104.21.81.117 Threat Intelligence and Host Information

General

This page contains threat intelligence information for the IPv4 address 104.21.81.117 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Potentially Malicious Host 🟡 50/100

Host and Network Information

• Tags: cyber security, ioc, malicious, Nextray, phishing

• View other sources: Spamhaus VirusTotal

• Contained within other IP sets: coinbl_hosts_browser, coinbl_hosts

• Country:
• Network: AS13335 cloudflare
• Noticed: 25 times
• Protcols Attacked: SSH
• Countries Attacked: Canada, Czechia, Denmark, Estonia, France, Germany, Latvia, Lithuania, Norway, Poland, Romania, Turkey, Ukraine, United Kingdom of Great Britain and Northern Ireland, United States of America
• Passive DNS Results: network-paxos.org ligaraya.bot airductcleaningcarrollton.us electrocarcharger.com ufa7up.net edxl28a.buzz ceryschumphries.icu zxgj97.com jago89slot.us serverpalingkuat.site asia-electricityxs.com paysends-ea.site earlysymptomslivercirrhosis.today katilah.com inbox-mos.ru dyzh.sytm2021.workers.dev bet2slotku.com fodaflix9.fodaflix9.workers.dev ttu73.com ffh8dd.com blashcasino.site usdtmnkj.top dynastyinvestmentgroup.com www.luckyvip888s.com luckyvip888s.com kktotoberjaya.xyz zonkstoys.world ssilka-na-casino.cfd trackteamaudio.com dmdjru.com flashzaim.com 91mlw2.buzz redalertday.com www.zlasditw.com zlasditw.com letsthink.top bonanzacmobet.lol oke168.life songzihealth.com infokabar24.xyz calohsa.asia cat-cazino.pics plasticinjectionmoldingmexico034789.life hecellroom73.com lexychat.com emlratesdravv.online terusmain1111kckslot.com lnlhgc.com koodanacredit.com presidentialtrustbank.com 65sg-54.cfd jebret69login.pro www.jebret69login.pro cyccc.click ruiukp.top www.ufa018s.net gap-tt.com marutv16.store plustogel.chat vin777.kim drstevebest.com seratinosi.site onlybaota.xyz lorelli.net madisoncgallagher.icu generalcontractingschaumburg.com www.lamaxs.com ftp.dizipalguncel3.net www.dizipalguncel3.net 8806590.com vtarwqk.xyz folkote.fun kirill-yurovskiy-online.com beta-test.lexychat.com turkfans.click www.turkfans.click gdxmgy.com thyvey.com ufa018s.net sese75.top dj247official.online www.thelittlegreenbag.nl poweredbynature.online koboyhoki.online itlofts.com sbotops.org seniorbet88h.com get-pinavtrk.click g-ggp.top win-winbet.com yimijialan.com pixface.fun pede4d.shop dizipalguncel3.net credit-agricole.dopomogainuabank24.info chikeronews.com modern-path-1.com winkmodapk.org rtpmedanjudi.vip istdeserli.net alittlemuffet.shop pragmaticplay6.site musue.org detects.mergeblows.pw onsalemodelrailway.com worldgirlx4.live crypto-cascade.com kurirsaja.club allslt.com monstergacor.site desibod.com 08072023z1-2.click shapeshiftweb.com yidong616.vip apidev.wezily.com trendinize.com countryfe.shop braz7win.com vtiolegar.shop didbegindoor.com letatigerscoreonyourroof.com beta-server-ai.lexychat.com g1rxl6.com 123milhas-internacional.site fixmydiscnashville.com cresimunsun.tk www.supremeofthealps.com supremeofthealps.com eqreports.com mastereventoscwb.com.br x.lianghaishiliang.workers.dev 23-715-198.asia delucagroupitaly.com ujkgvmqaui.buzz fluxag.tech extractionairborne.top bm-consult.dk izzicasino66.com www.breast-implants-specialist-near-me.today warp.lianghaishiliang.workers.dev youarethewinners.com dostavka-id3939.com www.odentiiadeler.com odentiiadeler.com flcp19.xyz 777bit71.vip johnchongofficial.com jurryvandemunt.nl mandymillan.com cigetec.online www.tereaheetsdubai.ae tereaheetsdubai.ae chic-stores.com frsyzrqvgndy.com fashioninthestreet.com qrcode-me.com 817xpjvip.xyz crootfully.com vollcox.com bet365casinonline.co.uk breast-implants-specialist-near-me.today paezwnyfmsc1.com incorporationexpedition.top www.janinekalt.ch p2.cl www.hostcli.com hostcli.com leigheaton.com perfectparks.co.uk canndex.co.il giris6guncelburada23.com noip-token.cheese233.workers.dev bnerd.xyz solutionsthere.com plumbing-job-near-me.today barrelchanches.org devtesting.wezily.com saunaclub-queens.de www.saunaclub-queens.de hbseneng.com dreamvacationcenter.com rcslibri.eu herckasdeihard.tk i-will-kiss-you-on.site app.loancirrus.ca f8f43.shop kmconsults.net extremeapk.com etjy.shop suneo138g.shop lms.slua.sch.id tourbangs.com activ-ketodietaapqs.cloud udoo.live pilkersnetherlands.com somethingnewresources.com lamodapro.com didanharprgan.tk rcpe.lat fullvip.fun libertus.pro iagjxcgg.tk spirts-net.store rakutenid.cc siliconvalleyarchitects.com cedkv.shop nocompolux.rest specialeducation.shop opariariall.pro nonield.ink invst-bg.com promoswimmode.com betwinner-0zxa.buzz asz66.com frosty-snow-d1b5.eltoneso9242.workers.dev uropediatriagoiania.com.br janinekalt.ch builderdev.wezily.com webtour.org.ua durines.com liacsfewerkailinshop.top gostarship.org dark-wildflower-89ee.mohammad-dl6dl944.workers.dev api-platform.site svpfeto.tk guenstig-online.nl vpjky.buzz xo9w4t.cyou mm.mohammad-dl6dl944.workers.dev mci.mohammad-dl6dl944.workers.dev berrybestjams.com www.aprendainternet.site aprendainternet.site polished-dawn-621b.mohammad-dl6dl944.workers.dev icy-dust-af26.omidasghari314961.workers.dev plain-forest-380f.omidasghari314961.workers.dev jonah.yownes-a.workers.dev sginport.com kggfas.com hd.newsfilm.org marcaturaebloccaggio.com salehighheels.com www.wezily.com builder.wezily.com wezily.com snowy-glade-f226.reza94.workers.dev newfreenodes.reza94.workers.dev www.f-bunker.io viptv25.ru.com niaufwm503.guenstig-online.nl ki23mog61k.guenstig-online.nl iutygav.guenstig-online.nl sunnyzhaocai.top nisudoke.tk studio21parrucchieri.it jstv1818.xyz ildfmelmeu.best www.vkconstructionss.com male-health-seek.life tiendasclick.com frnd1.delche.workers.dev qamthuy.mom royal-night-406d.reyhanekaaf.workers.dev divine-snowflake-c0ba.vsg6spnqbd.workers.dev sparkling-hall-32f0.vsg6spnqbd.workers.dev preservehomesteadcanning.com beshela.co xe17eiim2.guenstig-online.nl www.guenstig-online.nl pouya-sh.pouyashekohi0023.workers.dev scenacritica.it api.wezily.com onlyfanscrew.store att-current.comm-tt.workers.dev 1wfnc.top april-news.sa.com 1.reyhanekaaf.workers.dev client.webinhost.in www.client.webinhost.in www.webinhost.in korkuluklar.shop 4o7i6ye0.guenstig-online.nl lizk21mai8.guenstig-online.nl sad2.samvtech.ir sad1.samvtech.ir www.wa.webinhost.in wa.webinhost.in goodbrowz.com samvtech.ir lesbianporntube.link mowcom.co recipedisk.com love-other-drugs.com askdoctord.com typewrjpey.buzz www.pgslotbet.club burada21.xyz eeurby1s2.guenstig-online.nl memphiscarpetcleaners.site mybestchoice.homes vkconstructionss.com www.arbitrums.pro arbitrums.pro tamostores.com waywayus.store bdhomelab.tk cb.is-net.cz liceubotucatu.com.br www.liceubotucatu.com.br dppmw.org hair-transplant-obtain-now.life adventeearning.com labizficapitalnow.site dengetesti.net asuketoacvlosluxeacv.shop www961lbets10.com www.somethingnewresources.com miyue52.xyz urdskxja.quest www.urdskxja.quest aas.jui.one newmexicoassuranceagency.com gavinrahelm.world wealthforaussies.com kwin68vn19.online jui.one dewuyn795.com slua.sch.id patr01.foodk.workers.dev iqxxbq.xyz freelivevideo.xyz devitacatania.it qhctrq.xyz saguaroingressos.com.br mega-inzerce.cz fletaokeyly.best ba3vay8i.guenstig-online.nl 8y3yuwqqu.guenstig-online.nl 8voxuz33s.guenstig-online.nl dl1.tajerrashti.com liga-sider.dust2.org c6dh.com console.voidedcraft.tk frn.samvtech.ir www.vegrevillechamber.com exxer.com kekkon-kansainavi.net www.kekkon-kansainavi.net www.exxer.com 57.guenstig-online.nl apathetic-selfish.de bue8uh2dom.guenstig-online.nl www.kfungmall.com kfungmall.com aipad.space wruzup.xyz climateconnectapp.com xui.xfish.site dash.xfish.site ranjotcheema.com cloudy.fileing.net ofcalculator.de imidz.rs e80y.guenstig-online.nl aatewep.guenstig-online.nl zu0x.guenstig-online.nl imoy6e.guenstig-online.nl wiutyyyro.guenstig-online.nl 02xi18soce.guenstig-online.nl hlogonu.guenstig-online.nl fi07186ob5.guenstig-online.nl vbuyp2.guenstig-online.nl haoxianggo099.com g2aue88.guenstig-online.nl test-chating.fileing.net www.pmkl.net.cn hxl.guenstig-online.nl exitos.info geo.felixinx.me www.fileing.net dwstores7322.vip siakad.slua.sch.id hotgirlasia.space mergeblows.pw api-music.fileing.net space.opprovider464.workers.dev jjonah.yownes-a.workers.dev elevatedthreads.store rolllighchipusrami.ga api.peterjan.workers.dev vahid.reza94.workers.dev mcisegaro.reza94.workers.dev ilqwuileer.best test1.reza94.workers.dev segarnod.reza94.workers.dev textv2varyssr.top tr-livemost.click segaro.reza94.workers.dev rezzza.reza94.workers.dev wplusnow3.com bestjerseynfl.com quickspinslots.info forlin-betz.buzz dificalke.ga pmkl.net.cn www.wispy-bird-2ef8.bestredsffsf.workers.dev mileniohost.net www.mileniohost.net freenode2.joonemaman.workers.dev nkbmwn.xyz sieommer.com www.aclimatiseurshop.com mobilemiracle.io www.mobilemiracle.io v2ray.pngku.com tp526.cc vipcltxmmo.me ss.fileing.net ato-t.online avastsetup.com ydpu.me duzab.buzz huangwudz.com www.569990.com www.newsfilm.org 569990.com nursing-home-abuse-now.today agraphics.de flyrace.ru oansd.cf ministrationas.com vulkiko.site www.vulkiko.site www.topanselaluindah.store f.fileing.net daru-s1-op.fileing.net ewelinaflinta.com prd999.com healthmainly.com thebilliondollarinnovator.com hicard.club cabtech.us delaneyellawi.cyou ssv.ssvpsrv.ml xn–laihdutuslkri-kfbab.com science-write.sa.com www.mainwallet.io mainwallet.io fltrwallet.com move.video poppieswareshirt.com www.helptrickbd.com music.fileing.net forgetsavorflaw.com geocontert.tk noduj.com bluefortrealty.com kalejovannyji.cyou perryublabit.ml culturadiffusa.it pmxxkz.com trade-it.click www.keysolution.app www.khalsatv.app blrxtibq.cf re.zzlzzxhr008.buzz jktybice.gq web3loginza.cf osbinc.co hiccitarimonsmis.tk e5renew.cheese233.workers.dev nanilowe.com webinhost.in c.fileing.net pgvegas.asia thehouseofequine.com www.thebeautygiveaway.com thebeautygiveaway.com 92gdpl.com github.cheese233.workers.dev vojtarycnerg.tk matrix.0x1ae7f.tech w3.hollymaster.ga www.virtualrxcard.com virtualrxcard.com panel.piemc.net stunkimdiame.biz raibroklohols.tk logsfounddata.ml rafftentcamobenmo.ml quickshop-kofi-proxy.ghostchu.workers.dev backtrussivemremet.ml dipintitorino.com adocafexanus.cf fbapiplugin.com ciopongcernrusbustre.tk crancusedecconccir.tk www.ne12bradenetempresab.com iklzmmnznnrr.net pggkkb.xyz

Malware Detected on Host

Count: 1 76ebc38b61e0479a7d6bc51c107fc0b76c2ff551b617d476b5a0add7a63e7254

Open Ports Detected

2082 2086 2087 443 80 8080 8443 8880

CVEs Detected

CVE-2015-9253 CVE-2017-7272 CVE-2017-7963 CVE-2017-9120 CVE-2018-14851 CVE-2018-14883 CVE-2018-15132 CVE-2018-17082 CVE-2018-19395 CVE-2018-19396 CVE-2018-19518 CVE-2018-19935 CVE-2018-20783 CVE-2019-9020 CVE-2019-9021 CVE-2019-9022 CVE-2019-9023 CVE-2019-9024 CVE-2019-9637 CVE-2019-9638 CVE-2019-9639 CVE-2019-9641 CVE-2019-9675 CVE-2022-31628 CVE-2022-31629

Map

Whois Information

• NetRange: 104.16.0.0 - 104.31.255.255
• CIDR: 104.16.0.0/12
• NetName: CLOUDFLARENET
• NetHandle: NET-104-16-0-0-1
• Parent: NET104 (NET-104-0-0-0-0)
• NetType: Direct Allocation
• OriginAS: AS13335
• Organization: Cloudflare, Inc. (CLOUD14)
• RegDate: 2014-03-28
• Updated: 2021-05-26
• Comment: All Cloudflare abuse reporting can be done via https://www.cloudflare.com/abuse
• Ref: https://rdap.arin.net/registry/ip/104.16.0.0
• OrgName: Cloudflare, Inc.
• OrgId: CLOUD14
• Address: 101 Townsend Street
• City: San Francisco
• StateProv: CA
• PostalCode: 94107
• Country: US
• RegDate: 2010-07-09
• Updated: 2021-07-01
• Ref: https://rdap.arin.net/registry/entity/CLOUD14
• OrgNOCHandle: CLOUD146-ARIN
• OrgNOCName: Cloudflare-NOC
• OrgNOCPhone: +1-650-319-8930
• OrgNOCEmail: noc@cloudflare.com
• OrgNOCRef: https://rdap.arin.net/registry/entity/CLOUD146-ARIN
• OrgAbuseHandle: ABUSE2916-ARIN
• OrgAbuseName: Abuse
• OrgAbusePhone: +1-650-319-8930
• OrgAbuseEmail: abuse@cloudflare.com
• OrgAbuseRef: https://rdap.arin.net/registry/entity/ABUSE2916-ARIN
• OrgRoutingHandle: CLOUD146-ARIN
• OrgRoutingName: Cloudflare-NOC
• OrgRoutingPhone: +1-650-319-8930
• OrgRoutingEmail: noc@cloudflare.com
• OrgRoutingRef: https://rdap.arin.net/registry/entity/CLOUD146-ARIN
• OrgTechHandle: ADMIN2521-ARIN
• OrgTechName: Admin
• OrgTechPhone: +1-650-319-8930
• OrgTechEmail: rir@cloudflare.com
• OrgTechRef: https://rdap.arin.net/registry/entity/ADMIN2521-ARIN
• RNOCHandle: NOC11962-ARIN
• RNOCName: NOC
• RNOCPhone: +1-650-319-8930
• RNOCEmail: noc@cloudflare.com
• RNOCRef: https://rdap.arin.net/registry/entity/NOC11962-ARIN
• RAbuseHandle: ABUSE2916-ARIN
• RAbuseName: Abuse
• RAbusePhone: +1-650-319-8930
• RAbuseEmail: abuse@cloudflare.com
• RAbuseRef: https://rdap.arin.net/registry/entity/ABUSE2916-ARIN
• RTechHandle: ADMIN2521-ARIN
• RTechName: Admin
• RTechPhone: +1-650-319-8930
• RTechEmail: rir@cloudflare.com
• RTechRef: https://rdap.arin.net/registry/entity/ADMIN2521-ARIN

Links to attack logs

****** ****** ******