104.21.91.141 Threat Intelligence and Host Information

General

This page contains threat intelligence information for the IPv4 address 104.21.91.141 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Potentially Malicious Host 🟡 35/100

Host and Network Information

• Tags: cyber security, ioc, malicious, Nextray, phishing

• View other sources: Spamhaus VirusTotal

• Contained within other IP sets: coinbl_hosts

• Country:
• Network: AS13335 cloudflare
• Noticed: 25 times
• Protcols Attacked: SSH
• Countries Attacked: Canada, Czechia, Denmark, Estonia, France, Germany, Latvia, Lithuania, Norway, Poland, Romania, Turkey, Ukraine, United Kingdom of Great Britain and Northern Ireland, United States of America
• Passive DNS Results: sro-dopysk-ofopmlenie-rf.ru 1pm.lt savhold.shop rugcleaningbarrington.us stbasebk.com 365betfootball.com xuanaoo.cn qabmr.hardbell.top middletondryerventcleaning.us fast-uploader.10d.workers.dev worker-frosty-unit-bbb1.597320378.workers.dev theeverydaymans.com goldietherealtor.com cleangrillsofstlouis.com tryklandarreai60.com sundaybelle.com littlemovers.ru menburzapatos.com esteticodecor.com stmbet4d.hair mysteryeworld.com uatodanow.site ztsdb.hardbell.top servercdn302.fun zasro.cloud usekalaigpt83.com 000.wentaozhang904.workers.dev verkauf-von-wohnmobilen.today kartalsacekimi.com.tr snowytech.com ayilbasikampanyalari.org limit-art.site soberljrecipr.com clovertoto277.com kxjmjw.xyz ace2115.com managesu.com instant-stake.com yatigaz.com heliff.site ttprodutosdigitais.shop granresd.com ridemountain.fun blatk.hardbell.top 26c.e-business.blog ty.e-business.blog personal-loans-best-in-2023.today zetayu.com okegaming3.xyz shannockgaragedoorrepair.us theatrecompilation.top quark.sener wexfordcoco.com ynjksw.com outface.shop zmkct.hardbell.top ktfus.hardbell.top zxliat.store agentebrassiro.com playboulevard.com sriwebdesign.com lapbit.com qowomye8hw.buzz the-immediate-matrix.com aviatox.online sjfqd.hardbell.top tancap88.fun bungatusuk2.com iiimlds.com www.51lover.org ac-fix-near-me-219.today whfh.asia win11bet1.com goodrich0.click soldemodemc.com toto12naga.info speeddatephoenix.com yaoduoli.top lastesthonestreviews.com usfererai.org vm.amir8you25.workers.dev catomos.com aisecuredata.com tin-9.top fitnessfusionhub.website espacenetworks.cloud tayloryukmain.us www.evirda.com invamexta.xyz inedupro.com 1pinsd.com jcyqb.hardbell.top movingjobswant.today jvorfdigoif.store anachapelon.com immunocalusa.com kaisar328.one chaussures-onshop.com buildbetterhandyhousedepot.com uzunlink.com jxlse.hardbell.top evirda.com skylinkers.com www.twsdwumiao.org.tw diaper-adult-searches-br.today majorcatravels.xyz huzuristan.online bearandmooa.shop pexawceful-lxawborer.club www.zw234.cn caksir-otu.digital pagumas4.xyz liqyubro.sbs web.gptchat.fan yourbill247.com globalequityfin.net someonebureaucracy.top www.claycourtshoes.com www.rubyrosedistribuidora.com.br wot-akks.store canadagoosecanadaca.com wfhu1485.top skinandserumessentialdeals.com sourceliferadio.com ephql.top gptchat.fan xmlyd.hardbell.top hub-5ejoin.com goodmonsterteam.com swwide4.net yitandsd0028.com memix24.pl icloud-fmi.pro forbet777.com www.maraba.com www.podereseducao.com.br www.secullusbijoux.com.br www.malupires.com.br www.dezaina.com.br www.lojapapi.com.br www.agmsex.com.br www.lojapapiatacado.com.br mskqgnoanr.sbs halalotelz.com mendmind.co.uk reviewmobis.com alcrouchinsurance.com www.alcrouchinsurance.com www.franqueadoburgerking.com.br www.essencialprazer.com.br www.modacorporativaqdb.com.br escortes.club commodi-aut.site almeasnanthourg.ml cootapi.com.br onlinein.store top77.today www.pov.red thelittleattire.com cf-workers-saucenao-tg-bot.kxxoling.workers.dev sootnik.click bswxue.com www.modelan.com.br hindrancestrajectories.click www.bananadanger.com.br segurosempresariales.com.co evchulev78.za.com www.luega.com.br www.chronic420.com.br www.maresia.com.br cocinaparatodos.net todollantas.co defiexperts.team hntv5497.top raresor.com gpfog.xyz www.nilarte.com.br lorryunderlie.top gettemplatesfree.com pttcllgncel.net maltesemgir.pw khoraksupermarke.shop www.khoraksupermarke.shop tamukitani.com financeservice.fr zzz578.com www.centraldascalcinhas.com.br support.alephbeis.org www.support.alephbeis.org www.e-loonyjeans.com.br www.luluh.com.br fertility-id.life szbmu.hardbell.top raxjmf.cyou www.violetfabrics.es violetfabrics.es shoecabinet.store collection-hatssales.com www.collection-hatssales.com azimi.faramarzazimi1020.workers.dev madeirathreads.co.uk kalender50.com www.intimida.com.br www.banbancalcados.com.br whm.designarental.com www.lojaoerotico.com.br raspy-hill-3ff4.behmardnima3.workers.dev git.wgc.li norvesta-games.com www.photoscape.top photoscape.top liveecommerce.app mobile-po.space claycourtshoes.com www.wgubbs.com 51mimi.xyz smartime-advnc.10d.workers.dev mav422.xyz pipaikkcv.live sso.defiexperts.team hardbell.top discount-wing.com instruction-manuals-service.com www.crossroadsofindiana.com spfarmhouse.in emprestimos-pessoais.life anakcantik29.com nwkxu.hardbell.top ndobv.hardbell.top mporx.hardbell.top tiogjk-frd.cloud xlofse.com wgubbs.com rilepova.tk refpaaixic.top w9j1o0.cyou 64nimar.64nimar.workers.dev cf-svelte-ts.kxxoling.workers.dev 1h.goldluck.site www.xtremeanonymous.com conectt-gala-games.com chillness.shop getintotown.com www.serverofficial.com serverofficial.com sidtechchannel.com mmatarazzo.com portainer.sidtechchannel.com investingamidlow.com cmmcaccelerators.com x99a1449.xyz square-meadow-aeea.mnuyshofpc9080.workers.dev www.arubaatmosphere2021.com wandering-smoke-425e.ixorpbvlym9844.workers.dev www.7zeytin1incir.com.tr 7zeytin1incir.com.tr www.elfightpromo.com violent-crib.de www.rakyatslot.buzz filmestorrentshd.net 331d.xyz cionn-logginn.com ourtownsystemphone.top jzhg.site catcasino-com4.buzz grofbusiness.xyz www.grofbusiness.xyz prozec.us collegepirate.net seoshim.online pukydq.com broad-hill-282d.64nimar.workers.dev www.easymp3converter.app arubaatmosphere2021.com workforlive.shop www.redcloaker.net timeshealthmag.com easymp3converter.app rex-727.com d0ubxd578.yuio57890.workers.dev cold.mdaf1235.workers.dev derramitdediff.tk ciafleeccompfapu.tk cold-scene-4edc.kurdlord31.workers.dev ketoosofiflexos.cloud digitrustconversion.fr javadsepehr.javadaleali.workers.dev quantsnetwork.com still-field-eb8d.amir8you25.workers.dev square-frost-7411.amir8you25.workers.dev floorsandinglambeth.org.uk trendatolye.com falconsfangear.com drainmp.com station-restoration.shop billowing-lab-6a9f.gurman9022.workers.dev nabackthandeo.ml gslpe.online xxoo986.buzz sexycams13.com pov.red holy.mdaf1235.workers.dev jrodriguez.jrodrib.workers.dev kurdking.kurdlord31.workers.dev odd-frost-0f83.10d.workers.dev redcloaker.net bolivikasyo.xyz totositeparadise.com happy-babes.ru acbh.cfd canadiagoose.com psyventures.com bombshellbodymassage.com trkpinpcenter.click teenyoungxxx.com fantasyss.10d.workers.dev hjp542.com nirmeenahmed.com appcala.games rpaplastic.com toprekordx.online designarental.com corporate-page.forcrafts-workers.workers.dev devtires.com raj-stopy.com.pl plat.lotto247.co.za www.lotto247.co.za crm.lotto247.co.za candyflip.info muddy-mouse-e889.mdaf1235.workers.dev www.bukanzeus.com yellow-waterfall-c3f3.jrodrib.workers.dev square-dawn-25f6.abol-fazlzolfaghari271.workers.dev abx630.abol-fazlzolfaghari271.workers.dev hydroxychloroquinepill.online jisen-cn.com nettgsm.com rdbbaltic.eu www.socialgrowthasap.com chillzbux.com hh1tg3eqcl.cc ooroobeds.com www.bb-passport.com jadikingg.com ymnnnez.bar csoyen.site caphung.com gratuit.roxanamastacan.ro clients.roxanamastacan.ro privacypool.cc b018wazirx.com pxxxwr.com www.o3t.net 1st-solution.co.uk www.friendship1.xyz friendship1.xyz airdrop-eonrift.xyz www.roxanamastacan.ro roxanamastacan.ro ash-mxcon.buzz www.toadbird.top chatgpt-tg-bot.kxxoling.workers.dev tg-bot.kxxoling.workers.dev melihui82.xyz 23h.goldluck.site www.starsapparels.com starsapparels.com ppcc.smavikod.com fomn.smavikod.com xtremeanonymous.com ubi.smavikod.com unaldogan.com nxu.smavikod.com streaam-convertor.10d.workers.dev neihistnabi.tk 08uuu.com bb-passport.com gra.smavikod.com neobarf.co.uk glasgowhq.com melbet-bus1.top cool-limit-b76c.kenankarymi.workers.dev lingering-snowflake-f205.kenankarymi.workers.dev martinpulsa.xyz 5news5.newsshake-handstypographic.cyou www.5news5.newsshake-handstypographic.cyou newsshake-handstypographic.cyou aviator-t23.click distribution-online.com suhermanto.my.id clothesco.co.uk professionals.coach odd-sound-0bcb.ipvw80bd.workers.dev www.distribution-online.com pinup-error32.store trustdom.dev rtp888togel.com whuxh5e33b3.vip hamrah2.javadaleali.workers.dev hamrah.javadaleali.workers.dev www.8xbet5.net www-madagascar.com ancient-sky-82b1.datahostr.workers.dev applai.me xinqidian001.com uplaydanji.com nito47.ga wwwxue1888.com xn—-btbboogh9c.xn–p1ai myyorktownhomespot.com olurhaber.xyz www.talwork.net mercifultease.cyou senoa.me makeup.belte.com.br core.belte.com.br dwgiki.com ztlg.link cuanbarengsini.xyz www.fast-fruits.com fast-fruits.com www.nito47.ga withdraw-history.10d.workers.dev eplaychlna.com bs-gl.icu tievolegamestop.com cyberunfiltered.com hobohu.xyz alibabasrestaurant.com www.gammalon-russia.ru jobzustad.com demosite.distribution-online.com 8uk0rsyoz.com www.mail.bukanzeus.com live-weed.space damanexchange.in prospectblue.net www.logjamiceseymou.store calm-bar-95c2.kurdlord31.workers.dev streaamthirdparty.10d.workers.dev rakyatslot.buzz investfx.club www.lewisfamilyestore.online interpozyczka.pl www.mm88bet.xyz evoluirdeterminado.online mm88bet.xyz www.jet90.casino jet90.casino dat-lich.vn daneshhonar.com ribbano.tk qyejsghm.cf eliminate-execute.de cashwin371.com goldluck.site 19h.goldluck.site 8h.goldluck.site 17h.goldluck.site 30h.goldluck.site 29h.goldluck.site 28h.goldluck.site 25h.goldluck.site 27h.goldluck.site 22h.goldluck.site 20h.goldluck.site 18h.goldluck.site 26h.goldluck.site 24h.goldluck.site 16h.goldluck.site 15h.goldluck.site 14h.goldluck.site 13h.goldluck.site 11h.goldluck.site 3h.goldluck.site 10h.goldluck.site 9h.goldluck.site 7h.goldluck.site 6h.goldluck.site 4h.goldluck.site 2h.goldluck.site highrate.online wbar.smavikod.com dosk.smavikod.com ocup.smavikod.com pbur.smavikod.com xcbh.smavikod.com iecu.smavikod.com blogs.10d.workers.dev logjamiceseymou.store pgyi.smavikod.com zdbw.smavikod.com kval.smavikod.com qsvo.smavikod.com aiur.smavikod.com izmirimaksmkmnys.net zwsq.smavikod.com wcnu.smavikod.com ynjy.smavikod.com bfds.smavikod.com

Malware Detected on Host

Count: 1 f375501689a6534eb4f7babfddaea594f59c1c457310c4a3346807297a1cf11d

Open Ports Detected

2082 2083 2086 2087 443 80 8080 8443 8880

Map

Whois Information

• NetRange: 104.16.0.0 - 104.31.255.255
• CIDR: 104.16.0.0/12
• NetName: CLOUDFLARENET
• NetHandle: NET-104-16-0-0-1
• Parent: NET104 (NET-104-0-0-0-0)
• NetType: Direct Allocation
• OriginAS: AS13335
• Organization: Cloudflare, Inc. (CLOUD14)
• RegDate: 2014-03-28
• Updated: 2021-05-26
• Comment: All Cloudflare abuse reporting can be done via https://www.cloudflare.com/abuse
• Ref: https://rdap.arin.net/registry/ip/104.16.0.0
• OrgName: Cloudflare, Inc.
• OrgId: CLOUD14
• Address: 101 Townsend Street
• City: San Francisco
• StateProv: CA
• PostalCode: 94107
• Country: US
• RegDate: 2010-07-09
• Updated: 2021-07-01
• Ref: https://rdap.arin.net/registry/entity/CLOUD14
• OrgNOCHandle: CLOUD146-ARIN
• OrgNOCName: Cloudflare-NOC
• OrgNOCPhone: +1-650-319-8930
• OrgNOCEmail: noc@cloudflare.com
• OrgNOCRef: https://rdap.arin.net/registry/entity/CLOUD146-ARIN
• OrgAbuseHandle: ABUSE2916-ARIN
• OrgAbuseName: Abuse
• OrgAbusePhone: +1-650-319-8930
• OrgAbuseEmail: abuse@cloudflare.com
• OrgAbuseRef: https://rdap.arin.net/registry/entity/ABUSE2916-ARIN
• OrgRoutingHandle: CLOUD146-ARIN
• OrgRoutingName: Cloudflare-NOC
• OrgRoutingPhone: +1-650-319-8930
• OrgRoutingEmail: noc@cloudflare.com
• OrgRoutingRef: https://rdap.arin.net/registry/entity/CLOUD146-ARIN
• OrgTechHandle: ADMIN2521-ARIN
• OrgTechName: Admin
• OrgTechPhone: +1-650-319-8930
• OrgTechEmail: rir@cloudflare.com
• OrgTechRef: https://rdap.arin.net/registry/entity/ADMIN2521-ARIN
• RNOCHandle: NOC11962-ARIN
• RNOCName: NOC
• RNOCPhone: +1-650-319-8930
• RNOCEmail: noc@cloudflare.com
• RNOCRef: https://rdap.arin.net/registry/entity/NOC11962-ARIN
• RAbuseHandle: ABUSE2916-ARIN
• RAbuseName: Abuse
• RAbusePhone: +1-650-319-8930
• RAbuseEmail: abuse@cloudflare.com
• RAbuseRef: https://rdap.arin.net/registry/entity/ABUSE2916-ARIN
• RTechHandle: ADMIN2521-ARIN
• RTechName: Admin
• RTechPhone: +1-650-319-8930
• RTechEmail: rir@cloudflare.com
• RTechRef: https://rdap.arin.net/registry/entity/ADMIN2521-ARIN

Links to attack logs

****** ****** ******