104.21.1.116 Threat Intelligence and Host Information

General

This page contains threat intelligence information for the IPv4 address 104.21.1.116 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Possibly Malicious Host 🟢 30/100

Host and Network Information

• Mitre ATT&CK IDs: T1071 - Application Layer Protocol

• Tags: abuse contact, all search, apeaksoft ios, apple phone, apple private, asn owner, attack, author avatar, awful, banker, cisco umbrella, code, comments, concerning link, copy, creation date, critical, cyber criminal, data collection, date, dga domain, dnssec, domain name, drive, email, emotet, external, firewall sync, first, hackers, high level, hijacker, historical otx, historical ssl, hybridanalysis, info api, installer, keylogger, malicious, malware, metro, million alexa, monitoring, mon mar, neworder.doc, online sun, open, otx octoseek, record type, red team, related, report spam, resolutions, resolved ips, scan endpoints, script, search, server, shell code, siem, site, skynet, soar, ssl certificate, status, tsara brashears, ttl value, tue mar, united, unknown, unlocker, url http, url https, urls, urlvoid, vt graph, whois, whois lookup, whois record, whois show, whois whois

• View other sources: Spamhaus VirusTotal

• Country:
• Network: AS13335 cloudflare
• Noticed: 1 times
• Protcols Attacked: SSH
• Passive DNS Results: www.dissidences.org salesshopdrills.com barxatnyesezony.com avaliacaopremium.app poppylfrench.xyz onepieceporn.com sandstonesbatholi.com 5t5bnlox.shop laptop0finanzierung152180.life declne.com numero-express-telf.cfd poston.cloud cpcalendars.filtroshop.pt de.puntospedizioni.com es.puntospedizioni.com cpcalendars.settleumc.com conocimiento.dolbuck.net cpcontacts.settleumc.com fr.puntospedizioni.com cpcontacts.filtroshop.pt xfntbjgub0u4l1f.com dickshops.top drfaq668.com quantum-project.org emzikopialakazimmembeli.asia meraktoto789.com taoilover.buzz caracolbr.xyz specbuddypro.one fasons22.hair alfalahjamtaqwim.com setntimer.net szjxzzs.com bajamexico.nz blswblqwhlwi2akjsw8uj3sdah7kl.top hltpaw.tech 22wrvqpply.top shanhebearing.com chanletaixiu.win uncovered-xawdvice.shop lakefamilyeyecare-camdenton.com diehistamesearcond.cf pwvip45.com creativephotographymagazine.com personal-loans-332us.today tryst-apps.online competeandbeatthebest.com swapcc.com es-laboralkutxa-app.com qalat-aldkhun.com hello-world-sparkling-limit-29e4.yagem34766.workers.dev baba-enfej.buzz jdlogin.eu.org uptrendro.com www.techfi.io tk88119.com healthfortruckers.com abaree.space www.sol-prlspb25.top nwty.cc online.improvementscatalog.uk gurudronacharya.co.in 365printstore.com he35.shop beigekussensnl.com hard-nkd.world yahahospital.go.th shoppingcenterh.shop mumu-hot-pot.com igms.vip greenlandscapestore.com lada-car-smr.ru zlysfjw.cn a6oxk06y.cfd nterhotefisellpo.tk hnnogkybe.buzz chrislewisforvirginia.com godipedia.com qlrjz.me athletesovereign.top keznscgn.sbs ketokubir.cyou get-skin-cancer-treatment.today luminem.com.br scbeasy.app kabinet-lk-megafon.ru www.kabinet-lk-megafon.ru certainly-verify.shop rich-boat.ru www.stlleaders.com imagecreator.website babytoy-store.com supermercadorganico.cl nostcacelop.tk lbbfq.top ehbde.top scientific-music.shop movercompanydublin.com staging.discjapan.com kecvpz.xyz costumesfr.com furia.top iowabusiness.info idmha.com mokajoe.com www.topevent.click escortbursa.org www.qoratube.com smtp.qoratube.com hntv1279.top goodwill.market www.goodwill.market monoversemedia.com hello-world-still-term-5706.yagem34766.workers.dev suporte-eletronico.com hello-world-super-grass-5a5c.yagem34766.workers.dev elsabordelapalabra.mx gap27antagonist.com 8k72.com colorfulbeauty.net delicatemountainswick.space giga-chat.life veggiesmadetastier.com www1.lsj6.top www.lsj6.top www8.lsj6.top www5.lsj6.top www6.lsj6.top www4.lsj6.top www2.lsj6.top www3.lsj6.top www7.lsj6.top telegram-s.top lsj6.top 9sanghoki.com www.foxandraven.co.za www.competeandbeatthebest.com health-supporter-today.com 247tarafbet.com obnryd.cfd sfydd16.top lastideainpl.site alert.savedclick.com generativemedia.com coinspains.com eldoradocasino-koz.top allairportsparking-info.com bizsparkle.site plumbing-services-fr.life aejapuqc.tk avxsecou.fun pcq.cjgpk.my.id buy138.bio blazeaviator.icu granat-beauty88.ru concert.topevent.click mute-dew-0c93.tocbezvixf9349.workers.dev pestcontrolservice.today recruiterwp.com coinnmarketcup.org streampourvous.art www.freewherecrack.com svrebuilds.com w5yk.us rf-sro-dopusk.ru liann.site www.jonalapitvany.hu pma.jonalapitvany.hu yyprk.buzz dy718.xyz www.feesjunction.com panchayatudsar.com avito-helps.click away-scorch.bond fstantk.com jillo.shop uj.jonalapitvany.hu r6.staz.io yaaas.deylam.com qzauch.xyz io.v01.me happentme.com 69av033.xyz x88av428.xyz www.lirikchor.my.id wowtiktok.net thedavidharris.com eurofif.bar bapercnanua.tk speedymart.shop vel2.navipromer.com xrpsend.org instnedth-logant.com accesss-coinex-ac-application.com rusteastcoast.org eycjsq.store attne-net.ntwok.com attne-com.ntwok.com ntwok.com veritoneuniversity.com emilyjfrench.icu xn–y5qq4d96k0p6a.xyz hvjspx.store wild-rice-65dd.n9269.workers.dev sleator.ie rivierabirra.it tx.drr.icu islandpacificelectric.com kikidoy.xyz ketosegepa.cloud jonalapitvany.hu qoratube.com uz-buss.com entertainment.topevent.click www.trylifetimeretailoption.com arbswasp.com gamebox.rocks www.localnewsroadmap.org localnewsroadmap.org naturheilpraxis-tiere.at acula.com cvzv9wazirx.com brands097.fleetman44.workers.dev nacore633.fleetman44.workers.dev manageeeline-pl.cfd www.newpornads.com zeloscloud.dev homepage-stg.zeloscloud.dev elastrio.com seedify.eth-web3.icu l8w3q.xyz bientesas.org mechanick.org getsupleday.com happyhourair.com situsterbaru.xyz eth-web3.icu wandering-glade-06a7.vczatfln.workers.dev rapid-poetry-07aa.vczatfln.workers.dev defa.finance agnobeservices.com kyzisperfume.com gagemeggiewu.best vqxhwclax.shop synner.com thromnutcallsquadun.ml famille.francismorin.ru nxc.francismorin.ru garagedoorsartesia.com riassanbeefvery.tk round-heart-bc0c.dgyewg321feb.workers.dev blogwarehousearbeit.pics cool-pond-4389.tongxing1024.workers.dev 0518u.cn cepteyizyklemeler.shop dex.cryptovault.app farms.cryptovault.app tunemycloud.com wqetreucxvcxbgj.cfd getsober.se atheights.co.il www.atheights.co.il whitepaper.gameboy.mx wwwsantaanita.com docs.defa.finance service-leverup.xyz domela.cf robocore.vovgroup.com pectedgoe.buzz opwf.info digital-marketplace.online www.rayhope.tw amcoamica.com foxandraven.co.za rayhope.tw airfryerpizzas.com www.billerpay.id freenode.amonjezi16gmailcom.workers.dev bilowye.fun calisthenicos.sandboxappmax.com.br ketopukara.cyou ams3-1.nl1.workers.dev signuponbetonline.com myfreemint.site hynkmq.com pouf-geant-francais-promo.shop turkiyevehayatadair.com cy.v01.me hewbfu.xyz diamsit.buzz juicerweb.com onlineboletofatura.com upytake.best nanhai996.cf freewherecrack.com gvuicd.xyz feesjunction.com zarniitran.tk gg888.buzz co-locate.us www.marciefree.com marciefree.com ktahuzby.shop civirit.buzz 105644666.com gtetedere.shop amir.amirrvaez12.workers.dev lunchpulsa.shop smtp.juicerweb.com pop.juicerweb.com ftp.juicerweb.com investlyfrost.za.com svsoftr.com www.rusteastcoast.org fergemelmei.best phl63app.space nashevilleclerk.com ajsuparty.com fomdwwkdje.top dry-recipe-40fa.msjcweb.workers.dev aliirezavpn.alireza1992alireza1992.workers.dev tianms11qc.com ssckzvve.ws tiffanystudios.net topevent.click qst.info www.think11.blog think11.blog sexygaming989.store www.reevesartgalleryhouston.com www.printer-solution.services printer-solution.services bdamadersomoy.com chatea543.fleetman44.workers.dev syd.rent img.sc.gongcishi.cn mppc.vip www.mppc.vip www.lojaprataforte.com czaaia.ru.com miltonrpc.co.uk www.miltonrpc.co.uk boostmagic-remoteservice.net filmbokep.link tuvufu.ru.com ci2nbe.ml dostawadrd.shop dry-pine-343c.triggnetworks.workers.dev eleqav.pw graysonsides.com www.hblvdnhu.gq spicy99you.info skybird.ga leveragesalmon.cn errandpilot.com trylifetimeretailoption.com www.hkpikabu.com eclesiar.com www.howtowritefilmmusic.com hilliamanatidis.store piauisites.com.br rh-hotel.it sc.gongcishi.cn openkami.ga www.king889.info 1wbqs.top www.sinurberita.com cryptovault.app smwfafgp.cf tengokwayang.com szenbookboune.ml bisatoto.com feelubeautiesah.com pando124.xyz nobleguardautomation.com www.nobleguardautomation.com esumemkire.cf leatherbackomn.store www.wertanlagenaufsicht.de wertanlagenaufsicht.de karlihertaco.cyou haucalcoutheembe.tk laverneanissawo.cyou ddqcpj.com www.sys-adm.org.ua sopremauk.co.uk www.newsqueries.com cisnouritodolpa.tk www.usoe88.com matrix.co.tz www.178punya.shop 226677.me riacramlinkbe.ga karamelpanelim4.tk afd.gg packingservicepalmsprings.com nuythadistketkdewla.tk www.emilymoon.us emilymoon.us billnets-service.online 178punya.shop spitwestronotech.ml tokyoguns.shop riemiru.ga acampyrsunon.ml liposo.tk waihuifanli.com okdcomy.club navibeefletehis.ga findermyip.com lofibot.ga 29429599.xyz blue-violet-6d7b.poxehel130.workers.dev tiochiforrapercfat.tk acjertadajylte.tk feamarimiro.tk adeqenlatpade.ml isdtelab.tk owensfarmshop.co.uk aicall.xyz kccyrrw77.bar www.improvementscatalog.uk coffeeknits.co www.coffeeknits.co sefamilytraditions.com pmaccorp.com www.heatingandcoolingarkansas.com panda-cleaning.com cleamedi.website smoker-crunch.com sesibinbent.tk qa.sandboxappmax.com.br arvirajusito.tk thewalkingdevs.sandboxappmax.com.br starwars.sandboxappmax.com.br bewisewaste.co.uk gujjuclerk.in www.gujjuclerk.in buttecountysheriff.net v735paz.com ketoaleleslons.cyou aisdis.cfd educationbody.us iizzmxrrykklee.net n9-utorrent.com gugucustore.buzz leopanchmanalely.tk krutaili.tk hwmhshenghuo34.com sunzz.co chrwjobs.com www.tiktak4d.co tiktak4d.co summer-river-9b45.hubinde.workers.dev digicardmaker.cc techfi.io activiststance.cyou stlleaders.com westym980.fleetman44.workers.dev kulina564.fleetman44.workers.dev ligrou325.fleetman44.workers.dev slodge332.fleetman44.workers.dev humble63.fleetman44.workers.dev topmea66.fleetman44.workers.dev rianclub72.fleetman44.workers.dev deepwin21.fleetman44.workers.dev tewhole22.fleetman44.workers.dev monte231.fleetman44.workers.dev yvoyage21.fleetman44.workers.dev saintm87.fleetman44.workers.dev security-appcred.tk thundercats.sandboxappmax.com.br parhightibpianorth.gq shxp888.com www.chaussettesenfr.com chaussettesenfr.com ar-villasindubai.life gameyare86.gq gacordisini.cloud luniart.com shri-jyotish-acubens.com wogoffjb.gq trueonline777.com sapphirejoker.xyz voajaxin.work descenddeprive.top ofxwauhp.tk murcielago.co prettyasap.fun trinputudortidic.tk nuimugfaikakika.cf hkpikabu.com catinc.org bungrerapohu.ml quipayswittheleamis.tk beylereozel-4.tk tbkrxn8dx8.com ultracentr.site vgmcj.com ketoyqitam.ru.com

Malware Detected on Host

Count: 7 102e1faf847d864c477040faceaf143af7ad1c89f55a7b6093a7820b72f35ff5 61dccbab13cb239b9b1811cb42ef676b4ff4f5ab669843c9f7ef0377017f6e0c b7b928f61fdb6f70b6e2998b38e3568f0178bc0863cc26cec819134d96dcf7d4 ad79c1617d5024b1a7aca5d9d559c1272fdd0f607e97b77b8f6687a42ac7d819 b130be296b3286ee55198bbde08d5b8b39d231d01f4a11c62dca001a49ad3acc fd528e4357d7443351c613cff0b6d5e73f327fe2f58d9558796d54cff4d22c54 2e3a318c29e429867c49599bce79c5d4ec6fe680c73f3caef65039d01f81b705

Open Ports Detected

2052 2082 2083 2086 2087 443 80 8080 8443 8880

Map

Whois Information

• NetRange: 104.16.0.0 - 104.31.255.255
• CIDR: 104.16.0.0/12
• NetName: CLOUDFLARENET
• NetHandle: NET-104-16-0-0-1
• Parent: NET104 (NET-104-0-0-0-0)
• NetType: Direct Allocation
• OriginAS: AS13335
• Organization: Cloudflare, Inc. (CLOUD14)
• RegDate: 2014-03-28
• Updated: 2021-05-26
• Comment: All Cloudflare abuse reporting can be done via https://www.cloudflare.com/abuse
• Ref: https://rdap.arin.net/registry/ip/104.16.0.0
• OrgName: Cloudflare, Inc.
• OrgId: CLOUD14
• Address: 101 Townsend Street
• City: San Francisco
• StateProv: CA
• PostalCode: 94107
• Country: US
• RegDate: 2010-07-09
• Updated: 2021-07-01
• Ref: https://rdap.arin.net/registry/entity/CLOUD14
• OrgTechHandle: ADMIN2521-ARIN
• OrgTechName: Admin
• OrgTechPhone: +1-650-319-8930
• OrgTechEmail: rir@cloudflare.com
• OrgTechRef: https://rdap.arin.net/registry/entity/ADMIN2521-ARIN
• OrgRoutingHandle: CLOUD146-ARIN
• OrgRoutingName: Cloudflare-NOC
• OrgRoutingPhone: +1-650-319-8930
• OrgRoutingEmail: noc@cloudflare.com
• OrgRoutingRef: https://rdap.arin.net/registry/entity/CLOUD146-ARIN
• OrgNOCHandle: CLOUD146-ARIN
• OrgNOCName: Cloudflare-NOC
• OrgNOCPhone: +1-650-319-8930
• OrgNOCEmail: noc@cloudflare.com
• OrgNOCRef: https://rdap.arin.net/registry/entity/CLOUD146-ARIN
• OrgAbuseHandle: ABUSE2916-ARIN
• OrgAbuseName: Abuse
• OrgAbusePhone: +1-650-319-8930
• OrgAbuseEmail: abuse@cloudflare.com
• OrgAbuseRef: https://rdap.arin.net/registry/entity/ABUSE2916-ARIN
• RTechHandle: ADMIN2521-ARIN
• RTechName: Admin
• RTechPhone: +1-650-319-8930
• RTechEmail: rir@cloudflare.com
• RTechRef: https://rdap.arin.net/registry/entity/ADMIN2521-ARIN
• RNOCHandle: NOC11962-ARIN
• RNOCName: NOC
• RNOCPhone: +1-650-319-8930
• RNOCEmail: noc@cloudflare.com
• RNOCRef: https://rdap.arin.net/registry/entity/NOC11962-ARIN
• RAbuseHandle: ABUSE2916-ARIN
• RAbuseName: Abuse
• RAbusePhone: +1-650-319-8930
• RAbuseEmail: abuse@cloudflare.com
• RAbuseRef: https://rdap.arin.net/registry/entity/ABUSE2916-ARIN