18.221.92.173 Threat Intelligence and Host Information

General

This page contains threat intelligence information for the IPv4 address 18.221.92.173 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Possibly Malicious Host 🟢 5/100

Host and Network Information

• View other sources: Spamhaus VirusTotal

• Country: United States
• Network:
• Noticed: 1 times
• Protocols Attacked: SSH
• Passive DNS Results: medih.amazgn.com www.federate.amazgn.com www.wildcard.a-azon.com a.pay.amazgn.com www.www.www.oedia-amazon.com www.www.www.medma-amazon.com docs.aws.amazgn.com www.ns1.oedia-amazon.com www.ns1.eedia-amazon.com www.www.ledia-amazon.com www.www.ns1.iedia-amazon.com www.www.ns1.mddia-amazon.com www.www.ns1.mmdia-amazon.com www.ns2.melia-amazon.com www.ssl-imaces-amazon.com ildcard.ssl-images-amazmn.com wildcard.ns2.amzhekmdall.com www.ns2.iedia-amazon.com www.www.alpha.ssl-imagus-amazon.com wildcard.amazgn.com www.www.ns1.meeia-amazon.com www.www.ns1.eedia-amazon.com www.www.ns2.ledia-amazon.com wildcard.amazonopezations.com www.www.images-ja.ssl-imagus-amazon.com ildcard.amazgn.com ns2.mudia-amazon.com pmsa.qws.dev www.agent.ssl-imagus-amazon.com www.ci.ssl-imagus-amazon.com www.www.oedia-amazon.com www.ns2.meeia-amazon.com hotfix.ssl-imagus-amazon.com www.alpha.ssl-imagus-amazon.com a-azon.com amzhmimdall.com bot.ssl-imagus-amazon.com www.mediq-amazon.com ns2.medya-amazon.com ns2.amzheimeall.com ns1.amzheamdall.com ns1.amjheimdall.com ns2.media-amaron.com www.amzhehmdall.com ns2.mmdia-amazon.com ns1.amzhaimdall.com www.amzxeimdall.com www.amzleimdall.com ns2.amzhuimdall.com www.madia-amazon.com ns2.mediq-amazon.com ns2.cmzheimdall.com wsl-images-amazon.com amazmnoperations.com amazonorerations.com amazonopesations.com amazonopevations.com amazonoperapions.com amazonoparations.com amazonopdrations.com amazonoperationq.com amazonoperation3.com amazonoperatyons.com amazonoperataons.com amazonoqerations.com amazonopurations.com amazonoperatmons.com aeazonoperations.com amazoooperations.com amazonopera4ions.com amajonoperations.com amazonope2ations.com amazonoperathons.com amazonopgrations.com aiazonoperations.com amazonoterations.com amazonoxerations.com a-azonoperations.com amazonoperadions.com amazoloperations.com amazonoperatkons.com amaronoperations.com amazonoperationw.com d2ro.com sslmimages-amazon.com ssl-imagms-amazon.com ssl-imafes-amazon.com ssn-images-amazon.com ssl-imaoes-amazon.com ssl-kmages-amazon.com ssl-images-amaron.com ssl-hmages-amazon.com ssl-imqges-amazon.com ssl-images-amazoo.com ssl-ieages-amazon.com ssl-imagas-amazon.com ssl-imawes-amazon.com ssl-images-amazof.com ssl-images-amazol.com ssl-mmages-amazon.com ssl-ilages-amazon.com ssl-images-amazgn.com ssl-imagus-amazon.com ssl-i-ages-amazon.com imazonoperations.com qsl-images-amazon.com e2zo.com u2ro.com ee2o.com e0ro.com e3ro.com e2rn.com e2vo.com ssl-ymages-amazon.com imafes-na.ssl-imagus-amazon.com images-ja.ssl-imagus-amazon.com ssl-amages-amazon.com ssl-imaggs-amazon.com rsl-images-amazon.com csl-images-amazon.com ssl-iiages-amazon.com aoazonoperations.com cmazonoperations.com emazonoperations.com amazonoperavions.com ssl-imcges-amazon.com amazonoperationc.com e2rk.com ssm-images-amazon.com alazonoperations.com ssl-images-amazmn.com amazgnoperations.com amazonoperationr.com amazofoperations.com ssl-images-amajon.com g2ro.com amazonopepations.com amazonopmrations.com amazonoperauions.com amazonopezations.com amazono0erations.com amazonopebations.com ssl-imaees-amazon.com ssl-imiges-amazon.com ssl-ioages-amazon.com ssl-imeges-amazon.com ssh-images-amazon.com ssd-images-amazon.com ssl-imagds-amazon.com ssl-imaces-amazon.com ass.dev qws.dev mefia-amazon.com medka-amazon.com medma-amazon.com media-amazoo.com madia-amazon.com eedia-amazon.com a-zheimdall.com amzxeimdall.com cmzheimdall.com amazgn.com mudia-amazon.com metia-amazon.com meeia-amazon.com medii-amazon.com mmdia-amazon.com medha-amazon.com medic-amazon.com medie-amazon.com mediamamazon.com medya-amazon.com melia-amazon.com media-amazol.com media-amazof.com mddia-amazon.com medaa-amazon.com mediq-amazon.com media-amaron.com media-amajon.com ledia-amazon.com iedia-amazon.com oedia-amazon.com amzhekmdall.com amzhuimdall.com amzhgimdall.com amzheimdanl.com amzheymdall.com amzhemmdall.com amzheimdaml.com amzheimdahl.com amzheimdadl.com amzheimtall.com amzleimdall.com amzhehmdall.com amzheimlall.com amzjeimdall.com amzheamdall.com aozheimdall.com amzheimfall.com amrheimdall.com amzhdimdall.com amzhaimdall.com amzieimdall.com amjheimdall.com amzheimeall.com amxheimdall.com alzheimdall.com aizheimdall.com aezheimdall.com imzheimdall.com qmzheimdall.com emzheimdall.com

Open Ports Detected

53 80

Map

Whois Information

• NetRange: 18.32.0.0 - 18.255.255.255
• CIDR: 18.128.0.0/9, 18.32.0.0/11, 18.64.0.0/10
• NetName: AT-88-Z
• NetHandle: NET-18-32-0-0-1
• Parent: NET18 (NET-18-0-0-0-0)
• NetType: Direct Allocation
• OriginAS:
• Organization: Amazon Technologies Inc. (AT-88-Z)
• RegDate: 2019-10-07
• Updated: 2021-02-10
• Ref: https://rdap.arin.net/registry/ip/18.32.0.0
• OrgName: Amazon Technologies Inc.
• OrgId: AT-88-Z
• Address: 410 Terry Ave N.
• City: Seattle
• StateProv: WA
• PostalCode: 98109
• Country: US
• RegDate: 2011-12-08
• Updated: 2024-01-24
• Comment: All abuse reports MUST include:
• Comment: * src IP
• Comment: * dest IP (your IP)
• Comment: * dest port
• Comment: * Accurate date/timestamp and timezone of activity
• Comment: * Intensity/frequency (short log extracts)
• Comment: * Your contact details (phone and email) Without these we will be unable to identify the correct owner of the IP address at that point in time.
• Ref: https://rdap.arin.net/registry/entity/AT-88-Z
• OrgNOCHandle: AANO1-ARIN
• OrgNOCName: Amazon AWS Network Operations
• OrgNOCPhone: +1-206-555-0000
• OrgNOCEmail: amzn-noc-contact@amazon.com
• OrgNOCRef: https://rdap.arin.net/registry/entity/AANO1-ARIN
• OrgRoutingHandle: ARMP-ARIN
• OrgRoutingName: AWS RPKI Management POC
• OrgRoutingPhone: +1-206-555-0000
• OrgRoutingEmail: aws-rpki-routing-poc@amazon.com
• OrgRoutingRef: https://rdap.arin.net/registry/entity/ARMP-ARIN
• OrgTechHandle: ANO24-ARIN
• OrgTechName: Amazon EC2 Network Operations
• OrgTechPhone: +1-206-555-0000
• OrgTechEmail: amzn-noc-contact@amazon.com
• OrgTechRef: https://rdap.arin.net/registry/entity/ANO24-ARIN
• OrgAbuseHandle: AEA8-ARIN
• OrgAbuseName: Amazon EC2 Abuse
• OrgAbusePhone: +1-206-555-0000
• OrgAbuseEmail: trustandsafety@support.aws.com
• OrgAbuseRef: https://rdap.arin.net/registry/entity/AEA8-ARIN
• OrgRoutingHandle: IPROU3-ARIN
• OrgRoutingName: IP Routing
• OrgRoutingPhone: +1-206-555-0000
• OrgRoutingEmail: aws-routing-poc@amazon.com
• OrgRoutingRef: https://rdap.arin.net/registry/entity/IPROU3-ARIN