RAbusePhone: +1-650-319-8930
• RAbuseEmail: abuse@cloudflare.com
• RAbuseRef: https://rdap.arin.net/registry/entity/ABUSE2916-ARIN
• RNOCHandle: NOC11962-ARIN
• RNOCName: NOC
• RNOCPhone: +1-650-319-8930
• RNOCEmail: noc@cloudflare.com
• RNOCRef: https://rdap.arin.net/registry/entity/NOC11962-ARIN

Links to attack logs

anonymous-proxy-ip-list-2025-06-21