47.128.111.118
## INTELLIGENCE BRIEFING: 47.128.111.118/32
Classification: Moderate Risk Cloud Infrastructure | Jurisdiction: Singapore (SG) | Date: Current
---
EXECUTIVE SUMMARY
IP 47.128.111.118 is a legitimate AWS EC2 compute instance located in the Singapore region (ap-southeast-1). The address carries a moderate risk score of 40/100 with no active threat indicators. Historical analysis indicates stable cloud infrastructure patterns with no evidence of malicious activity.
---
TECHNICAL PROFILE
Ownership & Infrastructure:
- Provider: Amazon Web Services (AWS)
- Organization: Amazon Data Services Singapore
- ASN: 16509 (Amazon.com, Inc.)
- CIDR Block: 47.128.0.0/14
- Geolocation: Singapore (1.35°N, 103.82°E)
- Infrastructure Type: CloudCompute
DNS Resolution:
- Reverse DNS: ec2-47-128-111-118.ap-southeast-1.compute.amazonaws.com
- Forward resolution: Confirmed (amazonaws.com)
- Email Authentication: SPF and DMARC configured
Network Services:
- Open Ports: None detected
- HTTP Services: None detected
- TLS Certificate: None
---
THREAT ASSESSMENT
Current Risk Score: 40/100 (Moderate Risk)
Threat Indicators:
- Known Attacker: No
- Spam Source: No
- Tor Exit Node: No
- Blacklist Count: 0
- Known Campaigns: None
Control Plane Analysis:
- Route Stability: Stable (0 route changes in 30 days)
- RPKI State: Valid
- DNSSEC: Valid
- DNSBL Listed: 1 of 8 lists
---
OBSERVATION HISTORY
Signal Count: 23 observations recorded
Key Historical Signals:
1. 2026-06-27: Routing stability assessment (confidence: 0.60)
2. 2026-06-19: Subnet abuse density classification: High Abuse (0.6 density)
3. 2026-06-14: ASN age verification: 9,537 days (registered 2000-05-04)
Temporal Analysis:
- Ownership Changes: 0
- Threat Persistence Days: 0
- Threat Observation Count: 1
- Persistently Malicious: No
---
NETWORK NEIGHBORHOOD ANALYSIS
Subnet: 47.128.111.0/24
Total Siblings: 38 addresses
Risk Distribution:
- High Risk: 0
- Medium Risk: 29
- Low Risk: 9
Notable Neighbor Risk Scores:
- 47.128.111.117: 40 (60 authority)
- 47.128.111.119-122: 40 (60 authority)
- 47.128.111.125, 134, 148: 0 (50 authority)
- 47.128.111.112, 115, 126, 129, 133, 155: 25 (60 authority)
Interpretation: Neighborhood shows typical AWS cloud infrastructure risk profiles with most addresses carrying moderate risk scores consistent with legitimate cloud hosting operations.
---
RELATIONSHIP GRAPH
Primary Associations:
- DNS: ec2-47-128-111-118.ap-southeast-1.compute.amazonaws.com
- Network: AMAZON-SIN
Total Relationships: 50 (including duplicate DNS entries)
---
RECOMMENDED ACTIONS
Risk-Based Mitigation:
Given the moderate risk score and lack of active threat indicators, blocking is recommended for defensive hardening.
Firewall Rules:
```bash
# iptables
iptables -A INPUT -s 47.128.111.118 -j DROP
# nftables
nft add rule inet filter input ip saddr 47.128.111.118 drop
# nginx
deny 47.128.111.118;
# pfSense
47.128.111.118/32
# Cloudflare WAF
Expression: ip.src eq 47.128.111.118
# AWS WAF
Addresses: 47.128.111.118/32
```
Contextual Note: The moderate risk score reflects typical cloud infrastructure risk patterns. No active exploitation or malicious activity detected. Blocking is a conservative defensive measure.
---
INTELLIGENCE CONCLUSION
IP 47.128.111.118 represents standard AWS cloud infrastructure with a moderate risk profile. The address shows no evidence of malicious activity, though it carries a risk score of 40/100 that warrants defensive blocking in high-security environments. Historical data confirms stable, non-malicious behavior over the observation period.
Threat Level: LOW (Moderate Risk Score) | Action: BLOCK (Defensive Hardening)
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
π’ Ownership & Registration
| Organization | Amazon Data Services Singapore |
| ASN | AS16509 |
| Network Name | β |
| CIDR Block | 47.128.0.0/14 |
| RIR | ARIN |
| Country | β |
| Abuse Contact | Available via RDAP |
π DNS Intelligence
| PTR | ec2-47-128-111-118.ap-southeast-1.compute.amazonaws.com |
| Forward Confirmed | Yes β FCrDNS verified |
| Forward Hostnames | ec2-47-128-111-118.ap-southeast-1.compute.amazonaws.com |
π DNS Hygiene
| Hygiene Score | 80% (Excellent) |
| SPF | Present |
| DMARC | Present |
| FCrDNS | Verified |
| DNSSEC | Valid |
| CAA | Not configured |
βοΈ Network Classification
| Infrastructure | Infrastructure / Datacenter |
| Service Purpose | Firewalled / No Services |
| Network Tier | Hosting β Infrastructure provider without advanced routing |
π Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Closed Ports | 22, 25, 80, 443, 3389, 8080, 8443 (0 open / 7 scanned) | ||
| Server | β |
| HTTP Title | β |
π TLS Certificate
| SANs | None |
| Valid From | β |
| Valid Until | β |
π― Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 25% | 2 | 4 |
| routing | 24% | 2 | 3 |
| services | 15% | 2 | 2 |
| ownership | 24% | 3 | 4 |
| reputation | 27% | 1 | 3 |
| geolocation | 31% | 2 | 3 |
| Overall | 24% | 12 | 19 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (70%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
π Observation Timeline π Live
| First Seen | 2026-05-12 21:55:30 UTC |
| Last Seen | 2026-06-27 22:09:42 UTC |
| Profile Built | 2026-06-28 22:14:33 UTC |
| Data Freshness | Live |
| Signal Types | 25 |
| Total Observations | 30 |
Full dossier details are available via our API.