54.230.103.196

server-54-230-103-196.iad2.r.cloudfront.net

IP Address Information

The IP Address resolves to the DNS record of server-54-230-103-196.iad2.r.cloudfront.net. Currently there are 3 domain names that utilize this address. This IP is part of Amazon's Cloudfront Content Delivery Network which distributes content for a number of domains.
Scanner detections:
Detections  (92% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Installer.Clickrunsoftware.W, PUP.VOPackage.Meta (M), Threat.Win.Reputation.IMP, Threat.Adware.ConvertAd.Meta (H), PUP.Win.Reputation
80.43%

Emsisoft Anti-Malware
Trojan.GenericKD.2803666, Gen:Variant.Adware.Graftor.252774, Gen:Variant.Adware.Graftor.186244, Gen:Variant.Jaik.9868, Gen:Variant.Adware.Graftor.253784, Gen:Variant.Adware.Graftor.184269, Gen:Variant.Graftor.251594
23.91%

ESET NOD32
Win32/Adware.ConvertAd.ACS application, Win32/Adware.ConvertAd.ADI application, Win32/Adware.ConvertAd.PU application, Win32/Adware.ConvertAd.AEZ application
21.74%

Norman
Gen:Variant.Jaik.9868, Gen:Variant.Adware.Graftor.253784, Gen:Variant.Adware.Graftor.186244, Gen:Variant.Adware.Graftor.184269
17.39%

avast!
Win32:InstallCore-FC [PUP], Win32:Adware-gen [Adw], Win32:Malware-gen
15.22%

McAfee Web Gateway
Artemis!B58CBB39CB98, BehavesLike.Win32.Worm.ch, BehavesLike.Win32.Packed.ch, BehavesLike.Win32.PWSZbot.ch, BehavesLike.Win32.VTFlooder.qm
15.22%

MicroWorld eScan
Trojan.GenericKD.2803666, Gen:Variant.Adware.Graftor.252774, Gen:Variant.Adware.Graftor.186244, Gen:Variant.Adware.Graftor.253784, Gen:Variant.Graftor.264897
15.22%

Bitdefender
Trojan.GenericKD.2803666, Gen:Variant.Adware.Graftor.252774, Gen:Variant.Adware.Graftor.186244, Gen:Variant.Adware.Graftor.253784
15.22%

Arcabit
Trojan.Generic.D2AC7D2, Trojan.Adware.Graftor.D3DB66, Trojan.Adware.Graftor.D2D784, Trojan.Adware.Graftor.D3DF58, Trojan.Graftor.D40AC1
15.22%

G Data
Trojan.GenericKD.2803666, Gen:Variant.Adware.Graftor.252774, Gen:Variant.Adware.Graftor.186244, Gen:Variant.Adware.Graftor.253784
15.22%

The following domains resolved to the IP address 54.230.103.196.

File URLs download from 54.230.103.196.

1 / 68      (PUP)
http://d3b98uxelh2q3f.cloudfront.net/runasu.exe  (c9e9841ec4cf50a67b509d3748ee4728)

21 / 68    (Adware)
http://download.pdflite.com/setup-pdflite-ic-0.7-aw.exe  (b58cbb39cb98698ba284e3593f9d8ea3)

0 / 68
http://download.pdflite.com/setup-pdflite-ic-0.6.1.exe  (01e83aab6fff22c0408c0ad410f25508)

The geographical location of this IP address.

Country:
United States (US)

Region:
Washington

City:
Seattle

Coordinates:
47.6062, -122.332

ARIN WHOIS:

#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/whois_tou.html
#
# If you see inaccuracies in the results, please report at
# http://www.arin.net/public/whoisinaccuracy/index.xhtml
#


#
# The following results may also be obtained via:
# http://whois.arin.net/rest/nets;q=54.230.103.196?showDetails=true&showARIN=false&showNonArinTopLevelNet=false&ext=netref2
#

Amazon Technologies Inc. AMAZON-2011L (NET-54-224-0-0-1) 54.224.0.0 - 54.239.255.255
Amazon.com, Inc. AMAZO-ZL4 (NET-54-230-0-0-1) 54.230.0.0 - 54.231.255.255



#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/whois_tou.html
#
# If you see inaccuracies in the results, please report at
# http://www.arin.net/public/whoisinaccuracy/index.xhtml
#


Autonomous System Assignment
ASNumber:
16509

ASName:
AMAZON-02 - Amazon.com, Inc.,US

ASHandle:
AS16509

Remove Malware from 54.230.103.196 - Powered by Reason Core Security