104.21.18.136 Threat Intelligence and Host Information

General

This page contains threat intelligence information for the IPv4 address 104.21.18.136 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Possibly Malicious Host 🟢 30/100

Host and Network Information

• Tags: cyber security, ioc, malicious, Nextray, phishing

• View other sources: Spamhaus VirusTotal

• Contained within other IP sets: coinbl_hosts

• Country:
• Network: AS13335 cloudflare
• Noticed: 1 times
• Protcols Attacked: SSH
• Countries Attacked: Canada, Czechia, Denmark, Estonia, France, Germany, Latvia, Lithuania, Norway, Poland, Romania, Turkey, Ukraine, United Kingdom of Great Britain and Northern Ireland, United States of America
• Passive DNS Results: intimrussiaportal.online perfectmaney.sbs shangxunyoupine319.com playful6playg.space aurtwentyday.com tan25jlp.monster edi22wof.net speedcmt.com bajuvillarreal.shop billflinn.com openmidfieldmagicforce.com ovrshdow.com pepepool.space onsalehomemall.com tbscoin.com paketreception.eu kuaikan01.buzz www.fantasyfootballnerd.com awardsbet.sbs dentistlawrence.com fox888plus.com byhublink.click omascara.com tenshimedia.com heyspiralcosmicconductor.com clearedadvance.com adult-diaper-search.today ydkybsaus.mameproductions.de catcasino-online.com fr0tuv7d63.net healthytorex.com my-kubernetes.com corujaveia.com.br ws-pr-470.mydualsun.com webservices-pr-470.mydualsun.com sl-pr-470.mydualsun.com toptral-gap.com ramzyoma.com soccercleats.shop 17s8.com balddao.xyz ws-pr-459.mydualsun.com ws-pr-458.mydualsun.com admin-pr-458.mydualsun.com sl-pr-459.mydualsun.com app-pr-842.mydualsun.com shifthappenscoaching.org ankrznm.sbs estoquedeimoveis.com.br admin-pr-453.mydualsun.com sl-pr-453.mydualsun.com ws-pr-453.mydualsun.com cmgacor89slot.asia abcschoolshop.com fleetwoodtrailersrvsearch.com asabutterfieldnft.com dierbei.link online-joy-casino.pro davidecarlini.com webservices-pr-451.mydualsun.com sl-pr-451.mydualsun.com admin-pr-451.mydualsun.com app-pr-817.mydualsun.com lesfestivales.fr validenglish.com www.businessan.shop idompet.top qtlymadb.com app-pr-813.mydualsun.com livornobv.nl rubyt.shop admin-br-feat-crm-to-myds-z.mydualsun.com sl-br-feat-crm-to-myds-z.mydualsun.com shakilsmvl.sbs aqgxg.link betcio362.com massagechairsindia.live younotify.space admin-br-hotfix-formidable.mydualsun.com sl-br-hotfix-formidable.mydualsun.com kebjqryp.sbs cwichina.org fc465.cc ws-pr-446.mydualsun.com admin-pr-446.mydualsun.com proudwvsm.click health-promotion-support.com app-pr-776.mydualsun.com kidsbikes-official.com nvdarewds.com app-pr-768.mydualsun.com dengi-vzaymi-24.online app-pr-748.mydualsun.com gbbdllm.xyz autumn-dawn-8567.jejowe95825017.workers.dev sl-pr-440.mydualsun.com admin-pr-440.mydualsun.com ws-pr-440.mydualsun.com webservices-pr-439.mydualsun.com sl-pr-439.mydualsun.com api-pr-439.mydualsun.com ws-pr-439.mydualsun.com admin-pr-439.mydualsun.com synergyhomemaxsolutionscenter.com app-pr-737.mydualsun.com wellness-gaggenau.de ienfiiiiiiij.buzz ntmn.eu.org tert.info plicsuremnatur.ml webservices-pr-437.mydualsun.com ws-pr-437.mydualsun.com api-pr-437.mydualsun.com admin-pr-436.mydualsun.com app-pr-731.mydualsun.com sl-pr-436.mydualsun.com api-pr-436.mydualsun.com webservices-pr-436.mydualsun.com app-pr-726.mydualsun.com ws-pr-435.mydualsun.com sl-pr-435.mydualsun.com api-pr-435.mydualsun.com stagedailyup.com webservices-pr-433.mydualsun.com sl-pr-433.mydualsun.com ws-pr-431.mydualsun.com webservices-pr-431.mydualsun.com www.ugmaxwin.org ugmaxwin.org gay2022.group www.sport-inromania.ro app-pr-709.mydualsun.com flares3cdn.validenglish.com 79839q.com bing.mycloud365.workers.dev assumeindone.com s68betwinslot.com aise149.xyz e-bikeersatzteilesales.com shlyuhimoi.ru empty-river-f355.s32e904uoi578.workers.dev throbbing-cloud-db2e.s32e904uoi578.workers.dev silent-firefly-86b0.s32e904uoi578.workers.dev sl-pr-428.mydualsun.com webservices-pr-428.mydualsun.com admin-pr-428.mydualsun.com thefirstclassstays.com ws-br-tmp-for-pr-698.mydualsun.com api-br-tmp-for-pr-698.mydualsun.com webservices-br-tmp-for-pr-698.mydualsun.com admin-br-tmp-for-pr-698.mydualsun.com ws-pr-426.mydualsun.com webservices-pr-425.mydualsun.com api-pr-425.mydualsun.com sl-pr-425.mydualsun.com admin-pr-424.mydualsun.com admin-br-tmp-for-pr-532.mydualsun.com be300forums.ionstorm.workers.dev aussiespringfling.com tiaiarnold.xyz enkionline.com zilch.lol sde3g.tk llwfomlt.top klik-hoki.online megasb.fun www.perthproductphotography.com perthproductphotography.com sl-pr-397.mydualsun.com admin-pr-421.mydualsun.com ws-pr-420.mydualsun.com admin-pr-420.mydualsun.com admin-pr-419.mydualsun.com bestdealsonwindowblinds-b-sho.today sl-pr-417.mydualsun.com www.feestartikelenverkoop.com feestartikelenverkoop.com api-pr-412.mydualsun.com bestquotes.site copium-dashboard.tech fruitslost.top admin-pr-416.mydualsun.com ws-pr-416.mydualsun.com api-pr-416.mydualsun.com hello-world-jolly-wood-c59c.greynium.workers.dev webservices-pr-411.mydualsun.com sl-pr-411.mydualsun.com api-pr-411.mydualsun.com qkgbflqjklmjvejy.com othsleatcentrosrea.tk api-pr-413.mydualsun.com m1.casa prodigi.site hauteair.shop ueagen.com e-xstore.com itsamyth.xyz businessan.shop app-pr-659.mydualsun.com 51zxzj.com q4y3j0.cyou yitaowads3060.com chistraightener-canada.org egypt-facts.org newyorkcityoktoberfest.com ketoxycus86.cloud team-swordsofblood.com jijicodes.com dobinlove.shop less-strive.lat wi9d.us sl-pr-405.mydualsun.com admin-pr-405.mydualsun.com app-br-tmp-for-pr-405.mydualsun.com app-pr-631.mydualsun.com ws-pr-404.mydualsun.com webservices-pr-404.mydualsun.com admin-pr-404.mydualsun.com backlinkbayi.com echo.webo.design www.echo.webo.design sobusey8.site lada-5-nsk.ru qtzmdyir.tk favorite.safereform.site steancommunitilty.ru late-mud-5a5a.cqtwjkafvz1794.workers.dev harrisrelicensing.com www.up-x16.ru gilaspin88.co pioneermay.top www.asns.com.mx www.zoozoo.hu aqevgraverneu.ga api-pr-403.mydualsun.com lumina-schweiz.ch m.njbsj.cn app-br-tmp-for-pr-402.mydualsun.com b55h.com studiocamellia.com wallabag.hanxu.me app-pr-613.mydualsun.com sl-pr-399.mydualsun.com app-pr-619.mydualsun.com admin-pr-397.mydualsun.com api-pr-397.mydualsun.com nizanskie.info vgsworker.ionstorm.workers.dev vgs.ionstorm.workers.dev fancy-cloud-207b.ykqcjmxwai4306.workers.dev fatburningboss.com withered-fog-052f.jejowe95825017.workers.dev oafish-drum.bond thfulacpregniaclub.ml calm-shape-fc48.mohammad-rsafaeian5583.workers.dev wispy-mouse-e40f.mohammad-rsafaeian5583.workers.dev app-pr-612.mydualsun.com cu4297oite0o.site xui.hanxu.me npm.hanxu.me dry-star-b8d0.vyacheslav-zubenko1285.workers.dev teistocbuiswapin.tk cnuksz.buzz giangcoi.shop app-pr-608.mydualsun.com 98tang772.xyz whm.dharun.tech sl-br-tmp-for-pr-607.mydualsun.com webservices-br-tmp-for-pr-607.mydualsun.com ws-br-tmp-for-pr-607.mydualsun.com haoniuyingshi1836.top app-pr-583.mydualsun.com admin-pr-389.mydualsun.com api-pr-389.mydualsun.com charletypizza.fr doprax.hanxu.me akisga.xyz ketojepiki.cloud wpcjnq.xyz www.fjkj.eu.org skopermai.ml lively-violet-93d9.s32e904uoi578.workers.dev salda.online amazing.safereform.site fi2.w1z.top dharun.tech www.dharun.tech getxapp1.sbs tdsoft.dungqb.net cumm.shop fi.w1z.top indihomebrebes.com api-pr-392.mydualsun.com ws-pr-392.mydualsun.com webservices-pr-392.mydualsun.com sl-pr-392.mydualsun.com sl-pr-395.mydualsun.com api-pr-395.mydualsun.com app-br-tmp-for-pr-392.mydualsun.com app-br-tmp-campaign-end-d.mydualsun.com agilest.org motionbypike.com iranferekans.com www.iranferekans.com 957w.site ws-pr-386.mydualsun.com app-br-tmp-for-api-pr-382.mydualsun.com blog.hanxu.me lucky-unit-31db.jiwat289092341.workers.dev red-scene-4b3d.jiwat289092341.workers.dev hidden-wind-3da0.jiwat289092341.workers.dev pjby.site njcash4life.com twinstartesting.com little-sun-cd3a.s32e904uoi578.workers.dev long-poetry-b3c0.s32e904uoi578.workers.dev twilight-sound-26e9.s32e904uoi578.workers.dev super-firefly-c79c.s32e904uoi578.workers.dev cool-darkness-f60b.s32e904uoi578.workers.dev black-lab-6490.s32e904uoi578.workers.dev shy-snow-5a56.s32e904uoi578.workers.dev small-flower-568f.s32e904uoi578.workers.dev shiny-feather-4fed.s32e904uoi578.workers.dev rapid-queen-374d.s32e904uoi578.workers.dev ancient-brook-6021.s32e904uoi578.workers.dev shy-truth-0322.s32e904uoi578.workers.dev orange-math-8daf.s32e904uoi578.workers.dev little-bush-44c0.s32e904uoi578.workers.dev fragrant-sun-9aeb.s32e904uoi578.workers.dev wispy-sun-e60c.s32e904uoi578.workers.dev square-union-31d4.s32e904uoi578.workers.dev dry-firefly-17af.s32e904uoi578.workers.dev rough-lab-c9b3.s32e904uoi578.workers.dev edu-us.hangover.tk anar.fun ottersamongus.party sl-pr-387.mydualsun.com ws-pr-387.mydualsun.com buyzetia.xyz api.netbuynow.net ws-pr-388.mydualsun.com app-pr-582.mydualsun.com api-pr-385.mydualsun.com app-br-ttmp-hotfix-monabe.mydualsun.com sl-pr-390.mydualsun.com zpofeupdtqpl.shop www.shinelentech.com app-pr-521.mydualsun.com www.ew-exports.com ew-exports.com autorisations.online www.pkwebmarket.com www.drt6ut.cf pop.drt6ut.cf smtp.drt6ut.cf ftp.drt6ut.cf portainer.hanxu.me iioowndwh333.site www.akamsphone-linkqrc.com akamsphone-linkqrc.com annepclarkson.com curly-grass-61bd.glqnjevhyb.workers.dev pkwebmarket.com bktassist.com doredeal.com www.gennarolanza.online drt6ut.cf rekamont.sk zjhymg.xyz sl-pr-382.mydualsun.com rtys00.com app-br-tmp-for-api-pr-365.mydualsun.com app-br-tmp-for-pr-378.mydualsun.com sl-pr-377.mydualsun.com webservices-pr-374.mydualsun.com api-pr-374.mydualsun.com app-pr-509.mydualsun.com app-br-tmp-for-pr-363.mydualsun.com sl-pr-363.mydualsun.com webservices-pr-368.mydualsun.com sl-pr-368.mydualsun.com ws-pr-368.mydualsun.com izmrbxrszs.net www.buffaloherald.com www.libertybellfamilymedicine.com libertybellfamilymedicine.com www.gyxckj.cn zhongwenteng.com carandayelectrics.co.uk app-br-tmp-for-pr-371.mydualsun.com webservices-pr-364.mydualsun.com app-br-tmp-for-api-pr-366.mydualsun.com 709366.com app-pr-533.mydualsun.com sl-pr-367.mydualsun.com admin-pr-367.mydualsun.com gennarolanza.online zoozoo.hu knockbackglazier.my.id webservices-pr-361.mydualsun.com sl-pr-361.mydualsun.com voipbits.ca ketobupufikus.fun www.authenticjerseys.cfd authenticjerseys.cfd dotagambler.com manstuff.world sl-pr-356.mydualsun.com webservices-pr-356.mydualsun.com www.jenever.amsterdam ntoseasons.com.br norbert-h-schmidt.de jelcepamasa.tk premiosdovalle.com rojanmedica.com.mx erteruterjhgh3554hfghf435ret.site mystery-succsess.sbs app-pr-508.mydualsun.com unimknicol.ru.com ytfhgjk.ml app-pr-462.mydualsun.com webservices-pr-355.mydualsun.com admin-pr-348.mydualsun.com api-pr-348.mydualsun.com webservices-pr-348.mydualsun.com api-pr-355.mydualsun.com ws-pr-332.mydualsun.com api-pr-332.mydualsun.com webservices-pr-332.mydualsun.com up-x16.ru admin-pr-354.mydualsun.com sl-pr-354.mydualsun.com ws-pr-352.mydualsun.com webservices-pr-345.mydualsun.com asns.com.mx admin-pr-345.mydualsun.com benniejwilliams.icu nixxie.pl bronzedbrilliancetans.com arkpdf.com httpsjokrcom.jokrcom.workers.dev jokrcom.jokrcom.workers.dev soft-bush-d384.jokrcom.workers.dev zaklady-centrum.pl comunison.com njbsj.cn www.njbsj.cn rtuyfkpb.tk jelly1991.com addilowceimom.tk srcherreview.com trixiani.link app-br-tmp-for-api-pr-346.mydualsun.com admin-pr-350.mydualsun.com kosmetikinstitut-dachau.de hananlustnonmangfe.tk app-br-tmp-test-pr-344.mydualsun.com edu-sg.hangover.tk webservices-pr-349.mydualsun.com admin-pr-349.mydualsun.com ws-pr-349.mydualsun.com sl-pr-338.mydualsun.com qqglne.xyz api-pr-347.mydualsun.com admin-pr-347.mydualsun.com ws-pr-347.mydualsun.com sl-pr-347.mydualsun.com pm5986-bd.xyz blog.bigmad.com.br webmaster-resource.lat sl-pr-343.mydualsun.com sl-pr-342.mydualsun.com podcheap.com navod62.fun www.pdbcollege.in legalcasino.pt hetaira.info webservices-pr-337.mydualsun.com ws-pr-337.mydualsun.com muchmin.pl chrobokcloud.pl www.all2home.online leidukrosidisre.ga anitajmiller.icu meteo.janvanicek.workers.dev alcucu.tk dortermplacemoper.tk app-pr-466.mydualsun.com sl-pr-308.mydualsun.com spotgraphicsinc.com www.potenciacontadoras.cl ujhmx.fit goedkopebegrafenis.org cashdevelopers.online app-pr-471.mydualsun.com castapp.ru cookiecookie.tk admin-pr-328.mydualsun.com api-pr-328.mydualsun.com hvitrroo.ga

Malware Detected on Host

Count: 5 77c4e7bcd49464dce5d5f10b1144815661653c5f8bd593fd5a95f98293be9a9d 0151e35344c761a3ec7a5e3b99672c2b881b91f3bbc4f761f39663d61d9a7e36 aa4a08aada86991abbc7b96d4b403f486c6cb7a0ae6c363d364492b72f926be3 07833a1ebd3fe1a2526bc5ebe8b0d88164410b7d8d6e1951461206df7a0b2bc7 e2c5af892afaaa7c91cf14eeb5f442be325d4e0e705969d898d8302124eee1e2

Open Ports Detected

2053 2082 2083 2086 2087 2095 443 80 8080 8443 8880

Map

Whois Information

• NetRange: 104.16.0.0 - 104.31.255.255
• CIDR: 104.16.0.0/12
• NetName: CLOUDFLARENET
• NetHandle: NET-104-16-0-0-1
• Parent: NET104 (NET-104-0-0-0-0)
• NetType: Direct Allocation
• OriginAS: AS13335
• Organization: Cloudflare, Inc. (CLOUD14)
• RegDate: 2014-03-28
• Updated: 2021-05-26
• Comment: All Cloudflare abuse reporting can be done via https://www.cloudflare.com/abuse
• Ref: https://rdap.arin.net/registry/ip/104.16.0.0
• OrgName: Cloudflare, Inc.
• OrgId: CLOUD14
• Address: 101 Townsend Street
• City: San Francisco
• StateProv: CA
• PostalCode: 94107
• Country: US
• RegDate: 2010-07-09
• Updated: 2021-07-01
• Ref: https://rdap.arin.net/registry/entity/CLOUD14
• OrgAbuseHandle: ABUSE2916-ARIN
• OrgAbuseName: Abuse
• OrgAbusePhone: +1-650-319-8930
• OrgAbuseEmail: abuse@cloudflare.com
• OrgAbuseRef: https://rdap.arin.net/registry/entity/ABUSE2916-ARIN
• OrgRoutingHandle: CLOUD146-ARIN
• OrgRoutingName: Cloudflare-NOC
• OrgRoutingPhone: +1-650-319-8930
• OrgRoutingEmail: noc@cloudflare.com
• OrgRoutingRef: https://rdap.arin.net/registry/entity/CLOUD146-ARIN
• OrgNOCHandle: CLOUD146-ARIN
• OrgNOCName: Cloudflare-NOC
• OrgNOCPhone: +1-650-319-8930
• OrgNOCEmail: noc@cloudflare.com
• OrgNOCRef: https://rdap.arin.net/registry/entity/CLOUD146-ARIN
• OrgTechHandle: ADMIN2521-ARIN
• OrgTechName: Admin
• OrgTechPhone: +1-650-319-8930
• OrgTechEmail: rir@cloudflare.com
• OrgTechRef: https://rdap.arin.net/registry/entity/ADMIN2521-ARIN
• RAbuseHandle: ABUSE2916-ARIN
• RAbuseName: Abuse
• RAbusePhone: +1-650-319-8930
• RAbuseEmail: abuse@cloudflare.com
• RAbuseRef: https://rdap.arin.net/registry/entity/ABUSE2916-ARIN
• RTechHandle: ADMIN2521-ARIN
• RTechName: Admin
• RTechPhone: +1-650-319-8930
• RTechEmail: rir@cloudflare.com
• RTechRef: https://rdap.arin.net/registry/entity/ADMIN2521-ARIN
• RNOCHandle: NOC11962-ARIN
• RNOCName: NOC
• RNOCPhone: +1-650-319-8930
• RNOCEmail: noc@cloudflare.com
• RNOCRef: https://rdap.arin.net/registry/entity/NOC11962-ARIN