104.21.64.137 Threat Intelligence and Host Information

Oct 23, 2025 ipinfopage

General

This page contains threat intelligence information for the IPv4 address 104.21.64.137 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Likely Malicious Host 🟠 55/100

Host and Network Information

  • Mitre ATT&CK IDs: T1003.008 - /etc/passwd and /etc/shadow, T1027 - Obfuscated Files or Information, T1036 - Masquerading, T1045 - Software Packing, T1047 - Windows Management Instrumentation, T1053 - Scheduled Task/Job, T1055.012 - Process Hollowing, T1055.013 - Process Doppelgänging, T1055.014 - VDSO Hijacking, T1055 - Process Injection, T1057 - Process Discovery, T1060 - Registry Run Keys / Startup Folder, T1063 - Security Software Discovery, T1071 - Application Layer Protocol, T1082 - System Information Discovery, T1083 - File and Directory Discovery, T1105 - Ingress Tool Transfer, T1110.002 - Password Cracking, T1112 - Modify Registry, T1113 - Screen Capture, T1119 - Automated Collection, T1129 - Shared Modules, T1140 - Deobfuscate/Decode Files or Information, T1143 - Hidden Window, T1210 - Exploitation of Remote Services, T1457 - Malicious Media Content, T1480 - Execution Guardrails, T1483 - Domain Generation Algorithms, T1518 - Software Discovery, T1553 - Subvert Trust Controls, T1562 - Impair Defenses, T1568 - Dynamic Resolution, T1583.001 - Domains, T1583.005 - Botnet, T1583 - Acquire Infrastructure, T1590 - Gather Victim Network Information

  • Tags: 114.114.114.114, aaaa, accept, active related, added active, address range, a div, adobe portable, adversaries, agent, alerts, algorithm, all ipv4, allocation type, amer, america asn, america flag, analysis, analysis date, april, as16509, ascii text, asn as18693, asn as57033, asn as63949, august, aurora, australia, authority, auto-generated security, available from, avast avg, av detections, babylon, backdoor, bad actor, bad traffic, bill, billing, binary file, body, body html, british virgin, ca certificate, ca creation, canada flag, canada hostname, canada unknown, cat ozerossl, ca validity, certificate, cgb stgreater, checks system, china, cidr, ck id, ck ids, ck matrix, ck techniques, classinfobase, click, cloudfront x, cnamazon rsa, cname, cngo daddy, cnsectigo rsa, cnzerossl ecc, code, colors, command, command decode, connection, consent plugin, contact, contacted hosts, content length, content type, control ta0011, copy, copy md5, copy sha1, copy sha256, country name, cph50 c2, created, creation date, csc corporate, cus oamazon, cus starizona, cus stcolorado, cybota, czechia unknown, data, datacrashpad, data upload, date, date checked, date hash, date sat, ddos, default, defense, defense evasion, delphi, deny, destination, dga domain, dga domains, directui, discovery, div div, dns resolutions, dnssec, dock, document format, domain, domain add, domain address, domain name, domain related, domains, domain secure, domains show, domain status, download, dynamic, dynamicloader, edge, element, email, emails, encrypt, enigma, enom, entity amazon4, entries, entries pe, entries related, e oct, error, et info, evasion ta0005, execution, execution att, expiration date, extraction, extra data, facts dga, failed, failure, falling, file, filehash, filehashmd5, filehashsha256, files, file score, files domain, files location, files related, files show, find, flag, flag united, forbidden, format, for privacy, found, foundry, from win32bios, full, g2 tls, g2 validity, gdpr cookie, gecko, general, getclassinfoptr, get http, gmt cache, gmt content, gmt contenttype, gmt ifnonematch, gmt pragma, google safe, gtmkvjvztk dl, h1 center, hacktool, hallrender, handle, high, hong kong, hostname, hostname add, hours ago, html document, html internet, http, hybrid, iana id, icmp, icmp traffic, ids detections, igmp, include review, indicator, indicator facts, indicator role, info, informative, insert, intel, internalname, invalid url, ip address, ipv4, ipv4 add, ireland, islands flag, italy unknown, javascript src, jeff, june, key algorithm, key identifier, key info, khtml, launcher, learn, learn xml, less whois, list planting, live, llc registry, llc status, local, location united, look, lowfi, m03 validity, malware, markmonitor, markus, maxage34214400, md5 add, media, medium, medium risk, metro, mh may, mitre att, module load, moved, movie, mozilla, msie, msr jul, ms windows, mtb apr, mtb aug, mtb jun, mtb may, mutexes nothing, my health, name redacted, name server, name servers, name tactics, n bethseda, n data, network name, next, next associated, none file, nothing, null, number, oc0006, oc0006 http, ogoogle trust, org data, packing t1045, palantirfoundry, passive dns, path, pattern match, pdf document, pe32, pentagon, pe resource, persistence, pe section, phi, pii, port, post http, post method, powershell, present apr, present aug, present feb, present jan, present jul, present jun, present mar, present may, present nov, present sep, privacy city, privacy country, protocol, pulse pulses, pulses, pulses none, pulse submit, pulses url, python, ransom, read c, record type, record value, redacted for, refresh, registrar, registrar abuse, registrar url, related nids, related pulses, related tags, report spam, request, research, resolved ips, response, restart, results aug, results oct, reverse dns, rgba, rl add, roboto, role title, rsa sha256, russia, sabey type, sameorigin, script script, search, se bethseda, secure, secure server, self, server, server response, servers, sha1, sha256, sha256 add, show, showing, show process, show technique, site ca, size, source source, span, spawns, ssl certificate, starfield, state, status, storage, stream, strings, sub domain, subject public, submit url, suricata ipv4, suricata udpv4, susp, suspicious, t1045, t1055.015, t1057, t1071, t1105, t1480, ta0004 defense, ta0007 command, themida, thread local, title, title added, title error, tls handshake, tlsv1, tools, tool transfer, top destination, top source, tre att, trojan, trojandropper, ttl value, tucows domains, tulach, twitter, type, type data, type indicator, typ no, uchealth, uchealth app, ukraine, united, united kingdom, unknown, unknown aaaa, unknown ns, upxoepplace, urgent care, url add, url analysis, url data, url hostname, url http, url https, urls, user agent, uss c, usvw, usvwu, v3 serial, validity, verify, virtool, whois registrar, whois server, win32, win32upatre apr, win64, windows nt, wininet c0005, write, write c, x509v3 subject, x cache, x frame, x powered, yara, yara detections

  • View other sources: Spamhaus VirusTotal

  • Country:
  • Network:
  • Noticed: 9 times
  • Protocols Attacked: SSH
  • Countries Attacked: United States of America
  • Passive DNS Results: 33425.photo vilipincaz.media enzan.org www.jenniferhomer.shop quickrural.es www.fieldrefresh.click yun.onlineksyun.com learnymeadows.com zealouswork.com ideacandidates.com jointedu.cn jiarui-wei.com www.experts.crecuts.com.br experts.crecuts.com.br morethangenes-portugal.com sicherzulkunftli.com streetsolutionsuk.shop 1cashimashi.com sijuxib.com neatfreaks-cleaningsvcs.com drarturolozano.com parniva.com emecawi.top b.4.1.0.8.0.0.0.0.7.4.0.1.0.0.2.ip6.arpa www.nulledfm.com sifacollection.com ghcr-1.zousong.org ciphera.io allfile-palm-businesses.co file.spotifypremiumapk.com.pk holy-cherry-203e.h961915368.workers.dev 51md78.xyz sassilys.space affiance.space ewaytong.com dld7771.com i888bett.com slotcleocatra.com c.obfb.cloudns.org iffsoo.gold sweetmartha.co.uk www.31vaktix30.shop sendusdt.life fieldrefresh.click oko-rf.ru bonafidepurchasing.shop charztech.com mp3skull.eu.com jenniferhomer.shop padrelucasclaudino.com.br www.buvadance.com buvadance.com ionhockeyleague.be yzgxm8dzad91.xyz cnbcqw.cn towingmorris-ok.top fqcmi.cc hgfpay.com.br worknestblog.com muti.at 31vaktix30.shop ywc.enzan.org singba49.xyz xw5699.com tktask-sys.store shokucraft12.org bokepvc.asia yangyang.co.com combomrap.shop susanjecko.shop vegas-cash-blast.click 20-bets-online.com element.puppykitty.racing www.setnstonetilemarble.com setnstonetilemarble.com 982betkk.com 1betxx.com www.bottestyle.com topseorank.net oioibabybags.com worldfocusnow.online iwizeca.top getvelarejet.net apkcompany.online www.apkcompany.online 4jlwin.com nodakk.com sheksnakhp.ru proadaptnext.com pgadmin.puppykitty.racing oguriba.top formclimb.com www.targanta.com sexvn2.com macxtransaction-gmbh.de ucotupu.top huntdmatlas.info pokpok789.vip www.supportflattire.org amtechenergy.com transfer.bid 7k-casino-uui3.xyz lc888.site thinkocean.earth futboldunya.com jun88.company burdera.com www.xtcy.dev arsiv.dugunumuzvar.com www.dugunumuzvar.com dugunumuzvar.com www.glvoeb.forum sxhuihao.cn pauschalreisenbuchen.de wycofaneprodukty.foodalert.pl inenglishpleasealmeria.com designcorex.com ddtravel.top 996ddd.vip wrid.org permabiblio.org 3800betjogos.com because.moe aviprofit-39.ru jxhxxz.com snap365pro.xyz casibom0823.com micheckgh.com liartogelv.lat networkswim.site payment-receive-info.shop bwnbwn7.online efsimmo.ch h88-6.com www.nexusghostwriting.com nexusghostwriting.com monitoring.puppykitty.racing www.mymachine.com.br mymachine.com.br bvw.enunlugarignotoeinefable.com vwyasxk.info cbotvv.com feolika.ru beh.goe.biz.id johnlehtinen.com kanshul.cc go.eatplaytopangasocial.com intothehoods.com crosswordia.cc conversionrestore.com abitspecial.com m-norabahis672.com unsulliednutranutritionalproducts.com aitoolnexus.xyz www.express-assistant.com drhon05.biz oredrag.cfd aa1-navi.com yieldgchain.com 598bet.lol bugagraupremiacoes.com olonate.top whsmdq.com deepocat.com obico.aleifr9.xyz w69th.pro erver-unternehmensberatung.com www.abmkfq.info patriotmechanicalgroup.com scoststoki.pro www.knigaskazka.ru www.pauschalreisenbuchen.de osh.edu.kg supportflattire.org kinogo-gid.ru zzlxhm.com 79b50.com shareholdersmodes.com braaazer742s.live musicpromotoday-reviews.com 800379.com healthrecommendationforme.shop glvoeb.forum www.8legal4d.fun tawsil-dizil.sthha.pro silversnouts.org raspberryermine.pro platinumus.shop czytongjiban.com www.bluzor.net bluzor.net cryptoep.cc jah.goe.biz.id ef63golden1bank.com slot838you.com ssadorscoffeesw.shop bbsmaps.com 3226.my scalepipegenpartners.com wape.pk www.teknomagz.id teknomagz.id tcb-enterjr.shop gtzxgangj.lol businessgravityadvisory.com brighta-crest.com 87bet4.com fynariquasto.com danielpagano.com darksidezt.it magento.cationd.com ancient-haze-1396.ahpjoprtf.workers.dev www.danielpagano.com g4rlic.com qh-xiupin.cn sugarrush.com.es maxcyclegear.com www.1boq2uv.sbs lallhospital.com bonusveren-casino.com expansiel-promotion-location.fr www.khnewstimes.com khnewstimes.com getunstucksuccess.com depsbtes.top rusticridge.store jiazhengmd.cn universal-broadmoore.com timbsolutions.com trendyronex.info batubacan.id ente.puppykitty.racing rmitattentionstudy.com netcontentinc.net fltcy.com orefoyo.top emmy-teabag-skies.shop www.blhgsyiw.xyz gg5634.com 75xda.com vns45566.com lwbet-l1.com konohatoto78master.com walletshop.shop www.bio.crecuts.com.br fkkuo.top liverpool888slot.com www.backyardadventuretours.com abmkfq.info starslot578.com testvless.jarren.sbs ukcloudapi.uk zdrowywybordniaa.info xpunchpromo.kz 1xbet-mg3.top www.loja.crecuts.com.br loja.crecuts.com.br ganyanbetgirisi.com www.faspro.ai bitverra.beer clergyfl.casa gqaoi.link datalatics.ink best808verse.online puppykitty.racing vornexusgroup.com rumwin66.org useconvirzacrew.com 9zirolab.com 3z2f8.lol cnfupo.com kitty-cats.blog playmarket-gl.com www.outdoorboatinggear.com reis1014.xyz kzgyoqlrfic.info aspxer.com gardensentry.org keep-connected-online.net workwithdiamondps.com snaptrans.art xcar24.com sk2-bet.com aldriconah.top spongebake.org itbsd4wg.online shing88.top nulledfm.com 16betplay.com aveyro.irish nisantasiescortara3.xyz mdowpx-easy.xyz katalym.com mostbet-gcj2.top mobile-security-service.com pajak88euro.xyz confirmation-id35604.com urs47.cc checkmigformcolombia.com www.ndawsonelli.com ys1840.xyz blhgsyiw.xyz neotrendnews.net youtubeemovies.com 79mcomh.com jxlyny.com www.keyscarcover.com com-sak.xin 753970.cc credits-micro-plus.top corp-teck.com hairclips.makeup airdrop0glabs.live www.sunwoo.xyz sunwoo.xyz holhs.shop tether402.org dnztwd.info nutriwisefy.info probamboo.us express-assistant.com fisop.press beth-peor.com kemenkeskotatambolaka.org tkdtgl.com apacmescalik.top audicionsaludcheck-9g.sbs indiversum.com coolplay.casino rorulent.com xingli.live outdoorboatinggear.com fantuanso.top jetspins.xyz keyscarcover.com amazemen.top stromintri.com walterchandler.store xbway.asia timlienemann.com emailanalyticsemblem.com hello-world-falling-art-205a.monshekhar968.workers.dev elyasmina-jedda.com hxgame.top rockstation.site securobitx.com samblackchurch.com casino-twist.xyz airbet88-tergacor.org jqtbyj.info clicklawyerstoday.com super-slot.icu barnesdennigus.com lonelyengineer.com s666-trangchu.top leylandmall.art smartacademictips.com xpjgw.net thelottae.com www.votrex.shop 7zip.bond topgoldendeal.com globalmentstw.com footballscore.site fontedh.forum nomerouno133.site www.wahsuperjp.com search-in-usa-online-quiz-now.today votrex.shop workplace-engagement-software-01.today choiceuseclip.org glisten.gabrielsamo.com smartwarmco.com booking-human-id90024054.com merschrod.net cationd.com heshenghuahui.com songhekyo.com dostkank.com www.demarka.cl haiwang4.sbs diariodosalnes.es truckcollisionattorney375758.icu molestias.com alerta-binance.info luckywheelstart.com pinewoodbusinesscapitalhq.com www.barrynancy.shop digitalpleno.com.br limpanomeofc.online autos-usados-faciles-4766.today discover-nowdigest.com ayamgurih.online theproviderfindersy.com hairtransplant757296.icu cevenoltraintours1.today aviambani-wheel.site kzewalufe.shop popmotoharleydavidson.sbs gizmobursty.com paisleyring.xyz zoomacasino.buzz horoyoga.com telegraphest.pro faspro.ai exipst.shop fpmjhye.info pocketarwefy.com fxwyuwsjghywsvgkao.shop sexdinh.com globaltotally-advanced.com alt-deficonnectverse.top zhuangrich.online brandworks.dev startechmetric.com barrynancy.shop pastihoki.buzz jkotol.com swleadsonline.info n-fastescort.com rasabubblegum.site appfx8.cn trybooker.com stephanierice.amelinebronze.workers.dev electricianjobs-in-info.today search-caregiver-job-nearby-y24.today nutraproteinguide.us rupertdigitalhq.com atonedflobbymuncher.bid maxirecruitment.com www.onlineksyun.com llcx.shop orestislink.com voucher-8455.notcoinpro.co voucher-5410.notcoinpro.co hidheadlighta.shop labeuratoire.com 670marsbahis.com theswiftcodefinder.com designsepicalgraded.live compilesoftware.nl zxl902.cn randomdomainfckhs4338.today idealfititalia.online dev.shieldwise.tech windowtreatmentsmadisonwisconsin.com heartfeltgiftsg.shop pinikios.pro ilolaje.biz voucher-8825.notcoinpro.co horoscope-trifling.homes gasjp107.beauty personal-loans-ro-2598.today ultimateedgezr.shop hukxtyn.info voxtreme.net.cn unmobleuppsalaurgent.art webmaster-francais.com vodkacasino2022.space brcq.net search-here-find-home-value-calculator.today diodiadissitedurezza.cloud eplustore.com punchmc.fun bozatv92.com pioneerims.com www.perchance-ai.net golmassian.com 91xj223.xyz pe-cl-shelves-22n.today bottestyle.com pickmeup.top recetasdeberenjena.com abronia.com.br izzypz.win benedettoterapie.online getcoins.site himtro.info onekeyaway.com chaojigongsi.com vavada-casino.com.am betist1533.com sonicforms.org www.jsbafdc.com c4p.gtecsubs.com 7kcasino-xsw.top futuresolutionsltd.com nusgalaxy.com booicasino-joy.top wahsuperjp.com safewerks.online play-mrgreen.com hospitalabc.com zabierzow.eu cosmeticss.today find-small-electric-cars.today marcosviniciusbroker.com voucher-108.notcoinpro.co a.obfb.cloudns.org dewakiu1.net

Open Ports Detected

2052 2053 2082 2083 2086 2087 2096 443 80 8080 8443 8880

Map

Whois Information

Share on: