104.18.24.135 Threat Intelligence and Host Information
Oct 23, 2025
ipinfopage
General
This page contains threat intelligence information for the IPv4 address 104.18.24.135 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.
Possibly Malicious Host 🟢 5/100
Host and Network Information
- View other sources: Spamhaus VirusTotal
- Country:
- Network:
- Noticed: 1 times
- Protocols Attacked: Anonymous Proxy
- Passive DNS Results: dev.odsp.nationalenergyso.com nesohome-cms.nationalenergyso.com fa8-jujuba.bet avalon.library.tamu.edu nesohome.nationalenergyso.com etr-test.modis.nationalenergyso.com sellingpilot.com de.sensor-valley.com demos.library.tamu.edu business-bres.de vendor-products-api.urbanairparks.com danielahirschauer.com sej.cs-apps.afriquia.ma ecominsiders.xyz membership.dev.urbanairparks.com catalog.library.tamu.edu wifi.afriquia.ma testlegacy-customer.nationalenergyso.com invoiceapi-test.urbanairparks.com dcb-aztms-sb-pr1.jdadelivers.com 66lottery17.com data.nationalenergyso.com emrdeliverybody-emrbeta.nationalenergyso.com gis.nationalenergyso.com emrdeliverybody-staging.nationalenergyso.com prod.extranet.nationalenergyso.com cna.afriquia.ma 13.evlink25.net sffrd.library.tamu.edu.cdn.cloudflare.net 14.evlink25.net vendor-security-api.urbanairparks.com emrdeliverybody-emrmot.nationalenergyso.com goldgloveusa.com dexsil.be pl.sensor-valley.com jp.sensor-valley.com mediaapi-test.urbanairparks.com smcabppdev.jdadelivers.com wdev-wfm-mob-ts40.jdadelivers.com es.sensor-valley.com ru.sensor-valley.com p06fx156.com smartcard.afriquia.ma accountsapi-test.urbanairparks.com vendor-invoice-qa-api.urbanairparks.com vendor-security-qa-api.urbanairparks.com unleashedapi-test.urbanairparks.com norw-aztms-ac-pr1.jdadelivers.com rancher-scratch.library.tamu.edu developers.fnf.co.kr scholars.library.tamu.edu.cdn.cloudflare.net br-trofeu.club wowaaa.com infotron.fool.com nandinimetrosuites.ul.mygate.com galaxyheights1.ul.mygate.com suryakiranchandrakiranapartments.ul.mygate.com springvalleysurat.ul.mygate.com tranquiltowers.ul.mygate.com jalvayutowerkolkata.ul.mygate.com deltatower.ul.mygate.com neelkamalapartments.ul.mygate.com pioneerpark.ul.mygate.com konarkbellavista.ul.mygate.com gaurglobalvillage.ul.mygate.com classifieds-be.mygate.com laksmismajesticplaza.ul.mygate.com indussignatureapartments.ul.mygate.com guninachs.ul.mygate.com jainsinelipark.ul.mygate.com dcm.nationalenergyso.com fortunegreenhomesgoldenoriole.ul.mygate.com themagnolias.ul.mygate.com shivtrivenisatsang.ul.mygate.com lunkadskylounge.ul.mygate.com oxfordchsthane.ul.mygate.com palmterracesselect.ul.mygate.com eifeelcityphase2c2.ul.mygate.com mullaiapartments.ul.mygate.com poetree.ul.mygate.com dlfparkplace.ul.mygate.com paradiseapartmentdwarka.ul.mygate.com ajnarapride.ul.mygate.com pbelcity.ul.mygate.com sbioa.ul.mygate.com embassypristine.ul.mygate.com mhn.ul.mygate.com nesterharmony.ul.mygate.com oaktrust.library.tamu.edu.cdn.cloudflare.net prod-admin.extranet.nationalenergyso.com vendor-accounts-api.urbanairparks.com me-notes-be.octopus.mygate.com me-gapp.mygate.com me-feed.mygate.com me-uapp.mygate.com me-actions.mygate.com me-ack.mygate.com me-assets.mygate.com fr.sensor-valley.com emrdeliverybody.nationalenergyso.com mfb-test.afriquia.ma 19.evlink25.net admin.dev.urbanairparks.com dcmpreprod.nationalenergyso.com www.directionsna.com api-fof-uk-01.nationalenergyso.com testqa-portal.nationalenergyso.com 9.evlink25.net 10.evlink25.net nationalenergyso.com loniusa.com patch-azure-o88y-v202446-419-2.auth0app.com wt.patch-azure-o88y-v202446-419-2.auth0app.com edge.tenants.patch-azure-o88y-v202446-419-2.auth0app.com dcmst1.nationalenergyso.com auth.afriquia.ma dxctaygithub312wprod-slot.paastest.epimore.com resto-mgmt.afriquia.ma api-dev-uk.nationalenergyso.com i.fnf.co.kr i.dev.fnf.co.kr reflect-ag-grid-armincerf.reflect-server.net help.mygate.com www.workd.go.th workd.go.th membership.urbanairparks.com portal.nationalenergyso.com www.thenetfool.com 17.evlink25.net www.66lottery17.com emrdeliverybody-preprod.nationalenergyso.com emrdeliverybody-qa.nationalenergyso.com parksapi.urbanairparks.com preprod-customer.nationalenergyso.com vendor-accounts-qa-api.urbanairparks.com vendor-products-qa-api.urbanairparks.com sharedqa-portal.nationalenergyso.com booking-test.urbanairparks.com data.api.nationalenergyso.com sts.workd.go.th portal.fnf.co.kr conflicts.nationalenergyso.com www.sellingpilot.com station-sentry.afriquia.ma reflect-todo-aboodman.reflect-server.net bannerss01.ucy.ac.cy.cdn.cloudflare.net reflect-starter-ts-vanilla-alcor.reflect-server.net sandbox.reflect-server.net mkti.mygate.com eks-development.fool.com mails.mygate.com dr.extranet.nationalenergyso.com fof-admin.extranet.nationalenergyso.com extranet.nationalenergyso.com moana777.com dcmsit1.nationalenergyso.com islandeggs.com event-portal.fnf.co.kr bigip04.fool.com www.bigip04.fool.com www.summitrewards.org membership.test.urbanairparks.com productapi-test.urbanairparks.com parksapi-test.urbanairparks.com 21.evlink25.net 1.evlink25.net afriquia.ma admin.extranet.nationalenergyso.com bannerss01.ucy.ac.cy dardenchrome.paradox.ai www.bigip03.fool.com bigip03.fool.com account.nationalenergyso.com securityapi.urbanairparks.com portal.dev.fnf.co.kr vendor-parks-api.urbanairparks.com admin.urbanairparks.com admin.test.urbanairparks.com store.test.urbanairparks.com accountsapi.urbanairparks.com vendor-invoice-api.urbanairparks.com dev.fnf.co.kr leroy.fool.com wt.patch-aws-p560-v202422-30-1.auth0app.com edge.tenants.patch-aws-p560-v202422-30-1.auth0app.com patch-aws-p560-v202422-30-1.auth0app.com npm.rb.afriquia.ma offersnz.com sand-wa.nationalenergyso.com nudge.nationalenergyso.com my-app-rocicorpbot.reflect-server.net dilemma-dllama.reflect-server.net replidraw-do-aboodman.reflect-server.net evlink25.net my.urbanairparks.com consenter-center-uk-staging.fool.com new-portal-stg.fnf.co.kr staging.fool.com www.nationalenergyso.com preprod.nationalenergyso.com fof.nationalenergyso.com st1.nationalenergyso.com dxp-lb-nonprod.nationalenergyso.com sit1.nationalenergyso.com st2.nationalenergyso.com 3monoamines.com www.3monoamines.com api-dev-uk-01.nationalenergyso.com arv-cli-test-2.reflect-server.net cgv.afriquia.ma preview.reflect-server.net 7.evlink25.net 22.evlink25.net 4.evlink25.net 11.evlink25.net location-test.reflect-server.net store.urbanairparks.com www.offersnz.com nonproduction-account.nationalenergyso.com 18.evlink25.net aussie-opinions.com patch-azure-6hft-v202415-187-0.auth0app.com my-app-charlesetc.reflect-server.net invoiceapi.urbanairparks.com vendor-media-api.urbanairparks.com unleashedapi.urbanairparks.com productapi.urbanairparks.com vendor-media-qa-api.urbanairparks.com leeplasticsurgery.net shoploft.shop booking.urbanairparks.com reflect-starter-vanilla-9898-rocicorpbot.reflect-server.net 15.evlink25.net playground.sproutsend.com reflect-server.net msn.fool.com ads.fool.com assets.mygate.com api-preview.fool.com mte.mygate.com tccwest.www2.proc.v1.laopromo.com stage.proc.v1.laopromo.com tccwest.www1.proc.v1.laopromo.com server1.tccwest.www1.proc.v1.laopromo.com server1.www2.proc.v1.laopromo.com server1.tccwest.www2.proc.v1.laopromo.com server1.tcceast.www2.proc.v1.laopromo.com www2.proc.v1.laopromo.com www1.proc.v1.laopromo.com tcceast.www2.proc.v1.laopromo.com server1.tcceast.www1.proc.v1.laopromo.com server1.www1.proc.v1.laopromo.com tcceast.www1.proc.v1.laopromo.com marketing-gateway.fool.com marthetron.fool.com d3jkf.com nexus-ec2-test.fool.com stockstowatch.fool.com careers.fool.com epic-2.development.fool.com development.fool.com packet.atgoldenpacket.net test-aws-thin-doggo-2530.auth0c.com wt.test-aws-thin-doggo-2530.auth0c.com edge.tenants.test-aws-thin-doggo-2530.auth0c.com api.specialized.com.cn edge.tenants.test-aws-light-honeybee-7585.auth0c.com test-aws-light-honeybee-7585.auth0c.com wt.test-aws-light-honeybee-7585.auth0c.com sagetwo.ie dispatch.nssa.genpt.com sodastreamprofessionalstaging.com qa-ie-x46-fbmvp-13881-implementscegetslo.az.ssdgws.co.uk stock-prod.decathlon.sg blog-test.cutshort.io online.broadviewfcu.com.cdn.cloudflare.net darden.paradox.ai.cdn.cloudflare.net demo.darden.paradox.ai.cdn.cloudflare.net redirect.fool.com www.pearle.be images.pearle.be pearle.be api.fool.com.cdn.cloudflare.net ffe-cfd.www.fool.com qa-fi-yxf-ecomm-57-prescriptionexpirydat.az.ssdgws.co.uk darden.paradox.ai dardendemo.paradox.ai sandbox.auth.fool.com eq.fool.net api.mygate.com quote.fool.com dashboard.mygate.com edge.audiofamerica.auth0.com wt.audiofamerica.auth0.com edge.tenants.audiofamerica.auth0.com audiofamerica.auth0.com esrv-hub-dev.roche.com icons.esrv-hub-dev.roche.com auth.esrv-hub-dev.roche.com stage5.cutshort.io stage6.cutshort.io stores.mygate.com stage.cutshort.io feed.mygate.com actions.mygate.com notif.mygate.com proc.v1.laopromo.com scorecard.fool.com mutualseries.es test.prod.cutshort.io fool.com api.fool.com newstage.cutshort.io fooladserver.fool.com newsletters.fool.com my.fool.com boards.fool.com cat.esrv-hub-dev.roche.com api-testing.fool.com caps.fool.com.cdn.cloudflare.net redirect.fool.com.cdn.cloudflare.net clicks.fool.com.cdn.cloudflare.net mcintegration.shop.delcity.net api-dev.fool.com boards.fool.com.cdn.cloudflare.net live.broadviewfcu.com api-staging.fool.com qa-no-r7i-fixapd-335-upgradetemplate.az.ssdgws.co.uk dev.broadviewfcu.com stage.broadviewfcu.com lojavirtual.labimagem.com.br eks-staging.fool.com staging.www.fool.com qa-es-z4z-fixdsi-2162-addscopedtospecsse.az.ssdgws.co.uk www.fool.com api.matata.live www.proc.v1.laopromo.com comm.mygate.com www.fool.com.cdn.cloudflare.net g.fool.com preview.www.fool.com clicks.fool.com drcarolyndelucia.com cdn.cutshort.io grosupport.com.co www.grosupport.com.co api.dashboard.mygate.com static.matata.live trill.mygate.com mahjongsoul.game.yo-star.com gandkcares.com prep2022-ver.org.mx carrierglobal.jp knowledge.cutshort.io atgoldenpacket.net www.atgoldenpacket.net frontend-stage-1.cutshort.io content.cutshort.io kb.cutshort.io www.saucony.com.au www.saucony.com.au.cdn.cloudflare.net stage4.cutshort.io gallery.jeremiaswerner.de stage2.cutshort.io help.cutshort.io stage3.cutshort.io helpdesk.cutshort.io prod.cutshort.io wiki.atgoldenpacket.net cutshort.io remote.cutshort.io cial.co api-test.matata.live www.mygate.com eznaautos.nl breakwatercrcstudy.com iwealth-pilot.dbs.com.sg cug-iwealth-pilot.dbs.com.sg 4hucc00.com mygate.com rasp.chana.website worker.chana.website nostalgiagazette.com www.breakwatercrcstudy.com proxy.chana.website.cdn.cloudflare.net ip.chana.website.cdn.cloudflare.net tunnel.chana.website.cdn.cloudflare.net hhg869.com 2789ta.com playnow888.net encoautoglass.com www.kmdk73.com 1.1.www.chana.website.cdn.cloudflare.net 1.www.chana.website.cdn.cloudflare.net site.chana.website.cdn.cloudflare.net www.chana.website.cdn.cloudflare.net sub.mgrdxctngnadxc94algprod.paastest.co.uk.cdn.cloudflare.net 51cfcdn.com mcc43.com pixel.lyhelplessetti.pro jryazt.live siexbh.live dxubud.live qpectv.live ajivjp.live dghpjk.live cfpjkd.live fvhnue.live dfahfy.live phpcdk.live adocun.live ftbkci.live womensboutiqueokc.com
Malware Detected on Host
Count: 1 621ebf0c1b8bdd1b23c0696f635ed1ed3c944c9c3cb15425058395254159b958
Open Ports Detected
2053 2082 2083 2086 2087 2095 2096 443 80 8080 8443 8880
Map
Whois Information
- NetRange: 104.16.0.0 - 104.31.255.255
- CIDR: 104.16.0.0/12
- NetName: CLOUDFLARENET
- NetHandle: NET-104-16-0-0-1
- Parent: NET104 (NET-104-0-0-0-0)
- NetType: Direct Allocation
- OriginAS:
- Organization: Cloudflare, Inc. (CLOUD14)
- RegDate: 2014-03-28
- Updated: 2024-09-04
- Comment: All Cloudflare abuse reporting can be done via https://www.cloudflare.com/abuse
- Comment: Geofeed: https://api.cloudflare.com/local-ip-ranges.csv
- Ref: https://rdap.arin.net/registry/ip/104.16.0.0
- OrgName: Cloudflare, Inc.
- OrgId: CLOUD14
- Address: 101 Townsend Street
- City: San Francisco
- StateProv: CA
- PostalCode: 94107
- Country: US
- RegDate: 2010-07-09
- Updated: 2024-11-25
- Ref: https://rdap.arin.net/registry/entity/CLOUD14
- OrgNOCHandle: CLOUD146-ARIN
- OrgNOCName: Cloudflare-NOC
- OrgNOCPhone: +1-650-319-8930
- OrgNOCEmail: noc@cloudflare.com
- OrgNOCRef: https://rdap.arin.net/registry/entity/CLOUD146-ARIN
- OrgRoutingHandle: CLOUD146-ARIN
- OrgRoutingName: Cloudflare-NOC
- OrgRoutingPhone: +1-650-319-8930
- OrgRoutingEmail: noc@cloudflare.com
- OrgRoutingRef: https://rdap.arin.net/registry/entity/CLOUD146-ARIN
- OrgAbuseHandle: ABUSE2916-ARIN
- OrgAbuseName: Abuse
- OrgAbusePhone: +1-650-319-8930
- OrgAbuseEmail: abuse@cloudflare.com
- OrgAbuseRef: https://rdap.arin.net/registry/entity/ABUSE2916-ARIN
- OrgTechHandle: ADMIN2521-ARIN
- OrgTechName: Admin
- OrgTechPhone: +1-650-319-8930
- OrgTechEmail: rir@cloudflare.com
- OrgTechRef: https://rdap.arin.net/registry/entity/ADMIN2521-ARIN
- RAbuseHandle: ABUSE2916-ARIN
- RAbuseName: Abuse
- RAbusePhone: +1-650-319-8930
- RAbuseEmail: abuse@cloudflare.com
- RAbuseRef: https://rdap.arin.net/registry/entity/ABUSE2916-ARIN
- RNOCHandle: NOC11962-ARIN
- RNOCName: NOC
- RNOCPhone: +1-650-319-8930
- RNOCEmail: noc@cloudflare.com
- RNOCRef: https://rdap.arin.net/registry/entity/NOC11962-ARIN
- RTechHandle: ADMIN2521-ARIN
- RTechName: Admin
- RTechPhone: +1-650-319-8930
- RTechEmail: rir@cloudflare.com
- RTechRef: https://rdap.arin.net/registry/entity/ADMIN2521-ARIN
Links to attack logs
anonymous-proxy-ip-list-2025-09-21 anonymous-proxy-ip-list-2025-09-27 anonymous-proxy-ip-list-2023-07-28 anonymous-proxy-ip-list-2025-10-06 anonymous-proxy-ip-list-2025-10-03 anonymous-proxy-ip-list-2025-10-04 ****** anonymous-proxy-ip-list-2025-10-20 anonymous-proxy-ip-list-2025-10-02 anonymous-proxy-ip-list-2025-10-07 anonymous-proxy-ip-list-2025-10-05 anonymous-proxy-ip-list-2025-09-20 anonymous-proxy-ip-list-2025-09-22 anonymous-proxy-ip-list-2025-09-25 anonymous-proxy-ip-list-2025-10-10 anonymous-proxy-ip-list-2025-10-21 anonymous-proxy-ip-list-2025-09-30 anonymous-proxy-ip-list-2025-10-12 anonymous-proxy-ip-list-2025-10-22 anonymous-proxy-ip-list-2025-10-16 anonymous-proxy-ip-list-2025-09-28 anonymous-proxy-ip-list-2025-09-19 anonymous-proxy-ip-list-2025-10-13 anonymous-proxy-ip-list-2025-10-17 anonymous-proxy-ip-list-2025-10-09 anonymous-proxy-ip-list-2025-10-19 anonymous-proxy-ip-list-2023-07-30 anonymous-proxy-ip-list-2025-09-23 anonymous-proxy-ip-list-2025-10-11 ****** anonymous-proxy-ip-list-2025-09-26 anonymous-proxy-ip-list-2025-09-29 ****** anonymous-proxy-ip-list-2025-10-08 anonymous-proxy-ip-list-2025-09-24 anonymous-proxy-ip-list-2025-10-01 anonymous-proxy-ip-list-2025-10-14 anonymous-proxy-ip-list-2025-10-15 anonymous-proxy-ip-list-2025-10-18
Share on: