13.40.28.202
IP Intelligence Briefing: 13.40.28.202
Date: 2026-06-01
---
**1. Core Profile**
- Risk Score: 25 (Low Risk)
- Provider: Amazon Web Services (AWS)
- Geolocation: London, England, UK (51.51°N, 0.13°W)
- Network Role: CloudCompute (AWS EC2 instance)
- Ownership: ASN 16509 (Amazon Data Services UK)
- Threat Indicators: No malicious activity detected (zero threat indicators, no blacklists, no campaigns).
---
**2. Observation History**
- Recent Activity (Last 30 Days):
- Stable ownership (no changes).
- No persistent malicious behavior (threat observation count: 1, no persistence).
- Subnet abuse density: 1 (mostly clean).
- Geolocation consistency: Confirmed via multiple signals.
---
**3. Network Relationships**
- DNS Associations:
- Linked to `ec2-13-40-28-202.eu-west-2.compute.amazonaws.com` (SSH service on port 22).
- Network Context:
- Part of AWS network "AMAZON-LHR" (London data center).
- No connections to other organizations or subnets.
---
**4. Subnet Analysis**
- Subnet: 13.40.28.202/24
- Neighbor Risk: 0 abuse density (clean subnet).
- Active Siblings: 1 (itself).
- No Neighboring IPs found in the subnet.
---
**5. Security Implications**
- Cloud Infrastructure: Hosted by AWS, likely a managed EC2 instance. No signs of misconfiguration or exploitation.
- Monitoring Recommendations:
- Monitor SSH access logs for unusual activity.
- Ensure AWS security groups and IAM policies are tightly controlled.
- No immediate action required due to low risk profile.
Conclusion: 13.40.28.202 is a legitimate AWS cloud host with no evidence of malicious activity. No security actions are recommended at this time.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
๐ข Ownership & Registration
| Organization | Amazon Data Services UK |
| ASN | AS16509 |
| Network Name | โ |
| CIDR Block | 13.40.0.0/14 |
| RIR | ARIN |
| Country | โ |
| Abuse Contact | Available via RDAP |
๐ DNS Intelligence
| PTR | ec2-13-40-28-202.eu-west-2.compute.amazonaws.com |
| Forward Confirmed | Yes โ FCrDNS verified |
| Forward Hostnames | ec2-13-40-28-202.eu-west-2.compute.amazonaws.com |
๐ DNS Hygiene
| Hygiene Score | 80% (Excellent) |
| SPF | Present |
| DMARC | Present |
| FCrDNS | Verified |
| DNSSEC | Valid |
| CAA | Not configured |
โ๏ธ Network Classification
| Infrastructure | Infrastructure / Datacenter |
| Service Purpose | Single-Service Host |
| Network Tier | Tier 3 โ Basic operator with some routing infrastructure |
๐ Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| 22 | ssh | tcp | |
| Closed Ports | 25, 80, 443, 3389, 8080, 8443 (1 open / 7 scanned) | ||
| Server | โ |
| HTTP Title | โ |
| SSH Version | SSH-2.0-OpenSSH_9.9 |
๐ TLS Certificate
| SANs | None |
| Valid From | โ |
| Valid Until | โ |
๐ฏ Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 25% | 2 | 4 |
| routing | 62% | 3 | 15 |
| services | 12% | 2 | 2 |
| ownership | 27% | 3 | 4 |
| reputation | 26% | 1 | 3 |
| geolocation | 33% | 2 | 3 |
| Overall | 31% | 13 | 31 |
| Data Coherence | Consistent (100%) |
| Attribution | High (85%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
๐ Observation Timeline ๐ Live
| First Seen | 2026-05-24 00:30:47 UTC |
| Last Seen | 2026-06-28 23:09:09 UTC |
| Profile Built | 2026-06-29 05:13:13 UTC |
| Data Freshness | Live |
| Signal Types | 27 |
| Total Observations | 41 |
Full dossier details are available via our API.