IP Risk Score: 85 / 100

This IP is considered potentially malicious and poses a serious security threat. Activity from this IP is consistent with active and malicious behavior. This assessment is backed by strong and consistent detection signals. The IP represents a severe and confirmed security risk. Immediate blocking or mitigation is strongly recommended.

Protect your system

What is this IP address?

IP Address: 13.221.9.108

Country: United States flag

United States (US)

Region Name: Virginia (VA)

City: Ashburn

ISP: Amazon.com, Inc.

Organization: AWS EC2 (us-east-1)

Threat level: 85 / 100
Conf. level: 100 / 100

Properties

ASN: AS14618

AS Name: Amazon.com, Inc.

Timezone: America/New_York

Reverse DNS: ec2-13-221-9-108.compute-1.amazonaws.com

Status: Critical

Hosting

Observed Client Profile

OS: Unknown (100%)
Device Type: Desktop (100%)
Browser Family: Safari (100%)
Rendering Engine: Gecko (100%)

Behavioral Indicators

The IP shows signs of malicious intent with a honeypot hit and access to sensitive paths resulting in a 403 status. The user-agent appears to be spoofed, and the traffic originates from a known cloud provider, indicating potential automated activity.

The supernet (13.221.0.0/16), which this IP belongs to, exhibits behavior indicative of automated scraping and potential misuse of legitimate infrastructure, with multiple IPs showing repetitive low-value interactions and a mix of legitimate and suspicious user agents. The presence of honeypot hits and high-frequency 404 responses suggests coordinated activity that may be aimed at analytics pollution.

🍯

Honeypot Hit

JavaScript Support

⚠️ No

User-Agent Samples

Mozilla/5.0 (SymbianOS/9.1; U; en-us) AppleWebKit/413 (KHTML, like Gecko) Safari/413 es50

Integrate IPIntel into your system

IP Location

Region: Virginia, United States

City: Ashburn

Local time: 2026-06-22 09:30:50

Subnet
13.221.9.0/24
Supernet
13.221.0.0/16