54.244.49.115 Threat Intelligence and Host Information

General

This page contains threat intelligence information for the IPv4 address 54.244.49.115 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Possibly Malicious Host 🟢 10/100

Host and Network Information

• View other sources: Spamhaus VirusTotal

• Country: United States
• Network: AS16509 amazon.com inc
• Noticed: 1 times
• Protcols Attacked: SSH
• Countries Attacked: United States of America
• Passive DNS Results: mail.mx-host.net mail.flip-mail.com mail.yurtmail.com mail.mailer-host.com mail.nickstel.com mail.post-host.net mail.exchhost.com mail.happyisp.com mail.eye-mail.net mail.hope-mail.com mail.mxhoppr.com mail.skrimple.com mail.skinnymail.net mail.yaxmail.net mail.mxproc.com mail.b-io.co mail.mailerhost.net mail.h-email.net mail.pickelhost.com

Malware Detected on Host

Count: 92 998f9915c970b952ba12f49964f1d9bdf7f1214267c05973a377af9824d05ad2 b2722b2c660edd700daf6631b9d423162039636594ebcff9a81ae76aa46394ed 10785d1b8d83ca011bf44e6b300c6e68c961f718eb733c3d987caf966a30fd20 aa8ae8b48d0bff19bb81efda00c328a369c58900012c65c8e7a9422aa6785e39 5feee6bef762d528cfea095b4afd3dea77c1e6a0c2af760663d2433bf58bbe59 bde3218790fa5d51a7c84bbd17eb576772037ae516efe6b306263d297081404d 8e133399fa6c1e7cad8ad522152a3155b06ae6c9ae11e5caab8efb992e0c7905 23c3239a97eb58c69770d147907b718e71e6bdccf0af7630155346b39bd8056e 16d52ac578ac145695cf167f66e51b9968d7aa70bebfb8a11c3f22c5e84a029b b6c43f3072fb8cfe203c3d1dfe5cf501f61eeb10af9d96449684dcef2cee32d7

Map

Whois Information

• NetRange: 54.224.0.0 - 54.255.255.255
• CIDR: 54.224.0.0/11
• NetName: AMAZON-2011L
• NetHandle: NET-54-224-0-0-1
• Parent: NET54 (NET-54-0-0-0-0)
• NetType: Direct Allocation
• OriginAS: AS16509
• Organization: Amazon Technologies Inc. (AT-88-Z)
• RegDate: 2012-03-01
• Updated: 2021-02-10
• Comment: —–BEGIN CERTIFICATE—–MIICljCCAX4CCQDvS1je1Bd4uzANBgkqhkiG9w0BAQsFADANMQswCQYDVQQGEwJVUzAeFw0yMDA4MjYxODQ1NThaFw0yMTA4MjYxODQ1NThaMA0xCzAJBgNVBAYTAlVTMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5geQJL7KoQhQLaTteXnFj0xsze15HgB9cpHPoL6khWVUthOg6AYCBHCcVJWeuEHuYGJcnrtW1tyLWpgfrxaw5E4ZtunSHElzO6BIp2u0215mbSGPQUt3TMR64nvXvEAY4qBP/p2+j0ud2eI47eA3s2ykFztEJPb7eZh8lVCGj5n2msRxeFiYwoB7/u3TDnW0/BwNLnJgyGkAWYUlk68hR10LHoBqGPezn7mPuiLHNa6JQP0WTYBz/80kS3m/4oZ7NS20PMieXqFjfYEgW6fPg7uJKhH3aYVVveZpBS5cRzm360HyT5hj1rUJh34nVCLMlvP+400w1wxr9buLnQzVlwIDAQABMA0GCSqGSIb3DQEBCwUAA4IBAQCZD7ERFb2LpeLdQgyji/ZqZ7lDXR8wq4m+ihMiqpPcwTVs1dfBfKDvZ4K6Ddyzkfd1NQYPWiV47nvqgJxwdISa7vN011RxBEGkYdJ8cNaRXW7aCGfQ8ZSQL6mbXsm4sbvDQNHiWJcdUB0KTzR/wpbXf9+24TbPGaOsZvfnKtd1lZhY5xFiOVCOdI59c/XyDH9aqOKNE0pOeATX55I3bU5PKeK5CM8oAtD2sFAQ956Uvj7/vFDs8QP3upzf53R+erSU10L1fTQBWHjNUCcf9wviS+U4hsaCcBZMlw6d5Q84GYX1tS+YwtA0Fv/NQcOWr9RJT+JVnpbyAxEyjI37XOqH—–END CERTIFICATE—–
• Ref: https://rdap.arin.net/registry/ip/54.224.0.0
• OrgName: Amazon Technologies Inc.
• OrgId: AT-88-Z
• Address: 410 Terry Ave N.
• City: Seattle
• StateProv: WA
• PostalCode: 98109
• Country: US
• RegDate: 2011-12-08
• Updated: 2022-09-30
• Comment: All abuse reports MUST include:
• Comment: * src IP
• Comment: * dest IP (your IP)
• Comment: * dest port
• Comment: * Accurate date/timestamp and timezone of activity
• Comment: * Intensity/frequency (short log extracts)
• Comment: * Your contact details (phone and email) Without these we will be unable to identify the correct owner of the IP address at that point in time.
• Ref: https://rdap.arin.net/registry/entity/AT-88-Z
• OrgRoutingHandle: ARMP-ARIN
• OrgRoutingName: AWS RPKI Management POC
• OrgRoutingPhone: +1-206-555-0000
• OrgRoutingEmail: aws-rpki-routing-poc@amazon.com
• OrgRoutingRef: https://rdap.arin.net/registry/entity/ARMP-ARIN
• OrgAbuseHandle: AEA8-ARIN
• OrgAbuseName: Amazon EC2 Abuse
• OrgAbusePhone: +1-206-555-0000
• OrgAbuseEmail: abuse@amazonaws.com
• OrgAbuseRef: https://rdap.arin.net/registry/entity/AEA8-ARIN
• OrgRoutingHandle: IPROU3-ARIN
• OrgRoutingName: IP Routing
• OrgRoutingPhone: +1-206-555-0000
• OrgRoutingEmail: aws-routing-poc@amazon.com
• OrgRoutingRef: https://rdap.arin.net/registry/entity/IPROU3-ARIN
• OrgNOCHandle: AANO1-ARIN
• OrgNOCName: Amazon AWS Network Operations
• OrgNOCPhone: +1-206-555-0000
• OrgNOCEmail: amzn-noc-contact@amazon.com
• OrgNOCRef: https://rdap.arin.net/registry/entity/AANO1-ARIN
• OrgTechHandle: ANO24-ARIN
• OrgTechName: Amazon EC2 Network Operations
• OrgTechPhone: +1-206-555-0000
• OrgTechEmail: amzn-noc-contact@amazon.com
• OrgTechRef: https://rdap.arin.net/registry/entity/ANO24-ARIN
• NetRange: 54.244.0.0 - 54.244.255.255
• CIDR: 54.244.0.0/16
• NetName: AMAZO-ZPDX2
• NetHandle: NET-54-244-0-0-1
• Parent: AMAZON-2011L (NET-54-224-0-0-1)
• NetType: Reallocated
• OriginAS: AS16509
• Organization: Amazon.com, Inc. (AMAZO-47)
• RegDate: 2012-12-27
• Updated: 2021-02-10
• Ref: https://rdap.arin.net/registry/ip/54.244.0.0
• OrgName: Amazon.com, Inc.
• OrgId: AMAZO-47
• Address: EC2, EC2 1200 12th Ave South
• City: Seattle
• StateProv: WA
• PostalCode: 98144
• Country: US
• RegDate: 2011-05-10
• Updated: 2021-07-22
• Ref: https://rdap.arin.net/registry/entity/AMAZO-47
• OrgAbuseHandle: AEA8-ARIN
• OrgAbuseName: Amazon EC2 Abuse
• OrgAbusePhone: +1-206-555-0000
• OrgAbuseEmail: abuse@amazonaws.com
• OrgAbuseRef: https://rdap.arin.net/registry/entity/AEA8-ARIN
• OrgNOCHandle: AANO1-ARIN
• OrgNOCName: Amazon AWS Network Operations
• OrgNOCPhone: +1-206-555-0000
• OrgNOCEmail: amzn-noc-contact@amazon.com
• OrgNOCRef: https://rdap.arin.net/registry/entity/AANO1-ARIN
• OrgTechHandle: ANO24-ARIN
• OrgTechName: Amazon EC2 Network Operations
• OrgTechPhone: +1-206-555-0000
• OrgTechEmail: amzn-noc-contact@amazon.com
• OrgTechRef: https://rdap.arin.net/registry/entity/ANO24-ARIN
• OrgRoutingHandle: ARMP-ARIN
• OrgRoutingName: AWS RPKI Management POC
• OrgRoutingPhone: +1-206-555-0000
• OrgRoutingEmail: aws-rpki-routing-poc@amazon.com
• OrgRoutingRef: https://rdap.arin.net/registry/entity/ARMP-ARIN
• OrgRoutingHandle: IPROU3-ARIN
• OrgRoutingName: IP Routing
• OrgRoutingPhone: +1-206-555-0000
• OrgRoutingEmail: aws-routing-poc@amazon.com
• OrgRoutingRef: https://rdap.arin.net/registry/entity/IPROU3-ARIN
• NetRange: 54.244.49.96 - 54.244.49.127
• CIDR: 54.244.49.96/27
• NetName: AWS-SAMSUNG
• NetHandle: NET-54-244-49-96-1
• Parent: AMAZO-ZPDX2 (NET-54-244-0-0-1)
• NetType: Reassigned
• OriginAS: AS16509
• Customer: Samsung (C05794250)
• RegDate: 2015-07-02
• Updated: 2015-07-02
• Comment: Abuse Contact:Evan Maxey, evan.maxey@partner.samsung.com, (480) 316-9263
• Ref: https://rdap.arin.net/registry/ip/54.244.49.96
• CustName: Samsung
• Address: 665 Clyde Avenue
• City: Mountain View
• StateProv: CA
• PostalCode: 94043
• Country: US
• RegDate: 2015-07-02
• Updated: 2015-07-02
• Ref: https://rdap.arin.net/registry/entity/C05794250
• OrgAbuseHandle: AEA8-ARIN
• OrgAbuseName: Amazon EC2 Abuse
• OrgAbusePhone: +1-206-555-0000
• OrgAbuseEmail: abuse@amazonaws.com
• OrgAbuseRef: https://rdap.arin.net/registry/entity/AEA8-ARIN
• OrgNOCHandle: AANO1-ARIN
• OrgNOCName: Amazon AWS Network Operations
• OrgNOCPhone: +1-206-555-0000
• OrgNOCEmail: amzn-noc-contact@amazon.com
• OrgNOCRef: https://rdap.arin.net/registry/entity/AANO1-ARIN
• OrgTechHandle: ANO24-ARIN
• OrgTechName: Amazon EC2 Network Operations
• OrgTechPhone: +1-206-555-0000
• OrgTechEmail: amzn-noc-contact@amazon.com
• OrgTechRef: https://rdap.arin.net/registry/entity/ANO24-ARIN
• OrgRoutingHandle: ARMP-ARIN
• OrgRoutingName: AWS RPKI Management POC
• OrgRoutingPhone: +1-206-555-0000
• OrgRoutingEmail: aws-rpki-routing-poc@amazon.com
• OrgRoutingRef: https://rdap.arin.net/registry/entity/ARMP-ARIN
• OrgRoutingHandle: IPROU3-ARIN
• OrgRoutingName: IP Routing
• OrgRoutingPhone: +1-206-555-0000
• OrgRoutingEmail: aws-routing-poc@amazon.com
• OrgRoutingRef: https://rdap.arin.net/registry/entity/IPROU3-ARIN