18.220.133.40
IP Intelligence Dossier
Your IP: 216.73.216.123
π€ Witness AIThis summary was generated by AI and may contain inaccuracies. Verify critical details independently.
INTELLIGENCE BRIEFING: 18.220.133.40/32
Classification: Low Risk β Legitimate Cloud Infrastructure
Date Generated: Current
Analyst Notes: AWS EC2 instance with minimal threat indicators
---
**IDENTIFICATION**
- IP Address: 18.220.133.40/32
- Owner: Amazon Technologies Inc.
- ASN: 16509
- Location: Columbus, OH, US (latitude: 39.96, longitude: -83)
- Infrastructure Type: CloudCompute (AWS EC2)
- PTR Hostname: ec2-18-220-133-40.us-east-2.compute.amazonaws.com
---
**RISK ASSESSMENT**
- Risk Score: 25 (Low Risk)
- Reputation: Low Risk
- Abuse Confidence: None
- Blacklist Status: Not listed (0 blacklist hits)
- Known Attacker: No
- Tor Exit Node: No
- Proxy/VPN: No
---
**THREAT INDICATORS**
- Active Threats: None detected
- Malware Campaigns: No correlated campaigns
- Threat Persistence: 0 days (not persistently malicious)
- Known C2/Scanner Activity: None observed
---
**NETWORK CLASSIFICATION**
- Provider: Amazon Web Services
- Cloud Infrastructure: Yes (confirmed)
- Hosting/CDN: Hosting services enabled
- Services: No open ports detected (firewalled/no services exposed)
- Anycast: No
---
**NEIGHBORHOOD CONTEXT**
- Subnet: 18.220.133.40/24
- Subnet Abuse Density: 1 (minimal)
- Total Siblings: 1
- Threat Siblings: 1
- Neighboring Risk: 2 (low inherited risk)
- Classification: Mostly clean subnet
---
**OBSERVATION HISTORY**
- Total Observations: 22 signals
- Latest Observation: 2026-06-26T12:09:40 UTC
- Geolocation Consistency: Stable (Columbus, OH confirmed)
- Infrastructure Stability: Consistent cloud classification
- Routing Stability: Stable (no route changes in 30 days)
- Geo Validation: Geo plausible (ICMP validation blocked)
---
**RELATIONSHIPS**
- DNS Associations: ec2-18-220-133-40.us-east-2.compute.amazonaws.com
- Network Associations: Multiple same-network relationships to AT-88-Z
- Control Plane: DNSSEC valid, operator score: 0.2609
---
**ANALYSIS**
This IP represents legitimate AWS cloud infrastructure with no malicious indicators. The low risk score (25) correlates with:
1. Absence of open ports (service firewalled)
2. No blacklist presence
3. Clean observation history (22 signals, all consistent)
4. Established ownership with Amazon Technologies Inc.
The single threat sibling in the /24 subnet suggests minimal neighborhood risk. No evidence of abuse campaigns or persistent malicious activity.
---
**RECOMMENDATIONS**
- Firewall/ACL: Allow if legitimate AWS service; deny if unexpected outbound traffic
- Monitoring: No special monitoring required (legitimate infrastructure)
- Incident Response: Not a threat source; can be safely blocked/ignored if not expected in traffic
- Threat Intel: Mark as benign cloud infrastructure
---
Summary: 18.220.133.40 is a clean AWS EC2 instance with no malicious indicators. No blocking action recommended unless traffic patterns indicate abuse from this specific instance.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
π’ Ownership & Registration
| Organization | Amazon Technologies Inc. |
| ASN | AS16509 |
| Network Name | β |
| CIDR Block | β |
| RIR | ARIN |
| Country | β |
| Abuse Contact | Available via RDAP |
π DNS Intelligence
| PTR | ec2-18-220-133-40.us-east-2.compute.amazonaws.com |
| Forward Confirmed | Yes β FCrDNS verified |
| Forward Hostnames | ec2-18-220-133-40.us-east-2.compute.amazonaws.com |
π DNS Hygiene
| Hygiene Score | 80% (Excellent) |
| SPF | Present |
| DMARC | Present |
| FCrDNS | Verified |
| DNSSEC | Valid |
| CAA | Not configured |
βοΈ Network Classification
| Infrastructure | Infrastructure / Datacenter |
| Service Purpose | Firewalled / No Services |
| Network Tier | Hosting β Infrastructure provider without advanced routing |
π Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Closed Ports | 22, 25, 80, 443, 3389, 8080, 8443 (0 open / 7 scanned) | ||
| Server | β |
| HTTP Title | β |
π TLS Certificate
No certificate
Issued by β
N/A
| SANs | None |
| Valid From | β |
| Valid Until | β |
π― Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 22% | 2 | 4 |
| routing | 8% | 1 | 1 |
| services | 15% | 2 | 2 |
| ownership | 17% | 2 | 3 |
| reputation | 24% | 1 | 3 |
| geolocation | 31% | 2 | 3 |
| Overall | 20% | 10 | 16 |
Coverage: 6/6 dimensions Β· Data sufficiency: sufficient
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (70%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
π Observation Timeline π Live
| First Seen | 2026-05-11 21:10:21 UTC |
| Last Seen | 2026-06-27 19:58:10 UTC |
| Profile Built | 2026-06-28 14:03:47 UTC |
| Data Freshness | Live |
| Signal Types | 22 |
| Total Observations | 26 |
π 22 signal types Β· 26 observations collected
This report is generated from 22+ independent intelligence signals including
ownership records, DNS analysis, BGP routing, TLS certificates, port scanning, threat feeds,
behavioral fingerprinting, and more.
Full dossier details are available via our API.
Full dossier details are available via our API.
βΉοΈ About This Report
All data shown is publicly available network metadata β IP addresses do not reliably identify individuals.
Assessments are probabilistic and should not be used as sole basis for access control decisions.
To report an issue or request data review, contact admin@ipdebrief.com.