IPDebrief

18.203.84.147

IP Intelligence Dossier
Your IP: 216.73.216.123
{ } JSON ๐Ÿ”ง Full Actions API
๐Ÿค– Witness AIThis summary was generated by AI and may contain inaccuracies. Verify critical details independently.

# INTELLIGENCE BRIEFING: 18.203.84.147

Classification: AWS Cloud Compute Infrastructure | Date: June 2026 | Risk Level: LOW

---

## EXECUTIVE SUMMARY

IP address 18.203.84.147 is a cloud infrastructure endpoint belonging to Amazon Web Services (AWS) Ireland datacenter (eu-west-1). The IP exhibits a low-risk profile with no active threat indicators, zero blacklist entries, and minimal neighborhood abuse density. The asset is classified as a single-service host (cloud compute) with legitimate DNS and TLS infrastructure.

---

## ASSET IDENTIFICATION

AttributeValue
**IP Address**18.203.84.147
**Network**18.202.0.0/15 (AMAZON-DUB)
**ASN**16509 (Amazon Data Services Ireland Limited)
**Location**Dublin, Ireland (53.35°N, -6.26°W)
**Infrastructure Type**CloudCompute (AWS EC2)
**ISP/Provider**Amazon Web Services
**RIR**ARIN

---

## NETWORK CLASSIFICATION

The IP is classified as CloudCompute infrastructure with the following characteristics:

Control Plane Indicators:

---

## THREAT ASSESSMENT

Risk Score: 0/100 | Reputation: Low Risk

Threat Indicators:

Campaign Correlation: None detected. No certificate matches, banner matches, or correlated IPs identified.

---

## INFRASTRUCTURE DETAILS

DNS Resolution:

Active Services:

TLS Certificate:

Email Authentication:

---

## OBSERVATION HISTORY (24 Signals)

Recent observations confirm stable cloud infrastructure characteristics:

1. Geolocation: Consistent Dublin, IE placement via multi-signal inference (confidence: 0.56)

2. Network Classification: AWS cloud infrastructure identified (confidence: 0.90)

3. Operator Assessment: Basic classification (raw score: 0.3)

4. Blacklist Status: No listings detected across 8 threat feeds

5. DNS: gen-vpn.com domain observed with standard email authentication

Temporal Analysis:

---

## NETWORK NEIGHBORHOOD (18.203.84.0/24)

The /24 subnet shows minimal abuse activity with one active sibling IP and no high-risk neighbors.

---

## RELATIONSHIP MAPPING

34 relationships identified, primarily:

No suspicious external entity associations detected.

---

## RECOMMENDATIONS

For SOC Analysts:

1. No Action Required: This IP represents legitimate AWS cloud infrastructure with no threat indicators.

2. Allow Traffic: Standard egress/ingress rules for AWS EC2 instances apply.

3. Monitor TLS Certificates: Certificate subject indicates Gen Digital Inc. usage (cloud service provider).

4. Baseline Behavior: Establish normal traffic patterns for this AWS EC2 endpoint.

Firewall Rules: No blocking recommended. Standard cloud provider IP allowlisting applies.

---

Analysis Notes: This IP is part of AWS's Dublin datacenter infrastructure. The TLS certificate subject (Gen Digital Inc.) indicates this host may be utilized by a cloud service provider or hosting partner. The clean threat profile and standard AWS network classification support continued monitoring without intervention.

---

*Generated via IPDebrief Intelligence Platform*

This summary was generated by AI and may contain inaccuracies. Verify critical details independently.

๐ŸŒ Geolocation

Country๐Ÿ‡ฎ๐Ÿ‡ช Ireland
RegionD
CityDublin
TimezoneEurope/Dublin
Latitude53.35
Longitude-6.26

๐Ÿข Ownership & Registration

OrganizationAmazon Data Services Ireland Limited
ASNAS16509
Network NameAMAZON-DUB
CIDR Block18.202.0.0/15
RIRARIN
CountryIreland
Abuse ContactAvailable via RDAP

๐ŸŒ DNS Intelligence

PTRec2-18-203-84-147.eu-west-1.compute.amazonaws.com
Forward ConfirmedYes โ€” FCrDNS verified
Forward Hostnamesec2-18-203-84-147.eu-west-1.compute.amazonaws.com

๐Ÿ” DNS Hygiene

Hygiene Score80% (Excellent)
SPF1/2 domains
DMARC1/2 domains
FCrDNSVerified
DNSSECValid
CAANot configured
Domains Checked2 domains

โ˜๏ธ Network Classification

InfrastructureInfrastructure / Datacenter
Service PurposeSingle-Service Host
Network TierTier 3 โ€” Basic operator with some routing infrastructure
CloudHosting

๐Ÿ”Œ Services & Open Ports

PortServiceProtocolBanner
8443https-alttcpโ€”
Closed Ports22, 25, 80, 443, 3389, 8080 (1 open / 7 scanned)
Serverโ€”
HTTP Titleโ€”

๐Ÿ” TLS Certificate

๐Ÿ”’
CN=production-c7gn-large-aws-ie-dub-83454fb0.gen-vpn.com, O=Gen Digital Inc., S=Arizona, C=US
Issued by CN=Sectigo Public Server Authentication CA OV R36, O=Sectigo Limited, C=GB
Self-signed: No
SANsproduction-c7gn-large-aws-ie-dub-83454fb0.gen-vpn.com
Valid From2026-05-20T00:00:00+00:00
Valid Until2026-12-04T23:59:59+00:00
TLS ProtocolTls13
Cipher SuiteTLS_AES_128_GCM_SHA256
Signature Algorithmsha256RSA
Validity Period198 days
Serial Number1B1901872990F15F0C963B2DACF780E8
Thumbprint8C4590D13C029FAFEB4C3701E862C67949CBBE4E

๐ŸŽฏ Confidence Breakdown

Per-dimension confidence scores based on source diversity and data freshness

DimensionScoreSourcesObservations
threat
27%
24
routing
13%
11
services
19%
22
ownership
27%
23
reputation
22%
13
geolocation
31%
23
Overall23%1016
Coverage: 6/6 dimensions ยท Data sufficiency: sufficient
Data CoherenceMixed Signals (68%) โ€” 2 contradiction(s)
AttributionModerate (55%)
OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid
โš  Geo sources disagree on country: IE, US
โš  TLS certificate claims US but primary geo says IE

๐Ÿ“… Observation Timeline ๐Ÿ”„ Live

First Seen2026-05-28 23:51:09 UTC
Last Seen2026-06-29 05:57:45 UTC
Profile Built2026-06-29 05:59:48 UTC
Data FreshnessLive
Signal Types25
Total Observations26
๐Ÿ” 25 signal types ยท 26 observations collected
This report is generated from 25+ independent intelligence signals including ownership records, DNS analysis, BGP routing, TLS certificates, port scanning, threat feeds, behavioral fingerprinting, and more.
Full dossier details are available via our API.
{ } JSON API ๐Ÿ”ง Actions API ๐Ÿ“ง Enterprise Access

โ„น๏ธ About This Report

All data shown is publicly available network metadata โ€” IP addresses do not reliably identify individuals. Assessments are probabilistic and should not be used as sole basis for access control decisions. To report an issue or request data review, contact admin@ipdebrief.com.