104.21.91.133 Threat Intelligence and Host Information
ipinfopage
General
This page contains threat intelligence information for the IPv4 address 104.21.91.133 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.
🟠 Elevated — 55/100
Host and Network Information
- View other sources: Spamhaus VirusTotal Shodan AbuseIPDB
- Network: AS13335 cloudflare
- Noticed: 12 times
- Open Ports: 2082, 2083, 2086, 2087, 2095, 443, 80, 8080, 8443, 8880
- Tor Node: No
Tags
- a659 x509v3
- a82743287
- a89e x509v3
- algorithm
- alienvault
- amvzwg
- android open
- any kind
- apache
- apache license
- a particular
- armv7 processor
- armv8 processor
- as is
- asn1 oid
- assurance ev
- authority
- authority ecc
- authority rsa
- b2 x509v3
- basis
- bb3468 x509v3
- bd x509v3
- binaries
- bogomips
- branch
- bsd2clause
- bsd3clause
- bseoe6fuwg
- bunny
- ca2 subject
- ca2 validity
- ca g1
- ca g2
- ca g3
- ca root
- ca subject
- ca v1
- ca validity
- ca x3
- cde subject
- cde validity
- center
- centre root
- cert
- certificacio
- certificate
- certification
- ces validity
- cif a62634068
- class
- class gold
- cnaccvraiz1
- cnamazon root
- cnautoridad
- cnbuypass class
- cnca disig
- cncertinomis
- cncertplus root
- cncfca ev
- cnchambers
- cnclass
- cncomodo ecc
- cncomodo rsa
- cndigicert high
- cndst root
- cndtrust root
- cnecacc subject
- cnentrust root
- cngo daddy
- cnhongkong post
- cnhotspot
- cnisrg root
- cnmicrosec
- cnnetlock arany
- cnoiste wisekey
- cnquovadis root
- cnsecure global
- cnsonera class2
- cnstaat der
- cnstarfield
- cnszafir root
- cntrustcor eca1
- cntubitak kamu
- cntwca global
- cntwca root
- cnusertrust ecc
- cnusertrust rsa
- cnxramp global
- code
- commerce root
- copyright
- cpu implementer
- cpu part
- cpu revision
- cpu variant
- crl sign
- d0 x509v3
- d6 x509v3
- daddy group
- david
- db21 x509v3
- defaultcdrom
- direct
- dirname
- disables
- division
- driver
- drw5visp
- e64f x509v3
- e7 x509v3
- e84e54 x509v3
- ec1 validity
- ecc rootca
- ecc subject
- ecc validity
- ee x509v3
- ef grep
- entrust
- ev rootca1
- except
- fa8658 x509v3
- february
- fnmtrcm subject
- format
- full name
- g2 subject
- g2 validity
- g3 subject
- g3 validity
- g4 subject
- g4 validity
- g5 subject
- g5 validity
- ga ca
- gb ca
- generator
- global root
- gmbh
- gmt subject
- grep
- grep vn
- gvfsmtpm
- identifier
- id root
- ihnzbm8m9yop5w
- info
- issuer
- june
- kamu sm
- key algorithm
- key identifier
- key info
- key usage
- kocaeli
- kok sertifikasi
- kurumu
- kwbqbm0
- lankara
- lathens
- lbratislava
- lbudapest
- lgebze
- lhouston
- library name
- license
- license name
- licensor
- limited
- link
- ljersey city
- lmadrid
- lmilan
- lpanama city
- lsalford
- lscottsdale
- media driver
- merkezi
- mtpdrive
- nederlanden
- nederlanden ev
- negative
- neither
- netraw netadmin
- network
- network ca
- nif q0801176i
- number
- oac camerfirma
- oaccv
- oaddtrust ab
- oaffirmtrust
- oamazon
- oatos
- obaltimore
- ocertinomis
- ocertplus
- ocertsign
- ocomodo ca
- ocybertrust
- odhimyotis
- odigicert inc
- odtrust gmbh
- oentrust
- ofnmtrcm
- oglobalsign
- oguang dong
- ohongkong post
- oidentrust
- okrajowa izba
- okue6n36b9k
- oopentrust
- open threat
- or conditions
- osecom trust
- osonera
- ostaat der
- ostarfield
- oswisssign ag
- otaiwanca
- othawte
- othe go
- othe usertrust
- otrustcor
- ou0002
- ouac raiz
- oucertification
- oucertsign root
- oucopyright
- oucybertrust
- ouepki root
- ougo daddy
- ouhttp
- oupkiaccv
- ouroot ca
- ousee
- outrustis fps
- ouvegeu https
- overisign
- ovisa
- owfa hotspot
- owisekey
- oxramp security
- please
- prgetnonewprivs
- primary ca
- private key
- public key
- public primary
- qt websockets
- qt widgets
- r2 validity
- r5 root
- research group
- root
- root ca
- rootca
- rootca1 subject
- rootca2 subject
- root g2
- root g3
- root g4
- root r1
- root r2
- root subject
- root validity
- rsa validity
- s8streetavda
- sa cif
- sector root
- services
- signature trust
- sm ssl
- software
- source project
- starizona
- stnew jersey
- stpanama
- sttexas
- subject key
- subject public
- t1055 f62
- tink
- tls web
- tppdpfquww
- true x509v3
- trust root
- ttp network
- uboot
- unknown
- unless
- usbdrive
- validity
- verisign
- version
- work
- x1 subject
- x1 validity
- x509v3 subject
- zetx2fnxlrtizye
- ztecdrom
MITRE ATT&CK TTPs
- T1137 - Office Application Startup
- T1535 - Unused/Unsupported Cloud Regions
- T1539 - Steal Web Session Cookie
- T1546 - Event Triggered Execution
- T1550 - Use Alternate Authentication Material
- T1553 - Subvert Trust Controls
- T1555 - Credentials from Password Stores
- T1557 - Man-in-the-Middle
- T1559 - Inter-Process Communication
- T1562 - Impair Defenses
- T1566 - Phishing
- T1598 - Phishing for Information
- T1602 - Data from Configuration Repository
- T1606 - Forge Web Credentials
Passive DNS
- 91avlulu95.xyz
Attack Log References
Whois Information
NetRange: 104.16.0.0 - 104.31.255.255
CIDR: 104.16.0.0/12
NetName: CLOUDFLARENET
NetHandle: NET-104-16-0-0-1
Parent: NET104 (NET-104-0-0-0-0)
NetType: Direct Allocation
OriginAS: AS13335
Organization: Cloudflare, Inc. (CLOUD14)
RegDate: 2014-03-28
Updated: 2021-05-26
Comment: All Cloudflare abuse reporting can be done via https://www.cloudflare.com/abuse
Ref: https://rdap.arin.net/registry/ip/104.16.0.0
OrgName: Cloudflare, Inc.
OrgId: CLOUD14
Address: 101 Townsend Street
City: San Francisco
StateProv: CA
PostalCode: 94107
Country: US
RegDate: 2010-07-09
Updated: 2021-07-01
Ref: https://rdap.arin.net/registry/entity/CLOUD14
OrgRoutingHandle: CLOUD146-ARIN
OrgRoutingName: Cloudflare-NOC
OrgRoutingPhone: +1-650-319-8930
OrgRoutingEmail: noc@cloudflare.com
OrgRoutingRef: https://rdap.arin.net/registry/entity/CLOUD146-ARIN
OrgTechHandle: ADMIN2521-ARIN
OrgTechName: Admin
OrgTechPhone: +1-650-319-8930
OrgTechEmail: rir@cloudflare.com
OrgTechRef: https://rdap.arin.net/registry/entity/ADMIN2521-ARIN
OrgAbuseHandle: ABUSE2916-ARIN
OrgAbuseName: Abuse
OrgAbusePhone: +1-650-319-8930
OrgAbuseEmail: abuse@cloudflare.com
OrgAbuseRef: https://rdap.arin.net/registry/entity/ABUSE2916-ARIN
OrgNOCHandle: CLOUD146-ARIN
OrgNOCName: Cloudflare-NOC
OrgNOCPhone: +1-650-319-8930
OrgNOCEmail: noc@cloudflare.com
OrgNOCRef: https://rdap.arin.net/registry/entity/CLOUD146-ARIN
RAbuseHandle: ABUSE2916-ARIN
RAbuseName: Abuse
RAbusePhone: +1-650-319-8930
RAbuseEmail: abuse@cloudflare.com
RAbuseRef: https://rdap.arin.net/registry/entity/ABUSE2916-ARIN
RTechHandle: ADMIN2521-ARIN
RTechName: Admin
RTechPhone: +1-650-319-8930
RTechEmail: rir@cloudflare.com
RTechRef: https://rdap.arin.net/registry/entity/ADMIN2521-ARIN
RNOCHandle: NOC11962-ARIN
RNOCName: NOC
RNOCPhone: +1-650-319-8930
RNOCEmail: noc@cloudflare.com
RNOCRef: https://rdap.arin.net/registry/entity/NOC11962-ARIN