13.51.161.184
# IP INTELLIGENCE BRIEFING: 13.51.161.184
Classification: Low Risk / Cloud Infrastructure
Date: Current Analysis
Analyst: IPDebrief Intelligence Team
---
## Executive Summary
IP 13.51.161.184 is identified as a standard Amazon Web Services (AWS) EC2 instance deployed in the Stockholm (eu-north-1) region. The address presents no threat indicators and demonstrates consistent benign behavior across all observation periods. No immediate defensive actions are warranted.
---
## Risk Assessment
| Metric | Value |
|---|---|
| **Overall Risk Score** | 25 (Low Risk) |
| **Provider Score** | 0 |
| **Authority Score** | 0 |
| **Stability Score** | 0 |
| **Abuse Confidence** | Not Applicable |
| **Blacklist Count** | 0 |
---
## Ownership & Infrastructure
- ASN: 16509 (Amazon.com, Inc.)
- Organization: Amazon Data Services Sweden
- Network Classification: CloudCompute / Hosting
- CIDR Block: 13.51.0.0/16
- BGP Prefix: 13.51.0.0/16
- Infrastructure Type: CloudCompute
- Service Purpose: Firewalled / No Services
---
## Geolocation
- Country: Sweden (SE)
- Region: AB (Stockholm)
- City: Stockholm
- Coordinates: 59.33°N, 18.07°E
- Geo Source Count: 1 (Consensus: True)
---
## Threat Indicators
| Indicator | Status |
|---|---|
| Is Tor Exit Node | False |
| Is Known Attacker | False |
| Is Spam Source | False |
| Open Ports | None |
| DNSBL Listed | 1 of 8 lists |
| Threat Persistence Days | 0 |
| Is Persistently Malicious | False |
Threat Feed Analysis: No matches in any monitored threat feeds or known campaigns.
---
## DNS & Network Identity
- PTR Hostname: ec2-13-51-161-184.eu-north-1.compute.amazonaws.com
- Forward Resolution: Confirmed (1 hostname)
- Domain: amazonaws.com
- Email Auth: SPF enabled, DMARC enabled
---
## Observation History (21 Observations)
The IP has demonstrated consistent behavior with no escalation in threat signals:
- Recent Geolocation: Stockholm, AB, SE (Confidence: 56%)
- Operator Classification: Basic (Score: 0.2609)
- ASN Resolution: AMAZON-02, US (Confidence: 85%)
- Infrastructure Type: Cloud/Hosting (Confidence: 90%)
- Ownership Changes: 0
- Threat Observation Count: 1 (non-malicious classification)
Assessment: Signals indicate stable, long-term cloud infrastructure usage with no degradation in reputation.
---
## Network Relationships
- Total Relationships: 67
- DNS Associations: EC2 hostname (eu-north-1.compute.amazonaws.com)
- Network Affiliations: AMAZON-ARN
- Related Entities: Standard AWS infrastructure mappings
---
## Subnet Neighborhood (13.51.161.0.0/24)
| Metric | Value |
|---|---|
| **Abuse Density** | 0 |
| **Classification** | Mostly Clean |
| **High-Risk Siblings** | 0 |
| **Medium-Risk Siblings** | 0 |
| **Low-Risk Siblings** | 0 |
---
## Recommended Actions
No defensive actions required.
The IP address is identified as legitimate cloud infrastructure with a low-risk profile. Standard monitoring is sufficient. No firewall rules, WAF policies, or blocking recommendations are generated based on current risk assessment.
---
## Intelligence Conclusion
IP 13.51.161.184 represents standard AWS EC2 infrastructure in Stockholm with no malicious indicators. The address should be treated as benign cloud infrastructure. SOC analysts may ignore this IP for threat hunting purposes unless new threat intelligence indicates otherwise.
Status: Monitor / Low Priority
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
π’ Ownership & Registration
| Organization | Amazon Data Services Sweden |
| ASN | AS16509 |
| Network Name | β |
| CIDR Block | β |
| RIR | ARIN |
| Country | β |
| Abuse Contact | Available via RDAP |
π DNS Intelligence
| PTR | ec2-13-51-161-184.eu-north-1.compute.amazonaws.com |
| Forward Confirmed | Yes β FCrDNS verified |
| Forward Hostnames | ec2-13-51-161-184.eu-north-1.compute.amazonaws.com |
π DNS Hygiene
| Hygiene Score | 80% (Excellent) |
| SPF | Present |
| DMARC | Present |
| FCrDNS | Verified |
| DNSSEC | Valid |
| CAA | Not configured |
βοΈ Network Classification
| Infrastructure | Infrastructure / Datacenter |
| Service Purpose | Firewalled / No Services |
| Network Tier | Hosting β Infrastructure provider without advanced routing |
π Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Closed Ports | 22, 25, 80, 443, 3389, 8080, 8443 (0 open / 7 scanned) | ||
| Server | β |
| HTTP Title | β |
π TLS Certificate
| SANs | None |
| Valid From | β |
| Valid Until | β |
π― Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 27% | 2 | 4 |
| routing | 52% | 1 | 17 |
| services | 15% | 2 | 2 |
| ownership | 24% | 2 | 3 |
| reputation | 26% | 1 | 3 |
| geolocation | 33% | 2 | 3 |
| Overall | 30% | 10 | 32 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (70%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
π Observation Timeline π Live
| First Seen | 2026-05-23 06:20:53 UTC |
| Last Seen | 2026-06-28 20:24:10 UTC |
| Profile Built | 2026-06-29 08:28:18 UTC |
| Data Freshness | Live |
| Signal Types | 22 |
| Total Observations | 41 |
Full dossier details are available via our API.