3.249.186.175
# IP Intelligence Briefing: 3.249.186.175/32
Classification: Cloud Infrastructure - Amazon Web Services (AWS)
Risk Assessment: LOW RISK (Score: 25)
Date: 2026-06-20
---
## Executive Summary
IP address 3.249.186.175 is a low-risk cloud computing endpoint hosted within Amazon Web Services infrastructure. The IP resolves to an AWS EC2 instance in Dublin, Ireland (eu-west-1 region) and demonstrates stable cloud infrastructure characteristics with no observed threat indicators.
---
## Technical Profile
Network Ownership:
- ASN: 16509 (AMAZON-02)
- Organization: Amazon Data Services Ireland Limited
- CIDR Block: 3.248.0.0/13
- Provider: Amazon Web Services
Geolocation:
- Country: Ireland (IE)
- City: Dublin
- Region: D
- Coordinates: 53.35°N, -6.26°W
- Timezone: Europe/Dublin
Infrastructure Classification:
- Type: CloudCompute
- Cloud Provider: AWS
- Hosting: Enabled
- Services: No open ports detected
- Infrastructure: Firewalled / No Services exposed
DNS Resolution:
- PTR Hostname: ec2-3-249-186-175.eu-west-1.compute.amazonaws.com
- Forward Resolution: Confirmed to amazonaws.com domain
- Forward Hostnames: 1 resolved hostname
---
## Threat Analysis
Threat Indicators:
- Abuse Confidence Score: Not applicable
- Blacklist Count: 0
- Known Attacker: False
- Spam Source: False
- Tor Exit Node: False
- Threat Feeds: No matches
Risk Breakdown:
- Overall Risk Score: 25/100 (Low Risk)
- Provider Score: 0
- Authority Score: 0
- Stability Score: 0
---
## Operational Observations
Service Exposure:
- No open ports detected
- No TLS certificates or HTTP services active
- No banner information captured
Control Plane Stability:
- Route Changes (30d): 0
- Route Stability: Unstable
- DNSSEC Validation: Valid
- DNSBL Listing: 1 of 8 total lists (non-blocking)
---
## Historical Signal Analysis
Observation Timeline: 20 signals captured
Recent Signals (2026-06-20):
- 09:43: Geolocation confirmed Dublin, IE (confidence: 56%)
- 09:40: Cloud infrastructure classification - AWS (confidence: 90%)
- 09:39: Operator score assessment - Basic tier (score: 0.2609)
Historical Context (2026-06-15):
- ASN 16509 assignment confirmed with Cymru DNS source
- Prefix 3.248.0.0/13 validated
Threat Persistence: 0 days observed
Campaign Likelihood: None
---
## Network Relationships
DNS Associations:
- ec2-3-249-186-175.eu-west-1.compute.amazonaws.com (multiple records)
Network Affiliations:
- AMAZON-DUB (Dublin AWS network segment)
- Total relationships: 57
---
## Subnet Analysis (3.249.186.0/24)
Neighborhood Metrics:
- Abuse Density: 1 (Low)
- Classification: Mostly Clean
- Total Siblings: 1
- Active Siblings: 1
- Threat Siblings: 1
Risk Distribution:
- High Risk: 0
- Medium Risk: 0
- Low Risk: 0
---
## Recommended Actions
SOC Analyst Guidance:
1. Monitor: Standard cloud endpoint - no immediate blocking required
2. Traffic Pattern: Expect AWS-managed traffic patterns
3. Threat Hunting: No specific threat indicators identified
4. Firewall Rules: No restrictive rules recommended; allow standard AWS traffic
Classification Flags:
- Is Cloud: TRUE
- Is Hosting: TRUE
- Is CDN: FALSE
- Is Proxy: FALSE
- Is Tor: FALSE
---
Intel Summary: This IP represents standard AWS cloud infrastructure with no malicious indicators. The endpoint appears to be a legitimate cloud computing resource. No immediate defensive action required beyond standard cloud provider monitoring procedures.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
๐ข Ownership & Registration
| Organization | Amazon Data Services Ireland Limited |
| ASN | AS16509 |
| Network Name | โ |
| CIDR Block | โ |
| RIR | ARIN |
| Country | โ |
| Abuse Contact | Available via RDAP |
๐ DNS Intelligence
| PTR | ec2-3-249-186-175.eu-west-1.compute.amazonaws.com |
| Forward Confirmed | Yes โ FCrDNS verified |
| Forward Hostnames | ec2-3-249-186-175.eu-west-1.compute.amazonaws.com |
๐ DNS Hygiene
| Hygiene Score | 80% (Excellent) |
| SPF | Present |
| DMARC | Present |
| FCrDNS | Verified |
| DNSSEC | Valid |
| CAA | Not configured |
โ๏ธ Network Classification
| Infrastructure | Infrastructure / Datacenter |
| Service Purpose | Firewalled / No Services |
| Network Tier | Hosting โ Infrastructure provider without advanced routing |
๐ Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Closed Ports | 22, 25, 80, 443, 3389, 8080, 8443 (0 open / 7 scanned) | ||
| Server | โ |
| HTTP Title | โ |
๐ TLS Certificate
| SANs | None |
| Valid From | โ |
| Valid Until | โ |
๐ฏ Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 25% | 2 | 4 |
| routing | 32% | 1 | 4 |
| services | 12% | 2 | 2 |
| ownership | 24% | 2 | 3 |
| reputation | 26% | 1 | 3 |
| geolocation | 25% | 2 | 2 |
| Overall | 24% | 10 | 18 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (70%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
๐ Observation Timeline ๐ Live
| First Seen | 2026-05-20 11:46:34 UTC |
| Last Seen | 2026-06-28 11:47:25 UTC |
| Profile Built | 2026-06-29 05:50:43 UTC |
| Data Freshness | Live |
| Signal Types | 21 |
| Total Observations | 29 |
Full dossier details are available via our API.