54.192.192.205

server-54-192-192-205.iad53.r.cloudfront.net

IP Address Information

The IP Address resolves to the DNS record of server-54-192-192-205.iad53.r.cloudfront.net. Currently there are 47 domain names that utilize this address. This IP is part of Amazon's Cloudfront Content Delivery Network which distributes content for a number of domains.
Scanner detections:
Detections  (82% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.ITNTSRL.d, PUP.ITNTSRL.AA, PUP.ITNTSRL.v, PUP.Installer.ITNTSRL.AA, PUP.Installer.ZuluSoftSRL.N, PUP.Installer.ZuluSoftSRL.S, PUP.Installer.ZuluSoftSRL.AA, PUP.Installer.ITNTSRL.M, PUP.Downloader.Bundler.Soft32.Installer (M), PUP.Downloader.Bundler.Soft32 (M)
88.37%

ESET NOD32
Win32/DownWare, MSIL/Soft32Downloader (variant), Win32/Soft32Downloader (variant)
48.84%

Malwarebytes
PUP.Optional.Soft32.A, PUP.Optional.AdBundle, PUP.Soft32Downloader, PUP.AdBundle
48.84%

Dr.Web
Adware.Downware.971, Adware.Downware.2152, Worm.Siggen.9820, Adware.Downware.412
48.84%

VIPRE Antivirus
Soft32Downloader
48.84%

NANO AntiVirus
Riskware.Nsis.Downloader.cvxhzw, Riskware.Html.SoftDownload.cvvset, Riskware.Win32.Downloader.cvxhzw
46.51%

Fortinet FortiGate
Riskware/Sim, W32/DownWare.L, Adware/Softdownmgr, Riskware/Soft32Downloader
16.28%

Trend Micro House Call
TROJ_GE.E88690F3, TROJ_GEN.F47V1101, PAK_Generic.001, TROJ_GEN.F47V1124, TROJ_GEN.R0CBB01L513, TROJ_GEN.F47V0608
13.95%

Rising Antivirus
PE:PUF.SmartInstaller!1.9D9A, PE:PUF.Soft32Downloader!1.9C52
13.95%

McAfee
Artemis!E427138529B5, Artemis!FC3728F50C7B, Downloader-FMA, Trojan.Artemis!748E9F78CD3A
11.63%

The following domains resolved to the IP address 54.192.192.205.

File URLs download from 54.192.192.205.

1 / 68      (Adware)

1 / 68      (Adware)

0 / 68
http://sta.sh/.../217kr6gsfjtq  (dark_seifuku.zip)

0 / 68

1 / 68      (Adware)

1 / 68      (Adware)

3 / 68      (inconclusive)

10 / 68    (PUP)

 
Latest 30 of 2,080 download URLs

The geographical location of this IP address.

Country:
United States (US)

Region:
Virginia

City:
Dulles

Coordinates:
38.9517, -77.4481

ARIN WHOIS:

#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/whois_tou.html
#
# If you see inaccuracies in the results, please report at
# https://www.arin.net/public/whoisinaccuracy/index.xhtml
#


#
# The following results may also be obtained via:
# https://whois.arin.net/rest/nets;q=54.192.192.205?showDetails=true&showARIN=false&showNonArinTopLevelNet=false&ext=netref2
#

Amazon Technologies Inc. AMAZON-2011L (NET-54-192-0-0-1) 54.192.0.0 - 54.207.255.255
Amazon.com, Inc. AMAZO-CF2 (NET-54-192-0-0-2) 54.192.0.0 - 54.192.255.255



#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/whois_tou.html
#
# If you see inaccuracies in the results, please report at
# https://www.arin.net/public/whoisinaccuracy/index.xhtml
#


Autonomous System Assignment
ASNumber:
16509

ASName:
AMAZON-02 - Amazon.com, Inc., US

ASHandle:
AS16509

Remove Malware from 54.192.192.205 - Powered by Reason Core Security