IPDebrief

35.156.201.6

IP Intelligence Dossier
Your IP: 216.73.216.123
{ } JSON ๐Ÿ”ง Full Actions API
๐Ÿค– Witness AIThis summary was generated by AI and may contain inaccuracies. Verify critical details independently.

# IP Intelligence Briefing: 35.156.201.6/32

Classification: LOW RISK

Date of Analysis: 2026-06-20

Prepared For: SOC Operations

---

## Executive Summary

IP address 35.156.201.6 was analyzed and classified as low risk with a risk score of 0. The IP is identified as an Amazon Web Services (AWS) EC2 instance in Frankfurt, Germany, operating a public web server with standard e-commerce or business functionality. No malicious indicators, blacklists, or threat associations were detected.

---

## Ownership and Infrastructure

AttributeValue
**ASN**16509 (Amazon.com, Inc.)
**Organization**A100 ROW GmbH
**CIDR Block**35.156.0.0/14
**ISP/Provider**Amazon Web Services (AWS)
**Geolocation**Frankfurt, Hesse, DE (50.11°N, 8.68°E)
**Timezone**Europe/Berlin

The IP resolves to hostname `ec2-35-156-201-6.eu-central-1.compute.amazonaws.com` with reverse DNS confirmation. Forward resolution is consistent with AWS infrastructure patterns.

---

## Network Services and Configuration

Open Ports:

Web Server Configuration:

SSL/TLS Certificate:

DNS Security:

---

## Threat Assessment

IndicatorStatus
**Risk Score**0
**Abuse Confidence Score**Not applicable
**Blacklist Count**0
**Known Campaigns**None
**Tor Exit Node**No
**Known Attacker**No
**Spam Source**No
**DNSBL Lists**0/8
**Threat Persistence Days**0

No threat indicators, malware signatures, or attack campaign associations were identified in the threat feed analysis.

---

## Historical Observations

Twenty-three signal observations were recorded, with the most recent activity on 2026-06-20. Historical trends indicate:

No degradation in security posture or emergence of malicious behavior was observed over the observation window.

---

## Network Relationships

DNS Associations:

Network Relationships:

The IP maintains standard AWS EC2 naming conventions with no anomalous associations to third-party infrastructure.

---

## Neighborhood Analysis

Subnet: 35.156.201.6/24

The /24 subnet shows minimal abuse activity. The single threat sibling represents typical AWS infrastructure risk rather than coordinated malicious activity.

---

## Recommended Actions

Current Risk Level: Low

No immediate mitigation actions are recommended based on this analysis. The IP address operates within standard AWS cloud infrastructure parameters with proper security configurations (HSTS, CSP, DNSSEC, SPF, DMARC).

Suggested Monitoring:

---

## Conclusion

IP address 35.156.201.6 represents benign AWS infrastructure hosting a public web server with appropriate security configurations. No defensive actions are required at this time. Standard logging and monitoring practices apply.

This summary was generated by AI and may contain inaccuracies. Verify critical details independently.

๐ŸŒ Geolocation

Country๐Ÿ‡ฉ๐Ÿ‡ช Germany
RegionHE
CityFrankfurt
TimezoneEurope/Berlin
Latitude50.11
Longitude8.68

๐Ÿข Ownership & Registration

OrganizationA100 ROW GmbH
ASNAS16509
Network Nameโ€”
CIDR Block35.156.0.0/14
RIRARIN
Countryโ€”
Abuse ContactAvailable via RDAP

๐ŸŒ DNS Intelligence

PTRec2-35-156-201-6.eu-central-1.compute.amazonaws.com
Forward ConfirmedYes โ€” FCrDNS verified
Forward Hostnamesec2-35-156-201-6.eu-central-1.compute.amazonaws.com

๐Ÿ” DNS Hygiene

Hygiene Score80% (Excellent)
SPF2/2 domains
DMARC2/2 domains
FCrDNSVerified
DNSSECValid
CAANot configured
Domains Checked2 domains

โ˜๏ธ Network Classification

InfrastructureUnknown
Service PurposeWeb Server
Network TierUnknown โ€” Insufficient routing data to classify
No specific classification

๐Ÿ”Œ Services & Open Ports

PortServiceProtocolBanner
80httptcpโ€”
443httpstcpโ€”
22sshtcp
Closed Ports25, 3389, 8080, 8443 (3 open / 7 scanned)
Servernginx/1.25.5
HTTP Titleโ€”
SSH VersionSSH-2.0-OpenSSH_8.9p1 Ubuntu-3ubuntu0.15

๐Ÿ” TLS Certificate

๐Ÿ”’
CN=work.aigentifyable.com
Issued by CN=E8, O=Let's Encrypt, C=US
Self-signed: No
SANswork.aigentifyable.com
Valid From2026-05-01T02:02:32+00:00
Valid Until2026-07-30T02:02:31+00:00
TLS ProtocolTls13
Cipher SuiteTLS_AES_256_GCM_SHA384
Signature Algorithmsha384ECDSA
Validity Period89 days
Serial Number056AE18D4971C8644FC7E8C610B2D9622102
Thumbprint8C9D76032F1B0AFFC918154784BE81A1D1951203

๐ŸŽฏ Confidence Breakdown

Per-dimension confidence scores based on source diversity and data freshness

DimensionScoreSourcesObservations
threat
27%
24
routing
27%
23
services
30%
23
ownership
27%
34
reputation
26%
13
geolocation
39%
23
Overall29%1220
Coverage: 6/6 dimensions ยท Data sufficiency: sufficient
Data CoherenceConsistent (100%)
AttributionModerate (70%)
OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid

๐Ÿ“… Observation Timeline ๐Ÿ”„ Live

First Seen2026-05-19 15:38:50 UTC
Last Seen2026-06-28 09:18:25 UTC
Profile Built2026-06-29 03:22:57 UTC
Data FreshnessLive
Signal Types26
Total Observations31
๐Ÿ” 26 signal types ยท 31 observations collected
This report is generated from 26+ independent intelligence signals including ownership records, DNS analysis, BGP routing, TLS certificates, port scanning, threat feeds, behavioral fingerprinting, and more.
Full dossier details are available via our API.
{ } JSON API ๐Ÿ”ง Actions API ๐Ÿ“ง Enterprise Access

โ„น๏ธ About This Report

All data shown is publicly available network metadata โ€” IP addresses do not reliably identify individuals. Assessments are probabilistic and should not be used as sole basis for access control decisions. To report an issue or request data review, contact admin@ipdebrief.com.