# IP INTELLIGENCE BRIEFING
Target: 18.221.233.203/32
Classification: Low Risk / Legitimate Infrastructure
Date: June 2026
## EXECUTIVE SUMMARY
IP 18.221.233.203 is a legitimate Amazon Web Services (AWS) cloud compute instance with low risk profile (score: 25/100). No malicious indicators, threat campaigns, or abuse patterns detected.
## NETWORK IDENTIFICATION
| Attribute | Value |
|---|---|
| **IP Address** | 18.221.233.203 |
| **ASN** | 16509 (Amazon Technologies Inc.) |
| **Organization** | Amazon Technologies Inc. |
| **CIDR Block** | 18.32.0.0/11 |
| **Network Name** | AT-88-Z |
| **Geolocation** | Columbus, OH, US |
| **Infrastructure Type** | CloudCompute |
| **Provider** | Amazon Web Services |
## INFRASTRUCTURE CLASSIFICATION
- Cloud Instance: Yes (AWS EC2)
- CDN: No
- VPN/Proxy: No
- Tor Exit Node: No
- Hosting Service: Yes
- Open Ports: None detected (firewalled)
- DNS PTR: ec2-18-221-233-203.us-east-2.compute.amazonaws.com
- Forward Resolution: Confirmed (1 hostname)
## THREAT ASSESSMENT
| Indicator | Status |
|---|---|
| **Risk Score** | 25 (Low) |
| **Blacklist Count** | 0 |
| **Abuse Confidence Score** | N/A (no abuse signals) |
| **Known Attacker** | No |
| **Spam Source** | No |
| **Threat Feeds** | None |
| **Known Campaigns** | None |
| **DNSBL Listed** | 1 of 8 lists |
| **Is Persistently Malicious** | No |
## OBSERVATION HISTORY
- Total Observations: 25
- Threat Persistence Days: 0
- Recent Activity: Consistent cloud infrastructure classification (AWS)
- Route Stability: Stable (0 route changes in 30 days)
- Ownership Changes: 0 (stable ownership)
- Threat Observation Count: 0
## NETWORK NEIGHBORHOOD ANALYSIS
- Subnet: 18.221.233.203/24
- Abuse Density: 0 (clean)
- Classification: Clean
- Threat Siblings: 0
- Active Siblings: 1
- High Risk Neighbors: 0
## RELATIONSHIP GRAPH
- Network Associations: Multiple same-network references to AT-88-Z (expected for AWS allocation)
- DNS Associations: ec2-18-221-233-203.us-east-2.compute.amazonaws.com
- Malicious Relationships: None
## ACTIONABLE RECOMMENDATIONS
Status: No action required. This is legitimate AWS infrastructure.
Network Defenders:
- No blocking recommended
- Standard egress/ingress rules apply
- Monitor for policy violations if traffic patterns become anomalous
SOC Analysts:
- No IOC generation required
- No threat hunting needed
- Can be safely ignored in filtering rules unless specific use case applies
## CONCLUSION
IP 18.221.233.203 represents standard AWS cloud infrastructure with no security concerns. The IP has been consistently classified as cloud compute with firewalled services and no malicious indicators. Neighborhood analysis confirms clean subnet abuse density. This IP does not require defensive security actions.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
π’ Ownership & Registration
| Organization | Amazon Technologies Inc. |
| ASN | AS16509 |
| Network Name | AT-88-Z |
| CIDR Block | 18.32.0.0/11 |
| RIR | ARIN |
| Country | United States |
| Abuse Contact | Available via RDAP |
π DNS Intelligence
| PTR | ec2-18-221-233-203.us-east-2.compute.amazonaws.com |
| Forward Confirmed | Yes β FCrDNS verified |
| Forward Hostnames | ec2-18-221-233-203.us-east-2.compute.amazonaws.com |
π DNS Hygiene
| Hygiene Score | 80% (Excellent) |
| SPF | Present |
| DMARC | Present |
| FCrDNS | Verified |
| DNSSEC | Valid |
| CAA | Not configured |
βοΈ Network Classification
| Infrastructure | Infrastructure / Datacenter |
| Service Purpose | Firewalled / No Services |
| Network Tier | Tier 3 β Basic operator with some routing infrastructure |
π Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Closed Ports | 22, 25, 80, 443, 3389, 8080, 8443 (0 open / 7 scanned) | ||
| Server | β |
| HTTP Title | β |
π TLS Certificate
| SANs | None |
| Valid From | β |
| Valid Until | β |
π― Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 27% | 2 | 4 |
| routing | 27% | 2 | 3 |
| services | 19% | 2 | 2 |
| ownership | 30% | 3 | 4 |
| reputation | 26% | 1 | 3 |
| geolocation | 25% | 2 | 2 |
| Overall | 26% | 12 | 18 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (70%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
π Observation Timeline π Live
| First Seen | 2026-06-01 05:38:24 UTC |
| Last Seen | 2026-06-29 09:17:57 UTC |
| Profile Built | 2026-06-29 15:20:03 UTC |
| Data Freshness | Live |
| Signal Types | 24 |
| Total Observations | 26 |
Full dossier details are available via our API.