104.25.3.113 Threat Intelligence and Host Information

General

This page contains threat intelligence information for the IPv4 address 104.25.3.113 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Possibly Malicious Host 🟢 10/100

Host and Network Information

• View other sources: Spamhaus VirusTotal

• Country: United States
• Network:
• Noticed: 1 times
• Protocols Attacked: Anonymous Proxy
• Passive DNS Results: whiteowlmedical.com shiftfestival.com www.fundeo.com lyra-bella.com simplyglobal.com creminelli.com community.uilicious.com www.parkcitykingscrown.com parkcitykingscrown.com www.vantailogivan.com vantailogivan.com movilix.com tcp.expert dev-nextlevel.targethiv.org nextlevel.targethiv.org cebacc.targethiv.org hivhealthliteracy.targethiv.org dev-hivhealthliteracy.targethiv.org www.careacttarget.org hivhealthliteracy.careacttarget.org nextlevel.careacttarget.org cebacc.careacttarget.org targethiv.org www.targethiv.org test-nextlevel.targethiv.org test-hivhealthliteracy.targethiv.org www.matthewswarts.com www.poppriceguide.com uilicious.com www.creminelli.com mangalivre.com poppriceguide.com trustthebum.com matthewswarts.com careacttarget.org freestone.uk fundeo.com minelist.kr yogaforbjj.net

Malware Detected on Host

Count: 8 b18cf5d65cd0ab0bec304782a6172df829db27abdd1f470ca1bf0c89bc0d1b38 9058b2bdd63b267bba6b542c3cc7d5a04360498a96905ffd44a81a69bab3f422 00dfc3aa5acb3ea69a9b3fb3819f8f62f13c78583bc32c8554a610e3b374d78f eb3c37887bcc855baf21686ccae90094a58195f6c499955f088950f3e3efeb4a 737a05ccedbed661f9efbc53a620fa87381f38f86b9ba337b4e4e6b73dda61bc b5591ba36a54e9513d866196a6ef373239a739b78d9a6ebe814b40a46110a4c0 bbe43cdd4b284d1ac70be07de2b2a12939f264d072fbee66616b68c72c52d34b d26161bc381625ade7fb51db987f2e69c244acc642911948b1507860e90fd3f9

Open Ports Detected

2082 2083 2086 2087 443 80 8080 8443 8880

Map

Whois Information

• NetRange: 104.16.0.0 - 104.31.255.255
• CIDR: 104.16.0.0/12
• NetName: CLOUDFLARENET
• NetHandle: NET-104-16-0-0-1
• Parent: NET104 (NET-104-0-0-0-0)
• NetType: Direct Allocation
• OriginAS: AS13335
• Organization: Cloudflare, Inc. (CLOUD14)
• RegDate: 2014-03-28
• Updated: 2024-09-04
• Comment: All Cloudflare abuse reporting can be done via https://www.cloudflare.com/abuse
• Comment: Geofeed: https://api.cloudflare.com/local-ip-ranges.csv
• Ref: https://rdap.arin.net/registry/ip/104.16.0.0
• OrgName: Cloudflare, Inc.
• OrgId: CLOUD14
• Address: 101 Townsend Street
• City: San Francisco
• StateProv: CA
• PostalCode: 94107
• Country: US
• RegDate: 2010-07-09
• Updated: 2024-11-25
• Ref: https://rdap.arin.net/registry/entity/CLOUD14
• OrgRoutingHandle: CLOUD146-ARIN
• OrgRoutingName: Cloudflare-NOC
• OrgRoutingPhone: +1-650-319-8930
• OrgRoutingEmail: noc@cloudflare.com
• OrgRoutingRef: https://rdap.arin.net/registry/entity/CLOUD146-ARIN
• OrgTechHandle: ADMIN2521-ARIN
• OrgTechName: Admin
• OrgTechPhone: +1-650-319-8930
• OrgTechEmail: rir@cloudflare.com
• OrgTechRef: https://rdap.arin.net/registry/entity/ADMIN2521-ARIN
• OrgNOCHandle: CLOUD146-ARIN
• OrgNOCName: Cloudflare-NOC
• OrgNOCPhone: +1-650-319-8930
• OrgNOCEmail: noc@cloudflare.com
• OrgNOCRef: https://rdap.arin.net/registry/entity/CLOUD146-ARIN
• OrgAbuseHandle: ABUSE2916-ARIN
• OrgAbuseName: Abuse
• OrgAbusePhone: +1-650-319-8930
• OrgAbuseEmail: abuse@cloudflare.com
• OrgAbuseRef: https://rdap.arin.net/registry/entity/ABUSE2916-ARIN
• RTechHandle: ADMIN2521-ARIN
• RTechName: Admin
• RTechPhone: +1-650-319-8930
• RTechEmail: rir@cloudflare.com
• RTechRef: https://rdap.arin.net/registry/entity/ADMIN2521-ARIN
• RNOCHandle: NOC11962-ARIN
• RNOCName: NOC
• RNOCPhone: +1-650-319-8930
• RNOCEmail: noc@cloudflare.com
• RNOCRef: https://rdap.arin.net/registry/entity/NOC11962-ARIN
• RAbuseHandle: ABUSE2916-ARIN
• RAbuseName: Abuse
• RAbusePhone: +1-650-319-8930
• RAbuseEmail: abuse@cloudflare.com
• RAbuseRef: https://rdap.arin.net/registry/entity/ABUSE2916-ARIN

Links to attack logs

anonymous-proxy-ip-list-2025-06-23 anonymous-proxy-ip-list-2025-06-22 anonymous-proxy-ip-list-2025-06-24