44.220.188.138
IP Intelligence Briefing: 44.220.188.138
Date: 2026-06-15
---
**1. Profile Summary**
- Risk Score: Low (25/100) | Reputation: Legitimate
- Provider: Amazon Web Services (AWS) | ASN: 14618
- Geolocation: Ashburn, VA, USA (39.04°N, -77.49°E)
- Network Role: CloudCompute (AWS infrastructure) | Hosting: Yes
- DNS: PTR hostname `scanner-44-220-188-138.reposify.net` linked to `reposify.net`
- Threat Indicators: No known malicious activity, no blacklisted domains, no spam sources
---
**2. Observation History**
- Recent Activity (30 days):
- Consistent low-risk profile with no spikes in threat signals.
- Subnet abuse density: 0.3871 (moderate risk, mixed classification).
- No persistent malicious behavior or ownership changes.
---
**3. Network Relationships**
- DNS Associations:
- Linked to `scanner-44-220-188-138.reposify.net` (potential automated scanning tool).
- Network Peers:
- Same subnet (`44.220.188.138/24`) includes 33 IPs, 12 flagged as "threat siblings" (moderate risk).
- Shared BGP prefix: `44.192.0.0/11` (AWS infrastructure).
---
**4. Neighborhood Analysis**
- Subnet Risk: Mixed classification (33 IPs total, 12 high/medium risk).
- Neighbor Risk Scores:
- Most IPs: Low risk (25β60).
- 2 IPs with zero risk (e.g., `44.220.188.133`, `44.220.188.137`).
- Abuse Density: 0.3871 (moderate risk, likely due to shared infrastructure).
---
**5. Actionable Insights**
- Monitor: The DNS hostname `scanner-44-220-188-138.reposify.net` for unexpected outbound traffic or C2 activity.
- Subnet Context: While the IP itself is low-risk, the subnetβs moderate abuse density suggests potential lateral movement risks.
- AWS Infrastructure: Confirm if this IP is part of a legitimate cloud workload (e.g., CI/CD pipelines, automated scans).
- Neighbor IPs: Investigate high-risk neighbors in the subnet for potential compromise.
---
Recommendation: No immediate mitigation required for this IP, but monitor DNS activity and subnet peers for anomalies.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
π’ Ownership & Registration
| Organization | Amazon Data Services Northern Virginia |
| ASN | AS14618 |
| Network Name | β |
| CIDR Block | β |
| RIR | ARIN |
| Country | β |
| Abuse Contact | Available via RDAP |
π DNS Intelligence
| PTR | scanner-44-220-188-138.reposify.net |
| Forward Confirmed | Yes β FCrDNS verified |
| Forward Hostnames | scanner-44-220-188-138.reposify.net |
π DNS Hygiene
| Hygiene Score | 60% (Good) |
| SPF | Present |
| DMARC | Not configured |
| FCrDNS | Verified |
| DNSSEC | Valid |
| CAA | Not configured |
βοΈ Network Classification
| Infrastructure | Infrastructure / Datacenter |
| Service Purpose | Single-Service Host |
| Network Tier | Hosting β Infrastructure provider without advanced routing |
π Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| 80 | http | tcp | β |
| Closed Ports | 22, 25, 443, 3389, 8080, 8443 (1 open / 7 scanned) | ||
| Server | Reposify |
| HTTP Title | β |
π TLS Certificate
| SANs | None |
| Valid From | β |
| Valid Until | β |
π― Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 33% | 2 | 3 |
| routing | 13% | 1 | 1 |
| services | 30% | 2 | 3 |
| ownership | 20% | 2 | 3 |
| reputation | 22% | 1 | 2 |
| geolocation | 21% | 2 | 2 |
| Overall | 23% | 10 | 14 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (70%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
π Observation Timeline π Live
| First Seen | 2026-05-14 07:14:39 UTC |
| Last Seen | 2026-06-28 00:32:12 UTC |
| Profile Built | 2026-06-28 18:38:10 UTC |
| Data Freshness | Live |
| Signal Types | 23 |
| Total Observations | 26 |
Full dossier details are available via our API.