44.220.188.225
Threat Intelligence Briefing: IP 44.220.188.225/32
Summary
The IP address 44.220.188.225/32 is associated with Amazon Web Services (AWS) and registered to Amazon Data Services Northern Virginia. It is geolocated in Ashburn, Virginia, US, and serves as a cloud hosting infrastructure node. The IP is linked to a web server running HTTP (port 80) under the hostname scanner-44-220-188-225.reposify.net, which appears to be a Reposify-hosted service.
Risk Assessment
- Overall Risk Score: 25 (Low Risk)
- Provider Risk: 0 (AWS infrastructure is generally trusted)
- Threat Indicators: No malicious activity detected (no blacklists, spam, or attack signatures).
- Network Stability: Stable, with no recent changes in ownership or routing.
Key Observations
1. Hosting Activity: The IP hosts a single HTTP service with a "Reposify" server banner. No TLS encryption or advanced HTTP features (e.g., HTTP/2, HSTS) are detected.
2. Subnet Analysis:
- Belongs to the 44.220.188.0/24 subnet.
- Subnet abuse density: 0.4 (moderate risk, with 10/33 neighbors flagged as potentially malicious).
- Most neighbors are low-risk AWS infrastructure, but 10% show higher risk scores.
3. Historical Activity:
- Observed for 23 days with consistent HTTP responses.
- No signs of scanning, port probing, or abnormal traffic patterns.
Relationships
- Network: Linked to AMAZON-IAD (AWS network).
- DNS: Associated with scanner-44-220-188-225.reposify.net.
- Organizations: Amazon Data Services.
Recommendations
- Monitor Subnet: Due to moderate subnet abuse density, monitor neighboring IPs for suspicious activity.
- Allowlist Legitimate Traffic: Since the IP is part of AWS infrastructure, consider allowing traffic unless explicitly blocked by internal policies.
- Verify Hosting Context: Confirm the legitimacy of the Reposify service, as the hostname suggests potential testing or scanning activity.
Conclusion
This IP is likely a legitimate AWS-hosted service with no immediate threat indicators. However, its subnet contains mixed-risk neighbors, so contextual monitoring is advised. No firewall rules or actions are recommended at this time.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
π’ Ownership & Registration
| Organization | Amazon Data Services Northern Virginia |
| ASN | AS14618 |
| Network Name | β |
| CIDR Block | β |
| RIR | ARIN |
| Country | β |
| Abuse Contact | Available via RDAP |
π DNS Intelligence
| PTR | scanner-44-220-188-225.reposify.net |
| Forward Confirmed | Yes β FCrDNS verified |
| Forward Hostnames | scanner-44-220-188-225.reposify.net |
π DNS Hygiene
| Hygiene Score | 60% (Good) |
| SPF | Present |
| DMARC | Not configured |
| FCrDNS | Verified |
| DNSSEC | Valid |
| CAA | Not configured |
βοΈ Network Classification
| Infrastructure | Infrastructure / Datacenter |
| Service Purpose | Single-Service Host |
| Network Tier | Hosting β Infrastructure provider without advanced routing |
π Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| 80 | http | tcp | β |
| Closed Ports | 22, 25, 443, 3389, 8080, 8443 (1 open / 7 scanned) | ||
| Server | Reposify |
| HTTP Title | β |
π TLS Certificate
| SANs | None |
| Valid From | β |
| Valid Until | β |
π― Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 29% | 2 | 4 |
| routing | 13% | 1 | 1 |
| services | 30% | 2 | 3 |
| ownership | 24% | 2 | 3 |
| reputation | 31% | 1 | 3 |
| geolocation | 30% | 2 | 3 |
| Overall | 26% | 10 | 17 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (70%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
π Observation Timeline π Live
| First Seen | 2026-05-07 23:04:20 UTC |
| Last Seen | 2026-06-27 05:33:26 UTC |
| Profile Built | 2026-06-27 23:39:41 UTC |
| Data Freshness | Live |
| Signal Types | 24 |
| Total Observations | 28 |
Full dossier details are available via our API.