47.128.110.75

{ } JSON 🔧 Full Actions API

🤖 Witness AIThis summary was generated by AI and may contain inaccuracies. Verify critical details independently.

# IP Intelligence Briefing: 47.128.110.75

Classification: MODERATE RISK | Report Date: 2026-06-18

---

## Executive Summary

IP address 47.128.110.75 is a cloud-hosted AWS EC2 instance located in Singapore (ap-southeast-1). The IP carries a moderate risk score of 50 and is associated with high-abuse subnet 47.128.110.0/24. While the IP itself shows no active threat indicators, its neighborhood demonstrates elevated abuse density (0.6) with 12 of 20 sibling IPs flagged as threats.

---

## Ownership & Infrastructure

Field	Value
Organization	Amazon Data Services Singapore
ASN	16509
CIDR Block	47.128.0.0/14
Geolocation	Singapore (1.35, 103.82)
Infrastructure Type	CloudCompute (AWS EC2)
PTR Hostname	ec2-47-128-110-75.ap-southeast-1.compute.amazonaws.com

---

## Threat Assessment

Current Risk Score: 50 (Moderate)

Threat Indicators:

No active threat campaigns detected
No known attacker or spam source classification
Not a Tor exit node or proxy
Listed on 2 of 8 DNSBL entries with maximum severity "high"
DNSBL total listings: 8

Historical Context:

21 signal observations recorded
Subnet classified as "high_abuse" with 0.6 abuse density
Recent DNS operator score: 0.2609 (Basic)
No persistent malicious activity detected over observation window

---

## Neighborhood Analysis (47.128.110.0/24)

Metric	Value
Total Siblings	20
Active Siblings	15
Threat Siblings	12
Abuse Density	0.6 (High)
Inherited Risk	24

Adjacent IP Risk Distribution:

High Risk (60+): 0
Medium Risk (40-59): 17 IPs (e.g., 47.128.110.9, .68, .69, .70, .72, .74, .76-.88, .92, .97)
Low Risk (0-39): 2 IPs (47.128.110.73, .95 at 25)

---

## Network Behavior

Services: None detected (Firewalled / No Services)

Open Ports: Empty

TLS Certificate: None

HTTP Banner: None

Control Plane:

BGP Prefix: 47.128.0.0/14
Route Stability: Unstable
RPKI State: Not available
DNSSEC: Valid
IRR Consistency: Not available

---

## Recommended Actions

Based on the moderate risk profile and subnet abuse density, the following blocking rules are recommended:

Firewall Rules:

```bash

# iptables

iptables -A INPUT -s 47.128.110.75 -j DROP

# nftables

nft add rule inet filter input ip saddr 47.128.110.75 drop

# nginx

deny 47.128.110.75;

# pfSense

47.128.110.75/32

```

Cloud WAF Integration:

Cloudflare WAF: Block with expression `ip.src eq 47.128.110.75`
AWS WAF: Address `47.128.110.75/32`, description "IPDebrief risk 50"

---

## Intelligence Notes

1. Cloud Infrastructure Context: This IP is a standard AWS EC2 instance. Moderate risk scores are common for cloud infrastructure shared across multiple tenants.

2. Subnet Elevation Risk: The /24 subnet shows high abuse density. Consider implementing subnet-level blocking for 47.128.110.0/24 if organizational policy permits.

3. Monitoring Recommendation: Add to threat monitoring due to DNSBL listings and neighborhood activity. Correlate with other signals before taking definitive action.

4. Relationship Context: IP is associated with AMAZON-SIN network. Additional relationships to Amazon infrastructure detected.

---

Analyst Notes: No immediate threat indicators observed on the IP itself. Action recommendations are probabilistic and should be combined with other threat signals, organizational policy, and traffic analysis before implementation.

Data Source: IPDebrief Intelligence Platform

This summary was generated by AI and may contain inaccuracies. Verify critical details independently.

🌍 Geolocation

Country	🇸🇬 Singapore
Region	SG
City	Singapore
Timezone	Asia/Singapore
Latitude	1.35
Longitude	103.82

🏢 Ownership & Registration

Organization	Amazon Data Services Singapore
ASN	AS16509
Network Name	—
CIDR Block	—
RIR	ARIN
Country	—
Abuse Contact	Available via RDAP

🌐 DNS Intelligence

PTR	ec2-47-128-110-75.ap-southeast-1.compute.amazonaws.com
Forward Confirmed	Yes — FCrDNS verified
Forward Hostnames	`ec2-47-128-110-75.ap-southeast-1.compute.amazonaws.com`

🔐 DNS Hygiene

Hygiene Score	80% (Excellent)
SPF	Present
DMARC	Present
FCrDNS	Verified
DNSSEC	Valid
CAA	Not configured

☁️ Network Classification

Infrastructure	Infrastructure / Datacenter
Service Purpose	Firewalled / No Services
Network Tier	Hosting — Infrastructure provider without advanced routing

CloudHosting

🔌 Services & Open Ports

Port	Service	Protocol	Banner
No open ports detected
Closed Ports	22, 25, 80, 443, 3389, 8080, 8443 (0 open / 7 scanned)

Server	—
HTTP Title	—

🔐 TLS Certificate

🔒

No certificate

Issued by —

N/A

SANs	None
Valid From	—
Valid Until	—

🎯 Confidence Breakdown

Per-dimension confidence scores based on source diversity and data freshness

Dimension	Score	Sources	Observations
threat	29%	2	4
routing	8%	1	1
services	15%	2	2
ownership	24%	2	3
reputation	28%	1	3
geolocation	30%	2	3
Overall	22%	10	16

Coverage: 6/6 dimensions · Data sufficiency: sufficient

Data Coherence	Consistent (100%)
Attribution	Moderate (70%)
	OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid

📅 Observation Timeline 🔄 Live

First Seen	2026-05-07 23:04:23 UTC
Last Seen	2026-06-27 05:45:11 UTC
Profile Built	2026-06-27 23:51:07 UTC
Data Freshness	Live
Signal Types	23
Total Observations	29

🔍 23 signal types · 29 observations collected

This report is generated from 23+ independent intelligence signals including ownership records, DNS analysis, BGP routing, TLS certificates, port scanning, threat feeds, behavioral fingerprinting, and more.
Full dossier details are available via our API.

{ } JSON API 🔧 Actions API 📧 Enterprise Access

ℹ️ About This Report

All data shown is publicly available network metadata — IP addresses do not reliably identify individuals. Assessments are probabilistic and should not be used as sole basis for access control decisions. To report an issue or request data review, contact admin@ipdebrief.com.

47.128.110.75📋 Copy