104.21.95.244 Threat Intelligence and Host Information

Jan 11, 2024 ipinfopage

General

This page contains threat intelligence information for the IPv4 address 104.21.95.244 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Potentially Malicious Host 🟡 32/100

Host and Network Information

Mitre ATT&CK IDs: T1059 - Command and Scripting Interpreter
Tags: 0x104, 0x11a, 0x12b, 0x14a, 0x14e, 0x228, 0x97, 0xc6, 0xe1, 0xf5, aafunction, afunction, android, april, array, array int8array, b1342177279, bad event, bad idp, child, class, closure library, cnzzdata, copyright, crios, customevent, czuuid, dafunction, date, edge, element, embed, error, fafafa, function, gc, gc3w7t6h5qw, gtmmdcvhgd, ienew ca, iframe, internal, invalid attempt, kafunction, kfunction, kkfunction, lh, meta, mit license, most, nkfunction, node, null, number, object, overlaylevel, p420, path, pseudo, public, qkfunction, quota, reduceright, regexp, rkfunction, sdkversion, skfunction, span, string, swiper, sxa0, symbol, template, this, trackevent, trackpageview, trident, typeerror, typeof, typeof b, typeof d, typeof define, typeof e, typeof enulle, typeof n, typeof r, typeof symbol, typeof t, ufunction, uint8array, umdistinctid, vd, version, void, win32, xlfunction, zdhxiong
View other sources: Spamhaus VirusTotal

Country:
Network: AS13335 cloudflare
Noticed: 1 times
Protcols Attacked: SSH
Passive DNS Results: walnutfurnitureassembly.us midzuteca.tk shop-rosaselvagem.com aggravatedunlicensedoperation.com rdytltrts.com sittersconnect.com sjzztbz.com alfademoscopia.com beichqitesdy7he.com divinegiftcollection.com oe24-zeitschrift.net kiwifilms.ca shefcloud.top vitalvirtuehub.com old.kilichosting.com questlog.vtt.quest westmarchesdev.vtt.quest jlebjce.com 30916886.com.cdn.cloudflare.net pusatjudionline777.info newdresssale.com eyiran1-eyiran2-eyiran3.eyiran1-eyiran2-eyiran3.sbs delegatetokens.xyz exagonlarcep.com xoohw.info privacy-terms-services-id-141979.78965468-ai-chatbot.com www.niyofoxgames.com jest-spoko.pl servercdn933.fun nqcoeqrabe.buzz iudsywbnfa.best kleveringuk.com emaugo.site cineblog01.monster heleenbosma.nl rajamasslot.enginesoft.com.au in-voguelaser.com sharadmadan.in hjkaisuo.site 78965468-ai-chatbot.com lola-frutos-secos.qrm.ar privacy-terms-services-id-842324.78965468-ai-chatbot.com vless-vpn.mengqingguo120.workers.dev jeparabro.info jetera.info cookieook.com ninama1.com bola-slot-casino.enginesoft.com.au multifly-yggdrasil.enginesoft.com.au top-up-slot-machine.enginesoft.com.au bali-win-slot.enginesoft.com.au joker-slot-bonus-100.enginesoft.com.au zulubet.enginesoft.com.au slot-maxwin-terbaru.enginesoft.com.au coconut-338-slot.enginesoft.com.au jos889-slot.enginesoft.com.au rtp-asiabet118.enginesoft.com.au cuan368-login.enginesoft.com.au agen-taruhan-bola88-terbaik.enginesoft.com.au slot-dragon222.enginesoft.com.au linktree-murah4d.enginesoft.com.au situs-slot-olympus-anti-rungkad.enginesoft.com.au totogaul.lol huateng98.com free-window-replacement-programs.today solarixus.site cinemaviews.sbs ppg45.bet renhehaoche.com hwmonitorfree.com asli-7777-slot.enginesoft.com.au free-casino-sites.enginesoft.com.au zbet.zone socialprofit.vip pinapbonanza.click webdev.addaxcrm.com fapalbum.com yjnpu1.xyz maltepeescortsite.com dentalimplantslearn.today cursoaulavirtual.com yl2266.com rtp-betfordeal.enginesoft.com.au mesin-mpo-login.enginesoft.com.au buzz-slots.enginesoft.com.au kapital-slot.enginesoft.com.au tunzamunni.enginesoft.com.au pinjaman-500-ribu-langsung-cair-tanpa-ribet.enginesoft.com.au data-togel-hongong-2018.enginesoft.com.au qjbqjb.xyz sexiestgirlz.com nnviinzin.site qcus332.click tvchaks23.store eglxrpw.info wlsahfldkdldnfjr.com balloonsculptmasters.today beauoutfitters.shop radiantloop.shop mybalticart.com nitflix.xyz leon-zerkalo6600.xyz clubluck.online rtpslot367.xyz lakfiopr.com fast-ciena.com car-electric-finder-de.today cozyinnsworld.com mranonline.online babyshopmax.com uptech.fun wanadds1.click hearing-aid-prices-343.today netspor76.site gtrtoto3.com os-unityroom-com.naichilab.workers.dev bcompo.xyz cbvljgcf.top sukabetvip.pics petshoptrade.com it.leasedealgroup.com vppcha.cn eifsd.live uplaygame.com smtp.syswellness.in recipedeli.com app-bitinauts.com flowerdeliverynottinghill.co.uk bed-sheets-best-offers.today xn–6i4burs1i12cv5w.com bz605.top ahm2dvi.monster darknightstich.fun anniversary-lido.org plinkogivememoreballs.store cdek-onlinepay.online dedistreams.com tazzcreation.com shopdre24.shop meriahterjangkau.shop telefonos-express-linea.cfd turkeyallsliv.com tekoslot.info stonlo.us hearingaids-23.today cmpstone.com bkleon9.online ca-tomford.com qr77pokerdom.xyz dentalimplants20.today flamegeuss.com www.srttekstil.net e-commercesoftwares.com careforclient.com arcadeflux.com 3y6p.vip mi77vip.club 777clubvulkany9.xyz mygiftcardmallbo.one fatburnbelgie.com 4youtop.site masuksabatoto.com charlesdavid.us young-4ever-vip.top zerkb.com bagsandpursesshop.com ecowavejourney.fun daftarnaga188.com clothingccf.com putarancuan11.site grabacomfor.online touch-space.com guncelgiris93820.shop abenop.online minutonacozinha.com mixrosoft-recovery.com mybestshopper.net limnal.ai hyvhjfdetnkthbj.boats gk-stroi24.online canal-tele-consultas.buzz hlsjwogq.com gamexoxos.com aaamentalhealth.org admlni-bookling.com yomshop.top indefinedbox.com nicholelshirley.xyz selldeviation.top sparkshop.fun toptoolsonsell.com www.meenakshigroup.in www.fluconazole.sbs shedsavvy.com turbobound.com ctv-new.com naj-casino.com www.gloriaplay724.com hello-world-royal-zl2.mobiletyreshop.workers.dev theorphic.ae lancashiredecorator.co.uk movers4dallas.com artbug.top zinvolgenieten.nl www.paraboardssales.com paraboardssales.com seatexcite.com sabaytalk.com giftawayc.homes onlymiguel.com pammbits.club butpathetic.top titansecure.co.za rsite.shop open-a-bank-account-search.today vfx.vtt.quest hello-world-billowing-union-724b.jssbzg.workers.dev daniellebarros.com.br legzocasino-info.com qrm.ar www.qrm.ar smtp.qrm.ar pop.qrm.ar ftp.qrm.ar 18mo09.top aikawarazu4.click workfromhomeewsd.today betking88slot.online kitdouble.top theomulmorrscafriasay.ml 29860fir.com upup.ggddup.workers.dev locallover.site leadcsahfrre.xyz forgetful-flavor.shop rontoinvestment.net hoqryhmgookkwl.com nsbbankh.top vegoltv739.com ylyoueryuan12.buzz nwfrighjwy.com www.cb-stock.com tidy.cb-stock.com dramacool7.pro www.jadescott.com academicsuccess.blog jufangchan.com ritetheatre.com tgauthorization.website ok-xxx.ru ovh.woiden.cf emlakvgri.net ru8xfvjr.cfd slidenirvana.com octa-corp.com expressivelypassionate.com 19.cc prawozatrudnienie.space hello-world-royal-zl1.mobiletyreshop.workers.dev fbleu.club collingdaledentist.com 1wntne.top fqw-ventures.sbs salesfenders.com nailsalonhyannis.com takenz.store blackrockrealty.ltd urgentclasswork.com airports-parking-zone.com shannonsbaxter.bio bealsinckronos.net bici-bike.com oznachil.online clgregre.click dirrection.com speed.pate.ir immobilienbewertung-alsdorf.de lanvinmgir.pw mjzdhkh.pics happy-feast.lat ketodamyva245.cloud cb-stock.com fedora.martysworld.net cdnserver.pate.ir pro.pate.ir sypkrakow.pl plexmon.martysworld.net portainer2.martysworld.net backup.martysworld.net casacontemporaneo.com.mx 017ld.cn qc9z.uk a456yh.com test-blog.thangved.com www.estrateciacerta.online izzicasinokz.site shrill-rain-0c3e.1acbc4c4dadguard-dnscom.workers.dev mako3377.1acbc4c4dadguard-dnscom.workers.dev 1acbc4c4dadguard-dnscom.1acbc4c4dadguard-dnscom.workers.dev findyourpivot.com vaporbxrwi.xyz meilihui88.xyz vmware.martysworld.net www.filmeart.com rohrreinigung-wetter-24.de techsafeelectronicrecyclers.com ryajunwzkc.lackinqvgm.site www.young-4ever-vip.top rtaiz.info universalmedicalgroupnmb.com tarotmastery.top 187and156.com 1vmp.com editor.thangved.com tools.thangved.com ctdl.thangved.com nthvac.com www.enweistartup.com dagchads.com gogofishingin.com livekhobor.com suttieschoolofdance.co.uk www.loteriasdominicana.com.do api.forms.thangved.com bestweb.my.id 2948h.com www.maissaudepravoce.shop status.giltec.io giltec.io titantakeover.com hgtkuk.xyz ac-profit-vrn.ru locate-device-maps.us vip-usps.xyz byocjxnh.store gypctwfzav.lackinqvgm.site thangved.com coolsculptingglobal.life 8stvnp8kmosl.shop 915areacode.com novia-it.com ischerpal.top emersonlam.com cp.charteredcar.ae mcinetcdn.pate.ir email.charteredcar.ae kilichosting.com mcifinland.pate.ir cdn.podonair.me avatar.podonair.me podonair.me uzonline.site camillesfez.com millermemorialchapel.com follaero.com require.ggddup.workers.dev gloriaplay724.com www.nyasiancovergirl.com onesolution.email georgelennieab.com xbdjrs.store plxtwjqayn.lackinqvgm.site cursosonlane.online www.laboutiquedutraceur.fr laboutiquedutraceur.fr maksitelksmltm.com reyhan.gen.tr nexirent.link uf.thezdorovo.com hsvpn.hxue.top filo.nexirent.link happycones.store joodexpress.com mygiftcardmallj.com loydecalixtocorretora.com.br www.loydecalixtocorretora.com.br whm.kilichosting.com rfddzjq.xyz www.discoverymachine.com hrfxdwgyoi.lackinqvgm.site shooty.it reproxy.wenyin.workers.dev alqabooscapitalsgroup.com www.rulesdev.xyz rulesdev.xyz maissaudepravoce.shop bakery-swap.co cp.messeenger.thangved.com cornstownhouse.com www.maxbetslots-wb2.top nameless-poetry-ac1d.skyfall-before-glorious.workers.dev winter-fire-8651.skyfall-before-glorious.workers.dev macys-pt.com goscore.it querlichsecdiatras.ml discoverymachine.com www.ultimateapparelstore.com brincabeleza.com www.baccaratcorp.com baccaratcorp.com delamerelodge.com websocket.messeenger.thangved.com squawerem.tk lively-hat-ymx.mobiletyreshop.workers.dev 411rent.com blur.press lamellukhi.lackinqvgm.site spectrastudio.net zachess.com bk-info-7159.website proud-shape-2daf.darkevil.workers.dev procursosedubsb.com.br immomediamucde.store store.google-app.workers.dev alr-ajhi-web.cc tinit.com.br limaciwvmg.lackinqvgm.site vavada15.site natropiepolski.pl thecapitalsolution.co chococoeur.cz freenode.firetooth2.workers.dev controversial.my.id reg.firetooth2.workers.dev psiuacolhimento.com.br ct.ggddup.workers.dev fdhdrwe.cfd turystyka-pst.pl www.babw.xyz 90phut79.online umoes.top cumoba.gq soundbooth-theater.com calisabanmeto.tk misaka.mm.am preprod.laboutiquedutraceur.fr pixels.reveladordetraicao.com.br hardingspring.bio unionorg.sa.com www.alinwelch.com alinwelch.com frigidqbld.lackinqvgm.site 8xgh.tk www.pilotpb.com webstoreusa.net rymawao.fun erusdachdapi.gq rustacarcuba.com reydescargas.com caoliu.bet loteriasdominicana.com.do estrateciacerta.online vns1688-bevv68-bewv843.live me4l.mehdi-bakrani4415.workers.dev old-king-0ec2.mehdi-bakrani4415.workers.dev yellow-firefly-9257.mehdi-bakrani4415.workers.dev empty-mode-e34c.mehdi-bakrani4415.workers.dev www.bounties.sa groupszoe.buzz dropsclot.com fenomenbet596.com sab.martysworld.net sonarr.martysworld.net silk-tee.com enweistartup.com dyngamesstudio.xyz lsaccessacademy.co.uk staging.altadamp.com realirdovf.lackinqvgm.site skinenesel.tk vbogpk.xyz kadeswara.com aqwuiewer.buzz jalshamoviezhd.cloud portainer.martysworld.net www.wtmzxincmehcv.club haber-menderes.xyz lmtokeno.cyou honeydue.app mofassal.com xiangjifu.com www.camillesfez.com oqujubowu.za.com test.gtm.babw.xyz embarrcbll.lackinqvgm.site kokoartist.com virtualedufair.org semaglutied.co.uk ultimateapparelstore.com dydxgames.com filebrowser.thebonfire.ca littleweedz.com wizja.click api.pate.ir fxfx155.com cook.link toilandtrouble.com.au testdomainnowsunday.today cdn-goto.degankena.com recwatertec.com

Open Ports Detected

2082 2083 2086 2087 2096 443 80 8080 8443 8880

Map

Whois Information

NetRange: 104.16.0.0 - 104.31.255.255
CIDR: 104.16.0.0/12
NetName: CLOUDFLARENET
NetHandle: NET-104-16-0-0-1
Parent: NET104 (NET-104-0-0-0-0)
NetType: Direct Allocation
OriginAS: AS13335
Organization: Cloudflare, Inc. (CLOUD14)
RegDate: 2014-03-28
Updated: 2021-05-26
Comment: All Cloudflare abuse reporting can be done via https://www.cloudflare.com/abuse
Ref: https://rdap.arin.net/registry/ip/104.16.0.0
OrgName: Cloudflare, Inc.
OrgId: CLOUD14
Address: 101 Townsend Street
City: San Francisco
StateProv: CA
PostalCode: 94107
Country: US
RegDate: 2010-07-09
Updated: 2021-07-01
Ref: https://rdap.arin.net/registry/entity/CLOUD14
OrgRoutingHandle: CLOUD146-ARIN
OrgRoutingName: Cloudflare-NOC
OrgRoutingPhone: +1-650-319-8930
OrgRoutingEmail: noc@cloudflare.com
OrgRoutingRef: https://rdap.arin.net/registry/entity/CLOUD146-ARIN
OrgTechHandle: ADMIN2521-ARIN
OrgTechName: Admin
OrgTechPhone: +1-650-319-8930
OrgTechEmail: rir@cloudflare.com
OrgTechRef: https://rdap.arin.net/registry/entity/ADMIN2521-ARIN
OrgNOCHandle: CLOUD146-ARIN
OrgNOCName: Cloudflare-NOC
OrgNOCPhone: +1-650-319-8930
OrgNOCEmail: noc@cloudflare.com
OrgNOCRef: https://rdap.arin.net/registry/entity/CLOUD146-ARIN
OrgAbuseHandle: ABUSE2916-ARIN
OrgAbuseName: Abuse
OrgAbusePhone: +1-650-319-8930
OrgAbuseEmail: abuse@cloudflare.com
OrgAbuseRef: https://rdap.arin.net/registry/entity/ABUSE2916-ARIN
RNOCHandle: NOC11962-ARIN
RNOCName: NOC
RNOCPhone: +1-650-319-8930
RNOCEmail: noc@cloudflare.com
RNOCRef: https://rdap.arin.net/registry/entity/NOC11962-ARIN
RAbuseHandle: ABUSE2916-ARIN
RAbuseName: Abuse
RAbusePhone: +1-650-319-8930
RAbuseEmail: abuse@cloudflare.com
RAbuseRef: https://rdap.arin.net/registry/entity/ABUSE2916-ARIN
RTechHandle: ADMIN2521-ARIN
RTechName: Admin
RTechPhone: +1-650-319-8930
RTechEmail: rir@cloudflare.com
RTechRef: https://rdap.arin.net/registry/entity/ADMIN2521-ARIN

Links to attack logs

****** ****** ******

Share on: