# IP Intelligence Briefing: 18.183.129.171/32
## Executive Summary
IP 18.183.129.171 is a low-risk (25/100) Amazon Web Services EC2 instance located in Tokyo, Japan. The address shows no active malicious indicators, is not associated with known campaigns, and presents minimal threat to defensive networks. Recommended action: Monitor, no immediate blocking required.
## Network Profile
| Attribute | Value |
|---|---|
| **ASN** | 16509 (Amazon Data Services Japan) |
| **Organization** | Amazon Data Services Japan |
| **Location** | Tokyo, Japan (ap-northeast-1) |
| **Infrastructure** | Cloud Compute (AWS EC2) |
| **Network Block** | 18.183.0.0/16 |
| **Risk Score** | 25 (Low) |
## Technical Observations
- DNS Resolution: `ec2-18-183-129-171.ap-northeast-1.compute.amazonaws.com`
- Open Services: Port 8443/tcp (https-alt)
- Certificate Analysis: TLS certificate issued to "Gen Digital Inc." with subject `production-c6gn-4xlarge-aws-tokyo-jp-ult-a00c2f95.gen-vpn.com`. Certificate issuer: Sectigo Public Server Authentication CA OV R36. Note: Certificate subject organization differs from IP ownership (Amazon vs. Gen Digital Inc.), indicating potential shared infrastructure or certificate configuration.
- Email Authentication: SPF and DMARC records present on associated domains.
- DNSBL Status: Listed on 1 of 8 DNS blacklists.
## Threat Indicators
- Known Attacker: No
- Spam Source: No
- Tor Exit Node: No
- Campaign Association: None detected
- Threat Feeds: No active indicators
- Abuse Confidence Score: Not applicable
## Neighborhood Analysis
Subnet 18.183.129.0/24 classification: mostly_clean
- Abuse Density: 0
- High-Risk Neighbors: 0
- Medium-Risk Neighbors: 0
- Low-Risk Neighbors: 0
- No active sibling IPs identified in immediate /24 range.
## Historical Context
21 observations collected over monitoring period:
- Threat Persistence: 0 days (not persistently malicious)
- Ownership Changes: 0
- Recent Activity: Signals observed June 2026 showing consistent cloud infrastructure classification.
- Route Stability: Route changes detected within 30-day window.
## Relationship Graph
49 relationships identified:
- Primary associations: AMAZON-NRT network block
- DNS associations: EC2 hostname resolution
- No external organizational or certificate relationships beyond AWS infrastructure.
## Recommended Security Actions
Risk Level: LOW
Recommended Action: Monitor
The IP presents minimal threat:
- No firewall rules required
- No blocking recommended
- Certificate mismatch warrants periodic review but does not indicate compromise
- Continue standard monitoring for cloud infrastructure
---
*Intelligence generated via IPDebrief platform. All data points derived from active network observations and threat intelligence feeds.*
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
๐ข Ownership & Registration
| Organization | Amazon Data Services Japan |
| ASN | AS16509 |
| Network Name | โ |
| CIDR Block | โ |
| RIR | ARIN |
| Country | โ |
| Abuse Contact | Available via RDAP |
๐ DNS Intelligence
| PTR | ec2-18-183-129-171.ap-northeast-1.compute.amazonaws.com |
| Forward Confirmed | Yes โ FCrDNS verified |
| Forward Hostnames | ec2-18-183-129-171.ap-northeast-1.compute.amazonaws.com |
๐ DNS Hygiene
| Hygiene Score | 80% (Excellent) |
| SPF | 1/2 domains |
| DMARC | 1/2 domains |
| FCrDNS | Verified |
| DNSSEC | Valid |
| CAA | Not configured |
| Domains Checked | 2 domains |
โ๏ธ Network Classification
| Infrastructure | Infrastructure / Datacenter |
| Service Purpose | Single-Service Host |
| Network Tier | Hosting โ Infrastructure provider without advanced routing |
๐ Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| 8443 | https-alt | tcp | โ |
| Closed Ports | 22, 25, 80, 443, 3389, 8080 (1 open / 7 scanned) | ||
| Server | โ |
| HTTP Title | โ |
๐ TLS Certificate
| SANs | production-c6gn-4xlarge-aws-tokyo-jp-ult-a00c2f95.gen-vpn.com |
| Valid From | 2026-05-20T00:00:00+00:00 |
| Valid Until | 2026-12-04T23:59:59+00:00 |
| TLS Protocol | Tls13 |
| Cipher Suite | TLS_AES_128_GCM_SHA256 |
| Signature Algorithm | sha256RSA |
| Validity Period | 198 days |
| Serial Number | 7C4D1E206BC7019521B2558F85E10808 |
| Thumbprint | A610BEF03774B3BC0C591519E5C88CB0B8E83501 |
๐ฏ Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 29% | 2 | 4 |
| routing | 8% | 1 | 1 |
| services | 12% | 2 | 2 |
| ownership | 17% | 2 | 3 |
| reputation | 28% | 1 | 3 |
| geolocation | 25% | 2 | 2 |
| Overall | 20% | 10 | 15 |
| Data Coherence | Mixed Signals (68%) โ 2 contradiction(s) |
| Attribution | Moderate (55%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
โ TLS certificate claims US but primary geo says JP
๐ Observation Timeline ๐ Live
| First Seen | 2026-05-13 06:37:37 UTC |
| Last Seen | 2026-06-27 22:45:17 UTC |
| Profile Built | 2026-06-28 16:50:14 UTC |
| Data Freshness | Live |
| Signal Types | 22 |
| Total Observations | 26 |
Full dossier details are available via our API.