This uses the AWS IP Ranges JSON file to determine if a given IP address is used by AWS and if so what service(s) and region(s) it is allocated to. This information is not particularly precise (a lot of services are listed as EC2). The specific services that can be shown are listed in the AWS documentation.
When a hostname is entered, rather than directly looking the value up in the JSON file, the
Cloudflare DNS over HTTPS API
is used to get the IPv4 and IPv6 addresses for the given domain. Only A and
AAAA records will be checked.
This also won't work if an organization is using
Bring Your Own IP (BYOIP) addresses
for their services. Those addresses won't appear in the ip-ranges.json file so they can't be
included here.
You can contribute on GitHub.
Note: This tool should not be used for making security decisions. While
DNS data is fetched directly from CloudFlare using DNS over HTTPS, the responses are
not validated with DNSSEC. Additionally, the ip-ranges.json data may be
cached; you should always
download
the latest version of the file directly from AWS after validating the TLS certificates
presented during the download are correct.