3.5.2.1 Threat Intelligence and Host Information

Aug 15, 2025 ipinfopage

General

This page contains threat intelligence information for the IPv4 address 3.5.2.1 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Possibly Malicious Host 🟢 25/100

Host and Network Information

  • View other sources: Spamhaus VirusTotal
  • Contained within other IP sets: bitcoin_nodes_1d, bitcoin_nodes_30d, bitcoin_nodes_7d, bitcoin_nodes, botscout_1d, botscout_30d, botscout_7d, esentire_crazyerror_su, esentire_emptyarray_ru, lashback_ubl, stopforumspam_180d, stopforumspam_1d, stopforumspam_30d, stopforumspam_365d, stopforumspam_7d, stopforumspam_90d, stopforumspam

  • Country: United States
  • Network:
  • Noticed: 1 times
  • Protocols Attacked: Anonymous Proxy
  • Passive DNS Results: ram6f0a7.s3.amazonaws.com streann-static.s3.amazonaws.com cm3357.s3.amazonaws.com fconnect.s3.amazonaws.com qaz5.s3.amazonaws.com becketnewsite.s3.amazonaws.com aws-sdk-configurations.s3.amazonaws.com plugo-bundles.s3.amazonaws.com bbcomm-mgr-ui-attachments-eu.s3.amazonaws.com betterknow-booknow-follett.s3.amazonaws.com lidofi.s3.amazonaws.com dp-production-s3-assets.s3.amazonaws.com nkaycjnboaa9rzlxlcp20bvzebpfeiibbkcq.s3.amazonaws.com playism.s3.amazonaws.com pc-error20.s3.amazonaws.com ally-production.s3.amazonaws.com bbuseruploads.s3.amazonaws.com onpeak-compassstatic-prod.s3.amazonaws.com equipment-system.s3.amazonaws.com lizardbluereports0033.lizardblue.com sbmcart.s3.amazonaws.com cinnproductimg.s3.amazonaws.com productionstage-hostingstack-serverbucket50ee8d24-18stefou6iti3.s3.amazonaws.com communicator-images.s3.amazonaws.com bki-ot-docs-sellerdigital-vault.s3.amazonaws.com covideo-test-bucket.s3.amazonaws.com message-attachments.s3.amazonaws.com twitter-badges.s3.amazonaws.com cc-dms-storage.s3.amazonaws.com d2l-docbuilder-prod-us-east-1-converted.s3.amazonaws.com dl02.s3.amazonaws.com specialattributes.s3.amazonaws.com color-world-bigquery-us.s3.amazonaws.com bigduckgames.s3.amazonaws.com hdsbetadealers.s3.amazonaws.com repo.default.amazonaws.com covideosystems.s3.amazonaws.com groundfloor-assets.s3.amazonaws.com use1-dev-bd-devops-prov-inventory-logs-395539755960.s3.amazonaws.com messages.api.autodesk.com.s3.amazonaws.com prodcontent.s3.amazonaws.com repo.us-east-1.amazonaws.com 64.aac.jango.com covideo-gif-snapshots.s3.amazonaws.com cuag.s3.amazonaws.com brd-billing.s3.amazonaws.com hds.ahmhds.com.s3.amazonaws.com mvc-email-static.s3.amazonaws.com varios-univ.s3.amazonaws.com mindofwinner.s3.amazonaws.com fonts.thebrain.com services1.clearswift.net assets.innermetrix.com s3-w.us-east-1.amazonaws.com

Malware Detected on Host

Count: 1 a89a8967b8cd84ef07483dda03be7d726e8e081b166358293953106944113eb8

Open Ports Detected

80

Map

Whois Information

  • NetRange: 3.0.0.0 - 3.127.255.255
  • CIDR: 3.0.0.0/9
  • NetName: AT-88-Z
  • NetHandle: NET-3-0-0-0-1
  • Parent: NET3 (NET-3-0-0-0-0)
  • NetType: Direct Allocation
  • OriginAS:
  • Organization: Amazon Technologies Inc. (AT-88-Z)
  • RegDate: 2017-12-20
  • Updated: 2022-05-18
  • Ref: https://rdap.arin.net/registry/ip/3.0.0.0
  • OrgName: Amazon Technologies Inc.
  • OrgId: AT-88-Z
  • Address: 410 Terry Ave N.
  • City: Seattle
  • StateProv: WA
  • PostalCode: 98109
  • Country: US
  • RegDate: 2011-12-08
  • Updated: 2024-01-24
  • Comment: All abuse reports MUST include:
  • Comment: * src IP
  • Comment: * dest IP (your IP)
  • Comment: * dest port
  • Comment: * Accurate date/timestamp and timezone of activity
  • Comment: * Intensity/frequency (short log extracts)
  • Comment: * Your contact details (phone and email) Without these we will be unable to identify the correct owner of the IP address at that point in time.
  • Ref: https://rdap.arin.net/registry/entity/AT-88-Z
  • OrgNOCHandle: AANO1-ARIN
  • OrgNOCName: Amazon AWS Network Operations
  • OrgNOCPhone: +1-206-555-0000
  • OrgNOCEmail: amzn-noc-contact@amazon.com
  • OrgNOCRef: https://rdap.arin.net/registry/entity/AANO1-ARIN
  • OrgRoutingHandle: IPROU3-ARIN
  • OrgRoutingName: IP Routing
  • OrgRoutingPhone: +1-206-555-0000
  • OrgRoutingEmail: aws-routing-poc@amazon.com
  • OrgRoutingRef: https://rdap.arin.net/registry/entity/IPROU3-ARIN
  • OrgTechHandle: ANO24-ARIN
  • OrgTechName: Amazon EC2 Network Operations
  • OrgTechPhone: +1-206-555-0000
  • OrgTechEmail: amzn-noc-contact@amazon.com
  • OrgTechRef: https://rdap.arin.net/registry/entity/ANO24-ARIN
  • OrgAbuseHandle: AEA8-ARIN
  • OrgAbuseName: Amazon EC2 Abuse
  • OrgAbusePhone: +1-206-555-0000
  • OrgAbuseEmail: trustandsafety@support.aws.com
  • OrgAbuseRef: https://rdap.arin.net/registry/entity/AEA8-ARIN
  • OrgRoutingHandle: ARMP-ARIN
  • OrgRoutingName: AWS RPKI Management POC
  • OrgRoutingPhone: +1-206-555-0000
  • OrgRoutingEmail: aws-rpki-routing-poc@amazon.com
  • OrgRoutingRef: https://rdap.arin.net/registry/entity/ARMP-ARIN
  • NetRange: 3.5.0.0 - 3.5.255.255
  • CIDR: 3.5.0.0/16
  • NetName: AMAZON-S3
  • NetHandle: NET-3-5-0-0-1
  • Parent: AT-88-Z (NET-3-0-0-0-1)
  • NetType: Reallocated
  • OriginAS:
  • Organization: Amazon Data Services Northern Virginia (ADSN-1)
  • RegDate: 2020-12-03
  • Updated: 2020-12-03
  • Comment: —–BEGIN CERTIFICATE—–MIIDVzCCAj+gAwIBAgIJAPw2hzNg6T4eMA0GCSqGSIb3DQEBCwUAMEIxCzAJBgNVBAYTAlhYMRUwEwYDVQQHDAxEZWZhdWx0IENpdHkxHDAaBgNVBAoME0RlZmF1bHQgQ29tcGFueSBMdGQwHhcNMjAxMjAyMjI1NjQ2WhcNMjExMjAyMjI1NjQ2WjBCMQswCQYDVQQGEwJYWDEVMBMGA1UEBwwMRGVmYXVsdCBDaXR5MRwwGgYDVQQKDBNEZWZhdWx0IENvbXBhbnkgTHRkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyWqo82SAYfMjVsThJ92wEC1DtMG6tov44rWxZ5jxCBtVVzPiNnKYMv1XY9v5z3OOubt219QQ6/ZQILZfuQeU6l/Wz1OadO+vF1FAMiE2ygLsndR/4mjMYunXBG3MZIIm3Z4winGXpVzTmpPmrF2pHUsDutRt/MEfgvgPe4hRfhnxcgqmtdmBXJSGluKAp3Q2eN8OWzQ7au65c862l+f08WXOLsrj5NtSldJdeYAW7Zd3QXnHjWkyABX+khyh1av/+rQc/gmqInULa6rv9mQFee0fidnygz9RAIFfATE7gw2QcwBu0qp4aEWjYmOu+tvsgJ2fvXky7T+iOCxerAmcVwIDAQABo1AwTjAdBgNVHQ4EFgQUsRxi1kpXZIZbcUxty8SPZkwsrr0wHwYDVR0jBBgwFoAUsRxi1kpXZIZbcUxty8SPZkwsrr0wDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAQEAmn/7nArWDq5rm5HK4MEp6be9uTPtQ+c8jukSFhyOG0vgOh/8yNme+9EcR9VCdW5MpSptqq7Rn+vTaDNBKl7rDxhmZT80FLXnD4ftKtZSDWqUfS0IieJXswknPVdjAF2AsX2L4g3lL6K/UDB7S8Q3Mwls0Yx+rE5DO769ni01hyYvcIA5yRu49Hy37pZwQdarkZZH55z2jlE2VVMRPY//gwWdesqbCTS6ptKXBo06zQeuw8Ls2LpGyEubVSeZpUE+EexG+hO/KRW/G+VuRKo7ksaWxsbnRfHFoPGr0+k6vGTrIkGYKdKZ+iN4PUi/m/q24Z85wvy4Q9B1onqORRHpKw==—–END CERTIFICATE—–
  • Ref: https://rdap.arin.net/registry/ip/3.5.0.0
  • OrgName: Amazon Data Services Northern Virginia
  • OrgId: ADSN-1
  • Address: 13200 Woodland Park Road
  • City: Herndon
  • StateProv: VA
  • PostalCode: 20171
  • Country: US
  • RegDate: 2018-04-25
  • Updated: 2025-08-14
  • Ref: https://rdap.arin.net/registry/entity/ADSN-1
  • OrgAbuseHandle: AEA8-ARIN
  • OrgAbuseName: Amazon EC2 Abuse
  • OrgAbusePhone: +1-206-555-0000
  • OrgAbuseEmail: trustandsafety@support.aws.com
  • OrgAbuseRef: https://rdap.arin.net/registry/entity/AEA8-ARIN
  • OrgTechHandle: ANO24-ARIN
  • OrgTechName: Amazon EC2 Network Operations
  • OrgTechPhone: +1-206-555-0000
  • OrgTechEmail: amzn-noc-contact@amazon.com
  • OrgTechRef: https://rdap.arin.net/registry/entity/ANO24-ARIN
  • OrgNOCHandle: AANO1-ARIN
  • OrgNOCName: Amazon AWS Network Operations
  • OrgNOCPhone: +1-206-555-0000
  • OrgNOCEmail: amzn-noc-contact@amazon.com
  • OrgNOCRef: https://rdap.arin.net/registry/entity/AANO1-ARIN

Links to attack logs

bruteforce-files-list-2021-04-11 anonymous-proxy-ip-list-2024-11-21 anonymous-proxy-ip-list-2025-08-13 digitaloceanindia-telnet-bruteforce-ip-list-2023-12-17 anonymous-proxy-ip-list-2025-06-21 awsindia-telnet-bruteforce-ip-list-2022-05-21 forum-spam-ip-list-2023-05-28 anonymous-proxy-ip-list-2025-08-03 anonymous-proxy-ip-list-2024-12-09 forum-spam-ip-list-2013-11-02 anonymous-proxy-ip-list-2024-05-20 ****** vultrmadrid-telnet-bruteforce-ip-list-2024-06-04 ****** anonymous-proxy-ip-list-2024-09-26 anonymous-proxy-ip-list-2024-05-01 anonymous-proxy-ip-list-2024-06-12 anonymous-proxy-ip-list-2024-07-20 anonymous-proxy-ip-list-2024-09-11 anonymous-proxy-ip-list-2024-04-18 forum-spam-ip-list-2021-04-14 anonymous-proxy-ip-list-2025-08-08 vultrparis-mssql-bruteforce-ip-list-2023-12-31 anonymous-proxy-ip-list-2025-07-17 anonymous-proxy-ip-list-2024-08-29 anonymous-proxy-ip-list-2024-02-20 anonymous-proxy-ip-list-2024-07-30 anonymous-proxy-ip-list-2024-12-20 ****** bruteforce-files-list-2020-08-08 anonymous-proxy-ip-list-2024-08-24 anonymous-proxy-ip-list-2025-08-07 anonymous-proxy-ip-list-2025-08-09 anonymous-proxy-ip-list-2024-08-23 vultrparis-ssh-bruteforce-ip-list-2024-07-24 anonymous-proxy-ip-list-2025-07-20 ******

Share on: