104.18.8.167 Threat Intelligence and Host Information

General

This page contains threat intelligence information for the IPv4 address 104.18.8.167 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Potentially Malicious Host 🟡 32/100

Host and Network Information

• Tags: 152 x, aaaaa, adres ip, akamaias cdn, akamaias dht, amerykautahlehi, analiza wynikw, ascii, bezpieczestwo, bruteforcer, bv dht, center, chinypekin, cname, comcast7922, czas, cza typ, danych, dht idc, digicert, duplo, foxpro fpt, fuzhou, globalny ca, inc digicert, inny pierwszy, jork, joseusa, json, kalifornia, krajowe centrum, lake city, lokalizacja ip, los angeles, menem, mx a, mx ns, nazwa rekordu, phishing, plik, sha2 bezpieczny, singapur, soa srv, sqlite, typ pliku, utf8, windows, wysoki poziom, zaangauj, zapisy

• View other sources: Spamhaus VirusTotal

• Country:
• Network:
• Noticed: 1 times
• Protocols Attacked: Anonymous Proxy
• Passive DNS Results: www.www.serv-u-franzke-karriere.com www-test2.foxitsoftware.com pdfonline.foxitsoftware.com cbisui.foxitsoftware.com sp.foxitsoftware.com pheecws.foxitsoftware.com cdn06.foxitsoftware.com www-staging2.foxitsoftware.com lms.foxitsoftware.com online.foxitsoftware.com lms-staging.foxitsoftware.com www-staging.foxitsoftware.com vi02-pre.th.t-dcm-c.com.cdn.cloudflare.net cas.foxitsoftware.com cbis.foxitsoftware.com pheecws.foxitsoftware.com.cdn.cloudflare.net pdfonline.foxitsoftware.com.cdn.cloudflare.net sp.foxitsoftware.com.cdn.cloudflare.net www-test2.foxitsoftware.com.cdn.cloudflare.net ex03.th.t-dcm-c.com.cdn.cloudflare.net www.serv-u-franzke-karriere.com www-staging2.foxitsoftware.com.cdn.cloudflare.net ex07-pre.th.t-dcm-c.com.cdn.cloudflare.net cbisui.foxitsoftware.com.cdn.cloudflare.net 2490439.com lms-staging.foxitsoftware.com.cdn.cloudflare.net lms.foxitsoftware.com.cdn.cloudflare.net ex05-dev.th.t-dcm-c.com.cdn.cloudflare.net online.foxitsoftware.com.cdn.cloudflare.net www-staging.foxitsoftware.com.cdn.cloudflare.net cbis.foxitsoftware.com.cdn.cloudflare.net cas.foxitsoftware.com.cdn.cloudflare.net hoadon.bic.vn ercal.dod.com.tr www.2490439.com laseroptionsinc.com bytheswordskateboards.com socket.2490439.com serv-u-franzke-karriere.com www.affiliatehilfe.de mein-traumauto.info popma-autos.nl ex05-dev.th.t-dcm-c.com ex07-pre.th.t-dcm-c.com dxctrunnerf57klis001.paastest.epimore.com cyder.nict.go.jp yiso04mstr1bp39inte.dxcloud.episerver.net www.goodyear.se www.kampanj.goodyear.se ex03.th.t-dcm-c.com motuscoza.co.za affiliatehilfe.de vi02-pre.th.t-dcm-c.com hapioldconf4ij55inte-slot.paastest.epimore.com ex04-dev.th.t-dcm-c.com ex01-dev.th.t-dcm-c.com t.sidekickopen79.com misacars.nl cuentainfo.com prodaws.cuentainfo.com eranbobe.com 22z22z.com www.travelnerinsurance.com betvnd40.com qa-ca-by7-fbmvp-19503-dkfisebookapprctas.az.ssdgws.co.uk dr-az.thecountyhotellytham.co.uk dcgroup.com developers.foxitsoftware.com.cdn.cloudflare.net wjpso.online dxctrunner9bs3t0inte.paastest.epimore.com qa-ca-oey-testfbmvp-17767-booklocationco.az.ssdgws.co.uk travelnerinsurance.com startpage.foxitsoftware.com startpage.foxitsoftware.com.cdn.cloudflare.net www.drhorton.com.cdn.cloudflare.net atwinners.net cyder.nict.go.jp.cdn.cloudflare.net dod.com.tr sageonlineshop.com sage-people.de t.sidekickopen45.com qa-ca-cto-socrates-clouduat.az.ssdgws.co.uk euslot.com a789bb.com ibranceimpact.com cart-flyin.preprod.tds-np.com sellex-portal-frontend.preprod.tds-np.com www.ibranceimpact.com sellex-portal.preprod.tds-np.com collect-de.preprod.tds-np.com dev1.cm.kleenex.com commcloud.dev-bcwc-montrealdutyfree-ca.cc-ecdn.net techradar.getyourguide.com dev.cm.v6.kleenex.com www.selkirkauctions.com eu-spar-prep.immeo.net wt.test-aws-narrow-turtle-4137.auth0c.com test-aws-narrow-turtle-4137.auth0c.com edge.tenants.test-aws-narrow-turtle-4137.auth0c.com qa-nz-ohu-ecrp-9971-appserviceautoscalin.az.ssdgws.co.uk dvtrry.org fzy.tw-ifungames.com yfzy.tw-ifungames.com cdn66.foxitsoftware.com cdn66.foxitsoftware.com.cdn.cloudflare.net www.harrods.com.cdn.cloudflare.net thecountyhotellytham.co.uk app.tw-ifungames.com testapp.tw-ifungames.com www.turisqualybahia.com.br qa-au-xyl-caecom-331-canadacheckouttrans.az.ssdgws.co.uk qa-no-3oj-caecom-2720-aftercarestorevali.az.ssdgws.co.uk 33y8r.copy.paastest.co.uk gandangaraw-ph.com www.foxitsoft.com foxit-ea.com stockx-staging.auth0app.com edge.tenants.stockx-staging.auth0app.com wt.stockx-staging.auth0app.com cricbuzzmailer.com int.americanmobile.com training.liferay.com benchmarks.era.dev www.americanmobile.com www.paxlovideducation.lv paxlovideducation.lv airphysio-grandessential.com repository-cdn.liferay.com earotica.de m.myricoh.com carzimi.nl eb4bd927756f8b2edbca8a596c5bccd341e6fb71.vercel-workers.com test-c.oddo-bhf.com firing.it uat.americanmobile.com login-dev.liferay.com www.pfizerreadytouse.com www.redlandroofing.net beta-staging.granngarden.se www.nordic-nest.es beta.nordic-nest.es prep.nordic-nest.es inte.nordic-nest.es www.co-payunsubscribe.com m.gransino.com www.gransino.com www.rugsusa.ca rugsusa.ca era.dev www.granngarden.se www.americanmobile.com.cdn.cloudflare.net 4huy91.com manage.funid.com www-cdn.liferay.com www.poolsidevacationrentals.com m.myricoh.com.cdn.cloudflare.net myricoh.com.cdn.cloudflare.net prepaidcert.bankofamerica.com.cdn.cloudflare.net www-uat.liferay.com www-uat-cdn.liferay.com uat.americanmobile.com.cdn.cloudflare.net tjim.com gamepoint.app funid.com int.americanmobile.com.cdn.cloudflare.net beta.granngarden.se.cdn.cloudflare.net www.nordic-nest.es.cdn.cloudflare.net inte.nordic-nest.es.cdn.cloudflare.net prep.nordic-nest.es.cdn.cloudflare.net vu1kan-de1uxxe.xyz poolsidevacationrentals.com pfizerreadytouse.com www.pfizerreadytouse.com.cdn.cloudflare.net boaboa.se gransino.com truckpaper.ch www.redlandroofing.net.cdn.cloudflare.net autoworks-wa.com keshasparty.com www.liferay.com liferay.com carnivallotto.com beta.nordic-nest.es.cdn.cloudflare.net shop.benco.com.cdn.cloudflare.net www.vari.com.cdn.cloudflare.net commcloud.production-global-mountainhardwear-com.cc-ecdn.net.cdn.cloudflare.net qa.vari.com.cdn.cloudflare.net cdn06.foxitsoftware.com.cdn.cloudflare.net www.foxitsoftware.com.cdn.cloudflare.net www.5364hu.com www.co-payunsubscribe.com.cdn.cloudflare.net co-payunsubscribe.com

Malware Detected on Host

Count: 8 5fed5919e1ed41ea4ebda21797a5b7c52dfd17cdf92ac39c1d5e3a6670d73a80 110e00159b508729aef51c12097f4e38ebd0ac881c6186ce80eea59e9c1be2af 04a6263afd0c0e8805a4d7dadb1da73343b10dfcaee3c80f5a6a1a66dc6d17ca 82a53d790b55938188bc22a5741b38b61a9fdcf912ceeaab9d52fcffbc037ea3 04fd64b7ea60ddd313059758c09724eec64fb20626fd77982dca497e4da621a4 92c9b9f178086792af6735a4a05c8e7e8a01ed303e95f01dc9b9a376631f8438 f3855058ddbfe9830eb6bec05acfe9920afedc1e8ab8575449d583eadce7a6b0 77e93e40206639fc977701ac9b253d12aae00a750fd4397313f86ac54f1294e6

Open Ports Detected

2052 2053 2082 2083 2086 2087 443 80 8080 8443 8880

Map

Whois Information

• NetRange: 104.16.0.0 - 104.31.255.255
• CIDR: 104.16.0.0/12
• NetName: CLOUDFLARENET
• NetHandle: NET-104-16-0-0-1
• Parent: NET104 (NET-104-0-0-0-0)
• NetType: Direct Allocation
• OriginAS: AS13335
• Organization: Cloudflare, Inc. (CLOUD14)
• RegDate: 2014-03-28
• Updated: 2024-09-04
• Comment: All Cloudflare abuse reporting can be done via https://www.cloudflare.com/abuse
• Comment: Geofeed: https://api.cloudflare.com/local-ip-ranges.csv
• Ref: https://rdap.arin.net/registry/ip/104.16.0.0
• OrgName: Cloudflare, Inc.
• OrgId: CLOUD14
• Address: 101 Townsend Street
• City: San Francisco
• StateProv: CA
• PostalCode: 94107
• Country: US
• RegDate: 2010-07-09
• Updated: 2024-11-25
• Ref: https://rdap.arin.net/registry/entity/CLOUD14
• OrgRoutingHandle: CLOUD146-ARIN
• OrgRoutingName: Cloudflare-NOC
• OrgRoutingPhone: +1-650-319-8930
• OrgRoutingEmail: noc@cloudflare.com
• OrgRoutingRef: https://rdap.arin.net/registry/entity/CLOUD146-ARIN
• OrgAbuseHandle: ABUSE2916-ARIN
• OrgAbuseName: Abuse
• OrgAbusePhone: +1-650-319-8930
• OrgAbuseEmail: abuse@cloudflare.com
• OrgAbuseRef: https://rdap.arin.net/registry/entity/ABUSE2916-ARIN
• OrgNOCHandle: CLOUD146-ARIN
• OrgNOCName: Cloudflare-NOC
• OrgNOCPhone: +1-650-319-8930
• OrgNOCEmail: noc@cloudflare.com
• OrgNOCRef: https://rdap.arin.net/registry/entity/CLOUD146-ARIN
• OrgTechHandle: ADMIN2521-ARIN
• OrgTechName: Admin
• OrgTechPhone: +1-650-319-8930
• OrgTechEmail: rir@cloudflare.com
• OrgTechRef: https://rdap.arin.net/registry/entity/ADMIN2521-ARIN
• RTechHandle: ADMIN2521-ARIN
• RTechName: Admin
• RTechPhone: +1-650-319-8930
• RTechEmail: rir@cloudflare.com
• RTechRef: https://rdap.arin.net/registry/entity/ADMIN2521-ARIN
• RNOCHandle: NOC11962-ARIN
• RNOCName: NOC
• RNOCPhone: +1-650-319-8930
• RNOCEmail: noc@cloudflare.com
• RNOCRef: https://rdap.arin.net/registry/entity/NOC11962-ARIN
• RAbuseHandle: ABUSE2916-ARIN
• RAbuseName: Abuse
• RAbusePhone: +1-650-319-8930
• RAbuseEmail: abuse@cloudflare.com
• RAbuseRef: https://rdap.arin.net/registry/entity/ABUSE2916-ARIN

Links to attack logs

anonymous-proxy-ip-list-2025-06-23 anonymous-proxy-ip-list-2025-06-22