104.18.15.19 Threat Intelligence and Host Information

Jun 22, 2025 ipinfopage

General

This page contains threat intelligence information for the IPv4 address 104.18.15.19 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Possibly Malicious Host 🟢 10/100

Host and Network Information

View other sources: Spamhaus VirusTotal

Country:
Network:
Noticed: 1 times
Protocols Attacked: Anonymous Proxy
Passive DNS Results: luvbree.com 2li4wx5h.api.lncldglobal.com nayouth.adventist.org.au denmark.adventist.org.au pinnaclestrs.com calk3q4l.api.lncldglobal.com new88818.com mfdy.wang yeppoon.adventist.org.au narrandera.adventist.org.au spotswood.adventist.org.au burpengary.adventist.org.au caloundra.adventist.org.au rendelsham.adventist.org.au ghanaian.adventist.org.au bidwill.adventist.org.au bowen.adventist.org.au wynyard.adventist.org.au malak.adventist.org.au citycookisland.adventist.org.au victoriapoint.adventist.org.au ys.kid.x10.bz homenas.kuoyio.com fjnnumzf.api.lncldglobal.com lncldglobal.com.cdn.cloudflare.net defguard-eng.usetada.dev innovation.adventist.org.au wodonga.adventist.org.au ccbw2hh.fi395ndh2m.com immich.xmyun.fun rv6z4.cc renaultpinetown.co.za www.apertureed.com h2h-api.pdg-pay.com syno.itmax.cn ai.003153.xyz theplant.adventist.org.au village-life.ca ppp1blx.y4ifnwod89.com manage.skyflowapis-preview.cn busseltoncamp.adventist.org.au www.olrid.com debian.66a.net reg.ai21c.net img.ai21c.net q2eh.com iwi1.com cmfonline.adventist.org.au demo.training.apertureed.com demo.jobs.apertureed.com tiaotiaolong.top ankle.free.hr bryme.com pdg-pay.com dxctadminij32r1aprep.paastest.epimore.com newhope.adventist.org.au apertureed.com m.indwin7.com syno.ityet.com xiaoya.gowhy.top stirling.adventist.org.au kurrikurri.adventist.org.au biloela.adventist.org.au trinitygardens.adventist.org.au dapto.adventist.org.au auburnvic.adventist.org.au mtgambier.adventist.org.au mannum.adventist.org.au coffscoast.adventist.org.au braypark.adventist.org.au cabramattafijian.adventist.org.au filoship.adventist.org.au yandina.adventist.org.au inverell.adventist.org.au bankstown.adventist.org.au cf.iecn.top sydney.adventist.org.au www.village-life.ca vic.adventist.org.au demo.student.apertureed.com student-api.apertureed.com xy.zhangyanjin.com student.apertureed.com xn–n5qz4u08w.tk test.training.apertureed.com zentoso.com demo.app.apertureed.com qa.student.apertureed.com xiaoya.yecao.gay lexuspg.com www.visa.com.cdn.cloudflare.net be-chiki.usetada.dev re496koti14x.gateway.skyflowapis-preview.cn indwin7.com www.gnjoy.hk qa-au-l5y-shrsvc-2385-sasv4appid.az.ssdgws.co.uk dll.hlcmxy.com evoucher-msite.usetada.dev 1.iyf.elementfx.com www.unilamp.de qa.csa.apertureed.com www.kusou.pp.ua kusou.pp.ua qa.jobs.apertureed.com qa.api.apertureed.com uat.app.apertureed.com d.imiui.com karenscarpa.com dpalist.0nz.de sub.yunxinming.cloudns.be ararat.adventist.org.au katherine.adventist.org.au guildforditalian.adventist.org.au 080760.cc newcastlepolish.adventist.org.au northern-beaches-fnq.adventist.org.au nnsw.adventist.org.au adventist.org.au yarravalley.adventist.org.au qa-nl-jwh-fbmvp-19483-setbuildassetdir.az.ssdgws.co.uk gb333.online freshwater.adventist.org.au warnersbay.adventist.org.au bj88ii.com ok8666.vip myteam.decathlonpro.fr md.adventist.org.au decathlon.tn sq.adventist.org.au attsurvey.adventist.org.au www.vonage.ru highmarkwholecare.com green458.com dev.m.motionindustries.com staging-www.vonage.ru sifworxs.com qa-www.vonage.ru treatmentperspectivesinprostatecancer.com arthritisreward.com www.arthritisreward.com 204358.cloudways.icu auth-test.usetada.dev www.universities-usa.com origin-waw.cf-ent.net test.pldsslcw.com www.wpcoil.com wpcoil.com one.qatest222223.tk flow.shaheergadit.com anythingwp.click www.anythingwp.click www.pldsslcw.com pldsslcw.com testcw.thecloudkeeper.io test.thecloudkeeper.io qa-se-nl6-mcl-524-footerfixes.az.ssdgws.co.uk metoliusriverresortstays.com keycloak.usetada.dev cupstation-thatsamazinggifts.com mattermost.usetada.dev universities-usa.com qa-no-vx2-fbmvp-11333-putauback.az.ssdgws.co.uk loki.usetada.dev argocd.usetada.dev logstash.usetada.dev wiki2.usetada.dev wp-test.usetada.dev loki-dist.usetada.dev www.usetada.dev docs.usetada.dev redirect.usetada.dev moodle.usetada.dev jaeger.usetada.dev tempo.usetada.dev jaeger-collector-staging.usetada.dev gnjoy.hk roo.gnjoy.hk slidesdocs.com www.knauf-batiment.fr nebra.co.uk usetada.dev wt.arch-webtask-1.auth0c.com edge.tenants.arch-webtask-1.auth0c.com arch-webtask-1.auth0c.com 0q41k.copy.paastest.co.uk naftogazpostach.com sage50accounting.com knauf-batiment.fr sagecrm.co.uk dashlane-sso.ppmw.org anas.thecloudkeeper.io www.medhub.novartis.com.my.cdn.cloudflare.net leicspp.mpw.cds.co.uk cheshirepp.mpw.cds.co.uk warwickspp.mpw.cds.co.uk nrthyorkpp.mpw.cds.co.uk northantspp.mpw.cds.co.uk bedspp.mpw.cds.co.uk sthwalespp.mpw.cds.co.uk wilt-pccpp.mpw.cds.co.uk cambspp.mpw.cds.co.uk dyfpowspp.mpw.cds.co.uk wiltpolpp.mpw.cds.co.uk clevelandpp.mpw.cds.co.uk nrthwalespp.mpw.cds.co.uk nottspp.mpw.cds.co.uk safepp.mpw.cds.co.uk sussexepipp.mpw.cds.co.uk wiltpolepipp.mpw.cds.co.uk warwicksepipp.mpw.cds.co.uk northantsepipp.mpw.cds.co.uk wilt-pccepipp.mpw.cds.co.uk clevelandepipp.mpw.cds.co.uk cambsepipp.mpw.cds.co.uk coppp.mpw.cds.co.uk derbsepipp.mpw.cds.co.uk devtest2.mpw.cds.co.uk dorsetstaging.mpw.cds.co.uk dev-cornstaging.mpw.cds.co.uk hereitcomestome.tk cloud.thecloudkeeper.io kentpccprefat.mpw.cds.co.uk dev-cornepi.mpw.cds.co.uk dorsetepi.mpw.cds.co.uk nottsepi.mpw.cds.co.uk clinican.wheel.health clinician.wheel.health dev.thecloudkeeper.io cw-000000.cloudways.icu stg1.novartis.com.my prod1.novartis.com.my thecloudkeeper.io www.thecloudkeeper.io cf.ayaz.cloud www.sage50accounting.com nationalformsnct.mpw.cds.co.uk jaeger-collector.usetada.dev stg.thecloudkeeper.io www.ratgeber-rheuma.de lincsepi.mpw.cds.co.uk bedsepi.mpw.cds.co.uk nrthyorkepi.mpw.cds.co.uk warwicksepi.mpw.cds.co.uk wiki.usetada.dev metepi.mpw.cds.co.uk hampstaging.mpw.cds.co.uk leicsepi.mpw.cds.co.uk sthwalesepi.mpw.cds.co.uk nabisepi.mpw.cds.co.uk www.medhub.novartis.com.my medhub.novartis.com.my prom-eks-core-service-prod.usetada.dev wilt-pccepi.mpw.cds.co.uk wiltpolepi.mpw.cds.co.uk sussexepi.mpw.cds.co.uk northyorksepi.mpw.cds.co.uk echo.usetada.dev surreyepi.mpw.cds.co.uk cheshpccepi.mpw.cds.co.uk staffsepi.mpw.cds.co.uk msideepi.mpw.cds.co.uk northantsepi.mpw.cds.co.uk thamesvalleyepi.mpw.cds.co.uk pukepi.mpw.cds.co.uk nrthwalesepi.mpw.cds.co.uk kentpccepi.mpw.cds.co.uk hampshireepi.mpw.cds.co.uk gwentepi.mpw.cds.co.uk gtrmcrepi.mpw.cds.co.uk essexepi.mpw.cds.co.uk dyfpowsepi.mpw.cds.co.uk colpepi.mpw.cds.co.uk skechers.es sonarqube.usetada.dev staging-admins.usetada.dev es.sage50accounting.com manager.impactify.io uat.dol.ratgeber-rheuma.de prod.dol.ratgeber-rheuma.de qa.dol.ratgeber-rheuma.de qa.medhub.novartis.com.my dev.medhub.novartis.com.my stg.medhub.novartis.com.my uat.medhub.novartis.com.my www.thinkglobalhealth.com grafana.usetada.dev jaeger-dev.usetada.dev dev.novartis.com.my www.novartis.com.my prod.novartis.com.my stg.novartis.com.my degroottechnology.com elk.thinkglobalhealth.com pukstaging.mpw.cds.co.uk kentstaging.mpw.cds.co.uk sthwalesstaging.mpw.cds.co.uk btpstaging.mpw.cds.co.uk wiltpolstaging.mpw.cds.co.uk sohstaging.mpw.cds.co.uk cambsstaging.mpw.cds.co.uk colpstaging.mpw.cds.co.uk bedsstaging.mpw.cds.co.uk gwentstaging.mpw.cds.co.uk nrthwalesstaging.mpw.cds.co.uk lincsstaging.mpw.cds.co.uk gtrmcrstaging.mpw.cds.co.uk essexstaging.mpw.cds.co.uk hertsstaging.mpw.cds.co.uk kentpccstaging.mpw.cds.co.uk staffsstaging.mpw.cds.co.uk cheshpccstaging.mpw.cds.co.uk cheshirestaging.mpw.cds.co.uk nrthyorkstaging.mpw.cds.co.uk sohmetstaging.mpw.cds.co.uk hardcallsstaging.mpw.cds.co.uk warwicksstaging.mpw.cds.co.uk nabisstaging.mpw.cds.co.uk northantsstaging.mpw.cds.co.uk nottsstaging.mpw.cds.co.uk derbsstaging.mpw.cds.co.uk www.townofhalfmoon-ny.gov thinkglobalhealth.com prod.medhub.novartis.com.my gloucpp.mpw.cds.co.uk sohhamppp.mpw.cds.co.uk hardcallspp.mpw.cds.co.uk btppp.mpw.cds.co.uk sohtvppp.mpw.cds.co.uk hertspp.mpw.cds.co.uk cheshpccpp.mpw.cds.co.uk contentpp.mpw.cds.co.uk gwentpp.mpw.cds.co.uk gtrmcrpp.mpw.cds.co.uk sohmetpp.mpw.cds.co.uk micropp.mpw.cds.co.uk msidepp.mpw.cds.co.uk surreypp.mpw.cds.co.uk lincspp.mpw.cds.co.uk kentpccpp.mpw.cds.co.uk essexpp.mpw.cds.co.uk pukpp.mpw.cds.co.uk sussexpp.mpw.cds.co.uk derbspp.mpw.cds.co.uk westmerciapp.mpw.cds.co.uk careerpp.mpw.cds.co.uk staffspp.mpw.cds.co.uk preprod.mpw.cds.co.uk colppp.mpw.cds.co.uk sohnationalformspp.mpw.cds.co.uk surreyepipp.mpw.cds.co.uk staffsepipp.mpw.cds.co.uk webappredir.mpw.cds.co.uk westmerciaepipp.mpw.cds.co.uk nottsepipp.mpw.cds.co.uk nrthwalesepipp.mpw.cds.co.uk nabisepipp.mpw.cds.co.uk sohtvpepipp.mpw.cds.co.uk sohhampepipp.mpw.cds.co.uk nrthyorkepipp.mpw.cds.co.uk sthwalesepipp.mpw.cds.co.uk msideepipp.mpw.cds.co.uk pukepipp.mpw.cds.co.uk lincsepipp.mpw.cds.co.uk hardcallsepipp.mpw.cds.co.uk hertsepipp.mpw.cds.co.uk gloucepipp.mpw.cds.co.uk gwentepipp.mpw.cds.co.uk kentpccepipp.mpw.cds.co.uk gtrmcrepipp.mpw.cds.co.uk leicsepipp.mpw.cds.co.uk essexepipp.mpw.cds.co.uk dyfpowsepipp.mpw.cds.co.uk colpepipp.mpw.cds.co.uk cheshireepipp.mpw.cds.co.uk btpepipp.mpw.cds.co.uk hampppcontent.mpw.cds.co.uk kentepipp.mpw.cds.co.uk cheshpccepipp.mpw.cds.co.uk bedsepipp.mpw.cds.co.uk atypicalppedit.mpw.cds.co.uk atypicalpp.mpw.cds.co.uk sohepipp.mpw.cds.co.uk sfpfat.mpw.cds.co.uk intuifat.mpw.cds.co.uk intuidevtest.mpw.cds.co.uk dvr.impactify.io pg.impactify.io sfpapifat.mpw.cds.co.uk fat-aware.mpw.cds.co.uk pukfatcontent.mpw.cds.co.uk natfat.mpw.cds.co.uk fat-nationalforms.mpw.cds.co.uk fat-atypical.mpw.cds.co.uk nathcfat.mpw.cds.co.uk natnationalformsdevtest.mpw.cds.co.uk natatypicaldevtest.mpw.cds.co.uk natdevtest.safemet.mpw.cds.co.uk nattvpdevtest.mpw.cds.co.uk natdevtest.mpw.cds.co.uk nathcdevtest.mpw.cds.co.uk nathampdevtest.mpw.cds.co.uk natmetdevtest.mpw.cds.co.uk pukdt.mpw.cds.co.uk awaredt.mpw.cds.co.uk atypicalprefat.mpw.cds.co.uk nationalformsdt.mpw.cds.co.uk pukfat.mpw.cds.co.uk pukdevtest.mpw.cds.co.uk nattvpfat.mpw.cds.co.uk pukprefat.mpw.cds.co.uk natprefat.mpw.cds.co.uk nattvpprefat.mpw.cds.co.uk natnationalformsfat.mpw.cds.co.uk fat.mpw.cds.co.uk natmetfat.mpw.cds.co.uk nathcprefat.mpw.cds.co.uk natatypicalfat.mpw.cds.co.uk www.townofhalfmoon-ny.gov.cdn.cloudflare.net cheshpccprefat.mpw.cds.co.uk impactify.io wheel.health www.kays.ch kays.ch wljgnj.kays.ch prod.dol.ratgeber-rheuma.de.cdn.cloudflare.net ad.impactify.io www.ratgeber-rheuma.de.cdn.cloudflare.net ratgeber-rheuma.de hub.impactify.io www.abcinsurancetrust.org qa.dol.ratgeber-rheuma.de.cdn.cloudflare.net stg.dol.ratgeber-rheuma.de.cdn.cloudflare.net uat.dol.ratgeber-rheuma.de.cdn.cloudflare.net stg.novartis.com.my.cdn.cloudflare.net abcinsurancetrust.org lorealprofessionnel.com.br ppmw.org ulmi.allittledprevi.info f46w.allittledprevi.info eylq.allittledprevi.info tkm1.allittledprevi.info pzda.allittledprevi.info d42f.allittledprevi.info dtub.allittledprevi.info bq0e.allittledprevi.info commcloud.dev-aaxc-reebok-fr.cc-ecdn.net.cdn.cloudflare.net allittledprevi.info 2123kk.com 3455jj.com novartis.com.my www.novartis.com.my.cdn.cloudflare.net prod.novartis.com.my.cdn.cloudflare.net bjrqy.top

Malware Detected on Host

Count: 13 8c9ec84c742d441e8fa2b1409149e5ebdca7c051007d2754f5ba4debba7d5fbe 7ed565ad79faa95e7645e85f084c76abeb49f1d559c1b751414baff9bd00ebd0 5b624c4f6b7eff0aae865aff853b1b973efab619c6b2ceead98c73e7509f073b 6e23c67347f98f1082db75a041342479655f12738a75c91de1db95c8d934eb2c 2fdf0249aacf7fb39411e1c5fd185657eb9609358570f6bc29a168946c70a423 9f9ba3384e070d82297e779ee0e58f0a3ca3ced0a293503cfd8dd2d994b10789 97745202aa0f0ce87f8b9feffaa7b9d2dfc808bb38e8dfc567a924d131d784a1 de5ca9a2bcb06045dccd3eb31a1dc44d49f5b7fc010c79d0fe662e52e18013c9 9b85e41a5f23962120e36124cb5ea06d7e167b8c38c8141a8aa159140f10ace9 db27a3b196df59825d8c8ce0e78e07e23182d46810b304af6294b9b07ae0a84d

Open Ports Detected

2053 2082 2083 2086 2087 443 80 8080 8443 8880

Map

Whois Information

NetRange: 104.16.0.0 - 104.31.255.255
CIDR: 104.16.0.0/12
NetName: CLOUDFLARENET
NetHandle: NET-104-16-0-0-1
Parent: NET104 (NET-104-0-0-0-0)
NetType: Direct Allocation
OriginAS: AS13335
Organization: Cloudflare, Inc. (CLOUD14)
RegDate: 2014-03-28
Updated: 2024-09-04
Comment: All Cloudflare abuse reporting can be done via https://www.cloudflare.com/abuse
Comment: Geofeed: https://api.cloudflare.com/local-ip-ranges.csv
Ref: https://rdap.arin.net/registry/ip/104.16.0.0
OrgName: Cloudflare, Inc.
OrgId: CLOUD14
Address: 101 Townsend Street
City: San Francisco
StateProv: CA
PostalCode: 94107
Country: US
RegDate: 2010-07-09
Updated: 2024-11-25
Ref: https://rdap.arin.net/registry/entity/CLOUD14
OrgTechHandle: ADMIN2521-ARIN
OrgTechName: Admin
OrgTechPhone: +1-650-319-8930
OrgTechEmail: rir@cloudflare.com
OrgTechRef: https://rdap.arin.net/registry/entity/ADMIN2521-ARIN
OrgAbuseHandle: ABUSE2916-ARIN
OrgAbuseName: Abuse
OrgAbusePhone: +1-650-319-8930
OrgAbuseEmail: abuse@cloudflare.com
OrgAbuseRef: https://rdap.arin.net/registry/entity/ABUSE2916-ARIN
OrgRoutingHandle: CLOUD146-ARIN
OrgRoutingName: Cloudflare-NOC
OrgRoutingPhone: +1-650-319-8930
OrgRoutingEmail: noc@cloudflare.com
OrgRoutingRef: https://rdap.arin.net/registry/entity/CLOUD146-ARIN
OrgNOCHandle: CLOUD146-ARIN
OrgNOCName: Cloudflare-NOC
OrgNOCPhone: +1-650-319-8930
OrgNOCEmail: noc@cloudflare.com
OrgNOCRef: https://rdap.arin.net/registry/entity/CLOUD146-ARIN
RTechHandle: ADMIN2521-ARIN
RTechName: Admin
RTechPhone: +1-650-319-8930
RTechEmail: rir@cloudflare.com
RTechRef: https://rdap.arin.net/registry/entity/ADMIN2521-ARIN
RAbuseHandle: ABUSE2916-ARIN
RAbuseName: Abuse
RAbusePhone: +1-650-319-8930
RAbuseEmail: abuse@cloudflare.com
RAbuseRef: https://rdap.arin.net/registry/entity/ABUSE2916-ARIN
RNOCHandle: NOC11962-ARIN
RNOCName: NOC
RNOCPhone: +1-650-319-8930
RNOCEmail: noc@cloudflare.com
RNOCRef: https://rdap.arin.net/registry/entity/NOC11962-ARIN

Links to attack logs

anonymous-proxy-ip-list-2025-06-21 ****** ****** ******

Share on: