3.96.202.153 Threat Intelligence and Host Information

General

This page contains threat intelligence information for the IPv4 address 3.96.202.153 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Possibly Malicious Host 🟢 15/100

Host and Network Information

• View other sources: Spamhaus VirusTotal

• Country: Canada
• Network: AS16509 amazon.com inc
• Noticed: 1 times
• Protocols Attacked: Anonymous Proxy

Open Ports Detected

10001 10443 14265 161 1650 1701 17185 1723 195 20000 2008 20547 2222 2225 23023 23424 2345 2379 25 2602 264 27015 31401 32764 3483 3551 43 4321 48899 5007 5122 5353 55443 5858 587 5906 6664 8001 8029 8034 8056 8112 8181 8291 83 8421 8443 8807 9045 9098 9201 9869

CVEs Detected

CVE-2012-6708 CVE-2015-9251 CVE-2017-16943 CVE-2017-16944 CVE-2017-7656 CVE-2017-7657 CVE-2017-7658 CVE-2017-9735 CVE-2018-12536 CVE-2018-12545 CVE-2018-6789 CVE-2019-10149 CVE-2019-10241 CVE-2019-10247 CVE-2019-11358 CVE-2019-13917 CVE-2019-15846 CVE-2020-11022 CVE-2020-11023 CVE-2020-12783 CVE-2020-27216 CVE-2020-27218 CVE-2020-27223 CVE-2020-28007 CVE-2020-28008 CVE-2020-28009 CVE-2020-28010 CVE-2020-28011 CVE-2020-28012 CVE-2020-28013 CVE-2020-28014 CVE-2020-28015 CVE-2020-28016 CVE-2020-28017 CVE-2020-28019 CVE-2020-28020 CVE-2020-28021 CVE-2020-28022 CVE-2020-28023 CVE-2020-28024 CVE-2020-28025 CVE-2020-28026 CVE-2020-7656 CVE-2020-8015 CVE-2021-27216 CVE-2021-28165 CVE-2021-28169 CVE-2021-34428 CVE-2021-38371 CVE-2022-2047 CVE-2022-2048 CVE-2022-37451 CVE-2022-37452 CVE-2023-26048 CVE-2023-26049 CVE-2023-36478 CVE-2023-36479 CVE-2023-40167 CVE-2023-44487 CVE-2023-51766

Map

Whois Information

• NetRange: 3.0.0.0 - 3.127.255.255
• CIDR: 3.0.0.0/9
• NetName: AT-88-Z
• NetHandle: NET-3-0-0-0-1
• Parent: NET3 (NET-3-0-0-0-0)
• NetType: Direct Allocation
• OriginAS:
• Organization: Amazon Technologies Inc. (AT-88-Z)
• RegDate: 2017-12-20
• Updated: 2022-05-18
• Ref: https://rdap.arin.net/registry/ip/3.0.0.0
• OrgName: Amazon Technologies Inc.
• OrgId: AT-88-Z
• Address: 410 Terry Ave N.
• City: Seattle
• StateProv: WA
• PostalCode: 98109
• Country: US
• RegDate: 2011-12-08
• Updated: 2024-01-24
• Comment: All abuse reports MUST include:
• Comment: * src IP
• Comment: * dest IP (your IP)
• Comment: * dest port
• Comment: * Accurate date/timestamp and timezone of activity
• Comment: * Intensity/frequency (short log extracts)
• Comment: * Your contact details (phone and email) Without these we will be unable to identify the correct owner of the IP address at that point in time.
• Ref: https://rdap.arin.net/registry/entity/AT-88-Z
• OrgRoutingHandle: IPROU3-ARIN
• OrgRoutingName: IP Routing
• OrgRoutingPhone: +1-206-555-0000
• OrgRoutingEmail: aws-routing-poc@amazon.com
• OrgRoutingRef: https://rdap.arin.net/registry/entity/IPROU3-ARIN
• OrgAbuseHandle: AEA8-ARIN
• OrgAbuseName: Amazon EC2 Abuse
• OrgAbusePhone: +1-206-555-0000
• OrgAbuseEmail: trustandsafety@support.aws.com
• OrgAbuseRef: https://rdap.arin.net/registry/entity/AEA8-ARIN
• OrgTechHandle: ANO24-ARIN
• OrgTechName: Amazon EC2 Network Operations
• OrgTechPhone: +1-206-555-0000
• OrgTechEmail: amzn-noc-contact@amazon.com
• OrgTechRef: https://rdap.arin.net/registry/entity/ANO24-ARIN
• OrgRoutingHandle: ARMP-ARIN
• OrgRoutingName: AWS RPKI Management POC
• OrgRoutingPhone: +1-206-555-0000
• OrgRoutingEmail: aws-rpki-routing-poc@amazon.com
• OrgRoutingRef: https://rdap.arin.net/registry/entity/ARMP-ARIN
• OrgNOCHandle: AANO1-ARIN
• OrgNOCName: Amazon AWS Network Operations
• OrgNOCPhone: +1-206-555-0000
• OrgNOCEmail: amzn-noc-contact@amazon.com
• OrgNOCRef: https://rdap.arin.net/registry/entity/AANO1-ARIN
• NetRange: 3.96.0.0 - 3.97.255.255
• CIDR: 3.96.0.0/15
• NetName: AMAZON-YUL
• NetHandle: NET-3-96-0-0-1
• Parent: AT-88-Z (NET-3-0-0-0-1)
• NetType: Reallocated
• OriginAS:
• Organization: Amazon Data Services Canada (ADSC-5)
• RegDate: 2020-04-01
• Updated: 2020-04-01
• Ref: https://rdap.arin.net/registry/ip/3.96.0.0
• OrgName: Amazon Data Services Canada
• OrgId: ADSC-5
• Address: 120 Bremner Boulevard
• Address: 26th Floor
• City: Toronto
• StateProv: ON
• PostalCode: M5J 0A8
• Country: CA
• RegDate: 2016-12-15
• Updated: 2019-08-02
• Ref: https://rdap.arin.net/registry/entity/ADSC-5
• OrgNOCHandle: AANO1-ARIN
• OrgNOCName: Amazon AWS Network Operations
• OrgNOCPhone: +1-206-555-0000
• OrgNOCEmail: amzn-noc-contact@amazon.com
• OrgNOCRef: https://rdap.arin.net/registry/entity/AANO1-ARIN
• OrgAbuseHandle: AEA8-ARIN
• OrgAbuseName: Amazon EC2 Abuse
• OrgAbusePhone: +1-206-555-0000
• OrgAbuseEmail: trustandsafety@support.aws.com
• OrgAbuseRef: https://rdap.arin.net/registry/entity/AEA8-ARIN
• OrgTechHandle: ANO24-ARIN
• OrgTechName: Amazon EC2 Network Operations
• OrgTechPhone: +1-206-555-0000
• OrgTechEmail: amzn-noc-contact@amazon.com
• OrgTechRef: https://rdap.arin.net/registry/entity/ANO24-ARIN

Links to attack logs

anonymous-proxy-ip-list-2024-06-26 anonymous-proxy-ip-list-2024-08-13 anonymous-proxy-ip-list-2024-08-12 anonymous-proxy-ip-list-2024-06-27 anonymous-proxy-ip-list-2024-06-28