54.192.192.123

server-54-192-192-123.iad53.r.cloudfront.net

IP Address Information

The IP Address resolves to the DNS record of server-54-192-192-123.iad53.r.cloudfront.net. Currently there are 97 domain names that utilize this address. This IP is part of Amazon's Cloudfront Content Delivery Network which distributes content for a number of domains.
Scanner detections:
Detections  (94% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.OpenCandy.Installer (L), PUP.Installer.ZuluSoftSRL.EE, PUP.Installer.ZuluSoftSRL.P, PUP.Installer.ITNTSRL.EE, PUP.Downloader.Bundler.Soft32.Installer, PUP.Downloader.Bundler.Soft32.Installer (M), PUP.Downloader.Bundler.Soft32 (M)
95.74%

Dr.Web
Adware.Downware.2152, Threat.Undefined, Adware.Downware.971, Trojan.Damaged.1, Adware.OpenCandy.137, Adware.Downware.10466
40.43%

VIPRE Antivirus
Soft32Downloader, Threat.4783370, Trojan.Win32.Generic
40.43%

Malwarebytes
PUP.Optional.Soft32.A, PUP.Optional.AdBundle, PUP.Soft32Downloader, PUP.AdBundle, PUP.Optional.OpenCandy
38.30%

NANO AntiVirus
Riskware.Nsis.Downloader.cvxhzw, Riskware.Win32.Downloader.cvxhzw, Riskware.Html.SoftDownload.cvvset, Trojan.Win32.CheatEngine.ddqnic
38.30%

ESET NOD32
Win32/OpenCandy, MSIL/Soft32Downloader (variant), Win32/Soft32Downloader (variant)
23.40%

ESET NOD32
MSIL/Soft32Downloader.C potentially unwanted application, Win32/Soft32Downloader.C potentially unwanted application, Win32/Soft32Downloader.D potentially unwanted application
21.28%

Comodo Security
Application.Win32.Agent.S, Application.Win32.Soft32Downloader.S, UnclassifiedMalware
17.02%

F-Prot
W32/Soft32Download.A.gen, W32/Soft32Download.C.gen
14.89%

Agnitum Outpost
PUA.Soft32Downloader
14.89%

The following domains resolved to the IP address 54.192.192.123.

Latest 50 of 97 domains

File URLs download from 54.192.192.123.

1 / 68      (Adware)

1 / 68      (Adware)

1 / 68      (Adware)

1 / 68      (Adware)

1 / 68      (Adware)

1 / 68      (Adware)

1 / 68      (Adware)

3 / 68      (PUP)

 
Latest 30 of 1,399 download URLs

The following 3 files have been seen to comunicate with this IP address in live environments.

The geographical location of this IP address.

Country:
United States (US)

Region:
Virginia

City:
Dulles

Coordinates:
38.9517, -77.4481

ARIN WHOIS:

#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/whois_tou.html
#
# If you see inaccuracies in the results, please report at
# https://www.arin.net/public/whoisinaccuracy/index.xhtml
#


#
# The following results may also be obtained via:
# https://whois.arin.net/rest/nets;q=54.192.192.123?showDetails=true&showARIN=false&showNonArinTopLevelNet=false&ext=netref2
#

Amazon Technologies Inc. AMAZON-2011L (NET-54-192-0-0-1) 54.192.0.0 - 54.207.255.255
Amazon.com, Inc. AMAZO-CF2 (NET-54-192-0-0-2) 54.192.0.0 - 54.192.255.255



#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/whois_tou.html
#
# If you see inaccuracies in the results, please report at
# https://www.arin.net/public/whoisinaccuracy/index.xhtml
#


Autonomous System Assignment
ASNumber:
16509

ASName:
AMAZON-02 - Amazon.com, Inc., US

ASHandle:
AS16509

Remove Malware from 54.192.192.123 - Powered by Reason Core Security