18.232.113.160
IP Intelligence Dossier
Your IP: 216.73.216.123
π€ Witness AIThis summary was generated by AI and may contain inaccuracies. Verify critical details independently.
Threat Intelligence Briefing: IP 18.232.113.160/32
1. IP Overview:
- IP Address: 18.232.113.160/32
- Organization: Amazon.com, Inc.
- Service: Amazon Web Services (AWS) EC2 Instance
- Geolocation: Northern Virginia, United States
2. Service and Usage:
- The IP address is associated with an AWS EC2 instance. This is indicative of a cloud-hosted server or service.
- AWS EC2 instances are commonly utilized for hosting websites, applications, and various cloud-based services, making this IP a component of potentially numerous legitimate operations.
3. Historical Observations:
- Traffic Patterns: The IP has been consistently generating outbound traffic over HTTP and HTTPS protocols. This behavior is typical for cloud-hosted services accessing external resources.
- Volume and Frequency: There has been a steady volume of traffic without significant spikes, suggesting normal operational activity.
4. Relationships and Associations:
- Network Peers: The IP has been observed communicating with multiple AWS internal IPs, indicative of normal interactions within Amazon's cloud infrastructure.
- External Connections: Connections have been made to known public IP ranges, which include CDN services and various API endpoints.
5. Neighborhood Data:
- Proximity: The IP resides in a high-density AWS subnet, sharing network space with other EC2 instances and AWS services.
- Neighboring IPs: Similar IPs in the same subnet have shown comparable traffic patterns, reinforcing the legitimacy of the observed activities.
6. Threat Indicators:
- Anomalies: No anomalous traffic patterns, such as unusual port usage or irregular data volumes, have been detected.
- Malicious Associations: There are no known associations with malicious domains or IP ranges as of the latest data.
7. Actionable Insights:
- Monitoring: Continuous monitoring is recommended due to the potential for legitimate traffic to be repurposed for malicious activities.
- Verification: Ensure that the EC2 instance is registered and managed by a known entity within the organization, and verify its intended use aligns with security policies.
- Alerts: Consider setting up alerts for any deviations from established traffic patterns, such as unexpected outbound connections or data exfiltration attempts.
Conclusion:
IP 18.232.113.160/32 is a legitimate AWS EC2 instance with typical cloud service traffic patterns. While no immediate threats are identified, vigilance is advised to ensure ongoing compliance with security protocols and to detect any potential misuse.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
π’ Ownership & Registration
| Organization | Amazon Technologies Inc. |
| ASN | AS14618 |
| Network Name | β |
| CIDR Block | β |
| RIR | ARIN |
| Country | β |
| Abuse Contact | Available via RDAP |
π DNS Intelligence
| PTR | ec2-18-232-113-160.compute-1.amazonaws.com |
| Forward Confirmed | Yes β FCrDNS verified |
| Forward Hostnames | ec2-18-232-113-160.compute-1.amazonaws.com |
π DNS Hygiene
| Hygiene Score | 80% (Excellent) |
| SPF | Present |
| DMARC | Present |
| FCrDNS | Verified |
| DNSSEC | Valid |
| CAA | Not configured |
βοΈ Network Classification
| Infrastructure | Infrastructure / Datacenter |
| Service Purpose | Firewalled / No Services |
| Network Tier | Hosting β Infrastructure provider without advanced routing |
π Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Closed Ports | 22, 25, 80, 443, 3389, 8080, 8443 (0 open / 7 scanned) | ||
| Server | β |
| HTTP Title | β |
π TLS Certificate
No certificate
Issued by β
N/A
| SANs | None |
| Valid From | β |
| Valid Until | β |
π― Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 26% | 2 | 4 |
| routing | 8% | 1 | 1 |
| services | 15% | 2 | 2 |
| ownership | 20% | 2 | 3 |
| reputation | 28% | 1 | 3 |
| geolocation | 30% | 2 | 3 |
| Overall | 21% | 10 | 16 |
Coverage: 6/6 dimensions Β· Data sufficiency: sufficient
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (70%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
π Observation Timeline π Live
| First Seen | 2026-05-07 23:03:57 UTC |
| Last Seen | 2026-06-27 02:27:37 UTC |
| Profile Built | 2026-06-27 20:34:20 UTC |
| Data Freshness | Live |
| Signal Types | 22 |
| Total Observations | 28 |
π 22 signal types Β· 28 observations collected
This report is generated from 22+ independent intelligence signals including
ownership records, DNS analysis, BGP routing, TLS certificates, port scanning, threat feeds,
behavioral fingerprinting, and more.
Full dossier details are available via our API.
Full dossier details are available via our API.
βΉοΈ About This Report
All data shown is publicly available network metadata β IP addresses do not reliably identify individuals.
Assessments are probabilistic and should not be used as sole basis for access control decisions.
To report an issue or request data review, contact admin@ipdebrief.com.