54.216.185.183
Threat Intelligence Briefing: IP 54.216.185.183/32
Overview
- Risk Profile: Low risk (25/100). No threat indicators, abuse confidence, or malicious campaign associations.
- Network: Part of Amazon.com, Inc. (AS16509) under the "AMAZO-ZDUB3" subnet.
- Geolocation: Located in Dublin, Ireland (53.35°N, -6.26°W).
- Infrastructure: AWS CloudCompute instance (EC2) with no residential, mobile, or proxy associations.
Key Findings
1. No Malicious Activity:
- No DNS, TLS, or service anomalies detected.
- Zero blacklist entries, spam, or Tor exit node associations.
- Threat observation history shows consistent benign activity since June 2026.
2. Cloud Context:
- Directly tied to AWS infrastructure (ec2-54-216-185-183.eu-west-1.compute.amazonaws.com).
- Subnet (54.216.0.0/15) has a "mostly_clean" abuse density with no active malicious siblings.
3. Network Stability:
- No ownership changes or persistent malicious behavior observed.
- BGP route stability confirmed, with no recent route fluctuations.
Recommendations
- Monitoring: Track AWS-associated IPs for unusual traffic patterns, as cloud environments can host both legitimate and malicious activity.
- Firewall: Allow traffic unless specific anomalous behavior is detected.
- Validation: Cross-reference with AWS security tools (e.g., CloudTrail) for additional context.
Conclusion
This IP is a legitimate AWS CloudCompute instance with no current indicators of compromise. Its low risk profile and stable network context suggest it is not a direct threat, though ongoing monitoring is advised for cloud-based assets.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
๐ข Ownership & Registration
| Organization | Amazon.com, Inc. |
| ASN | AS16509 |
| Network Name | AMAZO-ZDUB3 |
| CIDR Block | 54.216.0.0/15 |
| RIR | ARIN |
| Country | United States |
| Abuse Contact | Available via RDAP |
๐ DNS Intelligence
| PTR | ec2-54-216-185-183.eu-west-1.compute.amazonaws.com |
| Forward Confirmed | Yes โ FCrDNS verified |
| Forward Hostnames | ec2-54-216-185-183.eu-west-1.compute.amazonaws.com |
๐ DNS Hygiene
| Hygiene Score | 80% (Excellent) |
| SPF | Present |
| DMARC | Present |
| FCrDNS | Verified |
| DNSSEC | Valid |
| CAA | Not configured |
โ๏ธ Network Classification
| Infrastructure | Infrastructure / Datacenter |
| Service Purpose | Firewalled / No Services |
| Network Tier | Tier 3 โ Basic operator with some routing infrastructure |
๐ Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Closed Ports | 22, 25, 80, 443, 3389, 8080, 8443 (0 open / 7 scanned) | ||
| Server | โ |
| HTTP Title | โ |
๐ TLS Certificate
| SANs | None |
| Valid From | โ |
| Valid Until | โ |
๐ฏ Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 27% | 2 | 4 |
| routing | 27% | 2 | 3 |
| services | 19% | 2 | 2 |
| ownership | 30% | 3 | 4 |
| reputation | 22% | 1 | 3 |
| geolocation | 27% | 2 | 3 |
| Overall | 25% | 12 | 19 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (70%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
๐ Observation Timeline ๐ Live
| First Seen | 2026-05-28 12:25:57 UTC |
| Last Seen | 2026-06-29 05:33:14 UTC |
| Profile Built | 2026-06-29 05:51:51 UTC |
| Data Freshness | Live |
| Signal Types | 27 |
| Total Observations | 32 |
Full dossier details are available via our API.