3.131.243.226

{ } JSON 🔧 Full Actions API

🤖 Witness AIThis summary was generated by AI and may contain inaccuracies. Verify critical details independently.

IP Intelligence Briefing: 3.131.243.226

Date: June 16, 2026

---

1. Core Profile

Risk Score: Low (25/100)
Ownership: Amazon Technologies Inc. (ASN 16509)
Geolocation: Columbus, Ohio, US (IPv4: 3.131.243.226)
Network Role: AWS Cloud Compute Instance (Hosting/Web Server)
Threat Indicators: None detected (no malware, phishing, or exploit activity).

---

2. Observations & Behavior

HTTP/HTTPS:

- Running nginx/1.24.0 (Ubuntu) with HTTPS (Let’s Encrypt certificate).

- No suspicious banners or server signatures.

SSH:

- OpenSSH 9.6 running on port 22.

DNS:

- PTR record: `ec2-3-131-243-226.us-east-2.compute.amazonaws.com`.

- DNSSEC validated, no CAA records.

Network:

- BGP prefix: `3.131.0.0/16` (Amazon AWS).

- Subnet abuse density: 0% (isolated IP).

---

3. Historical Trends

Recent Activity (June 16, 2026):

- Normal HTTP traffic with 200 OK responses.

- No anomalies in TLS handshakes or DNS resolution.

- No spikes in network scans or port activity.

---

4. Relationships & Neighbors

Linked Entities:

- Direct DNS association with AWS-hosted hostname: `ec2-3-131-243-226.us-east-2.compute.amazonaws.com`.

- Shared network: `AT-88-Z` (Amazon AWS).

Subnet:

- No neighboring IPs identified in the `/24` subnet.

---

5. Threat & Risk Context

No Malicious Indicators:

- No blacklisted IPs, Tor exit nodes, or spam sources in the vicinity.

- Low-risk provider (Amazon AWS) with no reported abuse.

Cloud Infrastructure:

- Likely a legitimate AWS EC2 instance. Monitor for misconfigurations or unintended exposure.

---

6. Recommendations

Monitor: Track traffic patterns for unexpected volume or protocol changes.
Verify: Confirm if this IP is part of a known campaign or compromised AWS instance.
Access Controls: Ensure AWS IAM policies restrict unnecessary access to this instance.

---

Conclusion: This IP is a legitimate AWS cloud server with no immediate threat indicators. However, routine monitoring is advised due to its cloud infrastructure and potential for misconfiguration.

This summary was generated by AI and may contain inaccuracies. Verify critical details independently.

🌍 Geolocation

Country	🇺🇸 United States
Region	OH
City	Columbus
Timezone	America/New_York
Latitude	39.96
Longitude	-83.00

🏢 Ownership & Registration

Organization	Amazon Technologies Inc.
ASN	AS16509
Network Name	AT-88-Z
CIDR Block	3.128.0.0/9
RIR	ARIN
Country	United States
Abuse Contact	Available via RDAP

🌐 DNS Intelligence

PTR	ec2-3-131-243-226.us-east-2.compute.amazonaws.com
Forward Confirmed	Yes — FCrDNS verified
Forward Hostnames	`ec2-3-131-243-226.us-east-2.compute.amazonaws.com`

🔐 DNS Hygiene

Hygiene Score	80% (Excellent)
SPF	Present
DMARC	Present
FCrDNS	Verified
DNSSEC	Valid
CAA	Not configured

☁️ Network Classification

Infrastructure	Infrastructure / Datacenter
Service Purpose	Web Server
Network Tier	Tier 3 — Basic operator with some routing infrastructure

CloudHosting

🔌 Services & Open Ports

Port	Service	Protocol	Banner
80	http	tcp	—
443	https	tcp	—
22	ssh	tcp	SSH-2.0-OpenSSH_9.6p1 Ubuntu-3ubuntu13.16
Closed Ports	25, 3389, 8080, 8443 (3 open / 7 scanned)

Server	nginx/1.24.0 (Ubuntu)
HTTP Title	—
SSH Version	SSH-2.0-OpenSSH_9.6p1 Ubuntu-3ubuntu13.16

🔐 TLS Certificate

🔒

CN=sima.tecnodem.net

Issued by CN=YE1, O=Let's Encrypt, C=US

Self-signed: No

SANs	sima.tecnodem.net
Valid From	2026-06-15T17:09:26+00:00
Valid Until	2026-09-13T17:09:25+00:00
TLS Protocol	Tls13
Cipher Suite	TLS_AES_256_GCM_SHA384
Signature Algorithm	sha384ECDSA
Validity Period	89 days
Serial Number	0566C27EAB180547E46BC99C76DD03DB68FE
Thumbprint	B063B956C650EB426074D8A2B0131775E3124A29

🎯 Confidence Breakdown

Per-dimension confidence scores based on source diversity and data freshness

Dimension	Score	Sources	Observations
threat	35%	2	3
routing	17%	1	1
services	35%	2	3
ownership	35%	2	3
reputation	17%	1	2
geolocation	35%	2	3
Overall	29%	10	15

Coverage: 6/6 dimensions · Data sufficiency: sufficient

Data Coherence	Consistent (100%)
Attribution	Moderate (70%)
	OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid

📅 Observation Timeline 🔄 Live

First Seen	2026-06-14 17:36:59 UTC
Last Seen	2026-06-21 22:19:02 UTC
Profile Built	2026-06-21 22:25:23 UTC
Data Freshness	Live
Signal Types	24
Total Observations	26

🔍 24 signal types · 26 observations collected

This report is generated from 24+ independent intelligence signals including ownership records, DNS analysis, BGP routing, TLS certificates, port scanning, threat feeds, behavioral fingerprinting, and more.
Full dossier details are available via our API.

{ } JSON API 🔧 Actions API 📧 Enterprise Access

ℹ️ About This Report

All data shown is publicly available network metadata — IP addresses do not reliably identify individuals. Assessments are probabilistic and should not be used as sole basis for access control decisions. To report an issue or request data review, contact admin@ipdebrief.com.

3.131.243.226📋 Copy

**1. Core Profile**

**2. Observations & Behavior**

**3. Historical Trends**

**4. Relationships & Neighbors**

**5. Threat & Risk Context**

**6. Recommendations**