13.57.52.135 Threat Intelligence and Host Information

General

This page contains threat intelligence information for the IPv4 address 13.57.52.135 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Possibly Malicious Host 🟢 15/100

Host and Network Information

• View other sources: Spamhaus VirusTotal

• Country: United States
• Network: AS16509 amazon.com inc
• Noticed: 1 times
• Protocols Attacked: Anonymous Proxy

Open Ports Detected

14147 20087 2083 2087 311 4282 5901 631 789 8009 8016 9418 9876 9943

CVEs Detected

CVE-2012-6708 CVE-2015-8398 CVE-2015-8399 CVE-2015-9251 CVE-2016-4317 CVE-2016-6283 CVE-2017-16856 CVE-2017-18083 CVE-2017-18084 CVE-2017-18085 CVE-2017-18086 CVE-2017-7656 CVE-2017-7657 CVE-2017-7658 CVE-2017-9735 CVE-2018-13389 CVE-2019-10247 CVE-2019-11358 CVE-2019-15005 CVE-2019-20406 CVE-2019-3395 CVE-2019-3396 CVE-2019-3398 CVE-2020-11022 CVE-2020-11023 CVE-2020-27216 CVE-2020-4027 CVE-2020-7656 CVE-2021-28165 CVE-2021-28169 CVE-2021-34428 CVE-2022-2047 CVE-2022-2048 CVE-2023-26048 CVE-2023-26049 CVE-2023-44487

Map

Whois Information

• NetRange: 13.24.0.0 - 13.59.255.255
• CIDR: 13.32.0.0/12, 13.56.0.0/14, 13.48.0.0/13, 13.24.0.0/13
• NetName: AT-88-Z
• NetHandle: NET-13-24-0-0-1
• Parent: NET13 (NET-13-0-0-0-0)
• NetType: Direct Allocation
• OriginAS:
• Organization: Amazon Technologies Inc. (AT-88-Z)
• RegDate: 2020-08-05
• Updated: 2021-02-10
• Ref: https://rdap.arin.net/registry/ip/13.24.0.0
• OrgName: Amazon Technologies Inc.
• OrgId: AT-88-Z
• Address: 410 Terry Ave N.
• City: Seattle
• StateProv: WA
• PostalCode: 98109
• Country: US
• RegDate: 2011-12-08
• Updated: 2024-01-24
• Comment: All abuse reports MUST include:
• Comment: * src IP
• Comment: * dest IP (your IP)
• Comment: * dest port
• Comment: * Accurate date/timestamp and timezone of activity
• Comment: * Intensity/frequency (short log extracts)
• Comment: * Your contact details (phone and email) Without these we will be unable to identify the correct owner of the IP address at that point in time.
• Ref: https://rdap.arin.net/registry/entity/AT-88-Z
• OrgRoutingHandle: ARMP-ARIN
• OrgRoutingName: AWS RPKI Management POC
• OrgRoutingPhone: +1-206-555-0000
• OrgRoutingEmail: [email protected]
• OrgRoutingRef: https://rdap.arin.net/registry/entity/ARMP-ARIN
• OrgNOCHandle: AANO1-ARIN
• OrgNOCName: Amazon AWS Network Operations
• OrgNOCPhone: +1-206-555-0000
• OrgNOCEmail: [email protected]
• OrgNOCRef: https://rdap.arin.net/registry/entity/AANO1-ARIN
• OrgRoutingHandle: IPROU3-ARIN
• OrgRoutingName: IP Routing
• OrgRoutingPhone: +1-206-555-0000
• OrgRoutingEmail: [email protected]
• OrgRoutingRef: https://rdap.arin.net/registry/entity/IPROU3-ARIN
• OrgAbuseHandle: AEA8-ARIN
• OrgAbuseName: Amazon EC2 Abuse
• OrgAbusePhone: +1-206-555-0000
• OrgAbuseEmail: [email protected]
• OrgAbuseRef: https://rdap.arin.net/registry/entity/AEA8-ARIN
• OrgTechHandle: ANO24-ARIN
• OrgTechName: Amazon EC2 Network Operations
• OrgTechPhone: +1-206-555-0000
• OrgTechEmail: [email protected]
• OrgTechRef: https://rdap.arin.net/registry/entity/ANO24-ARIN

Links to attack logs

anonymous-proxy-ip-list-2024-04-13