stun.cloudflare.com
stun.cloudflare.com is Cloudflare’s public STUN server used for WebRTC NAT traversal.
At a glance
3 facts that matterThe Dossier
The domain stun.cloudflare.com resolves to a technical endpoint operated by Cloudflare, Inc. for Session Traversal Utilities for NAT (STUN). Its sole purpose is to help WebRTC clients discover their public IP addresses so peer-to-peer connections can be established. The endpoint returns no HTML content and is not designed for direct browser interaction; any attempt to load it in a browser results in a server-level response rather than a rendered page. Security telemetry shows zero detections across 92 engines, a clean browser blocklist status, and a zero abuse score on the hosting IP. The domain itself was registered in 2009 and belongs to the publicly traded company Cloudflare, Inc., which maintains active U.S. business registration.
- 1Domain registered 17.4 years ago and owned by Cloudflare, Inc.
- 2Zero detections across 92 antivirus engines and clean browser blocklist status.
- 3Hosting IP carries a zero abuse score and the service is documented as legitimate STUN infrastructure.
- 4Business registration confirms Cloudflare, Inc. as an active, publicly traded company.
Service Purpose
stun.cloudflare.com functions exclusively as a STUN server within Cloudflare’s Realtime infrastructure. It assists devices in determining their external IP addresses and port mappings so that WebRTC applications can create direct peer-to-peer connections without requiring a central media relay.
Technical Characteristics
The endpoint does not serve HTML, images, or interactive content. Requests receive protocol-level responses consistent with STUN behavior. No login, payment, or user-account mechanisms exist because the service is intentionally unauthenticated and publicly accessible.
Ownership and History
Cloudflare, Inc. registered the domain in February 2009 and lists it as part of its legitimate infrastructure. The company remains an active, publicly traded entity (NYSE: NET) with verified U.S. business registration and no recorded complaints tied to this hostname.
Security Posture
Zero malicious or suspicious flags were returned by 92 security vendors. The hosting IP carries an abuse score of 0/100 based on 58 reports. The certificate presented is valid, and no browser warnings or blocklist entries are associated with the domain.
No action required. The endpoint is safe to use as a STUN server in WebRTC applications.
Website Preview

We could not load a live view of this site; the capture returned a server error.
- 1Live capture returned a server/proxy error — the page could not be rendered
Web Research
Threat Detection
Antivirus results, browser warnings, isolated page observations, and the threat pattern identified in this report.
Antivirus engine results
Technical Details
Identity, domain, infrastructure, and connection facts saved with this scan.
July 18, 2026 at 3:51 PM UTCIdentity
6 facts- Operator
- Claimed Only
- On-domain email
- Not observed
- Other email
- Not observed
- Phone
- Not observed
- Postal address
- Not observed
- Social profiles
- Not observed
Domain
8 facts- Domain age
- 17 years old
- Registered
- Feb 17, 2009
- Registrar
- Cloudflare, Inc.
- Expires
- Feb 17, 2033
- WHOIS updated
- Jan 9, 2024
- Registrant
- Unavailable
- Registration country
- Unavailable
- WHOIS privacy
- Not observed
Infrastructure
14 facts- HTTPS
- Valid certificate
- TLS protocol
- TLSv1.3
- Certificate issuer
- Google Trust Services · WE1
- Certificate subject
- stun.cloudflare.com
- Certificate valid from
- May 20, 2026
- Certificate valid to
- Aug 18, 2026
- Network address
- 162.159.207.0
- ASN
- AS13335
- Hosting organization
- CLOUDFLARENET - Cloudflare, Inc., US
- Country
- US
- Server
- Unavailable
- Site platform
- Unavailable
- IP reputation
- 0% confidence · 58 reports
- Tor exit node
- No
Connections
12 facts- Scan scope
- Domain
- Destination host
- stun.cloudflare.com
- Redirects
- 0
- Cross-domain redirect
- No
- Redirect status codes
- 403
- Lookalike characters
- Not observed
- Internationalized domain
- No
- Page response
- 403
- Page requests
- 4
- Unique IPs contacted
- 0
- Countries contacted
- 4
- Referenced domains
- 0
Identity6 facts›
- Operator
- Claimed Only
- On-domain email
- Not observed
- Other email
- Not observed
- Phone
- Not observed
- Postal address
- Not observed
- Social profiles
- Not observed
Domain8 facts›
- Domain age
- 17 years old
- Registered
- Feb 17, 2009
- Registrar
- Cloudflare, Inc.
- Expires
- Feb 17, 2033
- WHOIS updated
- Jan 9, 2024
- Registrant
- Unavailable
- Registration country
- Unavailable
- WHOIS privacy
- Not observed
Infrastructure14 facts›
- HTTPS
- Valid certificate
- TLS protocol
- TLSv1.3
- Certificate issuer
- Google Trust Services · WE1
- Certificate subject
- stun.cloudflare.com
- Certificate valid from
- May 20, 2026
- Certificate valid to
- Aug 18, 2026
- Network address
- 162.159.207.0
- ASN
- AS13335
- Hosting organization
- CLOUDFLARENET - Cloudflare, Inc., US
- Country
- US
- Server
- Unavailable
- Site platform
- Unavailable
- IP reputation
- 0% confidence · 58 reports
- Tor exit node
- No
Connections12 facts›
- Scan scope
- Domain
- Destination host
- stun.cloudflare.com
- Redirects
- 0
- Cross-domain redirect
- No
- Redirect status codes
- 403
- Lookalike characters
- Not observed
- Internationalized domain
- No
- Page response
- 403
- Page requests
- 4
- Unique IPs contacted
- 0
- Countries contacted
- 4
- Referenced domains
- 0
What to do
No action required. The endpoint is safe to use as a STUN server in WebRTC applications.
No incident response is indicated by this scan. Continue using normal caution, and act only if you notice an unexpected download, login prompt, payment request, or account activity.
Final Verdict
Why this verdict
Safe. This is documented Cloudflare infrastructure, not a website or service for end users.
No action required. The endpoint is safe to use as a STUN server in WebRTC applications.
Key evidence
- 1Domain registered 17.4 years ago and owned by Cloudflare, Inc.
- 2Zero detections across 92 antivirus engines and clean browser blocklist status.
- 3Hosting IP carries a zero abuse score and the service is documented as legitimate STUN infrastructure.
Safety FAQ
Is stun.cloudflare.com safe to use?+
Safe. This is documented Cloudflare infrastructure, not a website or service for end users.
What should I do about stun.cloudflare.com?+
No action required. The endpoint is safe to use as a STUN server in WebRTC applications.
How old is stun.cloudflare.com?+
stun.cloudflare.com is 17 years old and was registered feb 17, 2009.
What if I already interacted with stun.cloudflare.com?+
No incident response is indicated by this scan. Continue using normal caution, and act only if you notice an unexpected download, login prompt, payment request, or account activity.
When was this report updated?+
This report reflects the scan completed July 18, 2026 at 3:51 PM UTC.
User reviews & comments(0)
Share your experience — "Lost $200 on a fake checkout" is more useful than "Scam". Your review helps others avoid traps.