104.21.88.22 Threat Intelligence and Host Information

General

This page contains threat intelligence information for the IPv4 address 104.21.88.22 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Possibly Malicious Host 🟢 27/100

Host and Network Information

• Mitre ATT&CK IDs: T1059 - Command and Scripting Interpreter

• Tags: 0x104, 0x11a, 0x12b, 0x14a, 0x14e, 0x228, 0x97, 0xc6, 0xe1, 0xf5, aafunction, afunction, android, april, array, array int8array, b1342177279, bad event, bad idp, child, class, closure library, cnzzdata, copyright, crios, customevent, czuuid, dafunction, date, edge, element, embed, error, fafafa, function, gc, gc3w7t6h5qw, gtmmdcvhgd, ienew ca, iframe, internal, invalid attempt, kafunction, kfunction, kkfunction, lh, meta, mit license, most, nkfunction, node, null, number, object, overlaylevel, p420, path, pseudo, public, qkfunction, quota, reduceright, regexp, rkfunction, sdkversion, skfunction, span, string, swiper, sxa0, symbol, template, this, trackevent, trackpageview, trident, typeerror, typeof, typeof b, typeof d, typeof define, typeof e, typeof enulle, typeof n, typeof r, typeof symbol, typeof t, ufunction, uint8array, umdistinctid, vd, version, void, win32, xlfunction, zdhxiong

• View other sources: Spamhaus VirusTotal

• Country:
• Network: AS13335 cloudflare
• Noticed: 1 times
• Protcols Attacked: SSH
• Passive DNS Results: xn–btvr8f.eu.org wanaqueupholsterycleaning.us t2771.cn slave.weiqin-fu.workers.dev lfcmgduh.cn 30789244.com.cdn.cloudflare.net totogelap168.com focusus.us cazodicsga.com nchcccl.pro ftcna.org trivoxa.cfd lancastersuisse.com thethao247s.net oalhi.shop maofahepo.shop focm3.com sept15ne.com taha18.shop rikvip2024.org exploitwhitegirls.com trecartaun.com www.mayanlandings.com tribalhollywoodz.shop puppypalsllc.com sinar777slot.com jie-ba.com katebakerdvm.com meltshape.sbs bollypeak.pro nguhanhviet.com goldenparkes.com propensity-earthshattering.click manualszoom.com silverquillbk.com mayanlandings.com pre-online-travel-assist-usa.com prabu88.world alliegrolokmezk.eherelmanva.tk joytoygift.com unportrayablel.com mississippirivercruisepackages.today 1607tydingsparkrd.com icebergaggregate.top situs-gacor.lol thr777link2.com cooksvilleairductcleaning.us inferiorityglider.top woodbridgedentalclinic.us slotdemozeus.top maulato4d.online api.apii.top apkgacor96.app pulsaufo.biz raja-gerhana.net open-proinvrstment.info eltonmpo88.com 903345.com 2mjyokeselalu.com plastikovaya-tara.site fivejolly.click festival-transform.org creatingadvanced.com nex1006.com cbrzdzgroup.lol espritvenditait.com edwarddepp.com 78682098.com agen288terbaru1.com djplomx-nsk.com likelihoodenvelop.top getandkeep.online disneyshoppers.com pc-ars.com vaividhyaevents.in uauhub.com trk-magicreels.click manhoucavedy.tk playhologram.fun 123bethaiclub.xyz www.123bethaiclub.xyz era77jp.pro playtinspacezone.space naroling.online arethabrown.com redrteta.shop businesssoftlytics.com cyberhackgods.com altcointrcber.shop getgoodattrig.com 3589macau.com pys1cdw.top ht-43f.cfd tr-aviatorspin.click ruajxfgohq.com slotasialv88.biz zhazhiji.xyz pastikakak.com blashshoes.com rziaqa.com it-facecream-kwc.today bwgnoboundary2023.xyz cdn.apii.top roof-repair-11-nl.today casanuo.com oysmash.space hkjhkghdfzsgdsfxcbvvn.cfd ta12w.com dementiasymptomsigns.today himulti.space jewelrydealersdirect.com teemunhetket.com globalbetbras.com inndir.com parkhaeun.dev dappcoin.top desklamp-shop.com airbnb4ad.esearch1d4f0fe12ekefh82dweqfe44w1edz.com maingeem64.site arabicmagazine.org hairtransplantinmexico932613.life geniussalt.com inabihimi.shop nojm5.store g-car-insurance-for-seniors-in-au-209.today nina-g.shop avtorizetionbots.site buguvai7.shop quasi-ut.site strategfree.com a9play-register.store xn—–elckds1advl2d4c.xn–p1ai s1.peakyu.link v1.likebbs.link jamalik-parfum-cosmetics.com fashionqftube.com theritzuk.co.uk stracklon.mom df.huiiuytr.xyz zenamidesign.com sophosplace.com uu16888.top 789.catpalm.top statisticconsultation.com charpente-gironde.com admin-smartpanel.work auroraincubator.com xn–metamsk-9wa.io www.bettyclarkhomes.com lupus-treatment.today bettyclarkhomes.com www.plaifa.me cayiblog.online www.cayiblog.online dpsas.fr best-ebike-prices.today o2l1aj.buzz hello-world-snowy-bar-4e86.syedabdulqadir2001.workers.dev wutools.com secker-essen.com animesow.tk farmingsimulator22dl.com m-porno-365.pics bintang88terang.store huayinai.com examcollection.prep4king.com odbuy3.cyou trkspinnap-trki.click mature-water.de hntv5075.top olb365main.com innitdoh.com mymeditation.site goddl.app mendikosolo.es chf347.com indobokepxi.com fjfnswx.xyz donte.club 2c929.com sympathetiically.site jawaranihh41.click wyyxxxi3526.com l0c.cc aperion.pro pittsburghveganfestivals.org tranperranaco.tk www.karpinviherkeskus.com runtime.land aronsvvstrateknik.se bwinturk.com xschaoya.com ozs220.com www.cacuocgamebai.net cacuocgamebai.net dlnetvpn.xyz stupendous-flag.sa.com betterwayadvantageertc.com xwerut.cfd kaushikapanservices.in embuscadalegalizacao.com.br tirekirsrehanli.tk apartment-mila.com podologie-duelmen.de pergaypacomgengmugh.ml gallusline.com tradothosopsi.ml thefoundry.media angelnsdiscounter.com www.encycolorpedia.in encycolorpedia.in olilanesyshaya.shop checkleti.ga bruh.zip ketocphut.cloud bpuxi.eu.org pill.oviette.top pan.oviette.top jvtech.sbs pgvrgpcw.ml lsg4372222com.top arnoonoo.click pornxteens.com 158136.xyz pinsdrogregs.cf ybh2.xyz gampang-menang123.store billowing-sea-488f.417917210qq.workers.dev 666.417917210qq.workers.dev www.aperion.pro khumhomrestaurant.com xumyb.info dochodyzenergii.site travelfixnow.com www.knightsofthezodiacimovie.com knightsofthezodiacimovie.com egebetsitesi.com www.sustramex.com slotgacordw88.com braimory.com health-planstoday.com lgabor.com muddy-river-6035.execute-dev.workers.dev plain-smoke-7d41.execute-dev.workers.dev induced-auth-forwarding.execute-dev.workers.dev vip3.88805xiazai1.com vip.88805xiazai1.com vip1.88805xiazai1.com vip2.88805xiazai1.com 88805xiazai1.com archive.reaktivo.com pbvh.in yhglo.com p8nc.us mldna.ai pmtft.xn–qucu-hr5aza.cc duan.xn–qucu-hr5aza.cc betexpertv127.live msg.95279527.xyz px.95279527.xyz jssrrcom.bdcloud03.workers.dev txxwxcom.bdcloud03.workers.dev green-sky-b346.piwanej7144273.workers.dev proud-cell-256c.piwanej7144273.workers.dev www.jivizdravi.com long-bonus-ba12.gerbyiqcot1602.workers.dev www.abbbz.com moneyeasily-woy.top hydratesummit.com www.kyivindependent.com communitylibrariespvd.org cloud-storage2-id-11.life hxauuv.xyz liqeels.com jivizdravi.com spruceatelier.com bitcoinclever.org merophotex.com keralangounion.in www.datismarketmobile.com datismarketmobile.com formtraders.com vaihealthsosirecnia.tk newfreenoesz.qihxguj.workers.dev rrovukwjbf.com elite-drop.space tarinkasol.gb.net freerbxapp.com apptaxi-bergedorf.de torrenttip66.com haber-beypazari.com.tr mineaha.games func.heydari-awi5376.workers.dev cool-dawn-c68e.heydari-awi5376.workers.dev blog.rivu.io blog.coursesquare.co previmatblosfoudse.cf hmac-redirect-to-waf-headersadd.latamlab.workers.dev dhs0nsqg9y8e.shop 858079.com lingdot.xyz www.anewrealtygroupllc.com www.faeag.us www.phimnong.xyz louboutinsmall.com vkwbvj.com inogdea.ga 78apple.ru intellologies.com www.w47invest.live w47invest.live j1xzik.staticfast.com diningdelish.com hmac-generatewaf-v2.latamlab.workers.dev spartaoiltools.com faeag.us hmac-validate-worker-header.latamlab.workers.dev comafi.click git.techprojects.fr getkiwi.us kyivindependent.com rcqmnd.xyz blmjr1.gq soft-waterfall-4335.latamlab.workers.dev hmac-redirect-to-waf-headersss.latamlab.workers.dev wendellchimneysweep.us umrdana.best myraderjoes.com l6mezf.staticfast.com riobetcasino-cdl.top randevubas.net letgor.com vozy.online 682790.xyz learning.coursesquare.co roche.coursesquare.co didtvkkrg.com farmosjatekok.com jcxgzf.xyz seatgnfleek.com net-a-rporter.com unduana.ml www.kelis.com.tw gagach-ch.site proud-unit-0c97.417917210qq.workers.dev amhraty.top bestchainsaws.net op.95279527.xyz bost.417917210qq.workers.dev clarionhotelrenton.com www.artbyjoelinewieburg.com consumersalessolutionsusa.com bfggida.com.tr 888.417917210qq.workers.dev 123.417917210qq.workers.dev orange-hill-9751.execute-dev.workers.dev location-service.execute-dev.workers.dev icsti.ca cors-proxy.chaosarium.workers.dev mahdiar.mahdiarlaptop.workers.dev t0pwrap.best wwwaegiantairlines.com naimarlogistica.com aspectcheats.me 360redmaple.com ufaloon.com plotter-info.de teerofficial.in presilab.ru novotempofm.com ggssgiz.cn clanek178.fun nethublot.com comebacktolife.org iomo.cc hytrea.com handcelre.tk as199767.net downloader.bavshehata.workers.dev www.statehoodforguam.com chicagocoding.net t1-1.pingtools.top pingtools.top resfeber.site csadmin-admin-dev-20201014.coursesquare.co statehoodforguam.com polygonmeta.help ketov47ekworkle.buzz www.restezhosting.net restezhosting.net bluegrednowner.com zaizhiyuan.cn gqq8ec8.hrdyntdh.workers.dev freedomfromtaxes.com www.pingtools.top hammernthor.com tp568.cc designbook.top baba-ajib-naabie.click ramimsa.tk www.renukamasale.com chefblock.dev picklehive.com deteless.gq lasimatasim.cfd chamados.tec.br se7ls.xyz plaifa.me neadertq.info freenodeworker.abol7252.workers.dev abolserver.abol7252.workers.dev tunaliotocekici.com.tr www.webox.email majorprogrammeinitiatives.com zenhonbuph.net taxjoint.info www.co3-project.eu makananbali.xyz healthpowerhouse.se dca-11.com tgreen-firefly-254c.hrdyntdh.workers.dev hmac-redirect-to-waf.latamlab.workers.dev www.pykyrelevi.site carolenahuseby.online largeyellowball.in yergonnaloveit.ga kelis.com.tw co3-project.eu pykyrelevi.site sonlgiwks.cfd cadddxdr.gq mine.coursesquare.co maltcasino13.com summer-voice-5fb6.latamlab.workers.dev tiotrusunlaiconro.ml usps.sla9192.com 337895.com sustramex.com shipber.com champassociation.io xcarry.app vernonvitori.cyou yt1257.com ryu-sing.net minecraft.hosting b5welcome.com lemacaulinkaktif.xyz corporatefloral.com wonqtohq.tk hmac-validate.latamlab.workers.dev dropshopping.ru www.dropshopping.ru redirect-hmac.latamlab.workers.dev www.ninjamarks.com tnteskw.top www.tnteskw.top 22477.org mdkku.coursesquare.co abbbz.com sarmayax.site inelsibore.ml aged-block-24d3.execute-dev.workers.dev location.execute-dev.workers.dev grafana.latamlab.workers.dev csadmin-dev-20190317.coursesquare.co add-cors-to-requests.chaosarium.workers.dev meltbrownie.com time4fck.fun ashleighmckennadi.cyou bucscc.com vinted-de84.eherelmanva.tk walloppopsesgwpq.eherelmanva.tk dhl-de66.eherelmanva.tk ebay-kleinaziegede35.eherelmanva.tk vjntetesvvmt.eherelmanva.tk pozctaplscepm.eherelmanva.tk vjrndetcxft.eherelmanva.tk olnlxsrle.eherelmanva.tk linpoctoyfk.eherelmanva.tk mingovplxxen.eherelmanva.tk sukhon.coursesquare.co nhealth.coursesquare.co trainingplus.coursesquare.co better.coursesquare.co pholwitaya.coursesquare.co travelmob.tk muxuzynews.co mellzvfr.top ketoiooioi09.cyou lelmoomachovicseo.gq acelpcu.sa.com 9te0ay.tokyo medswu.coursesquare.co othupscorun.ml phimnong.xyz diorarewinpper.tk form-w4-tax.com viaccasunacitanie.sk brasillink1.click www.brasillink1.click

Open Ports Detected

2082 2083 2086 2087 2096 443 80 8080 8443 8880

Map

Whois Information

• NetRange: 104.16.0.0 - 104.31.255.255
• CIDR: 104.16.0.0/12
• NetName: CLOUDFLARENET
• NetHandle: NET-104-16-0-0-1
• Parent: NET104 (NET-104-0-0-0-0)
• NetType: Direct Allocation
• OriginAS: AS13335
• Organization: Cloudflare, Inc. (CLOUD14)
• RegDate: 2014-03-28
• Updated: 2021-05-26
• Comment: All Cloudflare abuse reporting can be done via https://www.cloudflare.com/abuse
• Ref: https://rdap.arin.net/registry/ip/104.16.0.0
• OrgName: Cloudflare, Inc.
• OrgId: CLOUD14
• Address: 101 Townsend Street
• City: San Francisco
• StateProv: CA
• PostalCode: 94107
• Country: US
• RegDate: 2010-07-09
• Updated: 2021-07-01
• Ref: https://rdap.arin.net/registry/entity/CLOUD14
• OrgAbuseHandle: ABUSE2916-ARIN
• OrgAbuseName: Abuse
• OrgAbusePhone: +1-650-319-8930
• OrgAbuseEmail: abuse@cloudflare.com
• OrgAbuseRef: https://rdap.arin.net/registry/entity/ABUSE2916-ARIN
• OrgTechHandle: ADMIN2521-ARIN
• OrgTechName: Admin
• OrgTechPhone: +1-650-319-8930
• OrgTechEmail: rir@cloudflare.com
• OrgTechRef: https://rdap.arin.net/registry/entity/ADMIN2521-ARIN
• OrgNOCHandle: CLOUD146-ARIN
• OrgNOCName: Cloudflare-NOC
• OrgNOCPhone: +1-650-319-8930
• OrgNOCEmail: noc@cloudflare.com
• OrgNOCRef: https://rdap.arin.net/registry/entity/CLOUD146-ARIN
• OrgRoutingHandle: CLOUD146-ARIN
• OrgRoutingName: Cloudflare-NOC
• OrgRoutingPhone: +1-650-319-8930
• OrgRoutingEmail: noc@cloudflare.com
• OrgRoutingRef: https://rdap.arin.net/registry/entity/CLOUD146-ARIN
• RNOCHandle: NOC11962-ARIN
• RNOCName: NOC
• RNOCPhone: +1-650-319-8930
• RNOCEmail: noc@cloudflare.com
• RNOCRef: https://rdap.arin.net/registry/entity/NOC11962-ARIN
• RAbuseHandle: ABUSE2916-ARIN
• RAbuseName: Abuse
• RAbusePhone: +1-650-319-8930
• RAbuseEmail: abuse@cloudflare.com
• RAbuseRef: https://rdap.arin.net/registry/entity/ABUSE2916-ARIN
• RTechHandle: ADMIN2521-ARIN
• RTechName: Admin
• RTechPhone: +1-650-319-8930
• RTechEmail: rir@cloudflare.com
• RTechRef: https://rdap.arin.net/registry/entity/ADMIN2521-ARIN

Links to attack logs

****** ****** ******