47.128.111.0
# IP INTELLIGENCE BRIEFING: 47.128.111.0
Classification: Cloud Infrastructure Asset | Risk Level: Moderate (40/100)
Date Generated: 2026-06-21 | Data Source: IPDebrief Intelligence Platform
---
## EXECUTIVE SUMMARY
IP address 47.128.111.0 is an Amazon Web Services EC2 instance hosted in Singapore (ap-southeast-1 region). While the individual IP presents moderate risk, the associated /24 subnet exhibits elevated abuse density (68.57%), indicating a high-activity cloud environment. No active threat indicators were observed on this specific IP address.
---
## INFRASTRUCTURE PROFILE
| Attribute | Value |
|---|---|
| **IP Address** | 47.128.111.0/32 |
| **Organization** | Amazon Data Services Singapore |
| **ASN** | 16509 (AMAZON-AS) |
| **Network** | 47.128.0.0/14 |
| **Location** | Singapore, SG |
| **Service Type** | Cloud Compute (AWS EC2) |
| **DNS PTR** | ec2-47-128-111-0.ap-southeast-1.compute.amazonaws.com |
| **Infrastructure** | Firewalled / No Services |
---
## THREAT ASSESSMENT
Risk Score: 40 (Moderate Risk)
Abuse Confidence Score: Not applicable (cloud infrastructure)
Blacklist Count: 0
Known Attacker: No
Tor Exit Node: No
Spam Source: No
Threat Indicators
- No active threat indicators detected
- No associated malware campaigns
- No DNS blacklist listings on this specific IP
- No known attack attribution
---
## SUBNET CONTEXT: 47.128.111.0/24
Abuse Density: 68.57% (HIGH)
Total Siblings: 35 IPs
Active Siblings: 25 IPs
Threat Siblings: 24 IPs
Neighborhood Risk Distribution
- High Risk: 0 IPs
- Medium Risk: 14 IPs
- Low Risk: 24 IPs
Analysis: The /24 subnet shows significant cloud infrastructure activity with multiple IPs exhibiting risk scores of 25β40. The elevated abuse density suggests this subnet serves multiple tenants with varying security postures. This IP's risk score of 40 aligns with the inherited subnet risk of 27.
---
## OBSERVATION HISTORY
Total Observations: 24 signals
Timeline: June 2026 (recent activity)
Key Historical Signals
1. Network Classification: Confirmed as high-abuse subnet (2026-06-21)
2. Geolocation: Singapore (multi-signal inference, confidence 56%)
3. Ownership: Stable (no ownership changes observed)
4. Threat Status: Not persistently malicious
5. Scanning Activity: Multiple port scans observed during observation window
---
## RELATIONSHIP GRAPH
Total Relationships Identified: 36
Primary Associations
- Network: AMAZON-SIN (multiple instances)
- DNS Hostname: ec2-47-128-111-0.ap-southeast-1.compute.amazonaws.com
- Infrastructure Provider: Amazon Web Services
Network Stability
- Route Stability: Stable (isRouteStable: true)
- BGP Prefix: 47.128.0.0/14
- Origin ASN: 16509
- Delegation Age: 9,534 days
- RPKI State: Consistent
---
## ACTIONABLE INTELLIGENCE
Recommended Actions
1. Traffic Policy: Apply standard cloud traffic filtering rules. No specific blocking required for this IP.
2. Monitoring: Monitor for lateral movement within the 47.128.111.0/24 subnet given the high abuse density (68.57%).
3. Baseline: Establish traffic baseline for EC2-47-128-111-0.ap-southeast-1.compute.amazonaws.com to identify anomalies.
4. Contextual Analysis: Be aware that 24 of 35 sibling IPs in this subnet have been flagged as threat-related. Correlate any suspicious activity with broader subnet intelligence.
5. DNS Verification: Forward DNS resolution confirms hostname consistency with AWS infrastructure. No spoofing indicators.
---
## SOC ANALYST NOTES
This IP represents legitimate AWS cloud infrastructure in Singapore. The moderate risk score (40) is consistent with cloud environments hosting multiple workloads. While the specific IP shows no malicious activity, the associated subnet's high abuse density warrants awareness during incident correlation.
Priority: LOW-MONITOR
Action: Standard cloud traffic policies apply. No immediate mitigation required.
---
End of Briefing
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
π’ Ownership & Registration
| Organization | Amazon Data Services Singapore |
| ASN | AS16509 |
| Network Name | AMAZON-SIN |
| CIDR Block | 47.128.0.0/14 |
| RIR | ARIN |
| Country | Singapore |
| Abuse Contact | Available via RDAP |
π DNS Intelligence
| PTR | ec2-47-128-111-0.ap-southeast-1.compute.amazonaws.com |
| Forward Confirmed | Yes β FCrDNS verified |
| Forward Hostnames | ec2-47-128-111-0.ap-southeast-1.compute.amazonaws.com |
π DNS Hygiene
| Hygiene Score | 80% (Excellent) |
| SPF | Present |
| DMARC | Present |
| FCrDNS | Verified |
| DNSSEC | Valid |
| CAA | Not configured |
βοΈ Network Classification
| Infrastructure | Infrastructure / Datacenter |
| Service Purpose | Firewalled / No Services |
| Network Tier | Tier 3 β Basic operator with some routing infrastructure |
π Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Closed Ports | 22, 25, 80, 443, 3389, 8080, 8443 (0 open / 7 scanned) | ||
| Server | β |
| HTTP Title | β |
π TLS Certificate
| SANs | None |
| Valid From | β |
| Valid Until | β |
π― Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 27% | 2 | 3 |
| routing | 27% | 2 | 3 |
| services | 19% | 2 | 2 |
| ownership | 30% | 3 | 4 |
| reputation | 22% | 1 | 3 |
| geolocation | 19% | 2 | 2 |
| Overall | 24% | 12 | 17 |
| Data Coherence | Mostly Consistent (80%) β 1 contradiction(s) |
| Attribution | Moderate (55%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
π Observation Timeline π Live
| First Seen | 2026-05-28 12:25:50 UTC |
| Last Seen | 2026-06-29 05:31:20 UTC |
| Profile Built | 2026-06-29 05:34:49 UTC |
| Data Freshness | Live |
| Signal Types | 26 |
| Total Observations | 26 |
Full dossier details are available via our API.