IOC Radar
IPMediumSignal 0/100

3.128.172.108

Location
United StatesUnited States
Dublin, Ohio
ASN
AS16509
AWS EC2 (us-east-2)
First Seen
Nov 11, 2025
Last Seen
May 12, 2026
Nov 11
First Seen
222d ago
May 12
Last Seen
40d ago
10
Reports
source reports
0%
Confidence
medium
Found in 10 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
0%
Signal Score
0 / 100
IDS Rule
No
Threat Context
Tags

Network Information

CountryUSUnited States
RegionDublin, Ohio
ASNAS16509
OrganizationAWS EC2 (us-east-2)

Feed Intelligence Summary

10 reports0% confidence
10
Source reports
0%
Confidence score
Category tags
indicatornetworkresearched

Activity Timeline

1 total obs
May 12May 12

Threat Activity Heatmap

· Peak: 2026-05-12
Less
More
Mon
Wed
Fri
Jun
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
·
·
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
1
Minimal
Intelligence SummaryAI Generated

This IP address (3.128.172.108) is currently marked as whitelisted across multiple prominent threat intelligence feeds, indicating a low-risk assessment. With a score of 0.0 and an explicit "Yes" for its whitelist status, this Indicator of Compromise (IOC) does not currently pose a direct or immediate threat to organizational security. Its inclusion in various feeds, followed by subsequent whitelisting, suggests that while it may have been flagged for suspicion in the past, it is now deemed beni…

Threat ScoreLow Risk
0
SIGNAL
Signal Score
0%
Confidence
10
Reports
First seenNov 11, 2025
Last seenMay 12, 2026
GeolocationUS
CountryUnited States
LocationDublin, Ohio
ASNAS16509
OrgAWS EC2 (us-east-2)
Coords40.0992, -83.1141

VirusTotal

Not checked

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 7 months ago · Last seen 1 month ago
Appeared in 10 threat reports