JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.21.3.212

104.21.3.212 was found in our database!

This IP was reported 13 times. Confidence of Abuse is 0%: ?

ISP	Cloudflare, Inc.
Usage Type	Content Delivery Network
ASN	AS13335
Domain Name	cloudflare.com
Country	🇺🇸 United States of America
City	San Francisco, California

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Important Note: 104.21.3.212 is an IP address from within our whitelist belonging to the subnet 104.16.0.0/13, which we identify as: "Cloudflare Reverse Proxy".

Whitelisted netblocks are typically owned by trusted entities, such as Google or Microsoft who may use them for search engine spiders. However, these same entities sometimes also provide cloud servers and mail services which are easily abused. Pay special attention when trusting or distrusting these IPs.

Report 104.21.3.212

Whois 104.21.3.212

IP Abuse Reports for 104.21.3.212:

This IP address has been reported a total of 13 times from 2 distinct sources. 104.21.3.212 was first reported on November 18th 2021, and the most recent report was 7 months ago.

Old Reports: The most recent abuse report for this IP address is from 7 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 duker19	2025-10-21 18:29:00 (7 months ago)	Associated cloud storage phishing spam	Phishing Web Spam Email Spam
Anonymous	2022-09-15 07:40:04 (3 years ago)	From: Health News Letters <[email protected]> Subject: New & Fast Fungus Destroyer Click ... show more From: Health News Letters <[email protected]> Subject: New & Fast Fungus Destroyer ClickBank/Kerassentials - Scamvertising – fake health news/testimonials – fraudulent subscription claim Received: from 168.235.226.254 (EHLO mta4.healthnewsletters.com) Maropost Header be4.maropost.com = 173.255.114.79 Google Message URL links.healthnewsletters.com = 35.228.129.105 Google – redirect BOT: - hop.clickbank.net = 35.163.29.19, 52.40.246.69, 44.240.181.170 Amazon - kerassentials.com = 104.21.55.153, 172.67.149.47 Cloudflare - vdlvry.com = 104.21.3.212, 172.67.131.53 Cloudflare - cdn.jsdelivr.net = 104.16.85.20, 104.16.86.20, 104.16.87.20, 104.16.88.20, 104.16.89.20 Cloudflare - cbtb.clickbank.net = 52.33.226.99, 35.83.195.234 Amazon Ref Health Newsletters Inc. 3857 Birch Street #940, Newport Beach, California 92610, USA Ref Click Sales Inc 1444 South Entertainment Ave, Suite 410, Boise, Idaho, 83709 Ref Kerassentials 19655 E 35th Dr #100, Aurora CO 80011 show less	Fraud Orders Phishing Web Spam Email Spam Bad Web Bot
Anonymous	2022-07-06 13:11:34 (3 years ago)	From: Medicine And Herbs <[email protected]> FAKE HEALTH NEWS COLLUSION - common SendGrid I ... show more From: Medicine And Herbs <[email protected]> FAKE HEALTH NEWS COLLUSION - common SendGrid ISP – fraudulent alias du jour - illicit e-mail harvesting/sharing – clkmg.com click tracking 1) familywellnessguardian.com 5 W Mendenhall St Suite 202, Bozeman, MT 59715 2) Wisdomofhealthylife.com 3232 McKinney Ave Suite 500, Dallas, TX 75204 3) MedicineAndHerbs.com 675 Ponce De Leon Ave NE Suite 7500, Atlanta, GA 30308 4) ItIsMoreThanHealth.com 84 Peachtree St, Atlanta, GA 30303 MyCosynPro/ClickBank scamvertising Received: from 192.254.114.197 (EHLO chfztncr.outbound-mail.sendgrid.net) Spam link t03.mailsrv-e.com - redirect: www.ssltrxhllth.com, www.clkmg.com, hop.clickbank.net, lhop.clickbank.net, cbtb.clickbank.net, mycosynpro.com, vdlvry.com, mycosyn.pay.clickbank.net, app.remarkety.com show less	Fraud Orders Phishing Web Spam Email Spam Hacking Bad Web Bot Exploited Host
Anonymous	2022-06-20 09:31:08 (3 years ago)	From: Medicine And Herbs <[email protected]> Unsolicited fake health news – FoliPrime/BuyGo ... show more From: Medicine And Herbs <[email protected]> Unsolicited fake health news – FoliPrime/BuyGoods.com Received: from 192.254.114.197 (EHLO chfztncr.outbound-mail.sendgrid.net) Spam link t03.mailsrv-e.com – redirects: app.remarkety.com, www.ssltrxhllth.com, www.clkmg.com, medicineandherbs.com, thefoliprime.com, vdlvry.com, tracking.buygoods.com, buygoods.com, display.buygoods.com Entity/address not found: Copyright © 2022 MedicineAndHerbs.com, 675 Ponce De Leon Ave NE Suite 7500, Atlanta, GA 30308 Entity reference: "medicineandherbs.com" - Namecheap Whois verification pending – "domain has been suspended" show less	Fraud Orders Phishing Web Spam Email Spam Bad Web Bot Exploited Host
Anonymous	2022-03-16 15:19:00 (4 years ago)	From: … <[email protected]> Primal Grow Pro/Digistore24 scamvertising/phishing – fake ED news/test ... show more From: … <[email protected]> Primal Grow Pro/Digistore24 scamvertising/phishing – fake ED news/testimonials - repetitive scammer address, no entity: 1806 Summit Ave 325, Richmond, Virginia 23230 UBE 89.144.16.149 (EHLO jgrq.sharktank2022.club) Header sharktank2022.club = 89.144.15.50 GHOSTnet GmbH Header bllackfriday.store = 85.93.27.249 GHOSTnet GmbH Spam link giftted.duckdns.org = 199.231.188.107 Interserver Inc – redirects: - www.biggvalues.com = 70.37.99.62 Microsoft - www.digistore24.com = 35.244.212.226 Google - primalgrowpro24.com = 104.21.22.201, 172.67.206.232 Cloudflare - vdlvry.com = 104.21.3.212, 172.67.131.53 Cloudflare - unsub: www.fourfootwheel.com = 20.72.223.126 Microsoft - maxcdn.bootstrapcdn.com = 104.18.10.207, 104.18.11.207 Cloudflare show less	Fraud Orders Phishing Web Spam Email Spam Bad Web Bot
Anonymous	2022-03-14 15:22:28 (4 years ago)	From: … <[email protected]> Primal Grow Pro/Digistore24 scamvertising/phishing – fake ED news/test ... show more From: … <[email protected]> Primal Grow Pro/Digistore24 scamvertising/phishing – fake ED news/testimonials - repetitive scammer address, no entity: 1806 Summit Ave 325, Richmond, Virginia 23230 UBE 89.144.29.22 (EHLO z5pd.sharktank2022.club) GHOSTnet GmbH Header sharktank2022.club = 89.144.15.50 GHOSTnet GmbH Header bllackfriday.store = 85.93.27.249 GHOSTnet GmbH Spam link giftted.duckdns.org = 199.231.188.107 Interserver Inc – redirects: - www.biggvalues.com = 70.37.99.62 Microsoft - www.digistore24.com = 35.244.212.226 Google - primalgrowpro24.com = 104.21.22.201, 172.67.206.232 Cloudflare - vdlvry.com = 104.21.3.212, 172.67.131.53 Cloudflare - unsub: www.fourfootwheel.com = 20.72.223.126 Microsoft - maxcdn.bootstrapcdn.com = 104.18.10.207, 104.18.11.207 Cloudflare show less	Fraud Orders Phishing Web Spam Email Spam Bad Web Bot
Anonymous	2022-02-15 07:15:17 (4 years ago)	From: Clearly Healthy <[email protected]> Memo Defend/ClickBank – fake health news/testimo ... show more From: Clearly Healthy <[email protected]> Memo Defend/ClickBank – fake health news/testimonials – fraudulent subscription claim UBE 162.247.115.102 (EHLO mta5102.mp2201.com) = Cartero Holdings Inc./MAROPOST-NETWORK Header be3.maropost.com = 173.255.114.79 Google Header clearlyhealthy.net = 209.85.144.26, 64.233.186.25, 209.85.203.26, 142.250.27.26 Google Spam link links.clearlyhealthy.net – redirects: go.offerwave.org, ppatriot2.memodef.hop.clickbank.net, cbtb.clickbank.net, memodefend.com, vdlvry.com, memodef.pay.clickbank.net, js-agent.newrelic.com Spam link cdn-m4m.chd01.com Reference addresses: ClickBank 1444 S Entertainment Ave Suite 410, Boise ID 83709 No entity: 1712 Pioneer Ave., Ste. 2035 Cheyenne, WY 82001 (per BBB: Patriot Publishing LLC) show less	Fraud Orders Phishing Web Spam Email Spam Bad Web Bot
Anonymous	2022-01-06 08:10:47 (4 years ago)	From: Hair Loss <[email protected]> Repetitive Restolin/BuyGoods fake health testimonial ... show more From: Hair Loss <[email protected]> Repetitive Restolin/BuyGoods fake health testimonials/phishing - blacklisted redirect URL www.therblights.com - click tracking UBE 91.211.246.240 (EHLO dmvp.siteuptime.club) UAB ESNET Header SPF dmvp.siteuptime.club = ditto Spam link dmvp.siteuptime.club – redirects: www.therblights.com, therestolin.com, vdlvry.com, www.buygoods.com, tracking.buygoods.com, go.maxweb.com, unsub: www.twostringwire.com, maxcdn.bootstrapcdn.com, ds2r9mr2r4h38.cloudfront.net, api.optoutsystem.com show less	Fraud Orders Phishing Web Spam Email Spam Bad Web Bot
Anonymous	2022-01-05 09:19:46 (4 years ago)	From: Natural Vertigo Solution <[email protected]> Claritox Pro/BuyGoods fake health testi ... show more From: Natural Vertigo Solution <[email protected]> Claritox Pro/BuyGoods fake health testimonials/phishing – blacklisted redirect URL www.therblights.com - click tracking UBE 89.144.45.222 (EHLO deal.dealsmail.xyz) GHOSTnet GmbH Header SPF deal.dealsmail.xyz = ditto Spam link deal.dealsmail.xyz – redirects: www.therblights.com, theclaritox.com, vdlvry.com, www.buygoods.com, display.buygoods.com, tracking.buygoods.com Spam link fideliti.xyz = 5.39.219.202 Hostkey BV show less	Fraud Orders Phishing Web Spam Email Spam Bad Web Bot
Anonymous	2021-11-29 16:53:10 (4 years ago)	Spam link bit.ly/3DpTD0B -> www.stockersit.com, therestolin.com, vdlvry.com, display.buygoods.com, w ... show more Spam link bit.ly/3DpTD0B -> www.stockersit.com, therestolin.com, vdlvry.com, display.buygoods.com, www.buygoods.com, go.maxweb.com From: Stop Hair Loss <[email protected]> Health scamvertising – Restolin/Buygoods UBE 89.144.14.71 (EHLO pm5t.hotdealls.xyz) GHOSTnet GmbH Header SPF hotdealls.xyz = 85.93.6.204 IP Interactive Spam link -> www.twostringwire.com -> maxcdn.bootstrapcdn.com, ds2r9mr2r4h38.cloudfront.net, api.optoutsystem.com Spam link - dealss.duckdns.org show less	Fraud Orders Phishing Web Spam Email Spam Bad Web Bot
Anonymous	2021-11-24 08:29:05 (4 years ago)	From: Stop Hair Loss <[email protected]> Health scamvertising – Restolin/Buygoods UBE 89.144 ... show more From: Stop Hair Loss <[email protected]> Health scamvertising – Restolin/Buygoods UBE 89.144.16.145 (EHLO oh48.hotdealls.xyz) GHOSTnet GmbH Header SPF hotdealls.xyz = 85.93.6.204 IP Interactive Spam link bit.ly/3DpTD0B = 67.199.248.10, 67.199.248.11 Bitly – redirects: - www.stockersit.com = 89.43.30.26 Netinternet Bilisim Teknolojileri AS - therestolin.com = 104.21.2.8, 172.67.186.200 Cloudflare - vdlvry.com = 104.21.3.212, 172.67.131.53 Cloudflare - www.buygoods.com = 172.66.43.115, 172.66.40.141 Cloudflare - display.buygoods.com = ditto - go.maxweb.com = 172.66.43.113, 172.66.40.143 Cloudflare Spam link www.twostringwire.com = 40.64.49.241 Microsoft – tracking: - maxcdn.bootstrapcdn.com = 104.18.10.207, 104.18.11.207 Cloudflare - ds2r9mr2r4h38.cloudfront.net = 18.67.79.45, 18.67.79.65, 18.67.79.86, 18.67.79.213 Amazon - api.optoutsystem.com = 52.26.140.116, 54.149.225.160, 52.34.249.254 Amazon Spam link dealss.duckdns.org = 199.231.188.170 Interserver Inc. show less	Fraud Orders Phishing Web Spam Email Spam Bad Web Bot
Anonymous	2021-11-22 17:44:29 (4 years ago)	From: Stop Hair Loss <[email protected]> health scamvertising Restolin/BuyGoods UBE 85.93. ... show more From: Stop Hair Loss <[email protected]> health scamvertising Restolin/BuyGoods UBE 85.93.3.18 (EHLO completee.co.uk) GHOSTnet GmbH Header Reply-To: <[email protected]> = ditto Spam link bit.ly/3DpTD0B = 67.199.248.10, 67.199.248.11 Bitly – redirects: - www.stockersit.com = 89.43.30.26 Netinternet Bilisim Teknolojileri AS - therestolin.com = 104.21.2.8, 172.67.186.200 Cloudflare - vdlvry.com = 104.21.3.212, 172.67.131.53 Cloudflare - www.buygoods.com = 172.66.43.115, 172.66.40.141 Cloudflare - display.buygoods.com = ditto - go.maxweb.com = 172.66.43.113, 172.66.40.143 Cloudflare Spam link www.twostringwire.com = 40.64.49.241 Microsoft – tracking: - maxcdn.bootstrapcdn.com = 104.18.10.207, 104.18.11.207 Cloudflare - ds2r9mr2r4h38.cloudfront.net = 18.67.79.45, 18.67.79.65, 18.67.79.86, 18.67.79.213 Amazon - api.optoutsystem.com = 52.26.140.116, 54.149.225.160, 52.34.249.254 Amazon Spam link offersdeals.duckdns.org = 199.231.188.170 Interserver Inc. show less	Fraud Orders Phishing Web Spam Email Spam Bad Web Bot
Anonymous	2021-11-18 18:04:50 (4 years ago)	From: Stop Hair Loss <[email protected]> fake health testimonials Restolin - RU/BuyGoods scam ... show more From: Stop Hair Loss <[email protected]> fake health testimonials Restolin - RU/BuyGoods scamvertising UBE 85.93.12.143 (EHLO j8su.completee.co.uk) GHOSTnet GmbH Header Reply-To: <[email protected]> = 85.93.3.18 GHOSTnet GmbH Spam link bit.ly/3DpTD0B = 67.199.248.10, 67.199.248.11 Bitly – redirects: - www.stockersit.com = 89.43.30.26 Netinternet Bilisim Teknolojileri AS - therestolin.com = 104.21.2.8, 172.67.186.200 Cloudflare - vdlvry.com = 104.21.3.212, 172.67.131.53 Cloudflare - www.buygoods.com = 172.66.43.115, 172.66.40.141 Cloudflare - display.buygoods.com = ditto - go.maxweb.com = 172.66.43.113, 172.66.40.143 Cloudflare Spam link www.twostringwire.com = 40.64.49.241 Microsoft – tracking: - maxcdn.bootstrapcdn.com = 104.18.10.207, 104.18.11.207 Cloudflare - ds2r9mr2r4h38.cloudfront.net = 18.67.79.45, 18.67.79.65, 18.67.79.86, 18.67.79.213 Amazon - api.optoutsystem.com = 52.26.140.116, 54.149.225.160, 52.34.249.254 Amazon Spam link offersdeals.duckdns.org = 199.231.188.170 show less	Fraud Orders Phishing Web Spam Email Spam Bad Web Bot

Showing 1 to 13 of 13 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇧🇪 198.235.24.201

🇲🇽 187.190.35.163

🇺🇸 104.248.51.185

🇱🇺 44.161.88.208

🇺🇸 44.158.219.127

🇨🇭 209.99.189.138

🇨🇳 175.6.54.21

🇺🇸 165.154.182.212

🇺🇸 156.229.21.54

🇸🇪 155.212.110.173

🇺🇸 147.185.132.136

🇺🇸 142.251.151.1

🇺🇿 84.54.70.108

🇱🇹 81.30.98.158

🇩🇪 65.111.28.252

🇳🇱 46.151.178.13

🇺🇸 44.113.226.116

🇺🇸 18.234.174.22

🇰🇷 211.53.58.10

🇭🇰 199.45.154.191