IPMediumSignal 0/100
52.204.132.161
Location
United StatesAshburn, Virginia
ASN
AS14618
AWS EC2 (us-east-1)
First Seen
Jul 27, 2025
Last Seen
Jun 8, 2026
Found in 5 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
0%
Signal Score
0 / 100
IDS Rule
No
Threat Context
Tags
Network Information
CountryUnited States
United StatesRegionAshburn, Virginia
ASNAS14618
OrganizationAWS EC2 (us-east-1)
Feed Intelligence Summary
5 reports0% confidence
5
Source reports
0%
Confidence score
Category tags
indicatornetworkresearched
Activity Timeline
Jun 8Jun 8
Threat Activity Heatmap
· Peak: 2026-06-08LessMore
Mon
Wed
Fri
24h
0
Dormant
7d
0
Dormant
30d
1
Minimal
3mo
1
Minimal
Intelligence SummaryAI Generated
This Indicator of Compromise (IOC) pertains to the IPv4 address 52.204.132.161, which has been explicitly identified as whitelisted across multiple threat intelligence feeds. With a minimal score of 0.0, this IP address is currently assessed as benign and poses no immediate threat to organizational assets. Its inclusion in threat intelligence feeds appears to be primarily due to its repeated review and subsequent whitelisting by services like AbuseIPDB and Brute Force Attackers. This indicates t…
Threat ScoreLow Risk
0
SIGNAL
Signal Score
0%
Confidence
5
Reports
First seenJul 27, 2025
Last seenJun 8, 2026
GeolocationUS
CountryUnited States
LocationAshburn, Virginia
ASNAS14618
OrgAWS EC2 (us-east-1)
Coords39.0481, -77.4728
VirusTotal
Not checked
WHOIS
- description
- Observed on T-Pot within last 24h; sensors=p0f; threshold?1; private IPs excluded. geo=US; ports=443 Location=Sydney, Australia.
- raw
- NetRange: 52.192.0.0 - 52.223.191.255 CIDR: 52.216.0.0/14, 52.223.128.0/18, 52.222.0.0/16, 52.223.0.0/17, 52.220.0.0/15, 52.192.0.0/12, 52.208.0.0/13 NetName: AT-88-Z NetHandle: NET-52-192-0-0-1 Parent: NET52 (NET-52-0-0-0-0) NetType: Direct Allocation OriginAS: Organization: Amazon Technologies Inc. (AT-88-Z) RegDate: 2015-09-02 Updated: 2020-09-24 Ref: https://rdap.arin.net/registry/ip/52.192.0.0 OrgName: Amazon Technologies Inc. OrgId: AT-88-Z Address: 410 Terry Ave N. City: Seattle StateProv: WA PostalCode: 98109 Country: US RegDate: 2011-12-08 Updated: 2024-01-24 Comment: All abuse reports MUST include: Comment: * src IP Comment: * dest IP (your IP) Comment: * dest port Comment: * Accurate date/timestamp and timezone of activity Comment: * Intensity/frequency (short log extracts) Comment: * Your contact details (phone and email) Without these we will be unable to identify the correct owner of the IP address at that point in time. Ref: https://rdap.arin.net/registry/entity/AT-88-Z OrgNOCHandle: AANO1-ARIN OrgNOCName: Amazon AWS Network Operations OrgNOCPhone: +1-206-555-0000 OrgNOCEmail: [email protected] OrgNOCRef: https://rdap.arin.net/registry/entity/AANO1-ARIN OrgRoutingHandle: ARMP-ARIN OrgRoutingName: AWS RPKI Management POC OrgRoutingPhone: +1-206-555-0000 OrgRoutingEmail: [email protected] OrgRoutingRef: https://rdap.arin.net/registry/entity/ARMP-ARIN OrgAbuseHandle: AEA8-ARIN OrgAbuseName: Amazon EC2 Abuse OrgAbusePhone: +1-206-555-0000 OrgAbuseEmail: [email protected] OrgAbuseRef: https://rdap.arin.net/registry/entity/AEA8-ARIN OrgTechHandle: ANO24-ARIN OrgTechName: Amazon EC2 Network Operations OrgTechPhone: +1-206-555-0000 OrgTechEmail: [email protected] OrgTechRef: https://rdap.arin.net/registry/entity/ANO24-ARIN OrgRoutingHandle: IPROU3-ARIN OrgRoutingName: IP Routing OrgRoutingPhone: +1-206-555-0000 OrgRoutingEmail: [email protected] OrgRoutingRef: https://rdap.arin.net/registry/entity/IPROU3-ARIN
Export & API
STIX 2.1 Bundle
CSV Export
Permalink
IOC Journey
mediumFirst detected 10 months ago · Last seen 10 days ago
Appeared in 5 threat reports