I hard-coded my Samsung Android Smartphone’s Wifi address, 192.168.0.101/16 into my dhcpd configuration file.
This morning I saw with my Network Monitor a connection to server-54-240-184-99.ams50.r.cloudfront.net, which stands for
Network Communications
The following file have been seen to comunicate with this IP address in live environments.
TCP port 80Samsung Link Tray Agent.exe (Samsung Link Tray Agent by Copyright 2013 SAMSUNG)
Re: http://www.shouldiblockit.com/samsung-link-tray-agent.exe-55105.aspx
Re: http://samsung-link.software.informer.com/
Host Network
The ARIN network assigned organization for IP address 54.240.184.99.
Org name:Amazon Technologies Inc.
ARIN WHOIS:Amazon Technologies Inc. AMAZON-2011L (NET-54-240-0-0-1) 54.240.0.0 - 54.255.255.255
A100 US LLC AMAZO-CF1 (NET-54-240-128-0-1) 54.240.128.0 - 54.240.191.255
Generated by cloudfront (CloudFront)
Request ID: N2sXXgiOuCq6qs-ZPMGKYsewI1DjqKTlOVQ18oZcirIE7uCXrsCS_A==
Netcraft risk status 7 red out of 10: http://toolbar.netcraft.com/site_report?url=http://54.240.184.99
and: http://toolbar.netcraft.com/site_report?url=https://server-54-240-184-99.ams50.r.cloudfront.net
7 red out of 10 risk status Netcraft report.
DNS generates - bad domain: Unknown TLD for ‘server-54-240-184-99.ams50.r.cloudfront.net’.

Malware Script Detector flags an alert for BeEF attack. Disable javascript.

What is this? Index has www.wapforum.org/DTD/xhtml-mobile10.dtd flagged by Bitdefender’s TrafficLight as a PHISHing attempt! Mojo-check bot - downloads XHTML Mobile Profile, xhtml-mobile10.dtd.
10 Tests Passed Successfully!Hide Details on http://mobilefriendlytest.website/index.php
for -https://server-54-240-184-99.ams50.r.cloudfront.net

1. Optimize images
   Your images are optimized. Learn more about optimizing images.
2. Eliminate render-blocking JavaScript and CSS in above-the-fold content
   You have no render-blocking resources. Learn more about removing render-blocking resources.
3. Prioritize visible content
   You have the above-the-fold content properly prioritized. Learn more about prioritizing visible content.
4. Minify JavaScript
   Your JavaScript content is minified. Learn more about minifying JavaScript.
5. Minify HTML
   Your HTML is minified. Learn more about minifying HTML.
6. Enable compression
   You have compression enabled. Learn more about enabling compression.
7. Leverage browser caching
   You have enabled browser caching. Learn more about browser caching recommendations.
8. Reduce server response time
   Your server responded quickly. Learn more about server response time optimization.
9. Minify CSS
   Your CSS is minified. Learn more about minifying CSS.
10. Avoid landing page redirects
    Your page has no redirects. Learn more about avoiding landing page redirects.

polonus

Thats funky. But i cannot reproduce this cause i own no Android device at all.
But which firm nowadays doesnt collect any data?

And i will most likely not get an Android Device, either Apple or Microsoft.

By the way: Samsung is having selling issues in China cause everyone seems to head to Apple over there
Windows Mobile could be good as well but you never know about the Apps, if the devs will move them over to Windows Mobile

Hi Steven Winderlich,

Funky info, at least HackTeam cannot profit from this anymore. ;D
Also read: https://www.threatcrowd.org/ip.php?ip=54.240.184.99
IP badness history: https://www.virustotal.com/nl/ip-address/54.240.184.99/information/
Avast detected Win32:VBCrypt-CYX [Trj] abuse at amazon.com…
See: https://www.threatcrowd.org/domain.php?domain=server-54-240-184-99.ams50.r.cloudfront.net
HTTP transactions: POST / HTTP/1.1
Host: sd.symcd.com *
Netherlands
AS39369 Availo Networks AB 23.46.123.27
HTTP/1.0 200 OK
Content-Type: application/ocsp-response
GET / HTTP/1.1
Host: server-54-240-184-99.ams50.r.cloudfront.net
The Mime type application/ocsp-response refers to the presence of information pertaining to OCSP – Online Certificate Status Protocol. This protocol helps online applications to determine validity of an certificate which may be used for authentication and security over the Internet. Details of the protocol with its complete technical specification is defined under RFC2459 by Internet Society.

• see: https://www.virustotal.com/nl/domain/sd.symcd.com/information/
  See: https://www.herdprotect.com/ip-address-23.46.123.27.aspx
  downloading woc3kreY.part
  Read an earlier report from me here: https://forum.avast.com/index.php?topic=170995.0

polonus (volunteer website security analyst and website error-hunter)

Everyone is just spying on you anymore…

Thats some nice info you found there