18.145.41.64
## IP INTELLIGENCE BRIEFING: 18.145.41.64/32
Classification: LOW RISK - Legitimate Cloud Infrastructure
Risk Score: 25/100
Report Date: 2026-06-21
---
EXECUTIVE SUMMARY
IP address 18.145.41.64 is a firewalled Amazon Web Services (AWS) EC2 instance with low-risk characteristics. No active threat indicators detected. The address belongs to Amazon.com, Inc. (ASN 16509) network AMAZON-SFO and represents legitimate cloud infrastructure in the San Jose, CA region.
---
OWNERSHIP & INFRASTRUCTURE
| Attribute | Value |
|---|---|
| Organization | Amazon.com, Inc. |
| ASN | 16509 |
| CIDR Block | 18.145.0.0/16 |
| Network Name | AMAZON-SFO |
| Region | US - CA (San Jose) |
| Infrastructure Type | CloudCompute |
| DNS PTR | ec2-18-145-41-64.us-west-1.compute.amazonaws.com |
The IP is confirmed as AWS-hosted cloud infrastructure with valid reverse DNS resolution. Forward DNS confirms the hostname association to amazonaws.com domain with SPF and DMARC authentication records present.
---
THREAT ASSESSMENT
Overall Risk: LOW (Score: 25)
Threat Indicators:
- No known attacks or malicious campaigns
- Not a Tor exit node
- Not a known spam source
- Not flagged as an attacker
- Blacklist count: 0
Network Classification:
- Cloud provider infrastructure
- Firewalled with no open services detected
- No HTTP/TLS services exposed
- No banner information available
Control Plane:
- BGP Prefix: 18.144.0.0/15
- Route stability: Dynamic changes observed
- DNSSEC validation: Valid
- RPKI state: Not verified
---
OBSERVATION HISTORY
21 signals observed across the assessment period:
Recent Activity:
- 2026-06-21: ICMP validation attempted (blocked - unable to validate)
- 2026-06-16: Port scanning conducted (no open ports)
- 2026-06-16: Subnet analysis (classification: mostly_clean)
- 2026-06-16: Ownership tracking (no changes)
Temporal Analysis:
- Threat persistence: 0 days
- Threat observation count: 1
- Ownership changes: 0
- Not persistently malicious
---
NEIGHBORHOOD ANALYSIS
Subnet: 18.145.41.64/24
| Metric | Value |
|---|---|
| Abuse Density | 1 |
| Classification | mostly_clean |
| Inherited Risk | 2 |
| Active Siblings | 0 |
| Threat Siblings | 1 |
The /24 subnet shows minimal abuse activity with one threat sibling observed. The broader 18.145.0.0/16 network is classified as AWS cloud infrastructure.
---
RELATIONSHIP GRAPH
18 total relationships identified:
- Same Network: 15 relationships to AMAZON-SFO
- DNS Association: 3 relationships to ec2-18-145-41-64.us-west-1.compute.amazonaws.com
All relationships point to consistent AWS infrastructure with no external connections or suspicious associations.
---
RECOMMENDED ACTIONS
Current Risk Score: 25/100
Recommendation: No immediate blocking required. Standard monitoring advised.
Justification:
- Legitimate cloud provider infrastructure
- Low risk score with no active threat indicators
- No firewall rules generated due to low-risk classification
- Standard logging and monitoring recommended
---
INTELLIGENCE NOTES
This IP represents routine AWS EC2 infrastructure. The single threat observation is insufficient to classify as malicious. The infrastructure shows typical characteristics of cloud-hosted services with firewalled ports and proper DNS configuration. No correlation with known threat campaigns or attacker networks detected.
Confidence Level: HIGH
Last Updated: 2026-06-21
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
π’ Ownership & Registration
| Organization | Amazon.com, Inc. |
| ASN | AS16509 |
| Network Name | AMAZON-SFO |
| CIDR Block | 18.145.0.0/16 |
| RIR | ARIN |
| Country | United States |
| Abuse Contact | Available via RDAP |
π DNS Intelligence
| PTR | ec2-18-145-41-64.us-west-1.compute.amazonaws.com |
| Forward Confirmed | Yes β FCrDNS verified |
| Forward Hostnames | ec2-18-145-41-64.us-west-1.compute.amazonaws.com |
π DNS Hygiene
| Hygiene Score | 80% (Excellent) |
| SPF | Present |
| DMARC | Present |
| FCrDNS | Verified |
| DNSSEC | Valid |
| CAA | Not configured |
βοΈ Network Classification
| Infrastructure | Infrastructure / Datacenter |
| Service Purpose | Firewalled / No Services |
| Network Tier | Tier 3 β Basic operator with some routing infrastructure |
π Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Closed Ports | 22, 25, 80, 443, 3389, 8080, 8443 (0 open / 7 scanned) | ||
| Server | β |
| HTTP Title | β |
π TLS Certificate
| SANs | None |
| Valid From | β |
| Valid Until | β |
π― Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 32% | 2 | 3 |
| routing | 13% | 1 | 1 |
| services | 21% | 2 | 2 |
| ownership | 30% | 2 | 3 |
| reputation | 28% | 1 | 3 |
| geolocation | 35% | 2 | 3 |
| Overall | 26% | 10 | 15 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (70%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
π Observation Timeline π Live
| First Seen | 2026-06-03 18:31:03 UTC |
| Last Seen | 2026-06-21 10:42:12 UTC |
| Profile Built | 2026-06-21 10:51:54 UTC |
| Data Freshness | Live |
| Signal Types | 23 |
| Total Observations | 25 |
Full dossier details are available via our API.