3.218.72.97

{ } JSON 🔧 Full Actions API

🤖 Witness AIThis summary was generated by AI and may contain inaccuracies. Verify critical details independently.

# IP INTELLIGENCE BRIEFING

Target: 3.218.72.97/32

Classification: Amazon Web Services Cloud Infrastructure

Risk Level: LOW (Score: 25/100)

Date: 2026-06-27

---

## EXECUTIVE SUMMARY

IP address 3.218.72.97 is identified as a low-risk Amazon Web Services (AWS) cloud computing instance located in Ashburn, Virginia (US-VA). The IP is registered to ASN 14618 (AMAZON-AES) and resolves to the hostname ec2-3-218-72-97.compute-1.amazonaws.com. No active threat indicators, open ports, or malicious activity have been observed. The IP is part of a mostly clean subnet with minimal inherited risk.

---

## OWNERSHIP & GEOLOCATION

Attribute	Value
Organization	Amazon Data Services Northern Virginia
ASN	14618 (AMAZON-AES)
Country	United States (US)
Region/City	Ashburn, Virginia
Coordinates	39.04, -77.49
Network Block	3.208.0.0/12 (Amazon)
CIDR Classification	CloudCompute / Hosting

Note: Geolocation validation shows RTT discrepancy (25ms vs. minimum possible 126.2ms for Ashburn, VA distance). This may indicate routing anomalies or measurement artifacts.

---

## THREAT ASSESSMENT

Current Risk Score: 25/100 (LOW)

Indicator	Status	Details
Blacklist Count	Clean	0 lists
Threat Feeds	None	No known campaigns
Is Tor Exit	No	Confirmed
Is Known Attacker	No	Confirmed
Is Spam Source	No	Confirmed
DNSBL Listed	1/8	Minor listing present
Open Ports	None	No services detected
TLS Cert	None	Not serving HTTPS

Threat Indicators: None detected

Known Campaigns: None associated

Campaign Likelihood: Not applicable

---

## OBSERVATION HISTORY

Historical observations (2026-06-14 to 2026-06-27) show consistent geolocation and ownership signals:

Geolocation: Consistently resolved to Ashburn, VA with 0.28 confidence (multi-signal inference)
ASN Resolution: High-confidence (0.85) ASN 14618 attribution on 2026-06-19
Operator Score: 0.2609 (Basic classification)
Ownership Stability: No changes observed
Threat Persistence: 0 days (no persistent malicious activity)

---

## NEIGHBORHOOD ANALYSIS

Subnet: 3.218.72.97/24

Metric	Value
Abuse Density	0 (Low)
Classification	Mostly Clean
Inherited Risk	2/100
Total Siblings	1
Active Siblings	0
Threat Siblings	1

The subnet shows minimal abuse density with one threat sibling identified. The target IP itself remains isolated from active malicious activity.

---

## NETWORK RELATIONSHIPS

Total Relationships: 61

Key associations include:

DNS: ec2-3-218-72-97.compute-1.amazonaws.com
Network: AMAZON-IAD (AWS Northern Virginia Region)
Infrastructure: AWS Cloud Compute hosting environment

No malicious or suspicious entity relationships detected.

---

## RECOMMENDED ACTIONS

Firewall/Security Actions: No immediate blocking recommended.

Monitoring Guidance:

Continue standard monitoring for cloud infrastructure traffic
No blocking rules required at this time
Monitor for any changes in risk score or threat indicators
Review DNSBL listing (1 of 8 lists) if context warrants further investigation

---

## INTELLIGENCE CONCLUSION

IP 3.218.72.97 represents normal AWS cloud infrastructure with no active threat indicators. The low risk score (25), clean blacklist status, and absence of open services indicate benign hosting behavior. No immediate defensive action is required. The IP should be treated as low-priority infrastructure in threat intelligence context.

Classification: LOW RISK – Infrastructure Monitoring Only

This summary was generated by AI and may contain inaccuracies. Verify critical details independently.

🌍 Geolocation

Country	🇺🇸 United States
Region	VA
City	Ashburn
Timezone	America/New_York
Latitude	39.04
Longitude	-77.49

🏢 Ownership & Registration

Organization	Amazon Data Services Northern Virginia
ASN	AS14618
Network Name	—
CIDR Block	—
RIR	ARIN
Country	—
Abuse Contact	Available via RDAP

🌐 DNS Intelligence

PTR	ec2-3-218-72-97.compute-1.amazonaws.com
Forward Confirmed	Yes — FCrDNS verified
Forward Hostnames	`ec2-3-218-72-97.compute-1.amazonaws.com`

🔐 DNS Hygiene

Hygiene Score	80% (Excellent)
SPF	Present
DMARC	Present
FCrDNS	Verified
DNSSEC	Valid
CAA	Not configured

☁️ Network Classification

Infrastructure	Infrastructure / Datacenter
Service Purpose	Firewalled / No Services
Network Tier	Hosting — Infrastructure provider without advanced routing

CloudHosting

🔌 Services & Open Ports

Port	Service	Protocol	Banner
No open ports detected

Server	—
HTTP Title	—

🔐 TLS Certificate

🔒

No certificate

Issued by —

N/A

SANs	None
Valid From	—
Valid Until	—

🎯 Confidence Breakdown

Per-dimension confidence scores based on source diversity and data freshness

Dimension	Score	Sources	Observations
threat	24%	2	3
routing	13%	1	1
services	8%	1	1
ownership	24%	2	3
reputation	26%	1	3
geolocation	39%	2	3
Overall	22%	9	14

Coverage: 6/6 dimensions · Data sufficiency: sufficient

Data Coherence	Consistent (100%)
Attribution	Moderate (70%)
	OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid

📅 Observation Timeline 🔄 Live

First Seen	2026-05-13 19:05:04 UTC
Last Seen	2026-06-27 23:48:07 UTC
Profile Built	2026-06-28 17:53:14 UTC
Data Freshness	Live
Signal Types	20
Total Observations	23

🔍 20 signal types · 23 observations collected

This report is generated from 20+ independent intelligence signals including ownership records, DNS analysis, BGP routing, TLS certificates, port scanning, threat feeds, behavioral fingerprinting, and more.
Full dossier details are available via our API.

{ } JSON API 🔧 Actions API 📧 Enterprise Access

ℹ️ About This Report

All data shown is publicly available network metadata — IP addresses do not reliably identify individuals. Assessments are probabilistic and should not be used as sole basis for access control decisions. To report an issue or request data review, contact admin@ipdebrief.com.

3.218.72.97📋 Copy