104.21.31.85 Threat Intelligence and Host Information

General

This page contains threat intelligence information for the IPv4 address 104.21.31.85 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Possibly Malicious Host 🟢 25/100

Host and Network Information

• Tags: japanese-phishing-site, phishing, phishing-site, scam

• View other sources: Spamhaus VirusTotal

• Country:
• Network: AS13335 cloudflare
• Noticed: 1 times
• Protcols Attacked: SSH
• Passive DNS Results: relocateprescott.com learnenglishnow.today fintab.pub mmajp27rew.monster chowawebhost.live integratedigitalsolutions.com hawaiileivases.com yh007.shop kuponuna157.com zhongtongli.com servicetoplink.store eligeunnombre.com tnkfivstrade.info kolmanoul.co.il sliversblog.online umaizabuysllc.com checkout-today.com fyeht2hotbet.click nsb001.org transatlanticsbanking.com telega.group block226.com sportsapi12.site digityayus.com homegoodusstop.com bandargaming777.com dataxecurity.com padberg.space inhabitan.cyou topedo.shop 735dd.xyz trqvw.shop diaperbags-sales.com bc672024.com statnu.store alpujarramagazine.com www.alpujarramagazine.com theeditweekly.com erkekescort-istanbul.com zikuji.xyz winapptech.com baba-perfect20-special20.buzz wireche.tk bdy45.com sleepingpadsale.com gqgamlgq.cf tokobebek.org kitchencabinets34.today hello-world-lingering-brook-706e.kiliuy1748.workers.dev rtpsky77.xyz mouzenidis.pl mentaypoleo.com www.mentaypoleo.com kangsankorea.com gladiatordumpsters.com wonclub201.com web.tinhkyaw.com healthfuturepeople.com mypod.cloud eloteskw.com elicitfringe.top solvingappointments.com lowvoltconnects.com emir2hosting.com hntv6448.top twilight-poetry-2aa4.kiliuy1748.workers.dev pusatwin55.com mostbet-whb5.top solarpanels-pt.today speroerti.shop trangifleiphoma.tk mypiratesonline.com 2ray-server1.moh84shir4832.workers.dev rachellin.site dippindaisys.top polished-paper-9be4.190234680.workers.dev mimaditosbabymall.com waere-auch-offen-fuer-inzest.de yy2280.com mayfairksa.com silhouette-api.com hello-world-sparkling-breeze-0df7.kiliuy1748.workers.dev johnpiklowe.shop wmkipzjn.cfd guinbusmocobna.cf horadoesporte.com tuaddio.com asphalt-paving-us.today ftp.schluesseldienst-in-lennestadt.de www.schluesseldienst-in-lennestadt.de indique.hlts.com.br schluesseldienst-in-lennestadt.de diving-wiv-the-divine.uk juecescompeticion.es vcfcj.top guidingbuzz.com candy4kwallpapers.xyz lwiwpywosqcbb.com hello-world-twilight-glitter-0836.ixxyfi1992.workers.dev myrticejenniewu.shop mlzkgkyk.gq apecatu.net cool-tree-82ab.ixxyfi1992.workers.dev professionalstock.site big-servant.club tight-grass-94b8.ie12dns.workers.dev www.autumninvt.com reflectrider.com tinhkyaw.com wtovbjfm.cf madameirmia.fr reseller.naravpn.com naravpn.com www.zwekpin.store zwekpin.store round-hat-5a3e.qxgkefjbtz484.workers.dev deespublicity.com stockinspector.ru businesobraz.net admin.naijaremix.com www.naijaremix.com aromaofhim.com getyourcooltry.online betmagic.ru dybitodelre.cf toplatinblog.info nameless-flower-8de1.kiliuy1748.workers.dev 9kaczy.cyou chatbot.ninehills.tech llm-openai-api.ninehills.tech broken-sky-509c.kiliuy1748.workers.dev wispy-tooth-65c9.kiliuy1748.workers.dev batman.butterflycaught.eu at-api-service.jiashengyi1388.workers.dev withered-bar-1ed3.jiashengyi1388.workers.dev odd-credit-121e.jiashengyi1388.workers.dev mazmur21.com wild-bar-ab3e.loucid777963.workers.dev flat-queen-5263.loucid777963.workers.dev www.eyesglassesshop.com eyesglassesshop.com lifecoachup.it captain.dev.0xapollo.me ideanuove.com bikobh.com qzellujsw.website base.hajiom.com haji.hajiom.com 1665794034975demo.stv.vn rust-panch.pro dhm7s61.us cloudgame.press sigaaronline.nl 7emtest.butterflycaught.eu rating-online-casino.buzz bitter-limit-f546.gia-terranova1806.workers.dev blast-prime.pro shiny-flower-5646.moh84shir4832.workers.dev jiuse1953.xyz develux.digital bzhtyc.store 1xbet-aim.top netchexline.buzz eqsmxi.xyz calm-field-4fba.kiliuy1748.workers.dev truenas.tuthomelab.net barbarostekne.com.tr it-foundation-multi-ok.live 2for1pizzaplace.co.uk m.389e365.com www.389e365.com 389e365.com frosty-hall-7759.543831481905.workers.dev hajiom.com aged-shape-5524.kiliuy1748.workers.dev vnfilehost.com orange-lab-d025.ixxyfi1992.workers.dev frosty-darkness-2b39.ixxyfi1992.workers.dev www.mehmetk.net www.pillarhavelock.com pillarhavelock.com ani.f1sh.me openai-api.ninehills.tech gentle-frost-ab2c.kiliuy1748.workers.dev patient-smoke-3619.kiliuy1748.workers.dev empty-shadow-d391.kiliuy1748.workers.dev summer-wood-cfc7.kiliuy1748.workers.dev cool-lab-4a25.kiliuy1748.workers.dev crimson-salad-d321.kiliuy1748.workers.dev buliang.xyz shy-bird-e165.kiliuy1748.workers.dev www.parkncollect.com.au t26store.com naijaremix.com amenos5.es opencatd.ninehills.tech pphset.org doussale.com buyaccount.info xzmrmmmxdgvnl.net square-field-803f.nodecoderovo.workers.dev danbjvhddsifvds.cfd divine-feather-a4e7.kiliuy1748.workers.dev sxvrdszd.ga zakpbrookes.icu guideline.business late-moon-f1c1.kiliuy1748.workers.dev damp-wood-f743.kiliuy1748.workers.dev take.ssales.live stopcarfortaleza.com.br lzxyzlsb.com red-dream-1850.kiliuy1748.workers.dev openai-web-proxy.over4528.workers.dev exchangewebapp.digital keytuguabe.tk openai-proxy.over4528.workers.dev tight-credit-5aa9.over4528.workers.dev windaceous.shop ellarosenberg.de mehmetk.net arquivo.hlts.com.br electicaes.com www.electicaes.com thfourth.com 2t1bof.com wwlksfs.buzz betoolci.ml pinjiange.com forwardtsxc.click jing11119.com agenziaindustriale.it round-snow-7da4.kiliuy1748.workers.dev fundmygovreturn.top laurapicksart.co.uk files.onthebrink.dev porndude44.com oicanjo.com ssales.live alexandermcqueengreece.net www.insurancecircadian.com sidingparkridge.com amcanmathinpi.tk taib68.live haverhillgov.com superortho.gr 1ecto9.xyz protreatments.co.uk chartenoak.org allianzetravelprotection.com www.chordgitar.co chordgitar.co www.nasisinovi.com dom.aparatir.shop org.aparatir.shop master-navseruki.com tamarke.cyou airdrop-radar.com hpynrupga.tk www.master-navseruki.com anentruthpotis.ml qkydsijrqm.ru.com eone1122.work xgys13.com www.organic-provisions.net nasisinovi.com dcrhsorcmofoehcehsfjshjarmsmsdas.cf aparatir.shop denet.app sacramentse.sa.com rastinbime.ir websysproject.cf rapid-dawn-12c6.ali-zaktab150.workers.dev gridacademy.jp laravel8demo.onthebrink.dev iltasguleas.cyou 1665638112411demo.stv.vn newfreenodemobi.ali-zaktab150.workers.dev portelatrading.online togetherwei.buzz outifidiver.tk www.gridacademy.jp yzv09.com www.clownfish-voicechanger.net etclopfallfati.tk restless-smoke-b35d.zanzendegiazadivpn2023.workers.dev ashandjamesphotography.com www.ekonovstroy.online sitiowebcordoba.com.ar www.sitiowebcordoba.com.ar www.clarksfemme.fr clarksfemme.fr testing.f0x.es f0x.es varicose-veins-in.life rudraksh.adminrudra2.workers.dev highstreetmanchester.co.uk www.blackoily.com 0xapollo.me base.0xapollo.me sunjut.com.tr newbiz.com.ua besgptlnet.cfd trek4fun.com conphaca.gq amlimiktiobroc.ga lineaverdecolladomediano.es wzb5y78.buzz tocosochq.click lmpqag.bar adavic.com.tr marcusandgrant.com coindask.com crosmonthther.tk inhypniegus.ml navicorpangola.com accsandefjord.com animoor.org patient-silence-6178.kiliuy1748.workers.dev crimson-mud-26c5.kiliuy1748.workers.dev 1668654375373demo.stv.vn vlfx022.buzz singfettepermybu.ga reprint-report.za.com 1668508035609demo.stv.vn crimson-cloud-4a14.kiliuy1748.workers.dev spring-tree-6fef.kiliuy1748.workers.dev withered-morning-309f.ckh08045.workers.dev e5renew.ckh08045.workers.dev 2aydinlikvakti.store fashionphile.uk exper.biz.id us.vpneth2.cam metacost.io whitepaper.metacost.io nerdpress.team nomlanantoreta.tk silent-glitter-00d9.kiliuy1748.workers.dev www.aroundthew.com buyllevcakeabalperf.tk colombo32.site oncemadethedecision.buzz magdalenveronaqe.cyou w5285m.cyou rentplace.vojtas.workers.dev hpqptstg.xyz genesisreviews.com 1667441280999demo.stv.vn 1667398186525demo.stv.vn doubtmatchmar.tk tollsophfbestvan.cf budfitamatboret.ga www.groovepagefunnels.com ioachimprints.eu treatrendcent.tk roemapal.tk textangel.de lindsaycoywi.cyou 1666803061870demo.stv.vn www.estudiodegoumois.com estudiodegoumois.com marfagosverste.ml ketsreazigosym.tk hotlocalsingles.com olconcheckcarta.tk tridsiastatbats.ml www.geneajourney.com geneajourney.com roseville-estate-planning.com book108.in smstocode.com netsfosupp.tk fmpodnetwork.com 1666094649292demo.stv.vn 1666112426869demo.stv.vn fqaj.info nightlifetimestorie.com 1665793690618demo.stv.vn cq9py.buzz 0733.info 1665641776988demo.stv.vn 1665641595857demo.stv.vn 1665641006210demo.stv.vn 1665639754042demo.stv.vn 1665639592814demo.stv.vn 1665637643526demo.stv.vn 1665639160622demo.stv.vn 1665627770138demo.stv.vn 1665580217330demo.stv.vn bfcnbf.buzz 10oq360.buzz www.trashbinrentalvermont.com www.onctrl.com perefsefortwa.tk nearmelocksmith.org xzdnldlc.com niliti.pics blackoily.com bladewholesome.cyou paraal.digital riasoeralo.tk designatefascism.cyou frosty-bonus-37d9.ramos-217.workers.dev rapid-frog-bac3.ramos-217.workers.dev damp-term-374e.ramos-217.workers.dev fragrant-darkness-ed18.ramos-217.workers.dev broken-night-ae8c.ramos-217.workers.dev www.mbs-iptv.com wamodf.shop miyao066.xyz www.shopiet.com kireevsk-khi.ru hieexcmx.tk awleanradenre.tk tailed.info vidriosartisticos.com iosapi.firstindianews.com turkkkfalkon.ga vmwipec.tk tearibreetu.cf ovedpr.co.il 1668997542298demo.stv.vn ashtrixx.com www.moneymanagement.today arythmiclecor.tk dhucoaaq.buzz artisdecoracion.com the-foundcash.com cdn-ddn-net.ml frahm.com.br medicare-pro-query.life pabuxodataxy.cf cpcheml.com www.firstindianews.com pass.zh-sh.info construacerto.com.br karimkarim-2022.gq oulmjshop.top buddtacefes.ga wedify.xyz spring-flower-012d.kiliuy1748.workers.dev riwattcucumogu.tk u5bld9n.shop txg3rc.shop myotechshemutari.tk terneweditomw.gq mingdesness.tk lionhearts.xyz stockwell.cf rough-mouse-8b78.kiliuy1748.workers.dev arborshroomstore.com hhk911.buzz aroundthew.com www.pontevedrademolition.com pontevedrademolition.com ofnecourcocel.tk relenweegua.tk singdenpa.ga www.masajescuban.com getirarac-com-tr.com esresamahand.ga dwidviheaddergrabri.cf falling-bread-ba48.kiliuy1748.workers.dev square-unit-a0c3.kiliuy1748.workers.dev tranperphyreb.ga 1667446867093demo.stv.vn gtipomtorsumpcongdo.ml yolohago.us uktv11.ru.com ballvediripome.ga 1667392104582demo.stv.vn resnesounfa.gq pinsbuttaiventmyran.ga mayristonocsasap.ml pvsicr.com mailer.firstindianews.com wishofgot.com mauflortip.tk scarthoghass.ga www.karma-dla-zwierzat.pl caeblazjecpay.cf karma-dla-zwierzat.pl tickcolfill.gq buchscrednolecpect.tk chuxepabonwahr.gq tinsgranremppresadfi.cf intheauquar.tk bitpayt.cc enextriflocu.tk zurf.us gaetanotaurean.shop ft-zargi.org az.bootstrald.com vivensamg.com provicoverman.tk skikapinnorfani.tk plethuphybroti.tk psychpospemewestcret.tk 1666801483123demo.stv.vn 1666784325267demo.stv.vn 1666778760310demo.stv.vn

Malware Detected on Host

Count: 10 fbd45641ab9d7c6da2bbe37f21fbde0a06751aa622bb80f89cb7964067a3b4ef 762febbcf0414c3a220b04e29e075978605897df0e407d7932ad9d8ad92327c0 c3f23700666ac233b7a82335e0dd33b9020d3f5bc1fe11b22b89a0afe21a5b3b d5539cd8b7a89712312e0a4177a065fad1749751632deb2aa16d14e8728ba70d cd95105a89701970d612dbd0ef529957b7ba715ad844aa199e8ec0406b475c1f 8491434adf99758d618e1a7102862087d00153737b58eb8b1be3bb3f415cc203 010ac595a459c3e38ac1e0ca4c98b5548ca900cce1e729b76c31852da436e8f4 677ec0fcc15603f9c6f59ae6a1533618ddca0ee93f4061507977e8965f3a21b8 8fec3878baa8a7694c238f0909e7a86aaab71dcbfb9532a28028af956840de4c 6ce5e5fa418f124935237073ef2d37140babc0c9dcbe82fc1c89eab2f1275d60

Open Ports Detected

2053 2082 2086 2087 443 80 8080 8443 8880

Map

Whois Information

• NetRange: 104.16.0.0 - 104.31.255.255
• CIDR: 104.16.0.0/12
• NetName: CLOUDFLARENET
• NetHandle: NET-104-16-0-0-1
• Parent: NET104 (NET-104-0-0-0-0)
• NetType: Direct Allocation
• OriginAS: AS13335
• Organization: Cloudflare, Inc. (CLOUD14)
• RegDate: 2014-03-28
• Updated: 2021-05-26
• Comment: All Cloudflare abuse reporting can be done via https://www.cloudflare.com/abuse
• Ref: https://rdap.arin.net/registry/ip/104.16.0.0
• OrgName: Cloudflare, Inc.
• OrgId: CLOUD14
• Address: 101 Townsend Street
• City: San Francisco
• StateProv: CA
• PostalCode: 94107
• Country: US
• RegDate: 2010-07-09
• Updated: 2021-07-01
• Ref: https://rdap.arin.net/registry/entity/CLOUD14
• OrgNOCHandle: CLOUD146-ARIN
• OrgNOCName: Cloudflare-NOC
• OrgNOCPhone: +1-650-319-8930
• OrgNOCEmail: noc@cloudflare.com
• OrgNOCRef: https://rdap.arin.net/registry/entity/CLOUD146-ARIN
• OrgRoutingHandle: CLOUD146-ARIN
• OrgRoutingName: Cloudflare-NOC
• OrgRoutingPhone: +1-650-319-8930
• OrgRoutingEmail: noc@cloudflare.com
• OrgRoutingRef: https://rdap.arin.net/registry/entity/CLOUD146-ARIN
• OrgAbuseHandle: ABUSE2916-ARIN
• OrgAbuseName: Abuse
• OrgAbusePhone: +1-650-319-8930
• OrgAbuseEmail: abuse@cloudflare.com
• OrgAbuseRef: https://rdap.arin.net/registry/entity/ABUSE2916-ARIN
• OrgTechHandle: ADMIN2521-ARIN
• OrgTechName: Admin
• OrgTechPhone: +1-650-319-8930
• OrgTechEmail: rir@cloudflare.com
• OrgTechRef: https://rdap.arin.net/registry/entity/ADMIN2521-ARIN
• RAbuseHandle: ABUSE2916-ARIN
• RAbuseName: Abuse
• RAbusePhone: +1-650-319-8930
• RAbuseEmail: abuse@cloudflare.com
• RAbuseRef: https://rdap.arin.net/registry/entity/ABUSE2916-ARIN
• RNOCHandle: NOC11962-ARIN
• RNOCName: NOC
• RNOCPhone: +1-650-319-8930
• RNOCEmail: noc@cloudflare.com
• RNOCRef: https://rdap.arin.net/registry/entity/NOC11962-ARIN
• RTechHandle: ADMIN2521-ARIN
• RTechName: Admin
• RTechPhone: +1-650-319-8930
• RTechEmail: rir@cloudflare.com
• RTechRef: https://rdap.arin.net/registry/entity/ADMIN2521-ARIN