13.248.158.7 Threat Intelligence and Host Information

General

This page contains threat intelligence information for the IPv4 address 13.248.158.7 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Potentially Malicious Host 🟡 38/100

Host and Network Information

• Tags: akamaias, akamaiasn1, allow, amazon02, android, application, as15169, as16509, as20940, as3359, as8075, as852, assistant, atlas, azureadmyorg, channelsurfcli, connector, cuba, designer, desktop, dynamics, enterprise, explorer, facebook, false, file transfer, front, game, geoip, ghost, google, Hacked, hidden, indonesia, level3, live, magnus, media, meister, mexico, microsoft azure, microsoft crm, microsoft power, microsoft teams, mini, mtd1, office, premium, proton, public url, service, seznam, sharepoint, spark, telecom, test, tools, Tracking Domains, true, twitter, ukraine, verify, visible, win32, win64, write, youth

• JARM: 27d27d27d3fd27d1dc41d41d000000937221baefa0b90420c8e8e41903f1d5

• View other sources: Spamhaus VirusTotal

• Country: United States
• Network:
• Noticed: 4 times
• Protocols Attacked: SSH
• Countries Attacked: Anguilla, Aruba, Australia, Bahamas, Barbados, Canada, Cayman Islands, Costa Rica, Curaçao, Georgia, Guatemala, Japan, Mexico, Netherlands, Panama, Philippines, Poland, Saint Kitts and Nevis, Saint Martin (French part), Saint Vincent and the Grenadines, Sint Maarten (Dutch part), Tanzania United Republic of, Trinidad and Tobago, Ukraine, United Kingdom of Great Britain and Northern Ireland, United States of America
• Passive DNS Results: freeyahooinstantmessanger.com evaluate.data.yahoo.com onramp.dh.yahoo.com www.93.aprez.ostk.prod.bf1.yahoo.ee 93.aprez.ostk.prod.bf1.yahoo.ee movies.search.yahoo.com blog.search.yahoo.com answers.search.yahoo.com recipes.search.yahoo.com downloadsquad.com www.sitesocial.com sitesocial.com bloggingscandinavia.com bv.channel.aol.com catpeoplerule.com www.aimexpress.com aunz.adshowcase.yahooinc.com ryotstudio.adshowcase.yahooinc.com messenger.yahoo.com yahoomailforgotpassword.com aol-pwprotect.com pic.alfrasha.com yjhoo.com yhool.com artsyaho.com bloggingportugal.com aoluncut.org bloggingwindsurfing.com bloggingfilm.com aolyellow.com aol-log-in.org bloggingillinois.com aolunlocked.org bloggingnewmexico.com blogginggothic.com bloggingthailand.com aolweb.org aolontheweb.com bloghoogle.com 800yahoo.net aolbillingsecure.com aolfreeantivirus.com 1800yahoo.net avsucks.com bankofamericayahoo.com bloggingbangkok.com aolanyere.com www.bm2.prod.gq8.yahoo.ee gwww.engadgetmobile.com bm2.prod.gq8.yahoo.ee consmr.mail.gq1.yahoo.bg www.consmr.mail.gq1.yahoo.bg www.bm9.prod.bf1.yahoo.bg bm9.prod.bf1.yahoo.bg blockyahoo.com tcp.dc.msdcs.rocketmail.com mobile1.aol.com mxyahoo.com music.channel.aol.com mydaily.co.uk mylaunch.com my.netscape.com cloud.alwaysgrilling.com mynetscape.com aolhealth.com a.im accountdeleteemailsyahoo.com okambox.my aol.com.au yahoo.co.nz yahoo-phone-number.org walletpop.ca totalfoodnut.com edit.iahoo.com connectid.yahoo.com user.gdgt.com yauhoo.com regional.yahoo.com production.cotiabankstatic.wild4music.com 11in2011.aol.com asia.yahoo.com visualize.yahoo.com body.aol.com personals.netscape.com huffingtonpost.search.aol.com altavista.mobi it.careers.yahoo.it community.yahoo.com 1-888myyahoo.com aolmaol.com alwaysgrilling.com aolcredit.net add.my.iahoo.com add.my.ayahoo.com adjab.com adtech.info assets.kitchendaily.com bloggingbaby.com aolaol.com atlas.mapquest.com oscars.movies.yahoo.com asylum.jp reference.yahoo.com b2b.oath.com cf.geocities.com campyahoospanish.org bloggingblogher.com bvbuzz.com dynamic.aol.com hitometer.com yhaoo.com.br beta.messenger.yahoo.com beta.shopping.aol.com calendar.iahoo.com aolmain.com bizyaho.com compuserve.co.uk bvonbooks.com fastmailer.space bvhairtalk.com www.ytahoo.com yahnoo.com fireeagle.com www.spinner.com cpmpuserve.com total-talk.com de.omg.yahoo.com clearpost.buzz developer.searchmarketing.yahoo.com everlater.com hacks.joystiq.com hk.music.yahoo.com hot.aol.com money.aol.com ywahoo.com information.travel.aol.com in-store.com aaol.de yahoou.com.br zapletter.xyz mailaroo.store urlesque.com postmaster.yahooinc.com yellowegg.space fryahoo.net yahoo-support-inc.com macblog.aol.com noticias.aollatino.com ondemand.indextools.com www.aol.fr www.y-killer.com proinsa30.yahoo.org.bz comyahoo.com chefmoz.org realaol.com home.it.netscape.com www.resumix.com resumix.com de.bookmarks.yahoo.com video.aol.co.uk video.aol.ca videos.stylelist.com yahoogroupssxxss.com redditi-imposta-binance.yahoomessengsr.com aolpublishers.com www.fateyahoo.hk wwwp.musicmatch.com www.geocities.com branchenbuch.yahoo.de finanzen.yahoo.de wetter.yahoo.de av.yahoo.de otcounter.campyahoo.biz ticcontest1e.campyahoo.biz aolfavorite.com my.video.yahoo.com compuserve.net.ru digitalcity.netscape.com aimtoday.aim.com ar.noticias.yahoo.com piclens.com www.mail.ayhoo.com ayhoo.com bbhub.com aaol.com sign-onforamericaonline.com quote.yahoo.com yhoo.com y.ahoo.it drudgereport.comyahoo.com yahoonews.com bankyaho.com in.jagran.yahoo.com www.video.yahoo.com bloggingdvds.com gyahoo.com health.aol.com www.lemondrop.com americaonline.com platinumpetpremonitions.com searh.yaho.com dev.engadgetmobile.com developer.engadgetmobile.com gudaurimail.biz geocities.org moroccomailbox.com contentimages.de www.thefactual.com www.uncrowned.com fluxible.io acss.io uncrowned.com thefactual.com www.fluxible.io billhimself.com www.acss.io bvblackspin.com rogershighspeedyahoo.com stores.yahoo.com bid.yaho.com sp1.ayhoo.com accountupdate-aolsecurity.com user.auctions.shopping.yahoo.com user.aol.com yahoo.com.my notdonedocumentary.com yahoo.com.au yahoo.pt yahoo.ph yahoo.hk ops.aol.com notdonefilm.com yahoo.sg isp.yahoo.com ouryahoo.com src1.yahoo.com teamaol.com walletpop.co.uk websitepostoffice.com websitegarage.com weirdnews.aol.com nes.yaho.com yweb2.search.yaho.com yahoo.fm yahoo.nl yahoo.vn yahooindonesia.com yahoomail.com.ar yahoo.com.af yahoo.ge yahoo.sk yahoo.io yahoo.gy yahoo.com.ua yahoo.com.pe yahoo.com.tr yahoog.com yahoo.travel yahoo.co.ve yahoo.gl yahoo.me yahoo.lv yahoomessenegr.com yahoofs.com yahoo.pe yahoo.com.sa yahoo.info yahoo.com.co yahoo.com.na yahoo.com.es yahoo.co.za yahoomedia.net yahoo.ee yahoo.com.py yahoo.lt yahoogeocities.com.hk yahoo.co.vi yahoo1.com yahoo.com.do yahoo.ae yahoo360.com yahoogroups.com yahoo.pr yahoo.fi yahoomailcustomerservice.com yahoo.st yahoo.at yahoo.as yahoo.com.sv ywablog.com www.tw.yahoo.com au.pets.yahoo.com partners.yahoo.com www.sg.yahoo.com www.qc.yahoo.com tw.news.yahoo.net es-us.seguridad.yahoo.com www.vn.yahoo.com monetization.flurry.com adtechus.com gochat.desktop.aol.com au.gwn7.yahoo.com www.in.yahoo.com tw.messenger.yahoo.com www.ph.yahoo.com jp.search.yahoo.com au.astrology.yahoo.com gsd.ouroath.com yahoo.net oathadplatforms.com www.maktoob.yahoo.com flurry.com yahoo.finance brooklyn.ops.yahoo.com www.yahoocreator.com tw.autos.search.yahoo.com www.ro.yahoo.com weather.gwn7.yahoo.com.au au.movies.yahoo.com cricket.yahoo.net postmaster.yahoo.com au.horoscopes.yahoo.com www.uk.yahoo.com au.food.yahoo.com br.seguranca.yahoo.com www.it.yahoo.com au.health.yahoo.com au.video.yahoo.com vn.antoan.yahoo.com www.se.yahoo.com www.legal.yahoo.com careers.yahoo.com transparency.yahoo.com yahoocreators.com src4.yahoo.com yahoostyle.com au.entertainment.yahoo.com www.malaysia.yahoo.com advertising.maktoob.com yahoocreator.com tw.blog.search.yahoo.com au.style.yahoo.com oathadplatform.com au.travel.yahoo.com www.yahoo-inc.com labs.yahoo.com www.yahoo.net yahoohealth.com au.recipes.yahoo.com hk.forum.search.yahoo.com weather.prime7.yahoo.com.au about.yahoo.com jira.corp.yahoo.com es.seguro.yahoo.com ontheroad.yahoo.com education.yahoo.net finance.yahoo hk.charity.yahoo.com y2o.fr finance.yayhoo.com mapcentral.com i.downloadsquad.switched.com tw.bid.gyahoo.com yahoo.no compuserve-network.net bloggingohio.com stylelist.ca legal.yahoo.la overture.hk aimtoday.com editionsnews.com feeds.engadgethd.com webmail.ymail.com uk.my.yahoo.com pixazza.com freehackingyahoohotmail.com freepornyahoocom.com gateway.net analytics.yahoo.com cade.com yuiblog.com aol.com.bs grammy.aol.com in.geocities.com inquisitorx.com www.foxytunes.org www.foxytunes.com foxytunes.com aolmovel.com.br greetings.yahoo.com diagrams-reflex-follow.yahoo.it love.net purecss.io main.stylelist.com microsoft.weblogsinc.com yahoopublishing.biz update-google-drive-document.yahoo.ph tauwearablehelloworld.yahoo.hu 66yahoo.com formatjs.io www.conspiracy-land.com tw.search.buy.yahoo.com www.nz.yahoo.com dailyfinance.com console-cd.vespa.vzbuilders.com yahoo.monday.com.tw console.vespa.vzbuilders.com www.en-maktoob.yahoo.com getnetscape.com adtech.yahooinc.es adtech.yahooinc.nz tw.uwant.yahoo.com opentext.corp.vzbuilders.com convertro.com hk.auctions.yahoo.com thisisryot.net thisisryot.com thisisryot.org gdgt.com yahoosports.com postmaster.mail.yahoo.com hk.info.auctions.yahoo.com www.yuilibrary.com tw.search.mall.yahoo.com tw.search.bid.yahoo.com conspiracy-land.com src5.yahoo.com yahoomobile.com autoblog360.com www.za.yahoo.com www.fr-be.yahoo.com adtech.yahooinc.de www.yahoomobile.com www.yahoosports.com adtech.yahooinc.co.uk adtech.yahooinc.it adtech.yahooinc.fr aollatino.com kitchendaily.com aim.com adtech.yahooinc.com.au www.be.yahoo.com anyprice.com buildseries.com family.yahoo.com parenting.aol.com ar.geocities.com home.netscape.com yahoosupportaustralia.com dyahoo.com altavista.se netscape.net addressesyahoo.in 360yahoo.eu api-yts.cricket.yahoo.com sman92.yahoo.co.id yourminis.com review-mbilling-aol.com tv.netscape.com divester.com m.coolage.in aol.in 5x5m.com yahoosupportcontact.co.uk aahyahoo.sbs dmoz.com bloggingspain.com 06yahoo.com love.compuserve.com orders.compuserve.com aoltvlistings.compuserve.com mp.compuserve.com truveo.com pinpointshopping.com webmail.aol.com pringlesrisingstars.com mab.data.yahoo.com shortcuts.search.yahoo.com qa.origin.help.aol.com productmaster.ouryahoo.com www.yahoo.co.uk crowdstrike.aupediscover.beta.m.yahoo.com crowdstrike.autocqcfig.beta.m.yahoo.com crowdstrike.coconfig.beta.m.yahoo.com search-intl.netscape.com help.netscape.com research.yahoo.com www.digitalcities.com www.5minmedia.com yahpoo.com mailyahoo.cn dslyahoo.cn myyahoo.ca buzzyahoo.ch googleyahoo.com httpyahoo.eu switched.com nyahoo.com movieyahoo.cn aol.uz

Malware Detected on Host

Count: 71 22952fe82c1af3b1eaff169bcdf2f122ed02349c7cb976942b62b518b42d0147 82d66fe4bc86d1eab5aa19ea704ffa55dd1ffb960d6016717126d25034070468 bbd1568db9fe14925b32402f1cc23841bbdc426d744c971fd67d0f3d2747e81a 3143733edc69ed740e91341ca42613486fa6bb4275cefa58006c502763dd1dc1 483b1ed62e943b97b3d348e95d5ae3191774a7baee028baca14ee00fe7703b16 b9cdfcb430bae35a74037b2d020f4e5f095307d814f70ab18f9f8f5cc4f4f096 ef3bfd7adad906641f84acaa93b77e9b1438e1ad9ada9feb837c24effc612734 d733b8020b90c56a9303b56f5f4527c9accced8b26fd0796b65bfb1fbbd75b98 3766128299f51198c554c52636c6ef4bfa5dc04eae479f7a33e9bb00a06e5112 c37065a3b788163f31a6ebfe21d114136af3af9f938ced3d80993f7ab529dd38

Open Ports Detected

443 80

Map

Whois Information

• NetRange: 13.244.0.0 - 13.251.255.255
• CIDR: 13.244.0.0/14, 13.248.0.0/14
• NetName: AT-88-Z
• NetHandle: NET-13-244-0-0-1
• Parent: NET13 (NET-13-0-0-0-0)
• NetType: Direct Allocation
• OriginAS:
• Organization: Amazon Technologies Inc. (AT-88-Z)
• RegDate: 2018-07-11
• Updated: 2021-02-10
• Ref: https://rdap.arin.net/registry/ip/13.244.0.0
• OrgName: Amazon Technologies Inc.
• OrgId: AT-88-Z
• Address: 410 Terry Ave N.
• City: Seattle
• StateProv: WA
• PostalCode: 98109
• Country: US
• RegDate: 2011-12-08
• Updated: 2024-01-24
• Comment: All abuse reports MUST include:
• Comment: * src IP
• Comment: * dest IP (your IP)
• Comment: * dest port
• Comment: * Accurate date/timestamp and timezone of activity
• Comment: * Intensity/frequency (short log extracts)
• Comment: * Your contact details (phone and email) Without these we will be unable to identify the correct owner of the IP address at that point in time.
• Ref: https://rdap.arin.net/registry/entity/AT-88-Z
• OrgRoutingHandle: IPROU3-ARIN
• OrgRoutingName: IP Routing
• OrgRoutingPhone: +1-206-555-0000
• OrgRoutingEmail: aws-routing-poc@amazon.com
• OrgRoutingRef: https://rdap.arin.net/registry/entity/IPROU3-ARIN
• OrgRoutingHandle: ARMP-ARIN
• OrgRoutingName: AWS RPKI Management POC
• OrgRoutingPhone: +1-206-555-0000
• OrgRoutingEmail: aws-rpki-routing-poc@amazon.com
• OrgRoutingRef: https://rdap.arin.net/registry/entity/ARMP-ARIN
• OrgTechHandle: ANO24-ARIN
• OrgTechName: Amazon EC2 Network Operations
• OrgTechPhone: +1-206-555-0000
• OrgTechEmail: amzn-noc-contact@amazon.com
• OrgTechRef: https://rdap.arin.net/registry/entity/ANO24-ARIN
• OrgAbuseHandle: AEA8-ARIN
• OrgAbuseName: Amazon EC2 Abuse
• OrgAbusePhone: +1-206-555-0000
• OrgAbuseEmail: trustandsafety@support.aws.com
• OrgAbuseRef: https://rdap.arin.net/registry/entity/AEA8-ARIN
• OrgNOCHandle: AANO1-ARIN
• OrgNOCName: Amazon AWS Network Operations
• OrgNOCPhone: +1-206-555-0000
• OrgNOCEmail: amzn-noc-contact@amazon.com
• OrgNOCRef: https://rdap.arin.net/registry/entity/AANO1-ARIN