52.216.110.2 Threat Intelligence and Host Information

General

This page contains threat intelligence information for the IPv4 address 52.216.110.2 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Possibly Malicious Host 🟢 5/100

Host and Network Information

• View other sources: Spamhaus VirusTotal
• Contained within other IP sets: hphosts_emd

• Country: United States
• Network: AS16509 amazon.com inc
• Noticed: 1 times
• Protcols Attacked: SSH
• Passive DNS Results: update.checkedup.com feedspot.com alleeandkyle.com mazdausawarranty.com alfonsopajader.com yembo.ch fromex.net essenza-chile.com crappieforkidscancer.com 1800noducks.net ambi.fun rivainsight.io fortis.tech techroute.com.br sterlingvolunteers.com pti-cyber.com zerihun-firewallcomputers.com merrickapothecary.com hailtothetrump.com danawallereaglesfan.click paradisemobile.ky www.nustudenthealth.com gustavoquintero.com.mx moviesfromouterspace.click clairefoussard.com ednovus.com unmint.io testohub.com adastra.live cotrildistribuidora.com.br pqckeylength.org b89.io capcarbontech.com galactic-warrior.com frenchtourisme.com www.new.gl levelup-program.com emily.davisdre.com www.homeqube.ai totvscmnet-cloud.net stats.slimwareutilities.com 5minutestops.com gemstoneinfo.live pharmacogenetics.org www.knq.life askjordo.com www.leahtcsce412.xyz entrenafitnes.com r0th.net withum.life passagesassets.com getaptivepests.com mosex.com ellastay.com amghouma.com coinwidget.com angelestaxservices.com banburyfox.com grhutchens.com sarasunshine.com boujeebagels.com recommendmefantasybooks.com forge.ai verifiedvolunteers.com assetreviewers.com spring.net ironryan.net molitor.org intelhub.ancile.com hollywood-hairsalon.com aws.certiemail.com unshabbychic.com cyony.net greggmojicam.com adngob.mx s3-website-us-east-1.amazonaws.com 1pu.sh act.demandaction.org tjbryant.com kitterchronicles.com deviprasadtripathy.com zerodisappointment.com www.eunenem.com benchmark-construction.org modernit.info cereal.co www.getreciplay.com snapsfeed.com riverside-lending.com pingaws.com willsmidlein.com payper.co.za othermusic.com ahcacoverageloss.com move.io savepastorcao.com advancedflightmodeling.com oysterboxhotel.com usc-mat.s3-website-us-east-1.amazonaws.com 99ri7f64yzb9h5s.s3-website-us-east-1.amazonaws.com among.us insurenc.com grantbweller.com conduit.com.s3-website-us-east-1.amazonaws.com 731993.s3-website-us-east-1.amazonaws.com CODESINK.ORG studio.thinkmullen.com mobilelyft-ac.s3-website-us-east-1.amazonaws.com guides.zencoder.com errors.bitgenmax.com plusgrade.com viafoura.net capacitadero.org toddsilverstein.com scifiaudio.com designgineer.io HOBEANU.COM builds.emberjs.com dji.com howmanydaysuntilarresteddevelopmentisback.com www.boaddrink.com

Malware Detected on Host

Count: 1 6fb587355530f7745255fb9261be0a034d6e2e730093141c1f384adff7c1bd25

Open Ports Detected

80

Map

Whois Information

• NetRange: 52.192.0.0 - 52.223.191.255
• CIDR: 52.223.128.0/18, 52.223.0.0/17, 52.220.0.0/15, 52.222.0.0/16, 52.192.0.0/12, 52.216.0.0/14, 52.208.0.0/13
• NetName: AT-88-Z
• NetHandle: NET-52-192-0-0-1
• Parent: NET52 (NET-52-0-0-0-0)
• NetType: Direct Allocation
• OriginAS:
• Organization: Amazon Technologies Inc. (AT-88-Z)
• RegDate: 2015-09-02
• Updated: 2020-09-24
• Ref: https://rdap.arin.net/registry/ip/52.192.0.0
• OrgName: Amazon Technologies Inc.
• OrgId: AT-88-Z
• Address: 410 Terry Ave N.
• City: Seattle
• StateProv: WA
• PostalCode: 98109
• Country: US
• RegDate: 2011-12-08
• Updated: 2022-09-30
• Comment: All abuse reports MUST include:
• Comment: * src IP
• Comment: * dest IP (your IP)
• Comment: * dest port
• Comment: * Accurate date/timestamp and timezone of activity
• Comment: * Intensity/frequency (short log extracts)
• Comment: * Your contact details (phone and email) Without these we will be unable to identify the correct owner of the IP address at that point in time.
• Ref: https://rdap.arin.net/registry/entity/AT-88-Z
• OrgNOCHandle: AANO1-ARIN
• OrgNOCName: Amazon AWS Network Operations
• OrgNOCPhone: +1-206-555-0000
• OrgNOCEmail: amzn-noc-contact@amazon.com
• OrgNOCRef: https://rdap.arin.net/registry/entity/AANO1-ARIN
• OrgRoutingHandle: IPROU3-ARIN
• OrgRoutingName: IP Routing
• OrgRoutingPhone: +1-206-555-0000
• OrgRoutingEmail: aws-routing-poc@amazon.com
• OrgRoutingRef: https://rdap.arin.net/registry/entity/IPROU3-ARIN
• OrgRoutingHandle: ARMP-ARIN
• OrgRoutingName: AWS RPKI Management POC
• OrgRoutingPhone: +1-206-555-0000
• OrgRoutingEmail: aws-rpki-routing-poc@amazon.com
• OrgRoutingRef: https://rdap.arin.net/registry/entity/ARMP-ARIN
• OrgTechHandle: ANO24-ARIN
• OrgTechName: Amazon EC2 Network Operations
• OrgTechPhone: +1-206-555-0000
• OrgTechEmail: amzn-noc-contact@amazon.com
• OrgTechRef: https://rdap.arin.net/registry/entity/ANO24-ARIN
• OrgAbuseHandle: AEA8-ARIN
• OrgAbuseName: Amazon EC2 Abuse
• OrgAbusePhone: +1-206-555-0000
• OrgAbuseEmail: abuse@amazonaws.com
• OrgAbuseRef: https://rdap.arin.net/registry/entity/AEA8-ARIN

Links to attack logs

****** ****** ******