13.225.142.20 Threat Intelligence and Host Information

General

This page contains threat intelligence information for the IPv4 address 13.225.142.20 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Possibly Malicious Host 🟢 5/100

Host and Network Information

• View other sources: Spamhaus VirusTotal

• Country: United States
• Network: AS16509 amazon.com inc
• Noticed: 1 times
• Protocols Attacked: SSH
• Passive DNS Results: davidviscu.com ibet.com d8xc.xyz yaah.xyz b3153nwlbyze.xyz 6vjhd6nr15ff.xyz stilyhub.com vacancytv.com la3zo1mn0h7.xyz kzigt5874gtj.xyz zabraheitger.com itransformme.com thegardensatbassettsbridgefarm.com iv372i6aj5s69.xyz cbojdk8lbffy8iyq.xyz qiyu4ngzun8bag9y.xyz hv9u4gc2p.top s5gfybwe1i5.xyz 9akq6fowh2r.xyz xs2417x7l38gv.xyz dqw9y3yqb74.online miq2t7uc4x0.online whk61qhl51q.online 6z6bjwvzfkk.online davematthewsband.online 15smn8bthpcj.online 6u57hnhcspk6.online o3x63oapn3ay.online logstream.fervent-feynman-axie72u.cribl.cloud vf756nn8htq3.xyz spiritssync.com toyotamobilitydealer.com globalescape.nl saludvida.lat psychicsketching.com yvv41.sbs 1bwcm7.buzz trentwil.es ryr593store.click cougarncub.com bigthief.store chub.ai liveactivator.com tt2xgepuud7.xyz aemxtwg5nkv.xyz 3592utk5uha.xyz kellsworth.com idanjoshua.com vj5uprcxp6ba.xyz bitacoradetrading.com adrenable.app lilienexpress.com daghatra.com anthonyrodiasanfrancisco.store hotmaths.in shahraniconst.com pepper.co.il yourgovhomeprograms.com cardioshieldcom.com yourcontainerhouse.com main.recursing-moser-delsyab.cribl.cloud thepantherband.com luana-beauty.com navarroyabogados.com d2l36kbuhymzex.amplifyapp.com flonlz.com paxers.com calvert.com stagingapi.looneytuneswom.com lepoulet.co.uk photos-from-ukraine.com us-prostastream-us.com ownup-general-steve.youcanbook.me growcreative-uat.com pxlrt.com cozhtrans.com whilpai.com cdn.crimsonthorn.net voyantis.me mslfcl.com lilfreshsam.com coachesvoice.com burnleyestateagents.com topprinters.co.uk maruthibhargav.me radiantbeautypro.com rootops.io yannmusic.com mkirvine.com amralaa.net dinein.online cirogomes.com.br merrimentco.com webphimxxx.com hunanhouseflushing.com higashiwada-seikotsu.com versnydersfruit.com thewinclubes.com businesstobook.co us-synogut.com kfs4.com infinternet.com wsb-ar.com www.wsb-ar.com miguid.com inerpay.com houseincomfort.com makeitbusyless.com ourpass.co bumodup.com cac-jp.com comfortheatingacrepairavondale.com coronaoverflow.com kruiskamp.dev felixmejica.com emilwalker.com hostelcordillerabariloche.com robintiddmanagement.com billtot.com dozere.com thegeekf.com mamcheck.com mend.io 42air.io 42air.net 42air.ai wfreud.com pricroom.com dortel-harmonicas.com maxmoneynetwork.com earnersfromhome.com hefeirq.com seago.io nexttickets.store logicalisinspires.com mbamercantile.com rideaucottagerental.com ruoshan.net vulcanyemen.com shelbytheisnermakeup.com handlebarhotsauce.com cravatexbrands.com www.lagranitiere.com randombargain.com shivrajimportexport.com uiapp-dev.ml edgeq.io salv.io passioncouples.com lotesencanning.com kustomer-qa-env.api.helpsimply.com hotelboskenvid.com jamesoyeleyemarketing.com gemrarity.com teamcombatlive.com laurier-quebec.com taylor-lehman-studio.com homewindowssnow.com nightpowers.com rapiche.com immersionbridge.com waveformcommunication.com buomtvdong.com generatorplant.com turntable-orchestra.com bobabridges.com freetonymac-ebook.com solanabossbabies.com mailnewsmanager.com armandosalinas.com livwell.asia scarletcreative.org smma-business.com mernamagdydentalartclinic.com swbennett.com soldierparkakitas.com telecom-voyance.com overthelast.top renttickets.live geeters.com speakbu.com starproc.com fepaim.com nthvisitor.com esendex.es

Malware Detected on Host

Count: 1 64c34a1dda49957ecec15525fd1a3f5e90bbb6dc85fe7c87d494e67754b5fb0f

Open Ports Detected

443 80

Map

Whois Information

• NetRange: 13.200.0.0 - 13.239.255.255
• CIDR: 13.200.0.0/13, 13.208.0.0/12, 13.224.0.0/12
• NetName: AT-88-Z
• NetHandle: NET-13-200-0-0-1
• Parent: NET13 (NET-13-0-0-0-0)
• NetType: Direct Allocation
• OriginAS:
• Organization: Amazon Technologies Inc. (AT-88-Z)
• RegDate: 2019-10-01
• Updated: 2021-02-10
• Ref: https://rdap.arin.net/registry/ip/13.200.0.0
• OrgName: Amazon Technologies Inc.
• OrgId: AT-88-Z
• Address: 410 Terry Ave N.
• City: Seattle
• StateProv: WA
• PostalCode: 98109
• Country: US
• RegDate: 2011-12-08
• Updated: 2024-01-24
• Comment: All abuse reports MUST include:
• Comment: * src IP
• Comment: * dest IP (your IP)
• Comment: * dest port
• Comment: * Accurate date/timestamp and timezone of activity
• Comment: * Intensity/frequency (short log extracts)
• Comment: * Your contact details (phone and email) Without these we will be unable to identify the correct owner of the IP address at that point in time.
• Ref: https://rdap.arin.net/registry/entity/AT-88-Z
• OrgRoutingHandle: IPROU3-ARIN
• OrgRoutingName: IP Routing
• OrgRoutingPhone: +1-206-555-0000
• OrgRoutingEmail: aws-routing-poc@amazon.com
• OrgRoutingRef: https://rdap.arin.net/registry/entity/IPROU3-ARIN
• OrgTechHandle: ANO24-ARIN
• OrgTechName: Amazon EC2 Network Operations
• OrgTechPhone: +1-206-555-0000
• OrgTechEmail: amzn-noc-contact@amazon.com
• OrgTechRef: https://rdap.arin.net/registry/entity/ANO24-ARIN
• OrgAbuseHandle: AEA8-ARIN
• OrgAbuseName: Amazon EC2 Abuse
• OrgAbusePhone: +1-206-555-0000
• OrgAbuseEmail: abuse@amazonaws.com
• OrgAbuseRef: https://rdap.arin.net/registry/entity/AEA8-ARIN
• OrgNOCHandle: AANO1-ARIN
• OrgNOCName: Amazon AWS Network Operations
• OrgNOCPhone: +1-206-555-0000
• OrgNOCEmail: amzn-noc-contact@amazon.com
• OrgNOCRef: https://rdap.arin.net/registry/entity/AANO1-ARIN
• OrgRoutingHandle: ARMP-ARIN
• OrgRoutingName: AWS RPKI Management POC
• OrgRoutingPhone: +1-206-555-0000
• OrgRoutingEmail: aws-rpki-routing-poc@amazon.com
• OrgRoutingRef: https://rdap.arin.net/registry/entity/ARMP-ARIN
• NetRange: 13.224.0.0 - 13.227.255.255
• CIDR: 13.224.0.0/14
• NetName: AMAZO-CF
• NetHandle: NET-13-224-0-0-2
• Parent: AT-88-Z (NET-13-200-0-0-1)
• NetType: Reallocated
• OriginAS:
• Organization: Amazon.com, Inc. (AMAZON-4)
• RegDate: 2020-05-19
• Updated: 2021-02-10
• Ref: https://rdap.arin.net/registry/ip/13.224.0.0
• OrgName: Amazon.com, Inc.
• OrgId: AMAZON-4
• Address: 1918 8th Ave
• City: SEATTLE
• StateProv: WA
• PostalCode: 98101-1244
• Country: US
• RegDate: 1995-01-23
• Updated: 2022-09-30
• Ref: https://rdap.arin.net/registry/entity/AMAZON-4
• OrgTechHandle: ANO24-ARIN
• OrgTechName: Amazon EC2 Network Operations
• OrgTechPhone: +1-206-555-0000
• OrgTechEmail: amzn-noc-contact@amazon.com
• OrgTechRef: https://rdap.arin.net/registry/entity/ANO24-ARIN
• OrgRoutingHandle: IPROU3-ARIN
• OrgRoutingName: IP Routing
• OrgRoutingPhone: +1-206-555-0000
• OrgRoutingEmail: aws-routing-poc@amazon.com
• OrgRoutingRef: https://rdap.arin.net/registry/entity/IPROU3-ARIN
• OrgAbuseHandle: AEA8-ARIN
• OrgAbuseName: Amazon EC2 Abuse
• OrgAbusePhone: +1-206-555-0000
• OrgAbuseEmail: abuse@amazonaws.com
• OrgAbuseRef: https://rdap.arin.net/registry/entity/AEA8-ARIN
• OrgNOCHandle: AANO1-ARIN
• OrgNOCName: Amazon AWS Network Operations
• OrgNOCPhone: +1-206-555-0000
• OrgNOCEmail: amzn-noc-contact@amazon.com
• OrgNOCRef: https://rdap.arin.net/registry/entity/AANO1-ARIN
• OrgRoutingHandle: ARMP-ARIN
• OrgRoutingName: AWS RPKI Management POC
• OrgRoutingPhone: +1-206-555-0000
• OrgRoutingEmail: aws-rpki-routing-poc@amazon.com
• OrgRoutingRef: https://rdap.arin.net/registry/entity/ARMP-ARIN

Links to attack logs

****** ****** ******