3.91.148.177
Threat Intelligence Briefing: IP 3.91.148.177/32
Entity Overview
- IP Address: 3.91.148.177/32
- Geolocation: Ashburn, Virginia, US (AWS data center)
- Ownership: Amazon Data Services (AS14618)
- Network Role: AWS CloudCompute instance (firewalled, no public services)
- Risk Profile: Low Risk (riskScore: 25)
Key Findings
1. Legitimate Infrastructure:
- Associated with Amazon Web Services (AWS) infrastructure.
- No malicious indicators (no malware, spam, or known attacker activity).
- DNS records point to `ec2-3-91-148-177.compute-1.amazonaws.com`.
2. Network Stability
- BGP routes are stable (AS14618, AS16509, AS11537).
- DNSSEC validation is enabled, and DNSBL listings are minimal.
- No recent changes in ownership or threat signals.
3. Observation History
- Historical data shows consistent geolocation in Ashburn, VA.
- No spikes in threat activity or network anomalies.
4. Neighbor Analysis
- No neighboring IPs identified in the /24 subnet (likely a single-host subnet).
- Subnet abuse density is zero.
Recommendations
- No immediate action required for this IP, as it is a legitimate AWS EC2 instance.
- Monitor for unexpected changes in network behavior or new associated domains.
- Maintain standard security policies for AWS infrastructure.
Conclusion
This IP is a standard AWS cloud instance with no signs of malicious activity. SOC teams should focus on monitoring for deviations from baseline behavior rather than blocking this IP.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
π’ Ownership & Registration
| Organization | Amazon Data Services Northern Virginia |
| ASN | AS14618 |
| Network Name | β |
| CIDR Block | 3.80.0.0/12 |
| RIR | ARIN |
| Country | β |
| Abuse Contact | Available via RDAP |
π DNS Intelligence
| PTR | ec2-3-91-148-177.compute-1.amazonaws.com |
| Forward Confirmed | Yes β FCrDNS verified |
| Forward Hostnames | ec2-3-91-148-177.compute-1.amazonaws.com |
π DNS Hygiene
| Hygiene Score | 80% (Excellent) |
| SPF | Present |
| DMARC | Present |
| FCrDNS | Verified |
| DNSSEC | Valid |
| CAA | Not configured |
βοΈ Network Classification
| Infrastructure | Infrastructure / Datacenter |
| Service Purpose | Firewalled / No Services |
| Network Tier | Hosting β Infrastructure provider without advanced routing |
π Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Closed Ports | 22, 25, 80, 443, 3389, 8080, 8443 (0 open / 7 scanned) | ||
| Server | β |
| HTTP Title | β |
π TLS Certificate
| SANs | None |
| Valid From | β |
| Valid Until | β |
π― Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 22% | 2 | 4 |
| routing | 59% | 2 | 11 |
| services | 12% | 2 | 2 |
| ownership | 37% | 3 | 6 |
| reputation | 26% | 1 | 3 |
| geolocation | 25% | 2 | 2 |
| Overall | 30% | 12 | 28 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (70%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
π Observation Timeline π Live
| First Seen | 2026-05-17 03:08:39 UTC |
| Last Seen | 2026-06-28 04:28:41 UTC |
| Profile Built | 2026-06-28 22:32:59 UTC |
| Data Freshness | Live |
| Signal Types | 24 |
| Total Observations | 38 |
Full dossier details are available via our API.