104.18.0.7 Threat Intelligence and Host Information
Dec 12, 2025
ipinfopage
General
This page contains threat intelligence information for the IPv4 address 104.18.0.7 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.
Possibly Malicious Host 🟢 5/100
Host and Network Information
- View other sources: Spamhaus VirusTotal
- Country:
- Network:
- Noticed: 1 times
- Protocols Attacked: Anonymous Proxy
- Passive DNS Results: www.lubricantspecialty.com www.appcracy.com babyloong.babylonlabs.io faucet.btc-mainnet-devnet.babylonlabs.io rpc-dapp.testnet.babylonlabs.io staking-api.canon-devnet.babylonlabs.io manage.redeia-test.suite.maximo.com grpc.edge-devnet.babylonlabs.io rpc.edge-devnet.babylonlabs.io lcd.edge-devnet.babylonlabs.io covenant-signer1.testnet.babylonlabs.io docs.babylonlabs.io lcd.canon-devnet.babylonlabs.io btc-vault-api.vault-devnet.babylonlabs.io newblack.eu rentcanada.ca airdrop.sit.babylonlabs.io staking.canon-devnet.babylonlabs.io staking.edge-devnet.babylonlabs.io ar.appcracy.com cdn.appcracy.com staking.vault-devnet.babylonlabs.io tefc.com lcd.mock-mainnet.babylonlabs.io fortigateems.stpatricks.qld.edu.au rpc.btc-mainnet-devnet.babylonlabs.io staking.btc-mainnet-devnet.babylonlabs.io www.magicianmission.top magicianmission.top staking.testnet.babylonlabs.io staking-api-mirror.testnet.babylonlabs.io rino.dev.agentsync.io supremehoodie.us.org hiep-zero-trust-testbed.babylonlabs.io fr.appcracy.com staking.babylonlabs.io airdrop-preview.uat.babylonlabs.io rpc-load-test.devnet.babylonlabs.io thcorthopedics.com assets.babylonlabs.io staking-api-test-geo-block.babylonlabs.io fdnw.net wallet-btcstaking.btc-mainnet.babylonlabs.io toll-azemswebtst.jdadelivers.com officialdisneychecks.com radloff-coaching.com grafana.tooling.babylonlabs.io dailycarswijchen.com demo.idmgroup.com liam-btcstaking.phase-2-devnet.babylonlabs.io sidecar-api.testnet.babylonlabs.io servicedesk.stpatricks.qld.edu.au btcstaking.testnet-r2.babylonlabs.io 2bauto.nl flugangstcoach.com faucet.btc-mainnet.babylonlabs.io bling-staging.babylonlabs.io lcd-euphrates.devnet.babylonlabs.io www.kynarflex.com waterloo-roadshow.de grpc-test.devnet.babylonlabs.io socolivega.top faucet-dapp.devnet.babylonlabs.io www.babylonlabs.io wt.test-aws-delicate-guppy-2572.auth0c.com edge.tenants.test-aws-delicate-guppy-2572.auth0c.com test-aws-delicate-guppy-2572.auth0c.com faucet.devnet.babylonlabs.io validator0.devnet.babylonlabs.io validator1.devnet.babylonlabs.io faucet-euphrates.devnet.babylonlabs.io halma.ai id.dev.agentsync.io www.lb.visamiddleeast.com covenant-signer2.babylonlabs.io points.babylonlabs.io doc.dps.idmgroup.com rpc-anchorage-sandbox.babylonlabs.io babylonlabs.io idmgroup.com yj00dxctngna0a0aprod-slot.paastest.epimore.com mgryj00dxctngna0a0aprod.paastest.epimore.com access.dev.agentsync.io btcstaking.babylonlabs.io rpc-anchorage.babylonlabs.io www2.1stjackpot.com waf.psb.qa.bonddesk.com qa-no-zue-apd-3867-newcfrulesintomaindis.az.ssdgws.co.uk sheriff.sarpy.gov helios.checkatrade.org stop.sarpy.gov ba.aliatic.com www.dnbcgroup.com lv.aliatic.com t.indeed.com.cdn.cloudflare.net decathlon.cz edge.tenants.test-aws-pretty-skunk-0458.auth0c.com test-aws-pretty-skunk-0458.auth0c.com wt.test-aws-pretty-skunk-0458.auth0c.com image.ownerclan.com ownerclan.com stock-preprod.decathlon.sg www.trushieldassurance.ca aurumsignaturestudio.com auth.dev.agentsync.io api.dev.agentsync.io lamichoacanameatmarket.instacart.com api.royalqatarlcd.com buymembership.internationalsos.com.cdn.cloudflare.net xspm-dogfood-rabbitmq.in.fabricatedinc.com assets.uvcdn.com sec-misp.in.fabricatedinc.com stgcampus.capella.edu capella.acquiaedge.net.cdn.cloudflare.net xspm-dev4-rabbitmq.in.fabricatedinc.com net.royalqatarlcd.com www.royalqatarlcd.com xspm-dev6-es.in.fabricatedinc.com xspm-test-rabbit.in.fabricatedinc.com xspm-test-es.in.fabricatedinc.com xspm-scrum0-logs.in.fabricatedinc.com aliatic.com www.buymembership.internationalsos.com xspm-dev4.in.fabricatedinc.com xspm-dev4-es.in.fabricatedinc.com xspm-dev4-rabbit.in.fabricatedinc.com xspm-dev6-es-proxy.in.fabricatedinc.com xspm-dev3-rabbitmq.in.fabricatedinc.com xspm-dev7-es-proxy.in.fabricatedinc.com xspm-dev7-rabbitmq.in.fabricatedinc.com xspm-dev7.in.fabricatedinc.com xspm-dev5-rabbitmq.in.fabricatedinc.com xspm-dev6.in.fabricatedinc.com xspm-dev6-rabbitmq.in.fabricatedinc.com xspm-dev5.in.fabricatedinc.com xspm-dev5-es.in.fabricatedinc.com xspm-dev5-rabbit.in.fabricatedinc.com www.tobiipro.cn xspm-dev3-rabbit.in.fabricatedinc.com xspm-dev3.in.fabricatedinc.com ewstest.dxp.ericsson.net nft.royalqatarlcd.com qa-nl-2kg-apd-111-offwargames.az.ssdgws.co.uk fernandopolis.amigaoonline.com.br www.aussiebeefandlamb.co.uk xspm-dev2-es-proxy.in.fabricatedinc.com xspm-dev2.in.fabricatedinc.com xspm-dev2-rabbitmq.in.fabricatedinc.com xspm-dev1.in.fabricatedinc.com www-s.aussiebeefandlamb.co.uk www-d.aussiebeefandlamb.co.uk xspm-dogfood-logs.in.fabricatedinc.com asset-group.in.fabricatedinc.com c123m.com xspm-dogfood-es-proxy.in.fabricatedinc.com getpurifair.io convo-api.service.staging.verkkokauppa.com web-api.service.staging.verkkokauppa.com ims.service.staging.verkkokauppa.com teixeiraandre.com www.spartantitle.com tywarehouse.work xspm-default-rabbitmq.in.fabricatedinc.com xspm-default-logs.in.fabricatedinc.com default.xspm.fabricatedinc.com xspm-staging1.in.fabricatedinc.com xspm-staging1-rabbitmq.in.fabricatedinc.com diag-ws.fabricatedinc.com xspm-test-logs.in.fabricatedinc.com xspm-test-rabbitmq.in.fabricatedinc.com xspm-pt.in.fabricatedinc.com xspm-pt-rabbitmq.in.fabricatedinc.com xspm-pt-es-proxy.in.fabricatedinc.com xspm-test-es-proxy.in.fabricatedinc.com b4y77.com xspm-pt-logs.in.fabricatedinc.com xspm-scrum0-rabbitmq.in.fabricatedinc.com xspm-scrum0-es-proxy.in.fabricatedinc.com xspm-scrum0.in.fabricatedinc.com xspm-test3-logs.in.fabricatedinc.com test3.xspm.fabricatedinc.com xspm-test3-es-proxy.in.fabricatedinc.com xspm-test3-rabbitmq.in.fabricatedinc.com sagestart-up.ie xspm-test.in.fabricatedinc.com one-lower.auth0app.com wt.one-lower.auth0app.com edge.tenants.one-lower.auth0app.com xspm-pt-s0-logs.in.fabricatedinc.com xspm-pt-s0-api.in.fabricatedinc.com xspm-pt-s0-es.in.fabricatedinc.com xspm-pt-s0-mq.in.fabricatedinc.com xspm-default-s0-es.in.fabricatedinc.com xspm-default-s0-mq.in.fabricatedinc.com xspm-default-s0-logs.in.fabricatedinc.com xspm-default-s0-api.in.fabricatedinc.com spartantitle.com static.matterport.us atlas.in.fabricatedinc.com cpsuhu.com pdmp.service.staging.verkkokauppa.com storybook.in.fabricatedinc.com dining.aloftosakadojima.com www.dining.aloftosakadojima.com databadger.in.fabricatedinc.com crafts.in.fabricatedinc.com crafts-api.in.fabricatedinc.com dogfood.in.fabricatedinc.com xspm-dogfood.in.fabricatedinc.com xspm-default.in.fabricatedinc.com dogfood-sec.in.fabricatedinc.com op-updates-app.fabricatedinc.com la-michoacana-meat-market.pbis-cf.instacart.com databadger-api.in.fabricatedinc.com databadger-flower.in.fabricatedinc.com arsenal-api.in.fabricatedinc.com secretdebeaute.isagenix1.com www.friendsvilletn.gov investorgateway.oppenheimer.com digital.firsthorizon.com.cdn.cloudflare.net download.caw.eeage.com geoha-test-6.auth0c.com edge.tenants.geoha-test-6.auth0c.com extensions.digital.firsthorizon.com apps.sarpy.gov kbcvip88.com digital.firsthorizon.com ftbstage.digital.firsthorizon.com ftbtest.digital.firsthorizon.com smartex-api.garmin.com 00d327a278f4a90a1d9db48733eeb40349462a0f.vercel-workers.com relex.staging.verkkokauppa.com preuschoff.isagenix1.com api.staging.verkkokauppa.com www.staging.verkkokauppa.com investors.staging.verkkokauppa.com staging.verkkokauppa.com mrmirgal.isagenix1.com rr.service.staging.verkkokauppa.com candy.candymetalk.com isagenix1.com allers.se www.lipitorsignup.com mastercrafttire.com www.kendallwealthpartners.com www.grantthornton.com.py idmproducts.com lauingerchurch.com mapi512.cazb457cf.net mobilev5.africanbank.net cazb457cf.net sarpy.gov porncat.app api.budgetair.pl fireeye.de fireeyetest.com www.tobiipro.cn.cdn.cloudflare.net 6234wo.com www.lipitorsignup.com.cdn.cloudflare.net www.nestlehealthscience.com.au.cdn.cloudflare.net nestlehealthscience.com.au 071aa.com vulcan-stavka-bet.net fishersautocare.com servicestreetsnellville.com vulkano777.xyz budgetair.pl 365topdeals.com kerryscarcaremariposa.com www.fireeye.de 6782mm.com sport-touring.net www.sport-touring.net.cdn.cloudflare.net www.grantthornton.com.py.cdn.cloudflare.net arlo-device-qa2.messaging.arlo.com.cdn.cloudflare.net lipitorsignup.com www.6677bw.com www.kendallwealthpartners.com.cdn.cloudflare.net 166bi.com www.166bi.com www.spotthefake.com.my.cdn.cloudflare.net www.somavert.ca.cdn.cloudflare.net spotthefake.com.my somavert.ca www.m39r.cn m39r.cn
Malware Detected on Host
Count: 1 e91d1fc70f3ccb435d801a4a17b8de634a084057d47b70879a8f1f55f1ba84c4
Open Ports Detected
2052 2082 2083 2086 2087 2095 443 80 8080 8443 8880
Map
Whois Information
- NetRange: 104.16.0.0 - 104.31.255.255
- CIDR: 104.16.0.0/12
- NetName: CLOUDFLARENET
- NetHandle: NET-104-16-0-0-1
- Parent: NET104 (NET-104-0-0-0-0)
- NetType: Direct Allocation
- OriginAS:
- Organization: Cloudflare, Inc. (CLOUD14)
- RegDate: 2014-03-28
- Updated: 2024-09-04
- Comment: All Cloudflare abuse reporting can be done via https://www.cloudflare.com/abuse
- Comment: Geofeed: https://api.cloudflare.com/local-ip-ranges.csv
- Ref: https://rdap.arin.net/registry/ip/104.16.0.0
- OrgName: Cloudflare, Inc.
- OrgId: CLOUD14
- Address: 101 Townsend Street
- City: San Francisco
- StateProv: CA
- PostalCode: 94107
- Country: US
- RegDate: 2010-07-09
- Updated: 2024-11-25
- Ref: https://rdap.arin.net/registry/entity/CLOUD14
- OrgAbuseHandle: ABUSE2916-ARIN
- OrgAbuseName: Abuse
- OrgAbusePhone: +1-650-319-8930
- OrgAbuseEmail: abuse@cloudflare.com
- OrgAbuseRef: https://rdap.arin.net/registry/entity/ABUSE2916-ARIN
- OrgNOCHandle: CLOUD146-ARIN
- OrgNOCName: Cloudflare-NOC
- OrgNOCPhone: +1-650-319-8930
- OrgNOCEmail: noc@cloudflare.com
- OrgNOCRef: https://rdap.arin.net/registry/entity/CLOUD146-ARIN
- OrgRoutingHandle: CLOUD146-ARIN
- OrgRoutingName: Cloudflare-NOC
- OrgRoutingPhone: +1-650-319-8930
- OrgRoutingEmail: noc@cloudflare.com
- OrgRoutingRef: https://rdap.arin.net/registry/entity/CLOUD146-ARIN
- OrgTechHandle: ADMIN2521-ARIN
- OrgTechName: Admin
- OrgTechPhone: +1-650-319-8930
- OrgTechEmail: rir@cloudflare.com
- OrgTechRef: https://rdap.arin.net/registry/entity/ADMIN2521-ARIN
- RAbuseHandle: ABUSE2916-ARIN
- RAbuseName: Abuse
- RAbusePhone: +1-650-319-8930
- RAbuseEmail: abuse@cloudflare.com
- RAbuseRef: https://rdap.arin.net/registry/entity/ABUSE2916-ARIN
- RNOCHandle: NOC11962-ARIN
- RNOCName: NOC
- RNOCPhone: +1-650-319-8930
- RNOCEmail: noc@cloudflare.com
- RNOCRef: https://rdap.arin.net/registry/entity/NOC11962-ARIN
- RTechHandle: ADMIN2521-ARIN
- RTechName: Admin
- RTechPhone: +1-650-319-8930
- RTechEmail: rir@cloudflare.com
- RTechRef: https://rdap.arin.net/registry/entity/ADMIN2521-ARIN
Links to attack logs
anonymous-proxy-ip-list-2025-12-10
Share on: