204.246.164.71 Threat Intelligence and Host Information

General

This page contains threat intelligence information for the IPv4 address 204.246.164.71 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Possibly Malicious Host 🟢 5/100

Host and Network Information

• View other sources: Spamhaus VirusTotal

• Country: United States
• Network:
• Noticed: 1 times
• Protocols Attacked: SSH
• Passive DNS Results: aca9f57d5bab45218d47b3456af447b73.profile.sin2-c1.cloudfront.net a532dcac1e6671dbd75a4bcb562860854.profile.sin2-c1.cloudfront.net a7c622faf96c81e9d881f7b14c7a4d56c.profile.sin2-c1.cloudfront.net a9eb724e73dcec41cc6dcbf5d46a9065d.profile.sin2-c1.cloudfront.net a4ff6bf8fd67bfcf4eed9baabd3ab9957.profile.sin2-c1.cloudfront.net a9f1fdd567242c7702714761cd6385678.profile.sin2-c1.cloudfront.net a31de7bb7066ccedec7412cda4090b250.profile.sin2-c1.cloudfront.net a34914d7dc5a318ca59222127a6855bb0.profile.sin2-c1.cloudfront.net aca6ef6cc94ffa5f1cc103b76aae33ec4.profile.sin2-c1.cloudfront.net a74cb99519a0763f46b8be9ea1f7231a3.profile.sin2-c1.cloudfront.net ae64e6e579ba6e5ea8e9ac222cff656c0.profile.sin2.cloudfront.net ad61e4c4aba6b131ff0385589994f704d.profile.sin2.cloudfront.net a63bd818615f8088751d72d76554c00ac.profile.sin2.cloudfront.net a9004a9ea81abd7691f8aa34bc7570c64.profile.sin2.cloudfront.net a2199a8342a7b1e164007ff5db2f5e2df.profile.sin2.cloudfront.net aa9f61c82478a49ee0a63d44a4ceba413.profile.sin2.cloudfront.net ac24da90c2002d3108bed5ca02a8aacba.profile.sin2.cloudfront.net a14f27a9433a02f419e172fc59792a970.profile.sin2.cloudfront.net a9c95ecb4277866638c39a5eebccb76ac.profile.sin2.cloudfront.net a26944c2e477b420cf4c45994c35127a1.profile.sin2.cloudfront.net a2aa15c45b337a9492083f7ec7b2c3b7f.profile.sin2.cloudfront.net a17e0c3b7e6885cfeeeda3fc441c716b1.profile.sin2.cloudfront.net a451ef590c725c47593e25623a6ed9676.profile.sin2.cloudfront.net aa4f16cc622e0c00272e86303232ec222.profile.sin2.cloudfront.net a590601abc687cd857dc2aa6972ebae3a.profile.sin2.cloudfront.net ae32083e5fc2282d29857a26cc57a3cac.profile.sin2.cloudfront.net a2a2d5915997538fea72c42762c9f7128.profile.sin2.cloudfront.net afc80ab36ad3d4d31133bb92459714c81.profile.sin2.cloudfront.net a9a1da120f1b19dbab5162d98be1f7a90.profile.sin2.cloudfront.net a5e8b5ba67c1d3d41f1808c819e9f4788.profile.sin2.cloudfront.net a9a08cad360f28b70b322b5956f129abb.profile.sin2.cloudfront.net a4225f2a966aeb70eeb4deed7486933be.profile.sin2.cloudfront.net a8383530d94a2e1af16f0aa555641d5e1.profile.sin2.cloudfront.net a012e52ee04311ed351c313ae54ea6759.profile.sin2.cloudfront.net a41ee68d2c930232ccf599de1397be33e.profile.sin2.cloudfront.net ad79511b2086765001773e0beff4d511e.profile.sin2.cloudfront.net a7e63af4fcc5452592a55c5da718d804d.profile.sin2.cloudfront.net ae8b1fb1e223372ef3e56a913866cd253.profile.sin2.cloudfront.net a6437290b6b50962dd6c61e6b42daa140.profile.sin2.cloudfront.net a5015064827777797b450863286555806.profile.sin2.cloudfront.net a723d3abf112b25c12d646b76f1bed631.profile.sin2.cloudfront.net a0e2559aa4ba8208d239f076d39f22c42.profile.sin2.cloudfront.net

Malware Detected on Host

Count: 1 2f968c6a94f0dca0543e21c7a96e6b2ac992226b2b8439d2ce4c8626d0968d14

Open Ports Detected

443 80

Map

Whois Information

• NetRange: 204.246.160.0 - 204.246.191.255
• CIDR: 204.246.160.0/19
• NetName: AMAZON-04
• NetHandle: NET-204-246-160-0-1
• Parent: NET204 (NET-204-0-0-0-0)
• NetType: Direct Allocation
• OriginAS: AS16509, AS39111, AS7224
• Organization: Amazon.com, Inc. (AMAZON-4)
• RegDate: 2009-07-17
• Updated: 2015-09-24
• Ref: https://rdap.arin.net/registry/ip/204.246.160.0
• OrgName: Amazon.com, Inc.
• OrgId: AMAZON-4
• Address: 1918 8th Ave
• City: SEATTLE
• StateProv: WA
• PostalCode: 98101-1244
• Country: US
• RegDate: 1995-01-23
• Updated: 2022-09-30
• Ref: https://rdap.arin.net/registry/entity/AMAZON-4
• OrgNOCHandle: AANO1-ARIN
• OrgNOCName: Amazon AWS Network Operations
• OrgNOCPhone: +1-206-555-0000
• OrgNOCEmail: amzn-noc-contact@amazon.com
• OrgNOCRef: https://rdap.arin.net/registry/entity/AANO1-ARIN
• OrgRoutingHandle: IPROU3-ARIN
• OrgRoutingName: IP Routing
• OrgRoutingPhone: +1-206-555-0000
• OrgRoutingEmail: aws-routing-poc@amazon.com
• OrgRoutingRef: https://rdap.arin.net/registry/entity/IPROU3-ARIN
• OrgTechHandle: ANO24-ARIN
• OrgTechName: Amazon EC2 Network Operations
• OrgTechPhone: +1-206-555-0000
• OrgTechEmail: amzn-noc-contact@amazon.com
• OrgTechRef: https://rdap.arin.net/registry/entity/ANO24-ARIN
• OrgAbuseHandle: AEA8-ARIN
• OrgAbuseName: Amazon EC2 Abuse
• OrgAbusePhone: +1-206-555-0000
• OrgAbuseEmail: trustandsafety@support.aws.com
• OrgAbuseRef: https://rdap.arin.net/registry/entity/AEA8-ARIN
• OrgRoutingHandle: ARMP-ARIN
• OrgRoutingName: AWS RPKI Management POC
• OrgRoutingPhone: +1-206-555-0000
• OrgRoutingEmail: aws-rpki-routing-poc@amazon.com
• OrgRoutingRef: https://rdap.arin.net/registry/entity/ARMP-ARIN
• RNOCHandle: ROLEA19-ARIN
• RNOCName: Role Account
• RNOCPhone: +1-206-266-4064
• RNOCEmail: ipmanagement@amazon.com
• RNOCRef: https://rdap.arin.net/registry/entity/ROLEA19-ARIN
• RTechHandle: ROLEA19-ARIN
• RTechName: Role Account
• RTechPhone: +1-206-266-4064
• RTechEmail: ipmanagement@amazon.com
• RTechRef: https://rdap.arin.net/registry/entity/ROLEA19-ARIN
• RAbuseHandle: ROLEA19-ARIN
• RAbuseName: Role Account
• RAbusePhone: +1-206-266-4064
• RAbuseEmail: ipmanagement@amazon.com
• RAbuseRef: https://rdap.arin.net/registry/entity/ROLEA19-ARIN

Links to attack logs

****** ****** ******