52.213.238.120

{ } JSON 🔧 Full Actions API

🤖 Witness AIThis summary was generated by AI and may contain inaccuracies. Verify critical details independently.

INTELLIGENCE BRIEFING: IP 52.213.238.120

---

Executive Summary

IP address 52.213.238.120 is classified as Low Risk with an overall risk score of 25. The address is associated with Amazon Web Services (AWS) infrastructure in Dublin, Ireland, operating as a cloud computing endpoint. Current threat indicators are minimal, with no active malicious services detected.

---

Ownership & Infrastructure

Attribute	Value
ASN	16509
Organization	Amazon Data Services Ireland Limited
Network	AMAZON-DUB
RIR	ARIN
Cloud Provider	Amazon Web Services (AWS)
Infrastructure Type	Cloud Compute
Region	eu-west-1 (Dublin)

The IP resolves to `ec2-52-213-238-120.eu-west-1.compute.amazonaws.com`, confirming AWS EC2 infrastructure deployment.

---

Geolocation

Country: Ireland (IE)
City: Dublin
Coordinates: 53.35°N, -6.26°W
Timezone: Europe/Dublin
Geo Accuracy: High (validated)

---

Threat Indicators

Risk Score: 25 (Low Risk)
Abuse Confidence: None
Blacklist Status: Listed on 1 of 8 DNSBL sources (high severity classification)
Tor/Proxy/VPN: No
Known Campaign: None identified
Threat Persistence: Not persistently malicious

Historical observations (21 signals) indicate the IP was flagged on blacklists with 1 active listing as of 2026-06-20. Operator score remains minimal at 0.1304.

---

Network Services

Open Ports: None detected
HTTP Services: Not observed
TLS Certificates: None
Service Banner: Not observed
DNSSEC: Validated (enabled)
Email Auth: SPF and DMARC records present

---

Subnet Analysis (52.213.238.0/24)

Classification: Mostly Clean
Abuse Density: 0 (no abuse observed)
Risk Distribution: No high or medium risk neighbors
Threat Siblings: 1 identified
Active Siblings: 1

---

Relationship Graph

Total of 43 relationships identified, primarily:

DNS Associations: AWS compute hostname mappings
Network Relationships: Same network (AMAZON-DUB) references
No Malicious Correlations: No external threat actor associations detected

---

Recommended Security Actions

Firewall Rules: No specific blocking required
Monitoring: Standard traffic logging recommended
Threat Response: Low priority – legitimate cloud infrastructure

---

Analysis Notes

This IP represents standard AWS cloud infrastructure with minimal threat posture. While listed on select blacklists, the listing appears to be a false positive or legacy entry given the cloud provider nature and lack of active malicious services. No immediate action required for defensive operations.

Classification: LEGITIMATE CLOUD INFRASTRUCTURE

Action Priority: LOW

Review Period: Quarterly

This summary was generated by AI and may contain inaccuracies. Verify critical details independently.

🌍 Geolocation

Country	🇮🇪 Ireland
Region	D
City	Dublin
Timezone	Europe/Dublin
Latitude	53.35
Longitude	-6.26

🏢 Ownership & Registration

Organization	Amazon Data Services Ireland Limited
ASN	AS16509
Network Name	—
CIDR Block	—
RIR	ARIN
Country	—
Abuse Contact	Available via RDAP

🌐 DNS Intelligence

PTR	ec2-52-213-238-120.eu-west-1.compute.amazonaws.com
Forward Confirmed	Yes — FCrDNS verified
Forward Hostnames	`ec2-52-213-238-120.eu-west-1.compute.amazonaws.com`

🔐 DNS Hygiene

Hygiene Score	80% (Excellent)
SPF	Present
DMARC	Present
FCrDNS	Verified
DNSSEC	Valid
CAA	Not configured

☁️ Network Classification

Infrastructure	Infrastructure / Datacenter
Service Purpose	Firewalled / No Services
Network Tier	Hosting — Infrastructure provider without advanced routing

CloudHosting

🔌 Services & Open Ports

Port	Service	Protocol	Banner
No open ports detected
Closed Ports	22, 25, 80, 443, 3389, 8080, 8443 (0 open / 7 scanned)

Server	—
HTTP Title	—

🔐 TLS Certificate

🔒

No certificate

Issued by —

N/A

SANs	None
Valid From	—
Valid Until	—

🎯 Confidence Breakdown

Per-dimension confidence scores based on source diversity and data freshness

Dimension	Score	Sources	Observations
threat	25%	2	4
routing	8%	1	1
services	12%	2	2
ownership	24%	2	3
reputation	26%	1	3
geolocation	34%	2	3
Overall	21%	10	16

Coverage: 6/6 dimensions · Data sufficiency: sufficient

Data Coherence	Consistent (100%)
Attribution	Moderate (70%)
	OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid

📅 Observation Timeline 🔄 Live

First Seen	2026-05-24 06:34:13 UTC
Last Seen	2026-06-28 23:52:39 UTC
Profile Built	2026-06-29 05:55:13 UTC
Data Freshness	Live
Signal Types	22
Total Observations	23

🔍 22 signal types · 23 observations collected

This report is generated from 22+ independent intelligence signals including ownership records, DNS analysis, BGP routing, TLS certificates, port scanning, threat feeds, behavioral fingerprinting, and more.
Full dossier details are available via our API.

{ } JSON API 🔧 Actions API 📧 Enterprise Access

ℹ️ About This Report

All data shown is publicly available network metadata — IP addresses do not reliably identify individuals. Assessments are probabilistic and should not be used as sole basis for access control decisions. To report an issue or request data review, contact admin@ipdebrief.com.

52.213.238.120📋 Copy

**Executive Summary**

**Ownership & Infrastructure**

**Geolocation**

**Threat Indicators**

**Network Services**

**Subnet Analysis (52.213.238.0/24)**

**Relationship Graph**

**Recommended Security Actions**

**Analysis Notes**