IP Intelligence Briefing: 3.131.243.226
Date: June 16, 2026
---
**1. Core Profile**
- Risk Score: Low (25/100)
- Ownership: Amazon Technologies Inc. (ASN 16509)
- Geolocation: Columbus, Ohio, US (IPv4: 3.131.243.226)
- Network Role: AWS Cloud Compute Instance (Hosting/Web Server)
- Threat Indicators: None detected (no malware, phishing, or exploit activity).
---
**2. Observations & Behavior**
- HTTP/HTTPS:
- Running nginx/1.24.0 (Ubuntu) with HTTPS (Letβs Encrypt certificate).
- No suspicious banners or server signatures.
- SSH:
- OpenSSH 9.6 running on port 22.
- DNS:
- PTR record: `ec2-3-131-243-226.us-east-2.compute.amazonaws.com`.
- DNSSEC validated, no CAA records.
- Network:
- BGP prefix: `3.131.0.0/16` (Amazon AWS).
- Subnet abuse density: 0% (isolated IP).
---
**3. Historical Trends**
- Recent Activity (June 16, 2026):
- Normal HTTP traffic with 200 OK responses.
- No anomalies in TLS handshakes or DNS resolution.
- No spikes in network scans or port activity.
---
**4. Relationships & Neighbors**
- Linked Entities:
- Direct DNS association with AWS-hosted hostname: `ec2-3-131-243-226.us-east-2.compute.amazonaws.com`.
- Shared network: `AT-88-Z` (Amazon AWS).
- Subnet:
- No neighboring IPs identified in the `/24` subnet.
---
**5. Threat & Risk Context**
- No Malicious Indicators:
- No blacklisted IPs, Tor exit nodes, or spam sources in the vicinity.
- Low-risk provider (Amazon AWS) with no reported abuse.
- Cloud Infrastructure:
- Likely a legitimate AWS EC2 instance. Monitor for misconfigurations or unintended exposure.
---
**6. Recommendations**
- Monitor: Track traffic patterns for unexpected volume or protocol changes.
- Verify: Confirm if this IP is part of a known campaign or compromised AWS instance.
- Access Controls: Ensure AWS IAM policies restrict unnecessary access to this instance.
---
Conclusion: This IP is a legitimate AWS cloud server with no immediate threat indicators. However, routine monitoring is advised due to its cloud infrastructure and potential for misconfiguration.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
π’ Ownership & Registration
| Organization | Amazon Technologies Inc. |
| ASN | AS16509 |
| Network Name | AT-88-Z |
| CIDR Block | 3.128.0.0/9 |
| RIR | ARIN |
| Country | United States |
| Abuse Contact | Available via RDAP |
π DNS Intelligence
| PTR | ec2-3-131-243-226.us-east-2.compute.amazonaws.com |
| Forward Confirmed | Yes β FCrDNS verified |
| Forward Hostnames | ec2-3-131-243-226.us-east-2.compute.amazonaws.com |
π DNS Hygiene
| Hygiene Score | 80% (Excellent) |
| SPF | Present |
| DMARC | Present |
| FCrDNS | Verified |
| DNSSEC | Valid |
| CAA | Not configured |
βοΈ Network Classification
| Infrastructure | Infrastructure / Datacenter |
| Service Purpose | Web Server |
| Network Tier | Tier 3 β Basic operator with some routing infrastructure |
π Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| 80 | http | tcp | β |
| 443 | https | tcp | β |
| 22 | ssh | tcp | |
| Closed Ports | 25, 3389, 8080, 8443 (3 open / 7 scanned) | ||
| Server | nginx/1.24.0 (Ubuntu) |
| HTTP Title | β |
| SSH Version | SSH-2.0-OpenSSH_9.6p1 Ubuntu-3ubuntu13.16 |
π TLS Certificate
| SANs | sima.tecnodem.net |
| Valid From | 2026-06-15T17:09:26+00:00 |
| Valid Until | 2026-09-13T17:09:25+00:00 |
| TLS Protocol | Tls13 |
| Cipher Suite | TLS_AES_256_GCM_SHA384 |
| Signature Algorithm | sha384ECDSA |
| Validity Period | 89 days |
| Serial Number | 0566C27EAB180547E46BC99C76DD03DB68FE |
| Thumbprint | B063B956C650EB426074D8A2B0131775E3124A29 |
π― Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 35% | 2 | 3 |
| routing | 17% | 1 | 1 |
| services | 35% | 2 | 3 |
| ownership | 35% | 2 | 3 |
| reputation | 17% | 1 | 2 |
| geolocation | 35% | 2 | 3 |
| Overall | 29% | 10 | 15 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (70%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
π Observation Timeline π Live
| First Seen | 2026-06-14 17:36:59 UTC |
| Last Seen | 2026-06-21 22:19:02 UTC |
| Profile Built | 2026-06-21 22:25:23 UTC |
| Data Freshness | Live |
| Signal Types | 24 |
| Total Observations | 26 |
Full dossier details are available via our API.