104.26.1.70 Threat Intelligence and Host Information

General

This page contains threat intelligence information for the IPv4 address 104.26.1.70 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Possibly Malicious Host 🟢 10/100

Host and Network Information

• View other sources: Spamhaus VirusTotal

• Country: United States
• Network: AS13335 cloudflare
• Noticed: 1 times
• Protcols Attacked: Anonymous Proxy
• Passive DNS Results: didi.ua wallet-api.moonstake.io helpdesk.simpleclick.co.uk hdapi.androidstation.info jenkins.moonstake.io www.vivaquant.com uploads.remediumapi.com vq-hs1.vivaquant.com hs1.vivaquant.com vq-hs1-dev.vivaquant.com www.be.oasisfloral.de trade.oasisfloral.de www.fr.oasisfloral.de msoid.oasisfloral.de enterpriseenrollment.oasisfloral.de lyncdiscover.oasisfloral.de sip.oasisfloral.de enterpriseregistration.oasisfloral.de www.en.oasisfloral.de start.ichbindeinauto.de usemtrader-admin.useggs.org dev.ichbindeinauto.de api-usem.useggs.org usemtrader.useggs.org staging.moonstake.io www.useggs.org www.sohomod.com aide.reseau411.ca mp.tripsguard.com www.jmdonline.co.uk www.jmselite.com www.bsw.ichbindeinauto.de qhdapi.androidstation.info test.kine.cash jmselite.com test.symec.co.uk ofbd.nl jbcaravans.com.au newsletter.ichbindeinauto.de www.golfer.ichbindeinauto.de golfer.ichbindeinauto.de cargillideas.imaginatik.com play.lotto191.com be.oasisfloral.de spotweb.verycouch.com btcpay.verycouch.com online.oasisfloral.de auto.lotto191.com matomo.verycouch.com churchplanting.lausanne.org www.escapology.com dev.symec.co.uk verycouch.com www.showami.com dyky-sign.eu e-standardsportal.org carrhillcafe.co.uk nl.oasisfloral.de it.oasisfloral.de ru.oasisfloral.de pl.oasisfloral.de fr.oasisfloral.de en.oasisfloral.de bh.gymcompany.be www.leseallianz.eu mendianhui.com www.mendianhui.com yummy-online.com iconplc.imaginatik.com www.imaginatik.com medicana.pl content-explorer.tripsguard.com www.redundantmidlife.co.uk showami.com www.myloveshop.hu ssr.24sata.rocks myloveshop.hu ng.tripsguard.com blog.showami.com www.mihijonoaprueba.com shop.symec.co.uk www.jbcaravans.com.au shop.smartlazyhustler.com www.lotto191.com lotto191.com staging2.ismokealot.com test.myloveshop.hu business.club bigos.cl csamuraijack.com staging.showami.com www.kickernft.com kickernft.com willathelabel.com.au www.androidstation.info bestsleeptricks.com www.megawin.pro foodilicbrighton.com staging.ichbindeinauto.de www.smartlazyhustler.com www.52dus.org amp.52dus.org manhuaplus.com www.ismokealot.com host.ilogo.in allianceinmotion.com moonstake.io jansbabybox.nl www.oasisfloral.de apiqhdwallpaper.androidstation.info apibackgroundhd.androidstation.info backgroundhd.androidstation.info quotes.androidstation.info qhdwallpapers.androidstation.info waller-qa.simpleclick.co.uk uat.marlin.co.nz www.marlin.co.nz reg38-dev.simpleclick.co.uk androidstation.info social.lafactorie.es www.lafactorie.es archivos.lafactorie.es gestion.lafactorie.es dl.lazyshop.app www.publicholidays.com.ar 168live.bet hostname.unforgettablecroatia.com 59397636.xyz www.59397636.xyz simpleclick-dev.simpleclick.co.uk www.shelterstore.co.uk waller-dev.simpleclick.co.uk www.td88.cc td88.cc www.ekons.bg files.symec.co.uk casinovulcan.dance ristorantetanur.com www.ristorantetanur.com www.bettingpro.ca cdn-cookieyes.com www.321viajando.com amateurprospog.com kebabexpressonline.co.uk www.clasificacionde.org mosaicmagazine.com marlin.co.nz viedeicantiviaggi.it ekons.bg shelterstore.co.uk mikeambs.com useggs.org www.auptimalmobile.com.au xb1.com doom-iptv.online ismokealot.com clasificacionde.org camposcoffee.com www.auptimal.com.au khanstandoori.com www.antonia.it tech.smartlazyhustler.com symec.co.uk dzoi-cas777.com www.gymcompany.be gymcompany.be waller-wireframes.simpleclick.co.uk oaktree-wp-dev.simpleclick.co.uk riverhills-staging.simpleclick.co.uk islamicarts-dev.simpleclick.co.uk ftp.simpleclick.co.uk waclothes.com smartlazyhustler.com bonuswelt24.com publicholidays.com.ar bymyk.de your-violent-crime-lawyers.com mehr.ichbindeinauto.de advokataikaune.lt www.advokataikaune.lt oasisfloral.de www.thedrsarahexperience.com homefanatics.org bettingpro.ca justrecruitment-dev.simpleclick.co.uk do-good-dev.simpleclick.co.uk conversation.lausanne.org www.tonicperformance.com tonicperformance.com portainer-dockerdev.simpleclick.co.uk graylog-dockerdev.simpleclick.co.uk create.cambridgemask.com antonia.it jenkins.simpleclick.co.uk www.access.dental gardenofdessertsonline.com stg-eshop.antonia.it test.ekons.bg www.erzkrabbelzoo.de www.thedockkingston.com.au theme-sonnet.com metacine.ai dev.bogged.finance bogged.finance access.dental truclothing.com unforgettablecroatia.com thedrsarahexperience.com api.qlk.to oldsites.jwmmarketing.com sandbox.tripsguard.com kontikiexpeditions.com www.kontikiexpeditions.com machete.24sata.rocks www.exoten.erzkrabbelzoo.de.cdn.cloudflare.net cutbackcoach.com pages.escapology.com api-sandbox.tripsguard.com iremovalpro.com api.tripsguard.com www.auptimalmobile.com.au.cdn.cloudflare.net s13.iremovalpro.com www.reseau411.ca go.cutbackcoach.com lausanne.org try.cutbackcoach.com dev.usemtrader.useggs.org escapology.com simpleclick.co.uk thelondoncapital.com www.cambridgemask.com maven-data.com asia.cambridgemask.com www.tripsguard.com uk.cambridgemask.com eu.cambridgemask.com usa.cambridgemask.com chikenzoonline.co.uk fmi.iremovalpro.com us.cambridgemask.com abcshop.ba www.abcshop.ba europia.net videos.jwmmarketing.com justvape.nu www.justvape.nu www.unforgettablecroatia.com img.24sata.rocks app.24sata.rocks www.24sata.rocks 24sata.rocks api.24sata.rocks tripsguard.com supergoogie.com www.spraino.com.cdn.cloudflare.net docmagazine.retedoc.net patriotfacemasksupply.com iloveamaryllis.nl crew.retedoc.net games.retedoc.net formazione.retedoc.net stage.lausanne.org freecomusic.retedoc.net www.reformasdimari.es.cdn.cloudflare.net boomcontemporaryart.retedoc.net hypernovacoop.retedoc.net doccreativity.retedoc.net moffaltops.com docacademy.retedoc.net docdrones.retedoc.net creativity.retedoc.net vulcan-deluxe.futbol clipx.io www.clipx.io www.casacraviotoeshop.com www.marykay.ichbindeinauto.de militarycollectibles4u.nl admin.ilogo.in res.zouju.cn.cdn.cloudflare.net www.luematecidos.com.br cpcontacts.eorange.shop cpcalendars.eorange.shop www.eorange.shop casacraviotoeshop.com dev.patches4less.com topenergyapps.com em.gy reseau411.ca terbit21.fun ilogo.in thechandacottage.co.uk eorange.shop api.clipx.io karapincha9.com xungbathienha.com www.technogroup.ichbindeinauto.de www.swarco.ichbindeinauto.de www.beamte.ichbindeinauto.de www.bundeswehr.ichbindeinauto.de www.unicredit.ichbindeinauto.de seo.jwmmarketing.com 918kisskiss918vip.com softwarepull.com connector1.lausanne.org www.sipsnibblesbites.com keepforu.com occmrss.findanyfilm.com www.ypaithros.gr vegan.10ztalk.com beat.10ztalk.com jwmmarketing.com www.jwmmarketing.com cloud.jwmmarketing.com www.lausanne.org huzursayfasi.com www.proposl.com proposl.com ichbindeinauto.de amznrewards.club capefearraptorcenter.net findanyfilm.com sohomod.com stopfundingpa.org www.thedockkingston.com.au.cdn.cloudflare.net api.zouju.cn.cdn.cloudflare.net java.waptai.com vivaquant.com www.zouju.cn.cdn.cloudflare.net e-asfona.fr.cdn.cloudflare.net schlaunews.de.cdn.cloudflare.net www.321viajando.com.cdn.cloudflare.net www.dunixa.com.cdn.cloudflare.net www.securesetacademy.com.cdn.cloudflare.net app.proposl.com www.waptai.com haiwaitxt.com stoptheslowlane.com 10ztalk.com www.wetten.eu luematecidos.com.br wetten.eu developer.sigmaestimates.com indianplazaonline.co.uk centraltakeaway.co.uk banglaloungeshirley.co.uk waptai.com www.sigmaestimates.com www.patches4less.com patches4less.com shop.10ztalk.com streetwear.10ztalk.com www.fifa55hot.net blog.fibrasynormasdecolombia.com www.fibrasynormasdecolombia.com fifa55hot.net icestork.com sipsnibblesbites.com iosi.me ivietnamese.com www.simpleclick.co.uk ypaithros.gr sigmaestimates.com imaginatik.com qlk.to www.dot-awards.com dot-awards.com

Malware Detected on Host

Count: 3 a7eb7b06d5b431d9286756ae7f6d88486780c171bfe3efa790bf38482d820093 aaf0e75007d6b2697b60b3a2d2e6baa6646d505325f616e4a4369f93422310ee dfa95b9bccdaf14565c7e9a0e9e6de0473619bf8d4544f170cf2498cd6b7e66a

Open Ports Detected

2082 2083 2086 2087 2095 443 80 8080 8443 8880

Map

Whois Information

• NetRange: 104.16.0.0 - 104.31.255.255
• CIDR: 104.16.0.0/12
• NetName: CLOUDFLARENET
• NetHandle: NET-104-16-0-0-1
• Parent: NET104 (NET-104-0-0-0-0)
• NetType: Direct Allocation
• OriginAS: AS13335
• Organization: Cloudflare, Inc. (CLOUD14)
• RegDate: 2014-03-28
• Updated: 2021-05-26
• Comment: All Cloudflare abuse reporting can be done via https://www.cloudflare.com/abuse
• Ref: https://rdap.arin.net/registry/ip/104.16.0.0
• OrgName: Cloudflare, Inc.
• OrgId: CLOUD14
• Address: 101 Townsend Street
• City: San Francisco
• StateProv: CA
• PostalCode: 94107
• Country: US
• RegDate: 2010-07-09
• Updated: 2021-07-01
• Ref: https://rdap.arin.net/registry/entity/CLOUD14
• OrgTechHandle: ADMIN2521-ARIN
• OrgTechName: Admin
• OrgTechPhone: +1-650-319-8930
• OrgTechEmail: rir@cloudflare.com
• OrgTechRef: https://rdap.arin.net/registry/entity/ADMIN2521-ARIN
• OrgRoutingHandle: CLOUD146-ARIN
• OrgRoutingName: Cloudflare-NOC
• OrgRoutingPhone: +1-650-319-8930
• OrgRoutingEmail: noc@cloudflare.com
• OrgRoutingRef: https://rdap.arin.net/registry/entity/CLOUD146-ARIN
• OrgNOCHandle: CLOUD146-ARIN
• OrgNOCName: Cloudflare-NOC
• OrgNOCPhone: +1-650-319-8930
• OrgNOCEmail: noc@cloudflare.com
• OrgNOCRef: https://rdap.arin.net/registry/entity/CLOUD146-ARIN
• OrgAbuseHandle: ABUSE2916-ARIN
• OrgAbuseName: Abuse
• OrgAbusePhone: +1-650-319-8930
• OrgAbuseEmail: abuse@cloudflare.com
• OrgAbuseRef: https://rdap.arin.net/registry/entity/ABUSE2916-ARIN
• RTechHandle: ADMIN2521-ARIN
• RTechName: Admin
• RTechPhone: +1-650-319-8930
• RTechEmail: rir@cloudflare.com
• RTechRef: https://rdap.arin.net/registry/entity/ADMIN2521-ARIN
• RNOCHandle: NOC11962-ARIN
• RNOCName: NOC
• RNOCPhone: +1-650-319-8930
• RNOCEmail: noc@cloudflare.com
• RNOCRef: https://rdap.arin.net/registry/entity/NOC11962-ARIN
• RAbuseHandle: ABUSE2916-ARIN
• RAbuseName: Abuse
• RAbusePhone: +1-650-319-8930
• RAbuseEmail: abuse@cloudflare.com
• RAbuseRef: https://rdap.arin.net/registry/entity/ABUSE2916-ARIN

Links to attack logs

anonymous-proxy-ip-list-2023-09-15