3.90.136.225
# Intelligence Briefing: IP 3.90.136.225/32
## Executive Summary
IP address 3.90.136.225/32 is identified as a low-risk infrastructure resource hosted on Amazon Web Services (AWS) in the Ashburn, VA data center. The IP demonstrates consistent cloud hosting characteristics with no malicious activity detected. No immediate defensive action is recommended based on current threat intelligence.
---
## Technical Profile
Risk Assessment:
- Risk Score: 25 (Low Risk)
- Provider Score: 0
- Authority Score: 0
- Stability Label: Basic
Ownership & Network Classification:
- ASN: 16509 (AMAZON-02)
- Organization: Amazon Data Services Northern Virginia
- Netname: AMAZON-IAD
- CIDR Block: 3.80.0.0/12
- Infrastructure Type: CloudCompute
- Network Role: Provider/Cloud Hosting
Geolocation:
- Country: United States (US)
- Region: Virginia (VA)
- City: Ashburn
- Coordinates: 39.04, -77.49
- Timezone: America/New_York
---
## Threat Indicators
Malicious Activity Status:
- Known Attacker: False
- Spam Source: False
- Tor Exit Node: False
- Blacklist Count: 0
- Threat Feeds: None
- Known Campaigns: None
Control Plane Analysis:
- DNSBL Listed: 1 of 8 total lists
- Route Stability: False
- BGP Prefix: 3.64.0.0/10
- RPKI State: Not assessed
- Operator Score: 0.2609 (Basic)
---
## DNS & Service Analysis
DNS Resolution:
- PTR Hostname: ec2-3-90-136-225.compute-1.amazonaws.com
- Forward Resolution: Confirmed
- Domain: amazonaws.com
- Forward Hostnames: 1 confirmed
Service Exposure:
- Open Ports: None detected
- TLS Certificates: None
- HTTP Services: None detected
- Server Banner: None
- Status: Firewalled / No Services
---
## Historical Analysis
Observation Timeline:
- Total Observations: 21 signals
- Most Recent: 2026-06-20T23:15:36
- Observation Types: ASN, network classification, operator scoring, geolocation
Signal Evolution:
- Consistent AWS infrastructure classification across all observations
- Geolocation signals consistently point to US (Ashburn, VA)
- No significant risk escalation or degradation patterns
- Ownership stable with no changes recorded
---
## Relationship Graph
Connected Entities:
- DNS Associations: 55 total relationships
- Hostname Associations: ec2-3-90-136-225.compute-1.amazonaws.com (repeated)
- Network Association: AMAZON-IAD
- External Relationships: None suspicious
Campaign Correlation:
- Likelihood: None
- Cert Matches: 0
- Correlated IPs: 0
---
## Neighborhood Analysis
Subnet: 3.90.136.225/24
- Abuse Density: 0 (Clean)
- Classification: Mostly Clean
- Inherited Risk: 2
- Active Siblings: 1
- Threat Siblings: 1
- Neighbor Count: 0
---
## Recommended Actions
Security Recommendations:
- Firewall Rules: None required (low-risk infrastructure)
- Monitoring Priority: Standard
- Threat Response: No action needed
Classification Flags:
- Is Cloud: True
- Is CDN: False
- Is VPN: False
- Is Proxy: False
- Is Hosting: True
- Is Mobile: False
- Is Residential: False
- Is Bogon: False
- Is Anycast: False
---
## Intelligence Narrative
IP 3.90.136.225/32 represents a standard AWS EC2 instance deployed in the Northern Virginia data center. The IP has been operating within expected cloud infrastructure parameters, with DNS resolution consistently mapping to the Amazon compute endpoint. No open services are exposed, indicating proper security hardening and firewall configuration typical of cloud workloads.
The historical signal trail demonstrates stability with no evidence of malicious transformation or compromise. The IP does not appear in any threat feeds, and the surrounding /24 subnet shows minimal abuse density. The single DNSBL listing is likely routine and not indicative of active malicious behavior.
SOC Analyst Guidance:
This IP requires standard cloud infrastructure monitoring. No blocking or investigation is warranted based on current threat intelligence. If this IP appears in alerting systems, verify context against expected AWS operational patterns before escalating.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
π’ Ownership & Registration
| Organization | Amazon Data Services Northern Virginia |
| ASN | AS14618 |
| Network Name | AMAZON-IAD |
| CIDR Block | 3.80.0.0/12 |
| RIR | ARIN |
| Country | United States |
| Abuse Contact | Available via RDAP |
π DNS Intelligence
| PTR | ec2-3-90-136-225.compute-1.amazonaws.com |
| Forward Confirmed | Yes β FCrDNS verified |
| Forward Hostnames | ec2-3-90-136-225.compute-1.amazonaws.com |
π DNS Hygiene
| Hygiene Score | 80% (Excellent) |
| SPF | Present |
| DMARC | Present |
| FCrDNS | Verified |
| DNSSEC | Valid |
| CAA | Not configured |
βοΈ Network Classification
| Infrastructure | Infrastructure / Datacenter |
| Service Purpose | Firewalled / No Services |
| Network Tier | Hosting β Infrastructure provider without advanced routing |
π Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Closed Ports | 22, 25, 80, 443, 3389, 8080, 8443 (0 open / 7 scanned) | ||
| Server | β |
| HTTP Title | β |
π TLS Certificate
| SANs | None |
| Valid From | β |
| Valid Until | β |
π― Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 27% | 2 | 4 |
| routing | 19% | 1 | 2 |
| services | 15% | 2 | 2 |
| ownership | 27% | 2 | 3 |
| reputation | 22% | 1 | 3 |
| geolocation | 27% | 2 | 3 |
| Overall | 23% | 10 | 17 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (70%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
π Observation Timeline π Live
| First Seen | 2026-05-25 06:42:10 UTC |
| Last Seen | 2026-06-29 01:17:53 UTC |
| Profile Built | 2026-06-29 01:41:31 UTC |
| Data Freshness | Live |
| Signal Types | 21 |
| Total Observations | 29 |
Full dossier details are available via our API.