104.18.14.19 Threat Intelligence and Host Information

General

This page contains threat intelligence information for the IPv4 address 104.18.14.19 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Possibly Malicious Host 🟢 10/100

Host and Network Information

• View other sources: Spamhaus VirusTotal

• Country:
• Network:
• Noticed: 1 times
• Protocols Attacked: Anonymous Proxy
• Passive DNS Results: luvbree.com 2li4wx5h.api.lncldglobal.com nayouth.adventist.org.au denmark.adventist.org.au pinnaclestrs.com calk3q4l.api.lncldglobal.com new88818.com mfdy.wang yeppoon.adventist.org.au narrandera.adventist.org.au spotswood.adventist.org.au burpengary.adventist.org.au caloundra.adventist.org.au rendelsham.adventist.org.au ghanaian.adventist.org.au bidwill.adventist.org.au bowen.adventist.org.au wynyard.adventist.org.au malak.adventist.org.au citycookisland.adventist.org.au victoriapoint.adventist.org.au ys.kid.x10.bz homenas.kuoyio.com fjnnumzf.api.lncldglobal.com lncldglobal.com.cdn.cloudflare.net defguard-eng.usetada.dev innovation.adventist.org.au wodonga.adventist.org.au ccbw2hh.fi395ndh2m.com immich.xmyun.fun rv6z4.cc renaultpinetown.co.za www.apertureed.com h2h-api.pdg-pay.com syno.itmax.cn ai.003153.xyz theplant.adventist.org.au village-life.ca ppp1blx.y4ifnwod89.com manage.skyflowapis-preview.cn busseltoncamp.adventist.org.au www.olrid.com debian.66a.net q2eh.com iwi1.com cmfonline.adventist.org.au demo.training.apertureed.com demo.jobs.apertureed.com tiaotiaolong.top ankle.free.hr bryme.com pdg-pay.com dxctadminij32r1aprep.paastest.epimore.com newhope.adventist.org.au apertureed.com m.indwin7.com syno.ityet.com xiaoya.gowhy.top stirling.adventist.org.au kurrikurri.adventist.org.au biloela.adventist.org.au trinitygardens.adventist.org.au dapto.adventist.org.au auburnvic.adventist.org.au mtgambier.adventist.org.au mannum.adventist.org.au coffscoast.adventist.org.au braypark.adventist.org.au cabramattafijian.adventist.org.au filoship.adventist.org.au yandina.adventist.org.au inverell.adventist.org.au bankstown.adventist.org.au cf.iecn.top sydney.adventist.org.au www.village-life.ca vic.adventist.org.au demo.student.apertureed.com student-api.apertureed.com xy.zhangyanjin.com student.apertureed.com xn–n5qz4u08w.tk test.training.apertureed.com zentoso.com demo.app.apertureed.com qa.student.apertureed.com xiaoya.yecao.gay lexuspg.com www.visa.com.cdn.cloudflare.net be-chiki.usetada.dev re496koti14x.gateway.skyflowapis-preview.cn indwin7.com www.gnjoy.hk qa-au-l5y-shrsvc-2385-sasv4appid.az.ssdgws.co.uk evoucher-msite.usetada.dev www.unilamp.de qa.csa.apertureed.com www.kusou.pp.ua kusou.pp.ua qa.jobs.apertureed.com qa.api.apertureed.com uat.app.apertureed.com d.imiui.com karenscarpa.com dpalist.0nz.de sub.yunxinming.cloudns.be ararat.adventist.org.au katherine.adventist.org.au guildforditalian.adventist.org.au 080760.cc newcastlepolish.adventist.org.au northern-beaches-fnq.adventist.org.au nnsw.adventist.org.au adventist.org.au yarravalley.adventist.org.au qa-nl-jwh-fbmvp-19483-setbuildassetdir.az.ssdgws.co.uk gb333.online freshwater.adventist.org.au warnersbay.adventist.org.au bj88ii.com ok8666.vip myteam.decathlonpro.fr md.adventist.org.au decathlon.tn sq.adventist.org.au attsurvey.adventist.org.au www.vonage.ru highmarkwholecare.com green458.com dev.m.motionindustries.com staging-www.vonage.ru sifworxs.com qa-www.vonage.ru treatmentperspectivesinprostatecancer.com arthritisreward.com www.arthritisreward.com 204358.cloudways.icu auth-test.usetada.dev www.universities-usa.com origin-waw.cf-ent.net test.pldsslcw.com www.wpcoil.com wpcoil.com one.qatest222223.tk flow.shaheergadit.com anythingwp.click www.anythingwp.click www.pldsslcw.com pldsslcw.com testcw.thecloudkeeper.io test.thecloudkeeper.io qa-se-nl6-mcl-524-footerfixes.az.ssdgws.co.uk metoliusriverresortstays.com keycloak.usetada.dev cupstation-thatsamazinggifts.com mattermost.usetada.dev universities-usa.com qa-no-vx2-fbmvp-11333-putauback.az.ssdgws.co.uk loki.usetada.dev argocd.usetada.dev logstash.usetada.dev wiki2.usetada.dev wp-test.usetada.dev loki-dist.usetada.dev www.usetada.dev docs.usetada.dev redirect.usetada.dev moodle.usetada.dev jaeger.usetada.dev tempo.usetada.dev jaeger-collector-staging.usetada.dev gnjoy.hk roo.gnjoy.hk slidesdocs.com www.knauf-batiment.fr nebra.co.uk usetada.dev wt.arch-webtask-1.auth0c.com edge.tenants.arch-webtask-1.auth0c.com arch-webtask-1.auth0c.com 0q41k.copy.paastest.co.uk naftogazpostach.com sage50accounting.com knauf-batiment.fr sagecrm.co.uk dashlane-sso.ppmw.org anas.thecloudkeeper.io www.medhub.novartis.com.my.cdn.cloudflare.net leicspp.mpw.cds.co.uk cheshirepp.mpw.cds.co.uk warwickspp.mpw.cds.co.uk nrthyorkpp.mpw.cds.co.uk northantspp.mpw.cds.co.uk bedspp.mpw.cds.co.uk sthwalespp.mpw.cds.co.uk wilt-pccpp.mpw.cds.co.uk cambspp.mpw.cds.co.uk dyfpowspp.mpw.cds.co.uk wiltpolpp.mpw.cds.co.uk clevelandpp.mpw.cds.co.uk nrthwalespp.mpw.cds.co.uk nottspp.mpw.cds.co.uk safepp.mpw.cds.co.uk sussexepipp.mpw.cds.co.uk wiltpolepipp.mpw.cds.co.uk warwicksepipp.mpw.cds.co.uk northantsepipp.mpw.cds.co.uk wilt-pccepipp.mpw.cds.co.uk clevelandepipp.mpw.cds.co.uk cambsepipp.mpw.cds.co.uk coppp.mpw.cds.co.uk derbsepipp.mpw.cds.co.uk devtest2.mpw.cds.co.uk dorsetstaging.mpw.cds.co.uk dev-cornstaging.mpw.cds.co.uk hereitcomestome.tk cloud.thecloudkeeper.io kentpccprefat.mpw.cds.co.uk dev-cornepi.mpw.cds.co.uk dorsetepi.mpw.cds.co.uk nottsepi.mpw.cds.co.uk clinican.wheel.health clinician.wheel.health dev.thecloudkeeper.io cw-000000.cloudways.icu stg1.novartis.com.my prod1.novartis.com.my thecloudkeeper.io www.thecloudkeeper.io cf.ayaz.cloud www.sage50accounting.com nationalformsnct.mpw.cds.co.uk jaeger-collector.usetada.dev stg.thecloudkeeper.io www.ratgeber-rheuma.de lincsepi.mpw.cds.co.uk bedsepi.mpw.cds.co.uk nrthyorkepi.mpw.cds.co.uk m.biqugek.cc warwicksepi.mpw.cds.co.uk wiki.usetada.dev metepi.mpw.cds.co.uk hampstaging.mpw.cds.co.uk leicsepi.mpw.cds.co.uk sthwalesepi.mpw.cds.co.uk nabisepi.mpw.cds.co.uk www.medhub.novartis.com.my medhub.novartis.com.my prom-eks-core-service-prod.usetada.dev wilt-pccepi.mpw.cds.co.uk wiltpolepi.mpw.cds.co.uk sussexepi.mpw.cds.co.uk northyorksepi.mpw.cds.co.uk echo.usetada.dev surreyepi.mpw.cds.co.uk cheshpccepi.mpw.cds.co.uk staffsepi.mpw.cds.co.uk msideepi.mpw.cds.co.uk northantsepi.mpw.cds.co.uk thamesvalleyepi.mpw.cds.co.uk pukepi.mpw.cds.co.uk nrthwalesepi.mpw.cds.co.uk kentpccepi.mpw.cds.co.uk hampshireepi.mpw.cds.co.uk gwentepi.mpw.cds.co.uk gtrmcrepi.mpw.cds.co.uk essexepi.mpw.cds.co.uk dyfpowsepi.mpw.cds.co.uk colpepi.mpw.cds.co.uk skechers.es sonarqube.usetada.dev staging-admins.usetada.dev es.sage50accounting.com manager.impactify.io uat.dol.ratgeber-rheuma.de prod.dol.ratgeber-rheuma.de qa.dol.ratgeber-rheuma.de qa.medhub.novartis.com.my dev.medhub.novartis.com.my stg.medhub.novartis.com.my uat.medhub.novartis.com.my www.thinkglobalhealth.com grafana.usetada.dev jaeger-dev.usetada.dev dev.novartis.com.my www.novartis.com.my prod.novartis.com.my stg.novartis.com.my degroottechnology.com elk.thinkglobalhealth.com pukstaging.mpw.cds.co.uk kentstaging.mpw.cds.co.uk sthwalesstaging.mpw.cds.co.uk btpstaging.mpw.cds.co.uk wiltpolstaging.mpw.cds.co.uk sohstaging.mpw.cds.co.uk cambsstaging.mpw.cds.co.uk colpstaging.mpw.cds.co.uk bedsstaging.mpw.cds.co.uk gwentstaging.mpw.cds.co.uk nrthwalesstaging.mpw.cds.co.uk lincsstaging.mpw.cds.co.uk gtrmcrstaging.mpw.cds.co.uk essexstaging.mpw.cds.co.uk hertsstaging.mpw.cds.co.uk kentpccstaging.mpw.cds.co.uk staffsstaging.mpw.cds.co.uk cheshpccstaging.mpw.cds.co.uk cheshirestaging.mpw.cds.co.uk nrthyorkstaging.mpw.cds.co.uk sohmetstaging.mpw.cds.co.uk hardcallsstaging.mpw.cds.co.uk warwicksstaging.mpw.cds.co.uk nabisstaging.mpw.cds.co.uk northantsstaging.mpw.cds.co.uk nottsstaging.mpw.cds.co.uk derbsstaging.mpw.cds.co.uk www.townofhalfmoon-ny.gov thinkglobalhealth.com prod.medhub.novartis.com.my gloucpp.mpw.cds.co.uk sohhamppp.mpw.cds.co.uk hardcallspp.mpw.cds.co.uk btppp.mpw.cds.co.uk sohtvppp.mpw.cds.co.uk hertspp.mpw.cds.co.uk cheshpccpp.mpw.cds.co.uk contentpp.mpw.cds.co.uk gwentpp.mpw.cds.co.uk gtrmcrpp.mpw.cds.co.uk sohmetpp.mpw.cds.co.uk micropp.mpw.cds.co.uk msidepp.mpw.cds.co.uk surreypp.mpw.cds.co.uk lincspp.mpw.cds.co.uk kentpccpp.mpw.cds.co.uk essexpp.mpw.cds.co.uk pukpp.mpw.cds.co.uk sussexpp.mpw.cds.co.uk derbspp.mpw.cds.co.uk westmerciapp.mpw.cds.co.uk careerpp.mpw.cds.co.uk staffspp.mpw.cds.co.uk preprod.mpw.cds.co.uk colppp.mpw.cds.co.uk sohnationalformspp.mpw.cds.co.uk surreyepipp.mpw.cds.co.uk staffsepipp.mpw.cds.co.uk webappredir.mpw.cds.co.uk westmerciaepipp.mpw.cds.co.uk nottsepipp.mpw.cds.co.uk nrthwalesepipp.mpw.cds.co.uk nabisepipp.mpw.cds.co.uk sohtvpepipp.mpw.cds.co.uk sohhampepipp.mpw.cds.co.uk nrthyorkepipp.mpw.cds.co.uk sthwalesepipp.mpw.cds.co.uk msideepipp.mpw.cds.co.uk pukepipp.mpw.cds.co.uk lincsepipp.mpw.cds.co.uk hardcallsepipp.mpw.cds.co.uk hertsepipp.mpw.cds.co.uk gloucepipp.mpw.cds.co.uk gwentepipp.mpw.cds.co.uk kentpccepipp.mpw.cds.co.uk gtrmcrepipp.mpw.cds.co.uk leicsepipp.mpw.cds.co.uk essexepipp.mpw.cds.co.uk dyfpowsepipp.mpw.cds.co.uk colpepipp.mpw.cds.co.uk cheshireepipp.mpw.cds.co.uk btpepipp.mpw.cds.co.uk hampppcontent.mpw.cds.co.uk kentepipp.mpw.cds.co.uk cheshpccepipp.mpw.cds.co.uk bedsepipp.mpw.cds.co.uk atypicalppedit.mpw.cds.co.uk atypicalpp.mpw.cds.co.uk sohepipp.mpw.cds.co.uk sfpfat.mpw.cds.co.uk intuifat.mpw.cds.co.uk intuidevtest.mpw.cds.co.uk dvr.impactify.io pg.impactify.io sfpapifat.mpw.cds.co.uk fat-aware.mpw.cds.co.uk pukfatcontent.mpw.cds.co.uk natfat.mpw.cds.co.uk fat-nationalforms.mpw.cds.co.uk fat-atypical.mpw.cds.co.uk nathcfat.mpw.cds.co.uk natnationalformsdevtest.mpw.cds.co.uk natatypicaldevtest.mpw.cds.co.uk natdevtest.safemet.mpw.cds.co.uk nattvpdevtest.mpw.cds.co.uk natdevtest.mpw.cds.co.uk nathcdevtest.mpw.cds.co.uk nathampdevtest.mpw.cds.co.uk natmetdevtest.mpw.cds.co.uk pukdt.mpw.cds.co.uk awaredt.mpw.cds.co.uk atypicalprefat.mpw.cds.co.uk nationalformsdt.mpw.cds.co.uk pukfat.mpw.cds.co.uk pukdevtest.mpw.cds.co.uk nattvpfat.mpw.cds.co.uk pukprefat.mpw.cds.co.uk natprefat.mpw.cds.co.uk nattvpprefat.mpw.cds.co.uk natnationalformsfat.mpw.cds.co.uk fat.mpw.cds.co.uk natmetfat.mpw.cds.co.uk nathcprefat.mpw.cds.co.uk natatypicalfat.mpw.cds.co.uk www.townofhalfmoon-ny.gov.cdn.cloudflare.net cheshpccprefat.mpw.cds.co.uk impactify.io wheel.health www.kays.ch kays.ch wljgnj.kays.ch prod.dol.ratgeber-rheuma.de.cdn.cloudflare.net ad.impactify.io www.ratgeber-rheuma.de.cdn.cloudflare.net ratgeber-rheuma.de hub.impactify.io www.abcinsurancetrust.org qa.dol.ratgeber-rheuma.de.cdn.cloudflare.net stg.dol.ratgeber-rheuma.de.cdn.cloudflare.net uat.dol.ratgeber-rheuma.de.cdn.cloudflare.net stg.novartis.com.my.cdn.cloudflare.net abcinsurancetrust.org lorealprofessionnel.com.br ppmw.org ulmi.allittledprevi.info f46w.allittledprevi.info eylq.allittledprevi.info tkm1.allittledprevi.info pzda.allittledprevi.info d42f.allittledprevi.info dtub.allittledprevi.info bq0e.allittledprevi.info commcloud.dev-aaxc-reebok-fr.cc-ecdn.net.cdn.cloudflare.net allittledprevi.info 2123kk.com 3455jj.com novartis.com.my www.novartis.com.my.cdn.cloudflare.net prod.novartis.com.my.cdn.cloudflare.net prmqj.top

Malware Detected on Host

Count: 11 bf84ae47313a31b4cdee577809a005f04691ee21368d62f00c152aa55f07f33b 6499e3a69cea573e07fe671618082a0dbdb20267230b12302bdb9bc7de70e930 7e9fd5e0699e66d50603bff248c633ae3c62541275f8a22c0039d84ad70eb0fc 5fe25bdc4d91b418dd443ba60b089ce58994509279f775d63b011c764ffc1d3c 53efa4d28202e22d262c4c3f485e9ea6c1a5befe5a21f95b279710c541c48b31 b355ce3106ca72df84413e932e8475498ee51e43218f9364ecf53af4c5f9b7f7 8e77518c2cbb5471749ddaeff20e9a2f38aff16ca49d469a0abd5c959fc2a294 60b9731446262276d2759e897e5940788e3f42ea2e5a3716d0919869636bc45a 47b603b1d86d636f78579ff017f19a04f6edbcf5b65bcfa9541160be3ba47084 d61fc4f4624d2e3693e0f11d4a064b0f090486f64409583ae662aac098b440c1

Open Ports Detected

2082 2083 2086 2087 443 80 8080 8443 8880

Map

Whois Information

• NetRange: 104.16.0.0 - 104.31.255.255
• CIDR: 104.16.0.0/12
• NetName: CLOUDFLARENET
• NetHandle: NET-104-16-0-0-1
• Parent: NET104 (NET-104-0-0-0-0)
• NetType: Direct Allocation
• OriginAS: AS13335
• Organization: Cloudflare, Inc. (CLOUD14)
• RegDate: 2014-03-28
• Updated: 2024-09-04
• Comment: All Cloudflare abuse reporting can be done via https://www.cloudflare.com/abuse
• Comment: Geofeed: https://api.cloudflare.com/local-ip-ranges.csv
• Ref: https://rdap.arin.net/registry/ip/104.16.0.0
• OrgName: Cloudflare, Inc.
• OrgId: CLOUD14
• Address: 101 Townsend Street
• City: San Francisco
• StateProv: CA
• PostalCode: 94107
• Country: US
• RegDate: 2010-07-09
• Updated: 2024-11-25
• Ref: https://rdap.arin.net/registry/entity/CLOUD14
• OrgRoutingHandle: CLOUD146-ARIN
• OrgRoutingName: Cloudflare-NOC
• OrgRoutingPhone: +1-650-319-8930
• OrgRoutingEmail: noc@cloudflare.com
• OrgRoutingRef: https://rdap.arin.net/registry/entity/CLOUD146-ARIN
• OrgTechHandle: ADMIN2521-ARIN
• OrgTechName: Admin
• OrgTechPhone: +1-650-319-8930
• OrgTechEmail: rir@cloudflare.com
• OrgTechRef: https://rdap.arin.net/registry/entity/ADMIN2521-ARIN
• OrgNOCHandle: CLOUD146-ARIN
• OrgNOCName: Cloudflare-NOC
• OrgNOCPhone: +1-650-319-8930
• OrgNOCEmail: noc@cloudflare.com
• OrgNOCRef: https://rdap.arin.net/registry/entity/CLOUD146-ARIN
• OrgAbuseHandle: ABUSE2916-ARIN
• OrgAbuseName: Abuse
• OrgAbusePhone: +1-650-319-8930
• OrgAbuseEmail: abuse@cloudflare.com
• OrgAbuseRef: https://rdap.arin.net/registry/entity/ABUSE2916-ARIN
• RTechHandle: ADMIN2521-ARIN
• RTechName: Admin
• RTechPhone: +1-650-319-8930
• RTechEmail: rir@cloudflare.com
• RTechRef: https://rdap.arin.net/registry/entity/ADMIN2521-ARIN
• RNOCHandle: NOC11962-ARIN
• RNOCName: NOC
• RNOCPhone: +1-650-319-8930
• RNOCEmail: noc@cloudflare.com
• RNOCRef: https://rdap.arin.net/registry/entity/NOC11962-ARIN
• RAbuseHandle: ABUSE2916-ARIN
• RAbuseName: Abuse
• RAbusePhone: +1-650-319-8930
• RAbuseEmail: abuse@cloudflare.com
• RAbuseRef: https://rdap.arin.net/registry/entity/ABUSE2916-ARIN

Links to attack logs

anonymous-proxy-ip-list-2025-06-21 anonymous-proxy-ip-list-2023-06-28 anonymous-proxy-ip-list-2023-06-29 anonymous-proxy-ip-list-2023-07-18 anonymous-proxy-ip-list-2023-07-19 ****** anonymous-proxy-ip-list-2023-06-30 anonymous-proxy-ip-list-2023-07-16 anonymous-proxy-ip-list-2023-07-08 anonymous-proxy-ip-list-2023-07-09 anonymous-proxy-ip-list-2023-06-22 ****** anonymous-proxy-ip-list-2023-07-03 ******