104.25.96.5 Threat Intelligence and Host Information

General

This page contains threat intelligence information for the IPv4 address 104.25.96.5 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Possibly Malicious Host 🟢 10/100

Host and Network Information

• View other sources: Spamhaus VirusTotal

• Country: United States
• Network:
• Noticed: 1 times
• Protocols Attacked: Anonymous Proxy
• Passive DNS Results: 4g.hsrmzs.cn m.hsrmzs.cn ios.hsrmzs.cn web.hsrmzs.cn wap.hsrmzs.cn coozein.com www.online.juliacatcalo.com cdn.dayvo.com www.online.365done.ru online.365done.ru test-challenge.365done.ru www.cotavw.com.br my.365done.ru test-online.juliacatcalo.com test.365done.ru test-web.365done.ru www.chatterstudios.com gelicprime.com.br www.delraw.com mosmatic.com juliacatcalo.com acs-web.com timeoffcloud.net cotavw.com.br www.mosmatic.com thecreditreview.com www.coozein.com dayvo.com 365done.ru trudi.com accademia.potoccospa.com buzzflare.com dev.potoccospa.com potoccospa.com kickerdaily.com potocco.potoccospa.com blog.dayvo.com www.fabthemes.com delraw.com kneebracesnow.com crb45.com www.kickerdaily.com www.dayvo.com chatterstudios.com webmail.dayvo.com m.kickerdaily.com naijatechguide.com fabthemes.com www.trudi.com demo.fabthemes.com ke.naijatechguide.com www.grabmore.com.au www.naijatechguide.com ng.naijatechguide.com news.naijatechguide.com www.potoccospa.com clienti.potoccospa.com

Malware Detected on Host

Count: 17 ddf9afcfc233356de6772929b6c6829d30207d991cb431616babb1754d0e472e db05a9e2cb7ae58d7dd828385f006c7683673d120459569d0eb9391053c3f620 9058b2bdd63b267bba6b542c3cc7d5a04360498a96905ffd44a81a69bab3f422 fdfcb75075f95a4458e9003deb0c505c1e059f83ba74e67f6bfba02f271d838b ffce3a027191888d44de16e546429396c49dbe6fd7bd7caba8512a65f5686296 af2de07aabb5cb1dd7523baf324badc99820a30db6a480bbba5c995d473f6bc9 288c5039d51fd1fe34cf26190fe2aeb0bafbbf8e60af7044e96ad10537a8d7d9 d390bac41227c7a6ee62241d17d7786ce7d626718ab3d555f10f4d3d7967d81c 2afe2f10ff2a0636a1c20b84b1f4325aa646dee104cad299385efd1616d88664 afbc0cd6bcde9e837bcbbb71630859184e3fb9325312d937c72ab8216509e74b

Open Ports Detected

2053 2082 2083 2087 2095 443 80 8080 8443 8880

Map

Whois Information

• NetRange: 104.16.0.0 - 104.31.255.255
• CIDR: 104.16.0.0/12
• NetName: CLOUDFLARENET
• NetHandle: NET-104-16-0-0-1
• Parent: NET104 (NET-104-0-0-0-0)
• NetType: Direct Allocation
• OriginAS: AS13335
• Organization: Cloudflare, Inc. (CLOUD14)
• RegDate: 2014-03-28
• Updated: 2024-09-04
• Comment: All Cloudflare abuse reporting can be done via https://www.cloudflare.com/abuse
• Comment: Geofeed: https://api.cloudflare.com/local-ip-ranges.csv
• Ref: https://rdap.arin.net/registry/ip/104.16.0.0
• OrgName: Cloudflare, Inc.
• OrgId: CLOUD14
• Address: 101 Townsend Street
• City: San Francisco
• StateProv: CA
• PostalCode: 94107
• Country: US
• RegDate: 2010-07-09
• Updated: 2024-11-25
• Ref: https://rdap.arin.net/registry/entity/CLOUD14
• OrgRoutingHandle: CLOUD146-ARIN
• OrgRoutingName: Cloudflare-NOC
• OrgRoutingPhone: +1-650-319-8930
• OrgRoutingEmail: noc@cloudflare.com
• OrgRoutingRef: https://rdap.arin.net/registry/entity/CLOUD146-ARIN
• OrgTechHandle: ADMIN2521-ARIN
• OrgTechName: Admin
• OrgTechPhone: +1-650-319-8930
• OrgTechEmail: rir@cloudflare.com
• OrgTechRef: https://rdap.arin.net/registry/entity/ADMIN2521-ARIN
• OrgNOCHandle: CLOUD146-ARIN
• OrgNOCName: Cloudflare-NOC
• OrgNOCPhone: +1-650-319-8930
• OrgNOCEmail: noc@cloudflare.com
• OrgNOCRef: https://rdap.arin.net/registry/entity/CLOUD146-ARIN
• OrgAbuseHandle: ABUSE2916-ARIN
• OrgAbuseName: Abuse
• OrgAbusePhone: +1-650-319-8930
• OrgAbuseEmail: abuse@cloudflare.com
• OrgAbuseRef: https://rdap.arin.net/registry/entity/ABUSE2916-ARIN
• RTechHandle: ADMIN2521-ARIN
• RTechName: Admin
• RTechPhone: +1-650-319-8930
• RTechEmail: rir@cloudflare.com
• RTechRef: https://rdap.arin.net/registry/entity/ADMIN2521-ARIN
• RNOCHandle: NOC11962-ARIN
• RNOCName: NOC
• RNOCPhone: +1-650-319-8930
• RNOCEmail: noc@cloudflare.com
• RNOCRef: https://rdap.arin.net/registry/entity/NOC11962-ARIN
• RAbuseHandle: ABUSE2916-ARIN
• RAbuseName: Abuse
• RAbusePhone: +1-650-319-8930
• RAbuseEmail: abuse@cloudflare.com
• RAbuseRef: https://rdap.arin.net/registry/entity/ABUSE2916-ARIN

Links to attack logs

anonymous-proxy-ip-list-2025-06-23 anonymous-proxy-ip-list-2025-06-22 anonymous-proxy-ip-list-2025-06-24