104.21.30.85 Threat Intelligence and Host Information

Jun 22, 2025 ipinfopage

General

This page contains threat intelligence information for the IPv4 address 104.21.30.85 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Likely Malicious Host 🟠 51/100

Host and Network Information

Mitre ATT&CK IDs: T1016.001 - Internet Connection Discovery, T1031 - Modify Existing Service, T1045 - Software Packing, T1053 - Scheduled Task/Job, T1060 - Registry Run Keys / Startup Folder, T1082 - System Information Discovery, T1088 - Bypass User Account Control, T1089 - Disabling Security Tools, T1112 - Modify Registry, T1129 - Shared Modules, T1147 - Hidden Users, T1158 - Hidden Files and Directories, T1583.005 - Botnet, TA0011 - Command and Control
Tags: bing, bits, browser installer, cms, cnc, copy, create c, cve, device, /dev/watchdog, dns, domain, dropbox, dsl2750b, education, elf, elf32 operation, elf executable, entries, exec, execution, expl, extract, forbidden, get, high, http host, inbound, injection, intel, ip address, ip check, iviplanet, linux, lsb executable, malware, medium, mirai inbound, mirai variant, okhfjrtblzo, os command, outbound, persistence, .pl, rce m2, read c, reconfiguration, remote, resolverror, router dsl2750b, search, seek, service, set up, show, sysv, target, tcp syn, tools, trojan, unix, unknown, user, useragent, we_get_command, win32, windows, windows nt, worm, write
View other sources: Spamhaus VirusTotal

Country:
Network:
Noticed: 2 times
Protocols Attacked: Anonymous Proxy
Countries Attacked: United States of America
Passive DNS Results: bedpost.watch caremaag.net collinearitysbjp.com zebrarestaurante.com ganha9-com.com www.fitpro.com habitusphere-housing.com herwigsmpa.com employeeretirementgroupclient.com oniris-agency.com jsdkjee.sbs bet-365go.com dogubanktv.com dobytgame.com phpkuint004.148.games bonnardd.irish picturelikeimpossible.cam gpyiyqm.info artsandbusiness-ny.org engage-31210312.com greatpricewow.site nns.edu.sa playsteam.pro comboslot.win welding-jobs-5l6p3w8x9k8.sbs cakevapecarts.com venicehousenb.com e0706.com aemiab.irish wueoldcasino666pxvc.space rpdyul.com rppoutreachtech.com saffronx9.com lingzhima.com decocleaningexpert.com wotarustore.top digimobil-spain.live tbdegros.com purecodetools.com lucky-coins-journey.xyz ailocations-gearboxprotocol.com proskript.com boxplaypainel.online thecepress.com hikegeae.shop unigeemanc.pro casinoplanet.click zyptoalerts.live acvuiouzn.com cineflics.com njmrhandyman.com nexro.cyou monoloki.com corewex.com happyday-factory.com leadcheck.wekomediagewerbesuche.com hbwbot.sbs bellabrazilsalon.com theaddisonofgwinnettpark.com gingttous.com ryzen69.site learniumschool.com vuongquocdongu.com galayam.com bigm888.live invidsmbo.pro favtcup.com brevism.com leonbets-casino-0q4nw.xyz onex.vivatax.ch fishmanlab.click mkj.reglink.za.com all3mediat.com tsxseguros.com.br dobgtyce.watch f168vip.life uddhavthackeray.com tiosbetgiris.com ghamad.com kk188.vip 8xza.buzz affgrowthhub.org biquinis-de-fio91.today 82wa53.com southcoastbicyclerentals.com meetideajamhq.com pasti-menang.vip www.lingaexpo.pl vns579444.com ramed.shop hello88com.buzz optionhire.com www.assowassanna.com a1.7754.pw vacationticketsguide.world 1fodkhgfmnhgb.space inclusivityfashion.com sueperstoreava.shop footlaned.shop investmentmanagement661992.icu ice77duar.site livedollc.shop fabulasirius.shop 3aaaf927-4db7-4f59-bae1-4fca696b573e.id0688-fa9.workers.dev taaoul4.xyz instantaioperations.com ekipafanihy.org sejuta77coke.site downloader.koroshseka-gh.workers.dev bpackvietnam.com www.bpackvietnam.com jiayijs.com.cn jj-jz.com www.golfballus.com juledc.com thbkuint004.148.games help.onlinecurriculo.com.br myr2kuint004.148.games sp2s-device.com pinco-casino178.com jurisagnes.online repairfix24h.site www.792488909.xyz cdnflex.net 792488909.xyz refugeplaceint.org ludohub.site surabyu1.pro olenation888full.com noctaromania.com vty06.cc mintrey.com jambergadang.xyz yfoqjq-how.xyz christmas.andrewgeorgiou.co.uk mypiano.ai abshrnoc.xyz ehqwearakfzvhgmcmqb.shop lswvz.info smeto.link kp55k.top ajceick.shop lisakudirka.shop slackline-hamburg.org theselahgroup.com kk4kk.vip linkcuan-2025.site br921485.online caixadesom-br2.today nupitwedding.com adanavwqgy.shop bentenghuxin.com precisionknives.shop cdnimages982.sbs neiroscoins.org hd.hmily.mom hit4q.info bhj8r89955.space usey.booksrt.workers.dev bullseyeseller.com arenatowing.top sugouwu.cn brookville-garagedoorrepair.us www.anadoluyakasiesc.com 1winmines.shop tiembanhsau.shop www.blogforprivacy.com lifeboostgummies25b.us www.shoptheminttcud.shop wtvxa.info ywfhjlm.cn www.accupart.shop www.mgim.com.br mgim.com.br ethgift.org shoesfrance.fr dstat.coffee www.halanacres.com halanacres.com ppruphmllx.click beertimestories.hu shoptheminttcud.shop telergam.tax yesbeads.top bnqcsxprfml.info loansforestonian.today biter-foxnews.site ngeijfkgmbkljgie.online bir77fans.com gacor188-terbaik.site credit.gripe rayelinhotelsoldtown.com cdnimages113.sbs walmynebavy.com faiseanseaiceid.com caijuguete.com.ar jz5588.net tutorial89.com gleefulunity.shop hcm2024.com 18.guaiguai999.org bpaj1dk0d.xyz laesgroupzambia.com expresszone1994.shop berryeggen.com auto-insurance-dk-5917.today vericuzowaz.store kocatepe.dev gloveplaycrick.com clnicasdesaludmasculinaespaa848427.icu launchpad.ordizeal.finance bronxyshost.com shop-bunsuke.biz recapfash.store pubgenekin.shop tercan-siyaset-haberleri.com.tr mute-glitter-5257.hmut61w9dm4qyc.workers.dev vich.vivatax.ch proreachtoleadmedia.com mobilyamagazalar.com.tr eldinerogratis.com latifaqueen.fr aviafantasystrike.com 4i23.com szjkmm.com khgfs.fun mybeautystorels.shop perloirpigfulpirbhai.shop hokumshutsonyamshik.sbs disneyjourneycontact.com www.glyph.so www.chaussuresetvetements.fr 711gamex.com meteor.ng bandannastoresw.shop goodasia.shop xexchbridge.com app-dioneprotocol.com vavavacasino.top vikashvidya.com counselling.masteryourselfacademy.com rytle.net pbesicirebon.org cute.bet forloveofthem.com chaussuresetvetements.fr minard-ames.com jetlag888.info westerneasternstationery.com jewelryreplace.com ballsempire.com pegongsoran.desa.id regagoraassinatura.com tem.ativando-dispositivo.pro piratesgulfcoast.com mwhepworth.me qegzye.xyz anawilkinson.katyash.workers.dev indiapostxx.vip wismancair.xyz zyverionnetworks.com atm365s.com piasavapiloteepinkie.fun molenzag.com pop.jwe-app.online www.jwe-app.online ftp.jwe-app.online smtp.jwe-app.online wedot.top mullidmurrayanacrine.sbs bomjudi.motorcycles anadoluyakasiesc.com vejagermany.com browndogbiscuits.shop medsmartx.com ysabeljanapumjerash.fun raptor-auth-service.raptorz.workers.dev perhiasanmodern.shop www.spravkit-vsem.top spravkit-vsem.top jungstudycenter.org www.laju-toto.live laballkuykoons.shop betsmartdk.net smartphone-offers-in-lithuania.today accupart.shop boss77gg.fun wsohbwqw.shop ecomiha.online mio88taps.com gilaslot88jk.com office.tutorial89.com displayingec.shop topnotchdesignsusauy.shop curiousdamasksdecares.fun peipei.guaiguai999.org njbuff.com pinata.open4glabs.xyz open4glabs.xyz prairievilledumpsterrental.com www.nawidelcu.pl tree-felling-197276401.today hardthtrjrever.shop paficimerak.org www.rakaezkw.com kashfi.1dc147c402.workers.dev wildwest.blog www.grit326.com cfarmzones.store cropf.link fastlaneweb.com anchorauth1237879.today vapediva.org reconcpmnj.xyz testingserverless.click new.customerframe.com qnmbl.top rtpetg.shop celemai.ro sfa-uk.chaelriches.net modelprobedisseminationsystem.com 672637211-26li72.xn–80akusdh.xn–p1ai logoscore.co chaelriches.net unitedliving.chaelriches.net highwaysafe.chaelriches.net img.genalphaslang.info aztraininglab.com most-bet.cz bornsteinhealthcoverage.site joinbet99rl.click otfga.link mortgaged-apartment-pt.today strangecrunch.xyz peaashmeter.dev carloanbadcreditscore.today winslotsgg.sbs smartnetworkheartai.com mesamartinez.com get-maker.com biurorachunkowe-jaworzno.pl steepincim.tips sllooticply.site ciduk-jepejepor.lol dealerlaw.com levixgolf.online gardensting.com peacsolutlon.com drevopalici.net keonhacaivr.com vellypizzaroseville.com earn-beradrome.com jott-osterreich.com ndkghbcfmax.best cp526.com gpt-o1.net old-band-2ca1.korethaitthavhiwa.workers.dev sec118.org etisklut.boats wireescaler.com get.forus.eu sukattakrt1.shop idbonus.net vacating.com www.sexdiaryx.one sexdiaryx.one techmagick.work eoe6.com nanningmosheng.store shiny-scene-f30f.tp18yj.workers.dev secure.bestbussol.com livingwithoutborders.click resepnusantara.lol freeonlinemasterclass.com tajir5000jp.site radiantdawnlightquest.website 4tbajee.com www.nliving.tw music-explorers.raptorz.workers.dev www.inti4djituqs.xyz worker-morning-mode-2d21.zmitruk.workers.dev alonebrave.xyz email.mmir.workers.dev kyfop.org kois-bot.koiscenter.workers.dev olmaxas.com ninaparks.katyash.workers.dev pulseforges.com construction-jobs-jp-61-2.today filmehd.lol woaicl83ea.top kalndar1850.online digorescortg.xyz bigtoto.club casinoly.cyou telezutoriz.life wedebolagacor.art bjglk.info rosahull.katyash.workers.dev www.gempaangkanet4d.net taqueriaautentica.com sapphireavm.com dearnevalleydyslexia.com sensizolmaztv.com www.collaborativeuniversity.com app.theadtools.com bluebullambassadors.com shortsdb.com markaszeus2024.com panchi-pannipin.com pafikabtimurbelitung.org kegsonlegsdiscount.shop nampost.homes pafikotpelaihari.org maxwin88coy.shop popularplay.shop blsilavs.sbs r0495.xyz fresh-cazino.org cosca168.org lfyvwcheapest.store danaitu.net acakadut.xyz win289.info burnsrcm.com b2bconnectspdm.com betwoon663.com starbosh.com zhaobaotaiji.com flex-lin.com webintestventure.com judislot999ws.com patisserie-foucher-neuilly.com invertproductions.com xaswzl.com cndairy.com locations-connect.com morganhillcellars.com sgt-tek.com berrinyildiz.com properwellnes.com appccwconcierge.com e10.dpefduqyjpkj.com e7.dpefduqyjpkj.com e2.dpefduqyjpkj.com e4.dpefduqyjpkj.com dbmyg.com masteryourselfacademy.com gamespesa.com usetbcc.com bq1wqov.online wholikedvs.live bao-sms-hook.raptorz.workers.dev freshcasino-latino1.top www.perinterest.shop zyskajrowerelektrycznynaratybezban830957.icu rinacey.com wwwinforma.com www.wwwinforma.com kvahe.link vt8.info gelishbeautyboutique.shop vestetwontm.us carrenoyrecatala.com upvimrz.cn nfetgegvgdsdff.cyou phptools.org pro-tagging.theadtools.com majesticjohorclean.com grit326.com oasiscreaativestudio.com w.hmily.mom odisseafuncity.it tantalizingessence.online metin2010.com quests.no worker-bold-dust-1bff.zmitruk.workers.dev get-operatana.com www.ggarzzak.com v11av1297.xyz kadeweusdtmallapi.vip lotoclub44.com bendera138d.xyz 1376w6.xyz mbak4d2.pro zxyhnt.shop estatemastersgh.com dewivip1.org securityn.info luisdmendez.com moon-place.digital podhelostore.com vipgemar4d.com kingsofgrill.shop ethfi.financial yolo2024.top slotgacor4dsub.site genalphaslang.info friendscasino-registration.buzz fypufiy2.pro

Malware Detected on Host

Count: 2 29bbf20a8bc6d64908a4228b3ed89f87d20a02a8a7895b63f8bb02c92228cc22 ea60530523a270c9e4c85222bce1e64ae4e1aed5993846a973a55ab7b3d8e944

Open Ports Detected

2052 2082 2083 2086 2087 2095 443 80 8080 8443 8880

Map

Whois Information

NetRange: 104.16.0.0 - 104.31.255.255
CIDR: 104.16.0.0/12
NetName: CLOUDFLARENET
NetHandle: NET-104-16-0-0-1
Parent: NET104 (NET-104-0-0-0-0)
NetType: Direct Allocation
OriginAS: AS13335
Organization: Cloudflare, Inc. (CLOUD14)
RegDate: 2014-03-28
Updated: 2024-09-04
Comment: All Cloudflare abuse reporting can be done via https://www.cloudflare.com/abuse
Comment: Geofeed: https://api.cloudflare.com/local-ip-ranges.csv
Ref: https://rdap.arin.net/registry/ip/104.16.0.0
OrgName: Cloudflare, Inc.
OrgId: CLOUD14
Address: 101 Townsend Street
City: San Francisco
StateProv: CA
PostalCode: 94107
Country: US
RegDate: 2010-07-09
Updated: 2024-11-25
Ref: https://rdap.arin.net/registry/entity/CLOUD14
OrgNOCHandle: CLOUD146-ARIN
OrgNOCName: Cloudflare-NOC
OrgNOCPhone: +1-650-319-8930
OrgNOCEmail: noc@cloudflare.com
OrgNOCRef: https://rdap.arin.net/registry/entity/CLOUD146-ARIN
OrgAbuseHandle: ABUSE2916-ARIN
OrgAbuseName: Abuse
OrgAbusePhone: +1-650-319-8930
OrgAbuseEmail: abuse@cloudflare.com
OrgAbuseRef: https://rdap.arin.net/registry/entity/ABUSE2916-ARIN
OrgRoutingHandle: CLOUD146-ARIN
OrgRoutingName: Cloudflare-NOC
OrgRoutingPhone: +1-650-319-8930
OrgRoutingEmail: noc@cloudflare.com
OrgRoutingRef: https://rdap.arin.net/registry/entity/CLOUD146-ARIN
OrgTechHandle: ADMIN2521-ARIN
OrgTechName: Admin
OrgTechPhone: +1-650-319-8930
OrgTechEmail: rir@cloudflare.com
OrgTechRef: https://rdap.arin.net/registry/entity/ADMIN2521-ARIN
RNOCHandle: NOC11962-ARIN
RNOCName: NOC
RNOCPhone: +1-650-319-8930
RNOCEmail: noc@cloudflare.com
RNOCRef: https://rdap.arin.net/registry/entity/NOC11962-ARIN
RAbuseHandle: ABUSE2916-ARIN
RAbuseName: Abuse
RAbusePhone: +1-650-319-8930
RAbuseEmail: abuse@cloudflare.com
RAbuseRef: https://rdap.arin.net/registry/entity/ABUSE2916-ARIN
RTechHandle: ADMIN2521-ARIN
RTechName: Admin
RTechPhone: +1-650-319-8930
RTechEmail: rir@cloudflare.com
RTechRef: https://rdap.arin.net/registry/entity/ADMIN2521-ARIN

Links to attack logs

anonymous-proxy-ip-list-2025-06-21

Share on: