104.21.48.45 Threat Intelligence and Host Information

General

This page contains threat intelligence information for the IPv4 address 104.21.48.45 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Potentially Malicious Host 🟡 45/100

Host and Network Information

• Mitre ATT&CK IDs: T1027 - Obfuscated Files or Information, T1059.007 - JavaScript, T1070.003 - Clear Command History, T1071.001 - Web Protocols, T1071.004 - DNS, T1071 - Application Layer Protocol, T1105 - Ingress Tool Transfer, T1114 - Email Collection, T1140 - Deobfuscate/Decode Files or Information, T1497 - Virtualization/Sandbox Evasion, TA0002 - Execution, TA0003 - Persistence, TA0004 - Privilege Escalation, TA0005 - Defense Evasion

• Tags: Abuse, adware, ALERT: WEB CAMS, alexa, alexa top, amateur, amateur amateur, artemis, asia anal, asian big, big tits, blacklist, blacklist https, browser malware, child abuse, cisco umbrella, coinminer, content reputation, crack, cyber crime, detection list, et tor, evader, exit, file, From America to Russia, gay amateur, girl on girl, happy end, heur, iframe, internet storm, js user, known tor, malicious site, malware, malware site, million, misc attack, node traffic, patcher, phishing, Phishing.HTML, pierced pussy, porn thai, redirect, referrer, relayrouter, resolutions, riskware, safe site, shemale interracial, site, South Carolina Federal Credit Union Phishing, Suricata, Suricata Alert, teens pov, thai lesb, thai porn, thai sex, tsara brashears, United States, whois record, windows nt, Yandex

• View other sources: Spamhaus VirusTotal

• Country:
• Network: AS13335 cloudflare
• Noticed: 1 times
• Protcols Attacked: SSH
• Countries Attacked: Canada, Russian Federation, United States of America
• Passive DNS Results: pesnehosvi.tk megasportbet.top garciasconcreteinlosangeles.com orfbusiness.club da-bob.com pinapkings-aze.click bixmot.com sstt-555.com indodd8.pro onlineence.info reciclajepro.com ifrit.pro waegadsnabv.top punchdoi.com www.domodvigov.com www.royalrextea.com www.betgreen.sbs www.freedom999.vip www.mandevillegaragedoorrepair.us idpayorder.com getwsofree.com muchunhua.com domodvigov.com freedom999.vip twisttekshop.com cozyzmfk.site hemenprnxxxx.shop betgreen.sbs colonoscopy-test-nearme-65581.live wohlenberg-schneidemaschinen.online goinbet1.com mandevillegaragedoorrepair.us chkoda.com all-gamerz.com swimsuits-onshop.com royalrextea.com quicksvvap-exchange.website quirkmaiqh.pics medinfopedia.com yuccaxx.com fashionablepenny.com medau.org lbbf3.com acceleratewithjgaltbusiness.com bignegotiations.com rishabhshuklaactor.store pubdihati.com 8o1ihe1.buzz cemra.online timmyy.online app-two.click lmmakeupstudio.com fundist.us oneitvs.store mariannagrills.shop boxingzoneus.com zastudio.goes.tw x17owat.top verify.hypen.lk hometarget.ca single.avisalwinin.tk accentronic.com vlomp.com trm6exqb.top utmostspores.world big666.pro toastandtipples.com contrafbrasil.org.br cs-jingsai.com boomseriez.xyz irancell.razrad.fun hamrah.razrad.fun k188.xyz www.hdrezka.live semangkamerah.click dwrsrlgwqwylo.com lake-ddde.jingyaomin.workers.dev mode-b610.jingyaomin.workers.dev bonus-9af2.jingyaomin.workers.dev kekzcjre.sbs moon-5d36.jingyaomin.workers.dev sun-0e44.jingyaomin.workers.dev moon-81a7.jingyaomin.workers.dev brook-649c.jingyaomin.workers.dev sunset-2392.jingyaomin.workers.dev bush-23b6.jingyaomin.workers.dev frost-4b62.jingyaomin.workers.dev cell-26a6.jingyaomin.workers.dev giesetech.com posta-hu.xyz harita.biz idavefuce.shop xxxr.win udinslot003.site calcifer.online www.heartdogtrainers.com aiguangguang.cn precisodedicas.com wcgcvayy.cfd prefacesubtle.top rcstoytop.com xxgirls2.com piratesgamelibrary.gq lefupfh.cn workers-todo.vrisko.workers.dev hntv3870.top clearvisionexcellenthd.online ertcsaving.com haipoker77.com bing.jingyaomin.workers.dev sanscasino1.com radishoofppaba.tk marvel123pragmatic.com hello-world-orange-sun-543c.hhhfff27.workers.dev gggg.hhhfff27.workers.dev hello-world-green-water-9401.hhhfff27.workers.dev basic-bundle-plain-rain-59bf.hhhfff27.workers.dev clientefielabordo.com.br onenessboutique.shop www.onenessboutique.shop www.apexsquidmobiledetailing.com apexsquidmobiledetailing.com cirunfica.tk ujnvhnmtlc.com ayuqo.net 2023142.net 9c186.xyz xn–betps876-qx0d.com mortenharket-fr.com pdjxvbij.gq lhsolutions.sbs selectedbkgc.click 895286850qq.com iaorana1.com mlbbclaim-skin.q-freev.my.id waduqiu.skin wgwhirlwind.org nicname.tk www.strikedev.me strikedev.me proud-recipe-9808.be1odtty.workers.dev jetcasino-zawi.buzz red-rain-f411.be1odtty.workers.dev dawn-shadow-8bb7.be1odtty.workers.dev jjcenpkybz.shop aged-pond-0f25.be1odtty.workers.dev lindagcatpet.com www.hungariantherapists.com 3sh.hhhfff27.workers.dev veonui.cfd right-glue.sa.com turovskiyprow.cyou ddc8a.com ketoxaviva.cloud 7l-line.cc wrathconjuror.best l1i8j.info silent-fire-1486.pgausdxkri9128.workers.dev super-darkness-75c0.cmzuifhwgt1430.workers.dev api.skyspaces.net skyspaces.net q4rraw.shop brightil.shop www.accessoiresvelomarches.com accessoiresvelomarches.com cliflistcestfede.tk jd.hhhfff27.workers.dev secure-37.ru dcpz.net jcjck.cc porn18xxxvid.live dronessystemes.fr 27yak.hhhfff27.workers.dev delicate-bushddddddf-a7b3.hhhfff27.workers.dev pc.jcjck.cc surf-samurai.com deltabouw.be www.strnan.top blocvkchain.info rapid-leaf-f4d0.jgga.workers.dev strnan.top centbll.click hava9.party friendsofvision.org duikincuracao.nl round-dawn-e689.hhhfff27.workers.dev jojaloo.sbs sport805under.shop cloudflare.newhuotech.workers.dev mailgun.newhuotech.workers.dev xjiujiu99.com chat.nh0pe.workers.dev e8wp.com ping.newhuotech.workers.dev itechedupro.com www.itechedupro.com 02.hhhfff27.workers.dev fhfhfjfj.hhhfff27.workers.dev nichehomes.co.uk sporevunfoy.ga qlgc.info www.arts-co.com realtruthcard.com sahebet589.com buffle163.xyz an.hdrezka.live eatgummies.group solidhandle.xyz pepstore.ru laravel.nimadeveloper.ir pzirsnwz.click iiqdlisdwd.com sheloveusm.life kklwmde.top national-amendment.org 616tl.top qolyz.info source2-beta.pro encephalon.mathlux.com iwantburrito.com kadaveediya.hypen.lk aptskiphire.co.uk blacciaguasuhuges.gq royal-term-d61a.hhhfff27.workers.dev shy-limit-87c5.hhhfff27.workers.dev falling-resonance-772d.hhhfff27.workers.dev delicate-cake-ca59.hhhfff27.workers.dev mathlux.com darkestpanel.com www.darkestpanel.com medi.codes vierailijahallinta.fi premiertaxfree.ru sandjuncgaver.ga op42muc.buzz vqday.org 6h4w73ap.pw locksmithsretford.co.uk odddd.alures.xyz www.bookmagasin.com m.pokeassortment.top nextgirisler104.buzz www.losangelescountyhomeprofessional.com cacavazamentoscasanova.com.br www.sexfull.click www.iphone.gen.tr iphone.gen.tr glebnph.co cutelolihentai.com 33333.hhhfff27.workers.dev 1sh.hhhfff27.workers.dev jobisp.com www.nosinmiblog.com hdrezka.live snugglebuddiesforlife.com www.alislamweb.net jadid.hhhfff27.workers.dev 3.hhhfff27.workers.dev www.astro-life.xyz astro-life.xyz fily.hhhfff27.workers.dev www.kenyabuzznews.com kenyabuzznews.com armenianagenda.com nfl-online.shop giltch.zzttt.tk odd-bread-e369.wxamir1390.workers.dev jolly-bush-0e54.wxamir1390.workers.dev wispy-mud-5015.wxamir1390.workers.dev www.xplorerpasssocial.com nkmu.info ekmebavsur.net socket.vtcgo.win yellow-waterfall-71cb.be1odtty.workers.dev damp-field-d0aa.be1odtty.workers.dev long-star-2f42.be1odtty.workers.dev calm-snowflake-13f0.be1odtty.workers.dev cold-firefly-79e4.be1odtty.workers.dev shy-queen-ef92.be1odtty.workers.dev qwgjasgm.buzz itsabribe.com xplorerpasssocial.com bitcoincause.top sparkassen-verbund-prozess.xyz www.tandemvtt.com www.nschilling.de nschilling.de time.kardasti.space haio.kardasti.space mydip.xyz haoxianggow38.com itongjt.online taxicentraleamsterdam.nl atelier-mogi.shop ihana-design.com zz734.com www.bagfusionz.com bagfusionz.com isna.kardasti.space rubika.kardasti.space arvancloud.kardasti.space arvancloud.ir.kardasti.space terhutorib.tk chriscthomas.dev dop.zzttt.tk egoxghlnmrz.site silkytouchofhair24now.com silverlamp.hypen.lk carbuyguides.com calsabonaire.es giftdm-ffbgid.q-freev.my.id appealcd.xyz b.kardasti.space a.kardasti.space lark.newhuotech.workers.dev www.shkrimet.com dekorobi.com www.neweurasia.info en.neweurasia.info tsorhejadundeno.cf kijangkapsul.com swaloutdet.tk gdw9d1.cyou jornale-vida.xyz 69xx274.xyz realestatencstyle.com donningimmet.pics oqixesz.shop yimishequ.com www.chriscthomas.dev esglop.es freenode.mhddt.workers.dev oluqtycs.gq nrthern.co www.dekorobi.com www.escalantechiropractic.com realfastserver.com robots-txt.newhuotech.workers.dev sixa.allisgrowth.top vyiptoken.com enuqueducation.com partener.rodbun.ro athapazcva.ru.com re.zzttt.tk shkafnik.info bespaarmetisolatie.nl pagamentosites.com www.rivervalleyestates.ca inlycu.gq rbkc.in dropecomm.online rachelleblazepe.cyou oneglorycup.com kim-foto-grafik.de aiyanagenechu.cyou bookmagasin.com costaricacitysquaretour.com oga.ng preciososprodutos.shop 7cvetof-72.ru christian-louboutin-shoes.cc portal.glossyit.com zeniqtechnos.com learnexs.com tierngu.co sieliebenesde.com campmountainchai.com www.campmountainchai.com www.danicross-int.com taillone.cfd entitestore.com macrosports.co risanddishotshar.tk danicross-int.com shrill-dawn-4cbb.jgga.workers.dev solarmonkey.xyz whz30lr.asia kimberlydschmidt.icu hanrotur.tk cutsollpunchfortu.tk newdayporn5.live www.miyenrestaurant.com.vn support.ecomsuccess.pk moenusctivingwo.tk unlockthetechnology.ml cosatocompnec.cf bingsilidenfi.gq aratidolbin.gq inseret.tk fosterhertapy.cyou dardentrefless.tk dexthydigil.tk miyenrestaurant.com.vn koleksiwanita.xyz chrolsingdisppensskiman.tk slack.newhuotech.workers.dev perfumescentdarling.sa.com quartz.hypen.lk www.vampirelvr.com vampirelvr.com www.boekuwzending.com crm.ecomsuccess.pk www.crm.ecomsuccess.pk asiastarmarthailand.com gtgtradelimitedtraining.com num-consulta-canal.site qadocreucloudsi.tk tv5mrsp.rest coonvertoop.bond lingering-wildflower-ff9f.takameru.workers.dev ronin.takameru.workers.dev stroyinvest.icu 863bets10.ga eskzz.store stain.lol kmkfw.com leicenlilyrachas.tk hobbuobby.com inucekele.site nutrition.school ibdgea.tk performrew.sbs appevn-group.ltd cwt.pmpb.ml patient-union-1941.davecitrin.workers.dev nackwallpapers.ml www.hsautomotive.com.au slmcdncdnncdncdn75.shop ce5dis.buzz www.formbackend-test.com go-in-dubai-villas-max.live hduwl.website sarka.lt au-income751.shop liuvegwarr.tk qnqlqd.pw cloudpanel.hypen.lk securesend.uk www.vashavanya.online blocviechalpare.tk istnblzzbedaaaa.net 4651xl.com rewwardiingcoommpany.site recjmwji.gq jantat.com dashpromotions.co.nz gulec.co bhfierpk.ga vinamilksite.momo188.me www.vinamilksite.momo188.me ashline.net 34qmq03.shop sabahfibre.com.my pingvancompnohealci.gq uunvip.com wolfermant.com quilze.xyz forumtik.id supercable.com.ve www.supercable.com.ve pnyaocai.com cafecozinhaecia.com.br www.tam.pm quiet-frost-d54f.newhuotech.workers.dev xwk7ahf7.cfd humanbuilt.store ovreabosriducgi.tk rivervalleyestates.ca www.depedtarlaccity.com etchocolate.com pmpb.ml urcsbosv.gq dfhvevlw.cf xosolucky.tk urvudux.cn xpj1505.com isorreisleepgoldli.ga pincoding.com cylynnluvima.ga m66266.com riaconmecharogos.tk wpp.pmpb.ml ykytinpy.tk nosinmiblog.com rrtyurtedjuo.tk antonellilegal.org inrymanuval.win weed4us.co.il lteh9q.shop cltx88co.momo188.me www.cltx88co.momo188.me happylearnerspreschoolonline.com www.bisapakepulsa.autos bisapakepulsa.autos faaremilav.tk nyadepose.ga crisantemo.com.br dhvrwazu.ga exsite24.pl miyobet445.com

Open Ports Detected

2082 2083 2087 2096 443 80 8080 8443 8880

Map

Whois Information

• NetRange: 104.16.0.0 - 104.31.255.255
• CIDR: 104.16.0.0/12
• NetName: CLOUDFLARENET
• NetHandle: NET-104-16-0-0-1
• Parent: NET104 (NET-104-0-0-0-0)
• NetType: Direct Allocation
• OriginAS: AS13335
• Organization: Cloudflare, Inc. (CLOUD14)
• RegDate: 2014-03-28
• Updated: 2021-05-26
• Comment: All Cloudflare abuse reporting can be done via https://www.cloudflare.com/abuse
• Ref: https://rdap.arin.net/registry/ip/104.16.0.0
• OrgName: Cloudflare, Inc.
• OrgId: CLOUD14
• Address: 101 Townsend Street
• City: San Francisco
• StateProv: CA
• PostalCode: 94107
• Country: US
• RegDate: 2010-07-09
• Updated: 2021-07-01
• Ref: https://rdap.arin.net/registry/entity/CLOUD14
• OrgAbuseHandle: ABUSE2916-ARIN
• OrgAbuseName: Abuse
• OrgAbusePhone: +1-650-319-8930
• OrgAbuseEmail: abuse@cloudflare.com
• OrgAbuseRef: https://rdap.arin.net/registry/entity/ABUSE2916-ARIN
• OrgRoutingHandle: CLOUD146-ARIN
• OrgRoutingName: Cloudflare-NOC
• OrgRoutingPhone: +1-650-319-8930
• OrgRoutingEmail: noc@cloudflare.com
• OrgRoutingRef: https://rdap.arin.net/registry/entity/CLOUD146-ARIN
• OrgNOCHandle: CLOUD146-ARIN
• OrgNOCName: Cloudflare-NOC
• OrgNOCPhone: +1-650-319-8930
• OrgNOCEmail: noc@cloudflare.com
• OrgNOCRef: https://rdap.arin.net/registry/entity/CLOUD146-ARIN
• OrgTechHandle: ADMIN2521-ARIN
• OrgTechName: Admin
• OrgTechPhone: +1-650-319-8930
• OrgTechEmail: rir@cloudflare.com
• OrgTechRef: https://rdap.arin.net/registry/entity/ADMIN2521-ARIN
• RAbuseHandle: ABUSE2916-ARIN
• RAbuseName: Abuse
• RAbusePhone: +1-650-319-8930
• RAbuseEmail: abuse@cloudflare.com
• RAbuseRef: https://rdap.arin.net/registry/entity/ABUSE2916-ARIN
• RTechHandle: ADMIN2521-ARIN
• RTechName: Admin
• RTechPhone: +1-650-319-8930
• RTechEmail: rir@cloudflare.com
• RTechRef: https://rdap.arin.net/registry/entity/ADMIN2521-ARIN
• RNOCHandle: NOC11962-ARIN
• RNOCName: NOC
• RNOCPhone: +1-650-319-8930
• RNOCEmail: noc@cloudflare.com
• RNOCRef: https://rdap.arin.net/registry/entity/NOC11962-ARIN