104.21.85.48 Threat Intelligence and Host Information

Aug 20, 2025 ipinfopage

General

This page contains threat intelligence information for the IPv4 address 104.21.85.48 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Likely Malicious Host 🟠 55/100

Host and Network Information

Mitre ATT&CK IDs: T1027 - Obfuscated Files or Information, T1036 - Masquerading, T1057 - Process Discovery, T1059 - Command and Scripting Interpreter, T1071 - Application Layer Protocol, T1082 - System Information Discovery, T1083 - File and Directory Discovery, T1105 - Ingress Tool Transfer, T1106 - Native API, T1129 - Shared Modules, T1140 - Deobfuscate/Decode Files or Information, T1449 - Exploit SS7 to Redirect Phone Calls/SMS, T1546 - Event Triggered Execution
Tags: address, all octoseek, analyze, ascii text, august, body length, bundled, cfqirgdhj5, cfqirgdhj5 http, cfqirgdhj5 url, ck id, code, communicating, contact, contacted, contacted urls, dropped, execution, factory, february, feeds ioc, file, final url, formbook, getprocaddress, gmt connection, gopher, headers date, historical ssl, hostnames, http, http response, hybrid, iocs, ioc search, july, kb body, localappdata, malware, mitre att, new ioc, njrat, obz4usfn0, obz4usfn0 http, obz4usfn0 url, passive dns, paste, path, post, putty, ransomware, referrer, resolutions, sample, scan endpoints, screenshot, serving ip, sfqh4dt74w0 url, sha256, show technique, ssl certificate, status code, teams api, temp, threat, threat analyzer, threat roundup, ukhdaauqaaaaaac, unique, urls, urls https, vj87, whois record, whois ssl, whois whois, windir
View other sources: Spamhaus VirusTotal

Country:
Network:
Noticed: 6 times
Protocols Attacked: Anonymous Proxy
Passive DNS Results: www.amgame1688.org bateel.ngo baptistmedicalgroup.it.com hikeadventuregear.com six66.co savethestag.com 5572277.com chiveshotdog.com 211143.com adapthicalleadership.com xjly917.com parlay4d12.me kidcoal.com omtogeljamin.com 51chaba.club thestarlightpiano.com radw-gaming.de prometheus.eapic.org 9qmxa1.vip oqxqegz.info dfzcsoft.com zbg123.com portainer.eapic.org thelising.shop n8n.aveumtechclientes.com.br hobsdresses.com 27b-s.com www.jacekchwalek.pl ftp.jacekchwalek.pl smtp.jacekchwalek.pl pop.jacekchwalek.pl jacekchwalek.pl nmobt.link ttqs.systems woyongxin.com togethernessgrateful.shop hiremomentum.online bharatclub.top togel288all.com quickfamilyfeast.com watchtv.click mohammadafif9924.my.id site.anchante-data.fun young-frost-cf14.59hze58w.workers.dev find-my-icloud.za.com 61666o.com quantumasesorias.site cartoz.qpon hore-toto4d.xyz uss-ga.com aimiafoods.eu luxuryinterioe.com fhhaiyuan.com fr-pataugassoldes.com www.togelasia-88.site 53009m.com gumaktiv24.com workhorsefast.shop jmsycn.com dy200918.com www.aesuhaendi.com 21jspz.com avia-masters.vip www.62141.cc egpt.co.il portalpinheiro.com youxiandoufu.net newlifeproperties16.com www.l4p4k303top.com yph8.com sky-two.com me88v2.xyz coconutmilk.my flopibid.com www.gamehelp.net www.fencerentalreading.com dae333.com rtpmdmvalid.com sensecity.kiev.ua www.longhornsteakhousemenu.com ss5p.com dojokokor.com www.1xbet-pt1.xyz hangye.sh.cn b29-bet.ink tiktok88high.xyz www.investnestle.com 6665303.com wtyy.xclzs46.mom together-brpau.xyz bluebunnynews.com www.whgxk.com 701club.icu mycontrol.tech usjxf.xxyqrcb.top www.anhjc998.com simplystylishmodernhomedecor.com autosactus.fr zzc200910.sbs olive813llc.it.com religiosasmariainmaculada.com philipps.io queenclub88.today www.asmitasinha.com behemythical.com capitaltecheg.com yesb5.com iouswu.com 999083.xyz residencedomotica.online www.gishurcenter.com gishurcenter.com uqene-usup.com.tr orgipulaumarore.org 233-superwin.store fironixpulse-7-1-ai.best epaperonline.in peranoxconcepts.sbs www.laskarqqpro.com kingstransmission.com abcbet-21.com pgw-12.com neopolsloes.online bane77vip.today alcobar-v-kemerovo.shop jakineti.com loopzone.space kingbabu.pro systemsithub.com investnestle.com omav88.com taya777registerlogin.xyz life-beratung24.com kamustoto7.xyz lzqbt.com uhimof.com 94betcombet.com balonwinpop.top xclzs46.mom alybadruddin.com wldmjg.com vionklyxara.com svelte-assets.com boucherassurance.com bookklnow.com maxjerukbet.site ispacemall.com hqforupnova.info partytoday.cfd how-to-register-in-casino.shop safe-casino.shop pescort.asia topslot99.vip holiganbet-guncelerisim.com www.culbersoncountyjail.org hookai.tech antoniogiuliari.com jayaterusdb88.pro renuzit.shop huankey.site aa999a.org ratiedu.com canadahelpdesk.org bluehouseofpizza.com coinbasesupport-dashboard.help wallstreetmission.com hwcup.xyz api.cosavtok.net daddy-casino-wxd.top renovandojardin.com app-cap.org cq-lb.com financeeducation.ca strongape-club.art skikaedtv.shop www.spinslot-giveaway.tech fyronelistra.shop meti.media kidsuccessfullylucky.work gold-chain-near-germany.today www.miragetwill.com qdkeman.com www.hstongtu.com hstongtu.com elitnayavillaibitsa.com pocketapp.xyz www.pocketapp.xyz acessoentrega2025.store idntoto-sydney.com wuqotui6.pro fblmcp.life laskarqqpro.com cleanductsserviceteam.info pyrcsz.com sanchitwadehra.com 4672b.top missiodei.net rldwin.sbs cyntherratech.com zklocko.com centralfincaraiz.com zlh777.com animefenix.pro com-etctgv.vip 2112kx.club dapurhoki.baby practicaltoolsshop.com sanforex.world lethwallet.shop a18bet8com.com drypilot.website pixelcove.online trecexp.com inspiraremarketinglead.com 818p818p.com kolohis.ink ahalabdealbeam.com maktjn.info oyukiayuksini.mom giris-starzbet-casino.com rutvturkhd.online wastemanagementz1sheffield.sbs nufibra.com novabuild.top ck-clothing.com buddhistsathi.com cloudtap.homes kbkbx.info gyujg.com dmjsl.bid dustexercise.net 703215.top bahisforumtr.net luxloopsstudio.com ufabet8.world fryvira.shop xlnewzealand.shop 698betapp.com mnctotojago.net healix.id adornicadiasjfkff.shop lqdptq.info blackkongtan.com telegiotu.homes juzrkwbf.bet ph444.pics vapremiumtg.live whgxk.com zenat.app longhornsteakhousemenu.com expensesmentorpath.buzz suummertoon.com doti-ksa.com hyperfuondations.org sagacherry.com kra5.vip j88com.feedback sadty.solutions mz.cdkaa.com gratefull.info misssaigonnashville.com www.watchtv.click heritagesouthgateway.de ascentivodesigns.com roseville.nsw.edu.au carrickvets.co.uk georgeweaver.shop miragetwill.com erasurvey88.com bcc1fec8.549ce7d2f4ddbacc27aa274f.workers.dev www.aditibahali.shop vision-tests-set.today mechanistern.com get-paid-for-donating-sperm.today biheyamesoficijobumi.shop vedcrfvtgy.xyz teknobaru.biz.id pl-oferta5983610.icu luniverukf.cfd thetollroads-paytolljki.life donauschwaben-usa.org ukr-newsf.world macseyrett.co thepornator.pro baldyb.men telealetg.business quantumbaseholding.com millportkeyword.top hotelcasinoholidays.com amgame1688.org joincompound.com discussf.site hauckdecor.com.br bestukonlynecasinos.com pisaniter.live smartphone-deals-mx1.today www.nebraskanews.xyz p-loads.sbs amanid.com ketomealservices.icu jcxty.cn vilopj.com gooturgoo.com akak-8.com www.swissmadisonh.shop 7112644.com dadukusuper.store eapic.org ufxoqmit.xyz truedailydosenow.world cair77sticks.club lelego.online a3innovative.com dui-help.com wj67a.com paradox24.pl bbsbet.love mega2moriarty.com mgliveslot.com globalaimerceboost.com 457bet-q.com inicionoticias.lat truck-drivers-jobs-661.today icy-dream-9506.n6n0os2s.workers.dev www.perlaorgel.shop chat-grow.zenat.app perlaorgel.shop www.token-cn.net yalla-shoot.bio lionwin55-8rtp.org yesweptint.com npsteamgo.com www.rheydtrolloffsanddisposals.com osmverx.com appsuniverse.site sam-poehalar.com docs.stealthcreator.com onlyzoena.com lf92w.cn xahuaqin.com www.xts.hu xts.hu ww1258.cn theurbanbaker.com jubabyy5.pro letslucky-migration-stub.ss-worker-0.workers.dev misty-bird-36bf.249733703.workers.dev s10k-n1bet-geoip-redirect.ss-worker-0.workers.dev worker-soft-hill-471f.3666058597.workers.dev 66kkgg.cc proud-wen-03.cws087123.workers.dev dell77653.store findservicepoint.co raven10.click violetbushes.com sec111-projects.co.in hottinnhan.xyz mongo-beef.site nonesemprepesante.org musangberasap.com muyeed.com eway.md hauntyidlemannonagon.org pkampango.online huishua.com.cn lulaeyemask.top distribution-xrp.com r5wtrrrh.cn www.vipbottleca.shop 344111.asia pphokispesial.cloud jobguidehub.com gransino-casino.online trace6p.info elitelondonadvertize.com fvyaz.creativebest.shop token-cn.net petfond.xyz billieeilih.shop dood45.com rtpradar138aq.xyz takebuildbadongo.grialhaddin2008.workers.dev tomtatetruffleupness.blog reallyprovidaprv.com demond-online.de q8.uqicdlwb.ru greatly771.shop brianflookblog.com sebapya7.pro dzhhqg.info abibia.uk techdrivenft.com www.cdkaa.com cdkaa.com dev-legatudleveringerv2.fhdev.dk tztcc.com swissmadisonh.shop ezdoc.cloud hidden-mouse-15f7.z9h1ekbc44.workers.dev elcorteingleses.com tudiencongnghiep3c.com voisebatleua24.online unlimitedmarketingsolutiondigital.com greengardens.co.in naanksa.com 62141.cc www.greenlightinvestor.org.cdn.cloudflare.net bankaccounttoinvest708810.icu ubeemqu.shop remoindonesia.com gravitypower.in play-ultimate-station.xyz blackpsrut.app www.eternadayspa.com petfuneralservice186909.icu 1win-88xh.click storeconcentrate.com lapostte.cc traefik.thotmail.ca bankeide.com aditibahali.shop galaxyhub450.shop ib.strmrdrfropa.click bowyangbravoescaribou.shop taxienmargarita.com.ve music.iranmusic.workers.dev caver.in www.beacondev.club car-insurance-pr-pyhb8nn8r199.today strmrdrfropa.click chagt.link papodeto.com.br dunduk.club vero4dspesial.store tokoqrisbet88.pro wwascjurw.shop pcfng.info khmervisit.com ototops.top loenelykidsclub.shop intikilangnusa.sbs web-dev-dab.today xgubfatpjvr.info hh3009.com muppetsmusic.com www.lesgetsmorzine.fr lesgetsmorzine.fr wertcoshtibezpeka.space slotcity88wins.lol uus77expertjackpot.com neoempire572.top martechtools85.shop kent-casino-wqp.top register.swellprotocolcoindefi.com finisesflanefluyt.fun explore-kapellskar-cruise-packages.today whitekey82719.space unvb.asia kg58.net margueritejuenemann.com scottlattimerplumbing.com l4p4k303top.com dashboard-mocaverse.xyz www.beecots.shop utensilsfork.shop 253899.com voipserviceguide.today kristiandelgado.site thonewspear.com togel.saladeprofes.org stake.bomesprotocol.com whm.zerelcakesandcream.com.ng pog79.lat celcoinpix.com nayapos.com khelonii.shop stopcybercrime.nl panetlipid.com pialaqqfyp.site emakqq.live www.risetriberise.com produtividadeextrema.online tqpisoigl.top bipolar-tests-usa.today lunahyu7.pro gcfpet.com.br social-supporto2.click satisedu.es craftplay.co.in qtjgakisnhc.buzz lx.trungtamdaotaolaixe.cfd www.lx.trungtamdaotaolaixe.cfd mo0311mm.mostafafakher8887.workers.dev bestcamgirl.xyz tootyourflute.com www.datagrom.com www.eway.md outboundsystemslabs.click zpyx.597179159.workers.dev aacpen1.top

Open Ports Detected

2052 2082 2083 2086 2087 2095 443 80 8080 8443 8880

Map

Whois Information

NetRange: 104.16.0.0 - 104.31.255.255
CIDR: 104.16.0.0/12
NetName: CLOUDFLARENET
NetHandle: NET-104-16-0-0-1
Parent: NET104 (NET-104-0-0-0-0)
NetType: Direct Allocation
OriginAS:
Organization: Cloudflare, Inc. (CLOUD14)
RegDate: 2014-03-28
Updated: 2024-09-04
Comment: All Cloudflare abuse reporting can be done via https://www.cloudflare.com/abuse
Comment: Geofeed: https://api.cloudflare.com/local-ip-ranges.csv
Ref: https://rdap.arin.net/registry/ip/104.16.0.0
OrgName: Cloudflare, Inc.
OrgId: CLOUD14
Address: 101 Townsend Street
City: San Francisco
StateProv: CA
PostalCode: 94107
Country: US
RegDate: 2010-07-09
Updated: 2024-11-25
Ref: https://rdap.arin.net/registry/entity/CLOUD14
OrgRoutingHandle: CLOUD146-ARIN
OrgRoutingName: Cloudflare-NOC
OrgRoutingPhone: +1-650-319-8930
OrgRoutingEmail: noc@cloudflare.com
OrgRoutingRef: https://rdap.arin.net/registry/entity/CLOUD146-ARIN
OrgTechHandle: ADMIN2521-ARIN
OrgTechName: Admin
OrgTechPhone: +1-650-319-8930
OrgTechEmail: rir@cloudflare.com
OrgTechRef: https://rdap.arin.net/registry/entity/ADMIN2521-ARIN
OrgAbuseHandle: ABUSE2916-ARIN
OrgAbuseName: Abuse
OrgAbusePhone: +1-650-319-8930
OrgAbuseEmail: abuse@cloudflare.com
OrgAbuseRef: https://rdap.arin.net/registry/entity/ABUSE2916-ARIN
OrgNOCHandle: CLOUD146-ARIN
OrgNOCName: Cloudflare-NOC
OrgNOCPhone: +1-650-319-8930
OrgNOCEmail: noc@cloudflare.com
OrgNOCRef: https://rdap.arin.net/registry/entity/CLOUD146-ARIN
RTechHandle: ADMIN2521-ARIN
RTechName: Admin
RTechPhone: +1-650-319-8930
RTechEmail: rir@cloudflare.com
RTechRef: https://rdap.arin.net/registry/entity/ADMIN2521-ARIN
RAbuseHandle: ABUSE2916-ARIN
RAbuseName: Abuse
RAbusePhone: +1-650-319-8930
RAbuseEmail: abuse@cloudflare.com
RAbuseRef: https://rdap.arin.net/registry/entity/ABUSE2916-ARIN
RNOCHandle: NOC11962-ARIN
RNOCName: NOC
RNOCPhone: +1-650-319-8930
RNOCEmail: noc@cloudflare.com
RNOCRef: https://rdap.arin.net/registry/entity/NOC11962-ARIN

Links to attack logs

****** anonymous-proxy-ip-list-2023-06-22 ****** ******

Share on: