Threat Intelligence Briefing for IP Address 98.80.4.107/32
Summary:
The IP address 98.80.4.107/32 is registered to Amazon Data Services Northern Virginia (ASN 14618) and geolocated to Ashburn, VA, US. It is part of a subnet (98.80.4.107/24) with mixed risk, where 2 out of 11 sibling IPs exhibit medium risk. The IP itself has a low risk profile (riskScore: 0) and no direct threat indicators (e.g., no malware, spam, or malicious campaigns).
Key Findings:
1. Network Context:
- Provider: Amazon Web Services (AWS), suggesting infrastructure or cloud services.
- Subnet Risk: Abuse density of 0.4 (moderate), with 2 medium-risk neighbors (e.g., 98.80.4.123).
- DNS Association: Linked to `scanner-98-80-4-107.reposify.net`, a hostname with no immediate malicious indicators.
2. Historical Observations:
- Traceroute Anomalies: ICMP blocked, preventing geographic validation. This could indicate network security measures (e.g., firewall rules) or misconfigured routing.
- No Persistent Threats: Zero threat observations over 30 days; no malware, spam, or attacker campaigns detected.
3. Relationships:
- Same Network: Associated with AWS network `AMAZON-IAD`.
- DNS: Hosts `scanner-98-80-4-107.reposify.net`, which may be a legitimate scanning tool or automated service.
Recommendations:
- Monitor Subnet: Track medium-risk neighbors (e.g., 98.80.4.123) for unusual activity.
- Validate DNS: Investigate `scanner-98-80-4-107.reposify.net` to confirm legitimacy.
- Network Security: Consider allowing ICMP traffic for geographic validation if the IP is part of a secure internal network.
Conclusion:
The IP is associated with a legitimate AWS infrastructure but resides in a subnet with mixed risk. While no direct threats are detected, the subnetβs moderate abuse density warrants closer monitoring. No immediate action is required, but ongoing observation is advised.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
π’ Ownership & Registration
| Organization | Amazon Data Services Northern Virginia |
| ASN | AS14618 |
| Network Name | AMAZON-IAD |
| CIDR Block | 98.80.0.0/13 |
| RIR | ARIN |
| Country | United States |
| Abuse Contact | Available via RDAP |
π DNS Intelligence
| PTR | scanner-98-80-4-107.reposify.net |
| Forward Confirmed | Yes β FCrDNS verified |
| Forward Hostnames | scanner-98-80-4-107.reposify.net |
π DNS Hygiene
| Hygiene Score | 60% (Good) |
| SPF | Present |
| DMARC | Not configured |
| FCrDNS | Verified |
| DNSSEC | Valid |
| CAA | Not configured |
βοΈ Network Classification
| Infrastructure | Infrastructure / Datacenter |
| Service Purpose | Firewalled / No Services |
| Network Tier | Tier 3 β Basic operator with some routing infrastructure |
π Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Closed Ports | 22, 25, 80, 443, 3389, 8080, 8443 (0 open / 7 scanned) | ||
| Server | β |
| HTTP Title | β |
π TLS Certificate
| SANs | None |
| Valid From | β |
| Valid Until | β |
π― Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 27% | 2 | 3 |
| routing | 25% | 1 | 1 |
| services | 19% | 2 | 2 |
| ownership | 27% | 2 | 3 |
| reputation | 13% | 1 | 2 |
| geolocation | 24% | 2 | 3 |
| Overall | 22% | 10 | 14 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (70%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
π Observation Timeline π Live
| First Seen | 2026-05-30 00:21:05 UTC |
| Last Seen | 2026-06-29 07:08:48 UTC |
| Profile Built | 2026-06-29 07:13:32 UTC |
| Data Freshness | Live |
| Signal Types | 22 |
| Total Observations | 23 |
Full dossier details are available via our API.