15.134.16.77

{ } JSON 🔧 Full Actions API

🤖 Witness AIThis summary was generated by AI and may contain inaccuracies. Verify critical details independently.

# IP Intelligence Briefing: 15.134.16.77/32

## Executive Summary

IP address 15.134.16.77 is a low-risk AWS cloud infrastructure endpoint located in Sydney, Australia. Analysis indicates this is a legitimate web hosting instance with no active threat indicators. Risk score: 25/100.

---

## Technical Profile

Risk Score: 25 (Low Risk)
Provider: Amazon Web Services (ASN: 16509)
Organization: Amazon Corporate Services Pty Ltd
Geolocation: Sydney, NSW, Australia (AU)
Infrastructure Type: Cloud Compute (EC2 instance)
BGP Prefix: 15.134.0.0/16
Network Classification: Cloud/Web Server

---

## Service & DNS Configuration

Open Ports: TCP/80 (HTTP), TCP/443 (HTTPS)
Web Server: nginx/1.29.8
DNS Resolution: Forward confirmed to `ec2-15-134-16-77.ap-southeast-2.compute.amazonaws.com`
Reverse DNS: `ec2-15-134-16-77.ap-southeast-2.compute.amazonaws.com`
TLS Certificate: Let's Encrypt (issued for `sls.fivestarsnack.com`)
Security Headers: HSTS enabled, CSP enabled, HTTP/2 supported

---

## Threat Assessment

Threat Indicators: None detected
Blacklist Status: 0 blacklists (0 DNSBL listings)
Malicious Classifications: Not a Tor exit, not a known attacker, not a spam source
Persistence Status: Not persistently malicious
Campaign Correlation: None identified

---

## Historical Observations

Total Observations: 23 signals recorded
Most Recent: 2026-06-22
Signal Types: DNS records, geolocation, routing, reputation
Domain Associations: fivestarsnack.com, amazonaws.com
Email Authentication: SPF records present (DMARC status varies)

---

## Infrastructure Relationships

Total Relationships: 57 entities
Network Associations: Multiple links to AMAZON-SYD network
DNS Associations: Primary EC2 hostname mapping confirmed
Control Plane: Route stability flagged as false; RPKI/IRR data unavailable

---

## Neighborhood Analysis

Subnet: 15.134.16.0/24
Abuse Density: 0 (clean)
Subnet Classification: Mostly clean
Siblings: 1 active sibling IP
Threat Siblings: 1 detected in subnet

---

## Recommended Actions

Firewall Rules: None required (low risk profile)
Monitoring: Standard traffic monitoring appropriate
Blocking: Not recommended without additional corroborating evidence

---

## Intelligence Conclusion

This IP represents routine AWS cloud infrastructure hosting a web service. No malicious activity or threat indicators were detected. The endpoint demonstrates standard cloud service characteristics with proper DNS configuration and security headers. SOC analysts may monitor for anomalies but no immediate blocking or mitigation actions are warranted based on current data.

This summary was generated by AI and may contain inaccuracies. Verify critical details independently.

🌍 Geolocation

Country	🇦🇺 Australia
Region	NSW
City	Sydney
Timezone	Australia/Sydney
Latitude	-33.87
Longitude	151.21

🏢 Ownership & Registration

Organization	Amazon Corporate Services Pty Ltd
ASN	AS16509
Network Name	—
CIDR Block	—
RIR	ARIN
Country	—
Abuse Contact	Available via RDAP

🌐 DNS Intelligence

PTR	ec2-15-134-16-77.ap-southeast-2.compute.amazonaws.com
Forward Confirmed	Yes — FCrDNS verified
Forward Hostnames	`ec2-15-134-16-77.ap-southeast-2.compute.amazonaws.com`

🔐 DNS Hygiene

Hygiene Score	80% (Excellent)
SPF	2/2 domains
DMARC	1/2 domains
FCrDNS	Verified
DNSSEC	Valid
CAA	Not configured
Domains Checked	2 domains

☁️ Network Classification

Infrastructure	Infrastructure / Datacenter
Service Purpose	Web Server
Network Tier	Hosting — Infrastructure provider without advanced routing

CloudHosting

🔌 Services & Open Ports

Port	Service	Protocol	Banner
80	http	tcp	—
443	https	tcp	—
Closed Ports	22, 25, 3389, 8080, 8443 (2 open / 7 scanned)

Server	nginx/1.29.8
HTTP Title	—

🔐 TLS Certificate

🔒

CN=sls.fivestarsnack.com

Issued by CN=E8, O=Let's Encrypt, C=US

Self-signed: No

SANs	sls.fivestarsnack.com
Valid From	2026-04-08T10:42:20+00:00
Valid Until	2026-07-07T10:42:19+00:00
TLS Protocol	Tls13
Cipher Suite	TLS_AES_256_GCM_SHA384
Signature Algorithm	sha384ECDSA
Validity Period	89 days
Serial Number	056E7047CBCA5755386F321704439A5D6BE1
Thumbprint	E88CC1DE0A0F4DDFD3476C2F51F94EAEA79E326A

🎯 Confidence Breakdown

Per-dimension confidence scores based on source diversity and data freshness

Dimension	Score	Sources	Observations
threat	25%	2	4
routing	8%	1	1
services	26%	2	3
ownership	24%	2	3
reputation	26%	1	3
geolocation	35%	2	3
Overall	24%	10	17

Coverage: 6/6 dimensions · Data sufficiency: sufficient

Data Coherence	Consistent (100%)
Attribution	Moderate (70%)
	OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid

📅 Observation Timeline 🔄 Live

First Seen	2026-05-07 23:03:45 UTC
Last Seen	2026-06-26 23:55:56 UTC
Profile Built	2026-06-27 14:08:53 UTC
Data Freshness	Live
Signal Types	23
Total Observations	30

🔍 23 signal types · 30 observations collected

This report is generated from 23+ independent intelligence signals including ownership records, DNS analysis, BGP routing, TLS certificates, port scanning, threat feeds, behavioral fingerprinting, and more.
Full dossier details are available via our API.

{ } JSON API 🔧 Actions API 📧 Enterprise Access

ℹ️ About This Report

All data shown is publicly available network metadata — IP addresses do not reliably identify individuals. Assessments are probabilistic and should not be used as sole basis for access control decisions. To report an issue or request data review, contact admin@ipdebrief.com.

15.134.16.77📋 Copy