18.97.26.17
IP Intelligence Briefing: 18.97.26.17
Date: 2026-06-11
---
**1. Core Profile**
- Risk Score: Moderate (50/100)
- Ownership: Amazon Technologies Inc. (ASN 14618, ARIN)
- Geolocation: Ashburn, VA, US (39.04°N, -77.49°E)
- Network Role: AWS infrastructure (CloudCompute, Hosting)
- Threat Indicators: No direct malicious activity detected.
---
**2. Threat Observations**
- Recent Activity (Last 30 Days):
- Listed in 8 threat feeds (high severity, 0.85 confidence).
- No DNS-based attacks or open services detected.
- BGP stability: Route changes (0) and stable routing.
---
**3. Network Context**
- Subnet: 18.97.26.17/24
- Neighboring IPs:
- High-risk neighbors: 18.97.26.22 (50/100), 18.97.26.64 (50/100), 18.97.26.68 (40/100).
- Low-risk neighbors: 18.97.26.18 (0/100), 18.97.26.79 (0/100).
- Abuse Density: 0% (clean subnet).
---
**4. Relationships**
- DNS Associations:
- Linked to scanner-18-97-26-17.reposify.net (multiple PTR records).
- Network Affiliation:
- Shares subnet with AT-88-Z (Amazon AWS).
---
**5. Recommendations**
- Monitor: Track DNS activity for reposify.net and neighboring IPs (e.g., 18.97.26.22).
- Firewall: Consider restrictive rules for outbound traffic to scanner-18-97-26-17.reposify.net.
- Investigate: Verify if the IP is part of legitimate AWS infrastructure or anomalous activity.
---
Source: IPDebrief Threat Intelligence Platform.
Note: No immediate action required, but ongoing monitoring is advised due to potential indirect risks.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
π’ Ownership & Registration
| Organization | Amazon Technologies Inc. |
| ASN | AS14618 |
| Network Name | AT-88-Z |
| CIDR Block | 18.32.0.0/11 |
| RIR | ARIN |
| Country | United States |
| Abuse Contact | Available via RDAP |
π DNS Intelligence
| PTR | scanner-18-97-26-17.reposify.net |
| Forward Confirmed | Yes β FCrDNS verified |
| Forward Hostnames | scanner-18-97-26-17.reposify.net |
π DNS Hygiene
| Hygiene Score | 60% (Good) |
| SPF | Present |
| DMARC | Not configured |
| FCrDNS | Verified |
| DNSSEC | Valid |
| CAA | Not configured |
βοΈ Network Classification
| Infrastructure | Infrastructure / Datacenter |
| Service Purpose | Single-Service Host |
| Network Tier | Hosting β Infrastructure provider without advanced routing |
π Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| 80 | http | tcp | β |
| Closed Ports | 22, 25, 443, 3389, 8080, 8443 (1 open / 7 scanned) | ||
| Server | Reposify |
| HTTP Title | β |
π TLS Certificate
| SANs | None |
| Valid From | β |
| Valid Until | β |
π― Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 27% | 2 | 4 |
| routing | 8% | 1 | 1 |
| services | 24% | 2 | 3 |
| ownership | 27% | 2 | 3 |
| reputation | 22% | 1 | 3 |
| geolocation | 27% | 2 | 3 |
| Overall | 22% | 10 | 17 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (70%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
π Observation Timeline π Live
| First Seen | 2026-05-26 18:57:13 UTC |
| Last Seen | 2026-06-29 03:17:53 UTC |
| Profile Built | 2026-06-29 03:22:55 UTC |
| Data Freshness | Live |
| Signal Types | 23 |
| Total Observations | 23 |
Full dossier details are available via our API.