104.18.9.218 Threat Intelligence and Host Information

Share on:
Jul 27, 2023 ipinfopage

General

This page contains threat intelligence information for the IPv4 address 104.18.9.218 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Possibly Malicious Host 🟢 5/100

Host and Network Information

  • View other sources: Spamhaus VirusTotal

  • Country:
  • Network: AS13335 cloudflare
  • Noticed: 1 times
  • Protcols Attacked: Anonymous Proxy
  • Passive DNS Results: rielloburners.cn www.genetec.gtigrows.com genetec.gtigrows.com book.grandlidoresorts.com www1.grandlidoresorts.com aws-lst-test4.auth0c.com edge.tenants.idm.havenlife.com wt.idm.havenlife.com hubfs.origin.hubspotfree-h1-eu1.net de-ie-ro8-sc-11851-debtoruifixes2.socrates.ssdgws.co.uk test-aws-talented-wombat-8578.auth0c.com stage.cmmiinstitute.com voice.uk.omnidev.cafe webchat.uk.omnidev.cafe video.uk.omnidev.cafe receiver.uk.omnidev.cafe operator.uk.omnidev.cafe api.weauthtest.dev s.bwin.co.ke rasa.uk.omni.cafe cybermaturity.cmmiinstitute.com admineast4.omni.cafe voiceeast4.omni.cafe cicqueueeast4.omni.cafe videoeast4.omni.cafe officechateast4.omni.cafe ciceast4.omni.cafe voice.uk.omni.cafe api.uk.omni.cafe receiver.uk.omni.cafe operator.uk.omni.cafe apieast4.omni.cafe webchateast4.omni.cafe operatoreast4.omni.cafe officechat.omnidev.cafe receiver.uk.omniqa.cafe api.uk.omniqa.cafe rasa.omni.cafe webchat.omni.cafe voice.omni.cafe cfprodeast4.omnicfcn.cafe www.getyourguide.app test3.sandbox.roche-digital.cn callcenter.omni.cafe rasa.omniqa.cafe voice.omniqa.cafe receiver.omniqa.cafe webchat.omniqa.cafe gkadmin.omnidev.cafe gkagent.omnidev.cafe video.omnidev.cafe kidderecall.com qa-ie-oy5-testapd-400-infrastructuretest.az.ssdgws.co.uk officechat.omni.cafe api.omnidev.cafe webchat.omnidev.cafe admin.omnidev.cafe voice.omnidev.cafe operator.omnidev.cafe www.edwardsvacuum.com.cdn.cloudflare.net apib.omni.cafe redeem.gtigrows.com video.omni.cafe admin.uk.omnidev.cafe qa-ca-zji-fbmvp-13076-removeslotgrouping.az.ssdgws.co.uk it.deserve.com qa-gb-htm-apd-1247-changebuildtagschedul.az.ssdgws.co.uk bwin.co.ke cannabiotix-ot.vpn.gtigrows.com oglesby-ot.vpn.gtigrows.com lowmoore-ot.vpn.gtigrows.com stratford-ot.vpn.gtigrows.com carsoncity-ot.vpn.gtigrows.com paterson-ot.vpn.gtigrows.com rockisland-ot.vpn.gtigrows.com schenectady-ot.vpn.gtigrows.com chesapeake-ot.vpn.gtigrows.com occala-ot.vpn.gtigrows.com toledo-ot.vpn.gtigrows.com warrick-ot.vpn.gtigrows.com clinton-ot.vpn.gtigrows.com cottagegrove-ot.vpn.gtigrows.com holyoke-ot.vpn.gtigrows.com desertgrown-ot.vpn.gtigrows.com agl-ot.vpn.gtigrows.com homestead-ot.vpn.gtigrows.com www.edwardsvacuum.com www.photos-videos.edwardsvacuum.com mq-dfc-bff-customer-auth.deserve.com elitesingles.com.au sas.cmmiinstitute.com amc.deserve.com seneca-bff-pnc.deserve.com sw-bff-customer-auth.deserve.com earnest-bff-customer-auth.deserve.com coa.gtigrows.com qa-no-6ia-fixmcl-383-inactivitytimer.az.ssdgws.co.uk k8s-sandbox-bff-ivr-service.deserve.com sandbox-blockficard.deserve.com blockficard.deserve.com qa-blockficard.deserve.com paynesautomotive.com help.bwin.co.ke binance-us.deserve.com sandbox-binance-us.deserve.com lp.bwin.co.ke blckfi.deserve.com qa-blckfi.deserve.com sandbox-blckfi.deserve.com dev-admin-bff.deserve.com playwin.ph k8-prod-customerauth-service.deserve.com dev-admin-portal.deserve.com qa-amc.deserve.com winwager.eu k8-qa-customerauth-service.deserve.com k8s-prod-admin-portal.deserve.com k8-sandbox-dfcweb-service.deserve.com k8s-qa-admin-portal.deserve.com k8-qa-dfcweb-service.deserve.com stg-bff-customer-auth.deserve.com qa-bff-customer-auth.deserve.com sandbox-bff-customer-auth-internal.deserve.com qa-bff-customer-auth-internal.deserve.com prod.spsaas.net sandbox-platform-cubi.deserve.com k8-sandbox-admin-portal-bff.deserve.com k8-qa-admin-portal-bff.deserve.com www.cmmiinstitute.com k8s-prod-business-card-bff.deserve.com k8s-prod-business-card-ui.deserve.com k8s-prod-business-card-auth.deserve.com k8s-prod-bff-onb-service.deserve.com k8s-sandbox-bff-onb-service.deserve.com k8s-qa-bff-onb-service.deserve.com k8s-qa-business-card-auth.deserve.com www.fin99.net cards.bankmobile.deserve.com.cdn.cloudflare.net dpprodlinks.deserve.com k8s-sandbox-business-card-ui.deserve.com k8s-qa-business-card-ui.deserve.com k8s-sandbox-business-card-bff.deserve.com qa-kms-service.deserve.com k8s-prod-bff-pnc.deserve.com k8s-qa-bff-pnc.deserve.com stagewp2.deserve.com fin99.net cbank.deserve.com deserve-webhook2.deserve.com qa-au-fxf-ecrp-9600-addlintingrulesforje.az.ssdgws.co.uk qa-gb-4r7-fbmvp-7883-addtemplatechange.az.ssdgws.co.uk sandbox-uat-bff-pnc.deserve.com telcom-ag.ch auth-override.deserve.com sandbox-auth-override.deserve.com oppfi-bff-customer-auth.deserve.com investors.gtigrows.com slmprod.deserve.com qa-auth-override.deserve.com dual-authprocessor.deserve.com stg.deserve.com dmitry-stage.deserve.com stg-vf.deserve.com honorsociety.deserve.com esd-20318-mn.auth0c.com edge.tenants.esd-20318-mn.auth0c.com wt.esd-20318-mn.auth0c.com support.deserve.com charlie.deserve.com sandbox-charlie.deserve.com qa-charlie.deserve.com cldcvrlab2.deserve.com njit.deserve.com njit-stage.deserve.com borneo-di.deserve.com customersbank.deserve.com qa-customersbank.deserve.com sandbox-customersbank.deserve.com honorsociety-stage.deserve.com forest-interactive.cloudflaresso.com slm.deserve.com chubb-nord-alarm.de dr-sandbox-authprocessor.deserve.com mc-card.deserve.com multi.authprocessor.deserve.com cmmiinstitute.com dr-authprocessor.deserve.com primary-authprocessor.deserve.com www.gtigrows.com citus-links.deserve.com qa-oppfi-links.deserve.com mq-links.deserve.com sandbox-mq-links.deserve.com qa-citus-links.deserve.com sandbox-citus-links.deserve.com notredame.deserve.com lab2.onlinecms.mtn.co.za spsaas.net oppfi.deserve.com www.gn.total.com grandreservecard.deserve.com k8s-qa-bff-ivr-service.deserve.com qa-oppfi.deserve.com www.uxbridge-ma.gov dc.deserve.com oppfi-bff-customer-auth-internal.deserve.com www-stage.edwardsvacuum.com www-stage.photos-videos.edwardsvacuum.com prod-onboarding-workflow-internal.deserve.com citus-bff-customer-auth-internal.deserve.com qa-onboarding-workflow-internal.deserve.com qa-ivr.deserve.com earnest-bff-customer-auth-internal.deserve.com qa-earnest-links.deserve.com sandbox-sw-links.deserve.com sw-links.deserve.com qa-links.deserve.com links.deserve.com qa-sw-links.deserve.com sandbox-links.deserve.com qa-onb-workflow-internal.deserve.com solarwinds.gtigrows.com sandbox-admin-portal.deserve.com krowdfit.deserve.com qa-krowdfit.deserve.com sandbox-krowdfit.deserve.com www.deserve.com gtigrows.com sandbox-earnest.deserve.com sandbox-sw.deserve.com qa-sw.deserve.com sw.deserve.com qa-earnest.deserve.com earnest.deserve.com deals.gettheraiceheadreliefhat.io fiduciarytrust.biz lendingpoint-stage.deserve.com lendingpoint.deserve.com mq-dfc-bff-pnc.deserve.com earnest-sandbox-bff-pnc.deserve.com earnest-bff-pnc.deserve.com business.devere-vault.com prod-dfcweb.deserve.com iframe.jimcdn.com sandbox-bff-customer-auth.deserve.com sandbox-dfcweb.deserve.com sw-bff-pnc.deserve.com authprocessor.deserve.com tns-stage.deserve.com tns.deserve.com qa-dfcweb.deserve.com admin-portal-test.deserve.com sandbox-authprocessor.deserve.com sandbox-admin-bff.deserve.com prod-admin-bff.deserve.com ondeck.deserve.com www.uccusmartrewards.com prod-bff-customer-auth-internal.deserve.com prod-bff-customer-auth.deserve.com stg-bff-customer-auth-internal.deserve.com gn.total.com prod-bff-pnc.deserve.com www.deserve.com.cdn.cloudflare.net sandbox-ondeck.deserve.com dev-ondeck.deserve.com 46fd82b88342dc7c67c2f6520e90c468f818dbd5.vercel-workers.com keith.se.cloudflaredemo.com ciserver-internal.deserve.com dpprodcitus-links.deserve.com dpprodsw-links.deserve.com dpprodoppfi-links.deserve.com dpprodearnest-links.deserve.com sandbox-business-card-portal.deserve.com prod-business-card-bff.deserve.com qa-authprocessor.deserve.com sandbox-business-card-bff.deserve.com dev-business-card-bff.deserve.com sandbox-business-card-ui.deserve.com dev-business-card-ui.deserve.com dev-business-card-portal.deserve.com prod-admin-portal.deserve.com prod-ivr.deserve.com prod-admin-portal-bff.deserve.com nsls-stage.deserve.com nsls.deserve.com stg-bff-pnc.deserve.com feature-bff-pnc.deserve.com sandbox-admin-portal-bff.deserve.com dev-admin-portal-bff.deserve.com sandbox-bff-pnc.deserve.com cards.bankmobile.deserve.com dev-bff-pnc.deserve.com qa-bff-pnc.deserve.com citus.deserve.com newschool-stage.deserve.com citus-stage.deserve.com sandbox-ivr.deserve.com dev-ivr.deserve.com stg.onlinecms.mtn.co.za uccusmartrewards.com www.regaine.co.nz www.acuvue.com.pa communityneedles.com dev.onlinecms.mtn.co.za devere-vault.com lab4.onlinecms.mtn.co.za lab3.onlinecms.mtn.co.za lab1.onlinecms.mtn.co.za onlinecms.mtn.co.za git.onlinecms.mtn.co.za www.onlinecms.mtn.co.za hcp.galdermaaesthetics.com spinia3.com www.devere-vault.com www.vi-ger-dig-chansen.com staging.gettheraiceheadreliefhat.io regaine.co.nz acuvue.com.pa www.visitassens.dk www.galdermaaesthetics.com galdermaaesthetics.com tradingbae.com actemra.com www.actemra.com v20dev.gettheraiceheadreliefhat.io gettheraiceheadreliefhat.io petsneedyou.org.uk chassitymullins.itworksph.com www.uxbridge-ma.gov.cdn.cloudflare.net burancasino855.com www.regaine.co.nz.cdn.cloudflare.net colinelmore.com 5se12.com itworksph.com hcp.galdermaaesthetics.com.cdn.cloudflare.net www.galdermaaesthetics.com.cdn.cloudflare.net 5677kk.com regaine.co.nz.cdn.cloudflare.net www.visitassens.dk.cdn.cloudflare.net wisewww.gopoint.io gaminatorslots.win wordops-1.gopoint.io www.acuvue.com.pa.cdn.cloudflare.net acuvue.com.pa.cdn.cloudflare.net 0694hu.com store.raelynn.com.cdn.cloudflare.net 4d7c.com hlj11x5u.com jf8q.com sx11x5k.com www.4d7c.com www.sx11x5k.com

Open Ports Detected

2052 2053 2082 2083 2086 2087 2095 2096 443 80 8080 8443 8880

Map

Whois Information

  • NetRange: 104.16.0.0 - 104.31.255.255
  • CIDR: 104.16.0.0/12
  • NetName: CLOUDFLARENET
  • NetHandle: NET-104-16-0-0-1
  • Parent: NET104 (NET-104-0-0-0-0)
  • NetType: Direct Allocation
  • OriginAS: AS13335
  • Organization: Cloudflare, Inc. (CLOUD14)
  • RegDate: 2014-03-28
  • Updated: 2021-05-26
  • Comment: All Cloudflare abuse reporting can be done via https://www.cloudflare.com/abuse
  • Ref: https://rdap.arin.net/registry/ip/104.16.0.0
  • OrgName: Cloudflare, Inc.
  • OrgId: CLOUD14
  • Address: 101 Townsend Street
  • City: San Francisco
  • StateProv: CA
  • PostalCode: 94107
  • Country: US
  • RegDate: 2010-07-09
  • Updated: 2021-07-01
  • Ref: https://rdap.arin.net/registry/entity/CLOUD14
  • OrgNOCHandle: CLOUD146-ARIN
  • OrgNOCName: Cloudflare-NOC
  • OrgNOCPhone: +1-650-319-8930
  • OrgNOCEmail: [email protected]
  • OrgNOCRef: https://rdap.arin.net/registry/entity/CLOUD146-ARIN
  • OrgAbuseHandle: ABUSE2916-ARIN
  • OrgAbuseName: Abuse
  • OrgAbusePhone: +1-650-319-8930
  • OrgAbuseEmail: [email protected]
  • OrgAbuseRef: https://rdap.arin.net/registry/entity/ABUSE2916-ARIN
  • OrgRoutingHandle: CLOUD146-ARIN
  • OrgRoutingName: Cloudflare-NOC
  • OrgRoutingPhone: +1-650-319-8930
  • OrgRoutingEmail: [email protected]
  • OrgRoutingRef: https://rdap.arin.net/registry/entity/CLOUD146-ARIN
  • OrgTechHandle: ADMIN2521-ARIN
  • OrgTechName: Admin
  • OrgTechPhone: +1-650-319-8930
  • OrgTechEmail: [email protected]
  • OrgTechRef: https://rdap.arin.net/registry/entity/ADMIN2521-ARIN
  • RNOCHandle: NOC11962-ARIN
  • RNOCName: NOC
  • RNOCPhone: +1-650-319-8930
  • RNOCEmail: [email protected]
  • RNOCRef: https://rdap.arin.net/registry/entity/NOC11962-ARIN
  • RTechHandle: ADMIN2521-ARIN
  • RTechName: Admin
  • RTechPhone: +1-650-319-8930
  • RTechEmail: [email protected]
  • RTechRef: https://rdap.arin.net/registry/entity/ADMIN2521-ARIN
  • RAbuseHandle: ABUSE2916-ARIN
  • RAbuseName: Abuse
  • RAbusePhone: +1-650-319-8930
  • RAbuseEmail: [email protected]
  • RAbuseRef: https://rdap.arin.net/registry/entity/ABUSE2916-ARIN

Links to attack logs

anonymous-proxy-ip-list-2023-07-26