104.18.0.219 Threat Intelligence and Host Information

General

This page contains threat intelligence information for the IPv4 address 104.18.0.219 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Possibly Malicious Host 🟢 5/100

Host and Network Information

• View other sources: Spamhaus VirusTotal

• Country:
• Network:
• Noticed: 1 times
• Protocols Attacked: Anonymous Proxy
• Passive DNS Results: platform.localsecurity.org free.stockai.trade lightning.app.localsecurity.org mira-bot.localsecurity.org agentic-studio.uat.impact-agents.ai localsecurity.org ivts-91867m.urban-offer.evoyageurs.dev.cdn.vsct.fr bh21-smyt-wms-con-np4.jdadelivers.com 1727464639.app.localsecurity.org agentic-studio.dev.be.impact-agents.ai erfolgs-traum.de paymentservices.pitneybowes.com api.grandoptical.nl impact-agents.ai bg94-duns-wms-app-pra1.jdadelivers.com rahaph-ph.com beta.localsecurity.org tools-sandbox.impact-agents.ai ia-agent.impact-agents.ai lhmlincolnparts4less.com pages.app.localsecurity.org internal.a-vir-d1.apicp.ipaas.automation.ibm.com auth.localsecurity.org www.stockai.trade app.localsecurity.org www.gilcrestjewett.com acpsstallionauction.com rpmpriority.com selfreason.com internal.a-syd-c1.apicp.ipaas.automation.ibm.com internal.a-syd-s1.apicp.ipaas.automation.ibm.com io.localsecurity.org internal.a-fra-s1.apicp.ipaas.automation.ibm.com internal.a-fra-c1.apicp.ipaas.automation.ibm.com palettemuse.top www.palettemuse.top filefleet.fattouche.com ait-aztms-restws-ts1.jdadelivers.com static.client.cardinaltrusted.com.cdn.cloudflare.net www.systane.be 2k2bet.com memorialeyecenter-oak-forest.com lci-aztms-sso-ts1.jdadelivers.com internal.a-vir-d2.apicp.ipaas.automation.ibm.com dev.gilcrestjewett.com kingpanda.bet.br www.localsecurity.org crewappreciationday.com janellsellshouses.com adspend.de www.adspend.de freiheitdennis.de performance-seller-mavo.de api.sx.xyz www.dnbbra.com.br windtricity.com chalk.solutions gilcrestjewett.com ido.sx.xyz sfgame.jp fattouche.com 17klwin.com gateway-testnet-ui.sx.xyz mm.sx.xyz app.sx.xyz www.sx.xyz grandoptical.nl mmhportal.mmltd.co.za link.store-preview.topeleven.com api.8y1.xyz vc.mmltd.co.za www.gettysburgma.com test-aws-new-liger-1776.auth0c.com simonsaysstampblog.com x8657cer.com x8935bon.com w8734vte.com t7639vpe.com s7345kof.com s5723oue.com y5675vyr.com p7552gde.com b8763hyt.com g8653cue.com u8364hds.com e8673ndr.com r7592fun.com we4850xer.com ae5363dot.com tu0472oku.com vc8267ger.com se4739cvf.com hu3727per.com pn4687tev.com bm2735for.com jk8467xut.com op3257ung.com en0897lor.com w8753xour.com t6545gber.com c9643yueo.com v8743fkue.com s7572geur.com m7863dert.com q7535fong.com g7462yrer.com f8357uore.com qbaddons.com www.qbaddons.com u3752vber.com manager.topeleven.com.cdn.cloudflare.net meissnerautomotive.com qa-nl-le6-dad-57-update-contentful-space.az.ssdgws.co.uk buyouwstore.com authorityekingdom.com www.sikadach.ch sikadach.ch g2i1-cdn4-platform.cdn-in-flare.com g2i1-cdn2-platform.cdn-in-flare.com g2i1-cdn1-platform.cdn-in-flare.com g2i1-cdn3-platform.cdn-in-flare.com www.simonsaysstampblog.com login-stagewhite.politicopro.com subscriber-stagewhite.politicopro.com gabbie-qared.politicopro.com cd.politicopro.com.cdn.cloudflare.net directory.politicopro.com.cdn.cloudflare.net login-qablue.politicopro.com login-qagreen.politicopro.com www.marriottistanbulsisli.com tricitysmog.com dialogue.politicopro.com login.politicopro.com.cdn.cloudflare.net cd.politicopro.com pextcloud.statkraftdirektvermarktung.de qextcloud.statkraftdirektvermarktung.de textcloud.statkraftdirektvermarktung.de morph.politicopro.com gamma.politicopro.com login.politicopro.com sluice-qared.politicopro.com sluice-qaorange.politicopro.com sluice-qablue.politicopro.com sail-prod.politicopro.com swag.politicopro.com trakr.politicopro.com chronicle.politicopro.com sluice.politicopro.com stakeholder-mgmt.politicopro.com rolo.politicopro.com directory.politicopro.com campaigns.politicopro.com legislation.politicopro.com regulations.politicopro.com wt.plf-test-feed.auth0c.com edge.tenants.plf-test-feed.auth0c.com plf-test-feed.auth0c.com de-ie-5cu-fixsc-000-persistauthactionid.socrates.ssdgws.co.uk qa-ca-jwe-dummy-test-branch.az.ssdgws.co.uk macpaw.space datosabiertos.cambioclimatico.gob.do price-preprod.decathlon.sg lunargg.dev subscriber.politicopro.com.cdn.cloudflare.net qa-ie-rba-fixfbmvp-12792-manageyourbooki.az.ssdgws.co.uk assets.dotfashion.cn eps.dotfashion.cn www.cambioclimatico.gob.do qa-au-wwf-ecrp-10294-gatewayformeshloadt.az.ssdgws.co.uk qa-no-6wd-fbmvp-13134-incorrectstarttime.az.ssdgws.co.uk cambioclimatico.gob.do wt.mercadolibre-us-prod-1.auth0app.com edge.tenants.mercadolibre-us-prod-1.auth0app.com mercadolibre-us-prod-1.auth0app.com accountpreview.royalcanin.com www.za-greatdeals-76.com www.iphone-auswahl.com cibinqoshare.com www.cibinqoshare.com www.punainenristi.fi.cdn.cloudflare.net bostonbeer.erpmaestro.com report-management-eu.erpmaestro.com yageo-arm.erpmaestro.com play.go88.live pivdennamiska-gromada.gov.ua www.pivdennamiska-gromada.gov.ua pop.pivdennamiska-gromada.gov.ua smtp.pivdennamiska-gromada.gov.ua alt.pivdennamiska-gromada.gov.ua pmachemicals.co.uk g456h.com qa-ca-b2c-caecom-2483-updatednamecloudfl.az.ssdgws.co.uk lannett-okta.erpmaestro.com topconsso-grc.erpmaestro.com skynetapi-eu.erpmaestro.com metadata-eu.erpmaestro.com em777.erpmaestro.com logsvc.erpmaestro.com uct.erpmaestro.com authsvc-eu.erpmaestro.com clearwater.erpmaestro.com grc.erpmaestro.com cloudagent.erpmaestro.com graincorp-grc.erpmaestro.com esi.erpmaestro.com em-beta.erpmaestro.com app-eu.erpmaestro.com dashsvc-eu.erpmaestro.com avio.erpmaestro.com dg-grc.erpmaestro.com elotouch-arm.erpmaestro.com skynet.erpmaestro.com provisioningsvc.erpmaestro.com macom.erpmaestro.com skynetapi.erpmaestro.com mcclabel.erpmaestro.com em.erpmaestro.com jobsvc-eu.erpmaestro.com kemet-grc.erpmaestro.com pah.erpmaestro.com clearwater-beta.erpmaestro.com rayonier.erpmaestro.com officeworks.erpmaestro.com supermicro.erpmaestro.com schedulingsvc-eu.erpmaestro.com agmetalbevsa.erpmaestro.com agmetalbensa.erpmaestro.com app01.erpmaestro.com boral.erpmaestro.com agglassna.erpmaestro.com agmetalbevna-beta.erpmaestro.com ageurope-beta.erpmaestro.com app.erpmaestro.com boral-beta.erpmaestro.com agents.erpmaestro.com agmetalbevna.erpmaestro.com analysis.erpmaestro.com api.erpmaestro.com gettheguidelight.io cognex-arm.erpmaestro.com eldan.medisonmedia.com templetonworldwide.org qa-au-qkx-fixfbmvp-9769-big-branch-name.az.ssdgws.co.uk metadata-uat.erpmaestro.com cloudagent-qa.erpmaestro.com dashsvc-qa.erpmaestro.com authsvc-dev.erpmaestro.com go88.live sub.dxctngnadxc5hq28prod.paastest.co.uk getsimplihealthacv.com report-management-stage.erpmaestro.com report-management-qa.erpmaestro.com tradepro-u.wealthmanagement.scointnet.net tai.go88.live cycoadditives.net stage-testsso1.erpmaestro.com carlsbergsingapore.com.sg www.carlsbergsingapore.com.sg ssotesting.erpmaestro.com www.8y8gprod.meetingpoint.vn fcb7.com za-gifts1.com srm-pub.dotfashion.cn www-test.cloudpayments.mx www-stage.cloudpayments.mx www-f1.cloudpayments.mx www-test-stable.cloudpayments.mx www-f3.cloudpayments.mx cloudpayments.mx test.cloudpayments.mx cdn.cloudpayments.mx mcclabel-arm.erpmaestro.com ingevity-s4.erpmaestro.com eviosys-arm.erpmaestro.com v7optout.com sex5zvck.com www.vke.no mobile-u.wealthmanagement.scointnet.net yokohama-arm.erpmaestro.com demo-arm.erpmaestro.com test.vke.no stage.vke.no stg-sportingdog-cd-02.royalcanin.com eamsvc.erpmaestro.com eamsvc-eu.erpmaestro.com www2.thesoiltruth.com eamsvc-dev.erpmaestro.com.cdn.cloudflare.net eamsvc-dev.erpmaestro.com mcclabel-beta.erpmaestro.com yeti-beta.erpmaestro.com utilizationtracking.erpmaestro.com grolsch-beta.erpmaestro.com webui.erpmaestro.com macom-grc.erpmaestro.com gates-arm.erpmaestro.com uct-grc.erpmaestro.com rayonier-grc.erpmaestro.com utilizationtracking.erpmaestro.com.cdn.cloudflare.net webui.erpmaestro.com.cdn.cloudflare.net mcclabel-beta.erpmaestro.com.cdn.cloudflare.net iewc.erpmaestro.com.cdn.cloudflare.net rayonier-grc.erpmaestro.com.cdn.cloudflare.net grolsch-beta.erpmaestro.com.cdn.cloudflare.net anico-arm.erpmaestro.com.cdn.cloudflare.net macom-grc.erpmaestro.com.cdn.cloudflare.net yeti-beta.erpmaestro.com.cdn.cloudflare.net gates-arm.erpmaestro.com.cdn.cloudflare.net uct-grc.erpmaestro.com.cdn.cloudflare.net anico-arm.erpmaestro.com rockmuziks.com iewc.erpmaestro.com grolsch.erpmaestro.com triviumpackaging.erpmaestro.com triviumpackaging-beta.erpmaestro.com validation-eu.erpmaestro.com utilizationtracking-eu.erpmaestro.com netafim-arm.erpmaestro.com netafim.erpmaestro.com schedulingsvc.erpmaestro.com rulebooks-eu.erpmaestro.com rulebooks.erpmaestro.com rexnord-arm.erpmaestro.com rexnord.erpmaestro.com provisioningsvc-eu.erpmaestro.com csr-beta.erpmaestro.com csr.erpmaestro.com crown-arm.erpmaestro.com crown.erpmaestro.com calportland-arm.erpmaestro.com cascades-beta.erpmaestro.com cascades.erpmaestro.com analysis-eu.erpmaestro.com api-eu.erpmaestro.com validation-qa.erpmaestro.com 2fefdaafe6bc7df3aba4201dba40b12572e28086.vercel-workers.com utilizationtracking-uat.erpmaestro.com uat-dataserver01.erpmaestro.com uat-data01.erpmaestro.com webui-uat.erpmaestro.com webui-em-uat.erpmaestro.com uat-app01.erpmaestro.com skynetapi-uat.erpmaestro.com provisioningsvc-uat.erpmaestro.com skynet-uat.erpmaestro.com schedulingsvc-uat.erpmaestro.com rulebooks-uat.erpmaestro.com logsvc-uat.erpmaestro.com jobsvc-uat.erpmaestro.com dataserver-uat.erpmaestro.com dashsvc-uat.erpmaestro.com cloudagent-uat.erpmaestro.com authsvc-uat.erpmaestro.com analysis-uat.erpmaestro.com app-uat.erpmaestro.com api-uat.erpmaestro.com agents-uat.erpmaestro.com logsvc-dev.erpmaestro.com qa-app01.erpmaestro.com utilizationtracking-qa.erpmaestro.com webui-qa.erpmaestro.com webui-em-qa.erpmaestro.com skynetapi-qa.erpmaestro.com skynet-qa.erpmaestro.com schedulingsvc-qa.erpmaestro.com provisioningsvc-qa.erpmaestro.com qa-dataserver01.erpmaestro.com metadata-qa.erpmaestro.com em-qa.erpmaestro.com logsvc-qa.erpmaestro.com jobsvc-qa.erpmaestro.com api-qa.erpmaestro.com authsvc-qa.erpmaestro.com agents-qa.erpmaestro.com analysis-qa.erpmaestro.com webui-em-dev.erpmaestro.com schedulingsvc-dev.erpmaestro.com skynetapi-dev.erpmaestro.com skynet-dev.erpmaestro.com rulebooks-dev.erpmaestro.com provisioningsvc-dev.erpmaestro.com metadata-dev.erpmaestro.com jobsvc-dev.erpmaestro.com em-dev.erpmaestro.com dev-dataserver01.erpmaestro.com dev-app01.erpmaestro.com cloudagent-dev.erpmaestro.com dashsvc-dev.erpmaestro.com analysis-dev.erpmaestro.com api-dev.erpmaestro.com agents-dev.erpmaestro.com webui-dev.erpmaestro.com www.punainenristi.fi www.getyourprice.co.uk shop.lancome.eg dnbbra.com.br colemaneverest.com www.za-gifts1.com 4hubb39.com www.urologyquestionnaires.com getyourprice.co.uk mirtone.biz thesoiltruth.com online.tiscosec.com dxctngnadxc928drinte.meetingpoint.vn.cdn.cloudflare.net 2234fo.com hs-6316901.t.hubspotfree-ii.net motorhauspalmbeach.com schiffrealestateteam.com k9py.phnecessord.info o45p.phnecessord.info p0y2.phnecessord.info me8f.phnecessord.info www.r1200rforum.com.cdn.cloudflare.net phnecessord.info hs-5158208.t.hubspotfree-ii.net vulkan-24.xyz hishimartaltit.pro apps.skinceuticals.it.cdn.cloudflare.net www.urologyquestionnaires.com.cdn.cloudflare.net urologyquestionnaires.com jx11x5b0.com dzt0.com hb11x5a6.com www.jx11x5b0.com www.0jya.com 0jya.com

Malware Detected on Host

Count: 1 5dea3ea89f43f0ae169eee4f1feba1e5b0de0230fec47ae86a97025af31d3613

Open Ports Detected

2052 2053 2082 2083 2086 2087 2095 2096 443 80 8080 8443 8880

Map

Whois Information

• NetRange: 104.16.0.0 - 104.31.255.255
• CIDR: 104.16.0.0/12
• NetName: CLOUDFLARENET
• NetHandle: NET-104-16-0-0-1
• Parent: NET104 (NET-104-0-0-0-0)
• NetType: Direct Allocation
• OriginAS:
• Organization: Cloudflare, Inc. (CLOUD14)
• RegDate: 2014-03-28
• Updated: 2024-09-04
• Comment: All Cloudflare abuse reporting can be done via https://www.cloudflare.com/abuse
• Comment: Geofeed: https://api.cloudflare.com/local-ip-ranges.csv
• Ref: https://rdap.arin.net/registry/ip/104.16.0.0
• OrgName: Cloudflare, Inc.
• OrgId: CLOUD14
• Address: 101 Townsend Street
• City: San Francisco
• StateProv: CA
• PostalCode: 94107
• Country: US
• RegDate: 2010-07-09
• Updated: 2024-11-25
• Ref: https://rdap.arin.net/registry/entity/CLOUD14
• OrgRoutingHandle: CLOUD146-ARIN
• OrgRoutingName: Cloudflare-NOC
• OrgRoutingPhone: +1-650-319-8930
• OrgRoutingEmail: noc@cloudflare.com
• OrgRoutingRef: https://rdap.arin.net/registry/entity/CLOUD146-ARIN
• OrgNOCHandle: CLOUD146-ARIN
• OrgNOCName: Cloudflare-NOC
• OrgNOCPhone: +1-650-319-8930
• OrgNOCEmail: noc@cloudflare.com
• OrgNOCRef: https://rdap.arin.net/registry/entity/CLOUD146-ARIN
• OrgAbuseHandle: ABUSE2916-ARIN
• OrgAbuseName: Abuse
• OrgAbusePhone: +1-650-319-8930
• OrgAbuseEmail: abuse@cloudflare.com
• OrgAbuseRef: https://rdap.arin.net/registry/entity/ABUSE2916-ARIN
• OrgTechHandle: ADMIN2521-ARIN
• OrgTechName: Admin
• OrgTechPhone: +1-650-319-8930
• OrgTechEmail: rir@cloudflare.com
• OrgTechRef: https://rdap.arin.net/registry/entity/ADMIN2521-ARIN
• RAbuseHandle: ABUSE2916-ARIN
• RAbuseName: Abuse
• RAbusePhone: +1-650-319-8930
• RAbuseEmail: abuse@cloudflare.com
• RAbuseRef: https://rdap.arin.net/registry/entity/ABUSE2916-ARIN
• RNOCHandle: NOC11962-ARIN
• RNOCName: NOC
• RNOCPhone: +1-650-319-8930
• RNOCEmail: noc@cloudflare.com
• RNOCRef: https://rdap.arin.net/registry/entity/NOC11962-ARIN
• RTechHandle: ADMIN2521-ARIN
• RTechName: Admin
• RTechPhone: +1-650-319-8930
• RTechEmail: rir@cloudflare.com
• RTechRef: https://rdap.arin.net/registry/entity/ADMIN2521-ARIN

Links to attack logs

anonymous-proxy-ip-list-2025-12-10