IP Intelligence Briefing: 15.135.220.65
*Generated via IPDebrief tools: Profile, History, Relationships, Neighbors*
---
**1. Core Profile**
- Risk Assessment:
- Overall Risk: Low (25/100)
- Provider Score: 0 (neutral) | Authority Score: 0 (neutral)
- Stability: Stable (no recent route changes)
- Threat Indicators: No malicious activity detected (no malware, phishing, or exploit campaigns).
- Ownership:
- ISP: Amazon.com, Inc. (AS16509)
- Geolocation: Sydney, NSW, Australia (latitude -33.87, longitude 151.21).
- Network Type: CloudCompute (AWS EC2 instance).
- Services:
- Open SSH port (22/tcp) with banner: `SSH-2.0-OpenSSH_7.4`.
- No TLS certificates or HTTP services detected.
---
**2. Observation History**
- Trend:
- No significant changes in risk signals over the last 30 days.
- Consistent geolocation and DNS resolution (ec2-15-135-220-65.ap-southeast-2.compute.amazonaws.com).
- RTT Anomaly: GeoValidation flags high latency (223ms) for a Sydney IP, suggesting potential misrouting or synthetic data.
---
**3. Network Relationships**
- Linked Entities:
- AWS Network: Subnet `15.135.128.0/17` (AS16509).
- DNS Hostname: `ec2-15-135-220-65.ap-southeast-2.compute.amazonaws.com`.
- No Malicious Associations: No connections to known C2 servers, botnets, or phishing domains.
---
**4. Subnet Analysis**
- Subnet: `15.135.220.65/24`
- Abuse Density: Low (1/256 IPs flagged).
- Neighbors:
- 15.135.220.122: Risk score 25 (same as target), no malicious indicators.
- No Active Threats: Subnet classified as "mostly_clean."
---
**5. Recommendations**
- SOC Actions:
- Monitor subnet for unexpected traffic patterns or new high-risk neighbors.
- Verify AWS instance security configurations (e.g., SSH access controls, IAM policies).
- Investigate geovalidation discrepancy (RTT anomaly) to rule out misrouting or spoofing.
- Firewall Rules:
- Allow SSH (port 22) only from trusted sources.
- Block all other ports unless explicitly required.
---
Conclusion:
This IP is a legitimate AWS CloudCompute instance with no current malicious indicators. While the geovalidation anomaly warrants further scrutiny, the low-risk profile and clean subnet suggest no immediate threat. Focus on ensuring AWS infrastructure compliance and monitoring subnet activity for emerging risks.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
๐ข Ownership & Registration
| Organization | Amazon.com, Inc. |
| ASN | AS16509 |
| Network Name | โ |
| CIDR Block | 15.135.128.0/17 |
| RIR | ARIN |
| Country | โ |
| Abuse Contact | Available via RDAP |
๐ DNS Intelligence
| PTR | ec2-15-135-220-65.ap-southeast-2.compute.amazonaws.com |
| Forward Confirmed | Yes โ FCrDNS verified |
| Forward Hostnames | ec2-15-135-220-65.ap-southeast-2.compute.amazonaws.com |
๐ DNS Hygiene
| Hygiene Score | 80% (Excellent) |
| SPF | Present |
| DMARC | Present |
| FCrDNS | Verified |
| DNSSEC | Valid |
| CAA | Not configured |
โ๏ธ Network Classification
| Infrastructure | Infrastructure / Datacenter |
| Service Purpose | Firewalled / No Services |
| Network Tier | Hosting โ Infrastructure provider without advanced routing |
๐ Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Closed Ports | 22, 25, 80, 443, 3389, 8080, 8443 (0 open / 7 scanned) | ||
| Server | โ |
| HTTP Title | โ |
๐ TLS Certificate
| SANs | None |
| Valid From | โ |
| Valid Until | โ |
๐ฏ Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 22% | 2 | 4 |
| routing | 17% | 2 | 3 |
| services | 15% | 2 | 2 |
| ownership | 24% | 3 | 4 |
| reputation | 24% | 1 | 3 |
| geolocation | 35% | 2 | 3 |
| Overall | 23% | 12 | 19 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (70%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
๐ Observation Timeline ๐ Live
| First Seen | 2026-05-08 23:18:07 UTC |
| Last Seen | 2026-06-27 14:17:10 UTC |
| Profile Built | 2026-06-28 08:23:07 UTC |
| Data Freshness | Live |
| Signal Types | 29 |
| Total Observations | 34 |
Full dossier details are available via our API.