13.248.155.104 Threat Intelligence and Host Information

Mar 17, 2024 ipinfopage

General

IP Address
13.248.155.104
IPv4 Address
Location
🇺🇸 United States
US
Network
AS16509
AMAZON-02
Threat Score
55/100
High Risk
cybersecurityhosteuropeiocmaliciousNextrayphishing
Attack Intelligence
MITRE ATT&CK Techniques
T1398 - Modify OS Kernel or Boot Partition, T1399 - Modify Trusted Execution Environment
Open Ports Detected
443
Geographic Location
Country
United States
City
Unknown
Region
Unknown
Coordinates
37.7510, -97.8220
Network Information
ASN
AS16509
Organization
AMAZON-02
Network
AS16509 AMAZON-02
WHOIS Information
NetRange
13.244.0.0 - 13.251.255.255
CIDR
13.244.0.0/14, 13.248.0.0/14
NetName
AT-88-Z
NetHandle
NET-13-244-0-0-1
Parent
NET13 (NET-13-0-0-0-0)
NetType
Direct Allocation
OriginAS
Organization
Amazon Technologies Inc. (AT-88-Z)
RegDate
2011-12-08
Updated
2024-01-24
Ref
https://rdap.arin.net/registry/entity/AT-88-Z
OrgName
Amazon Technologies Inc.
OrgId
AT-88-Z
Address
410 Terry Ave N.
City
Seattle
StateProv
WA
PostalCode
98109
Country
US
Comment
* Your contact details (phone and email) Without these we will be unable to identify the correct owner of the IP address at that point in time.
OrgRoutingHandle
ARMP-ARIN
OrgRoutingName
AWS RPKI Management POC
OrgRoutingPhone
+1-206-555-0000
OrgRoutingEmail
aws-rpki-routing-poc@amazon.com
OrgRoutingRef
https://rdap.arin.net/registry/entity/ARMP-ARIN

  • Country: United States
  • Network: AS16509 amazon.com inc
  • Noticed: 34 times
  • Protocols Attacked: SSH
  • Countries Attacked: Canada, Czechia, Denmark, Estonia, France, Germany, Latvia, Lithuania, Norway, Poland, Romania, Turkey, Ukraine, United Kingdom of Great Britain and Northern Ireland, United States of America

Malware Detected on Host

Count: 15 8165eb1e6ebc0f6980ee99eb7da68e06ad3f8db92bd7bce8bf6031e347cd058f 94cdf28c30c4bb09d191990706844f10d8ba837459c9a81dd672f209e77c2fb9 59eaec4370420c67a9cc7d41ef57d189eb9d7540e85d425b2f0b20cf368e217c 3836dfdf84255dcd769494c8d2ce9dae878d61f26324e2b8c3208ec10beb9377 a9ee2c31cdb61dbeddd498f7ea24af51a8f6d0ee81ebf346996c333626285cdd 02c14e0d63ebeef4ce1b39985fce9dff8f0e8c33d09ed9f7d0ea2f446861c123 7a9938273e502427d127d1aced6f9fe7fd25c7fdffe5319788f1e0588280734b 220db9baec506e8d354656d33d8576e63e33de2b22f9b57d45e93693ee1f5981 abea5bc3b86a03d15857e0e65fea696f9c08b18a5bfc4547ba876568f8532dfd f99f2790eb5fcb8439b1a4ae1f847001d0ce554902f91d877a0056c86f0af9e4

Disclaimer
This page contains threat intelligence information for the IPv4 address 13.248.155.104 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.