47.128.112.235
## IP INTELLIGENCE BRIEFING
Subject: 47.128.112.235/32
Classification: Moderate Risk Infrastructure
Date: Current Intelligence Cycle
Prepared By: IPDebrief Intelligence Division
---
EXECUTIVE SUMMARY
IP address 47.128.112.235 is identified as an Amazon Web Services (AWS) cloud compute instance deployed in the Singapore region (ap-southeast-1). The IP carries a moderate risk score of 40 and demonstrates no active threat indicators despite residing in a high-abuse density subnet. Infrastructure appears legitimate with stable ownership and routing characteristics.
---
INFRASTRUCTURE PROFILE
| Attribute | Value |
|---|---|
| **IP Address** | 47.128.112.235 |
| **Risk Score** | 40/100 (Moderate) |
| **ASN** | 16509 (Amazon Data Services Singapore) |
| **Organization** | Amazon Web Services |
| **Location** | Singapore (1.35°N, 103.82°E) |
| **Infrastructure Type** | CloudCompute |
| **DNS Alias** | ec2-47-128-112-235.ap-southeast-1.compute.amazonaws.com |
| **Network Role** | Hosting/Cloud Infrastructure |
Control Plane: Route origin AS34549 β AS2914 β AS16509. BGP prefix 47.128.0.0/14 with stable routing. RPKI validation status available via RDAP.
---
THREAT ASSESSMENT
Active Indicators: None detected
- Known attacker status: Negative
- Spam source status: Negative
- Tor exit node: Negative
- Blacklist count: 0
- Active threat feeds: None
DNS Security Posture:
- SPF record: Configured
- DMARC record: Configured
- Forward resolution: Confirmed (1 hostname)
- PTR record: ec2-47-128-112-235.ap-southeast-1.compute.amazonaws.com
Service Exposure: No open ports detected. Service banner analysis indicates firewall-protected or no active services.
---
NETWORK CONTEXT & NEIGHBORHOOD ANALYSIS
Subnet Profile: 47.128.112.0/24
- Classification: High Abuse Density
- Abuse Density Score: 0.69
- Total Subnet Capacity: 256 addresses
- Active Subnet Siblings: 82
- Threat-Associated Siblings: 69
The /24 subnet exhibits elevated abuse density typical of cloud provider allocations. While 69 of 82 active siblings show threat associations, the specific IP 47.128.112.235 demonstrates no direct threat correlation.
Risk Distribution in Neighborhood:
- High Risk: 0 IPs
- Medium Risk: 97 IPs
- Low Risk: 2 IPs
---
OBSERVATION HISTORY
Signal Count: 26 historical observations
Ownership Stability: 9,550+ days (established 2000-05-04)
Threat Persistence: None detected
Recent signal timeline indicates:
- ASN ownership consistency maintained
- BGP routing stable (no MoAS detections)
- No ownership transitions
- No persistent malicious activity patterns
---
INTERCONNECTED ENTITIES
Relationship Count: 58 identified
- Network associations: AMAZON-SIN (Singapore datacenter)
- DNS associations: AWS compute hostname
- No certificate associations detected
- No correlated IP campaigns identified
---
SECURITY RECOMMENDATIONS
Action Status: No immediate blocking required
Rationale: IP demonstrates legitimate cloud infrastructure characteristics with no active threat indicators. However, subnet-level abuse density warrants monitoring.
Recommended Firewall Rules (if blocking required):
*iptables:*
```
iptables -A INPUT -s 47.128.112.235 -j DROP
```
*nftables:*
```
nft add rule inet filter input ip saddr 47.128.112.235 drop
```
*nginx:*
```
deny 47.128.112.235;
```
*Cloudflare WAF:*
```
{"description": "Block 47.128.112.235 β IPDebrief risk score 40", "action": "block", "filter": {"expression": "ip.src eq 47.128.112.235"}}
```
*AWS WAF:*
```
{"Addresses":["47.128.112.235/32"],"Description":"IPDebrief risk 40"}
```
---
INTELLIGENCE JUDGMENT
Threat Level: LOW/MONITOR
The IP address represents legitimate AWS cloud infrastructure in Singapore. While the /24 subnet exhibits elevated abuse density (0.69), the specific IP shows no active threat indicators. The absence of open services and proper DNS/security configurations supports benign classification.
Recommended Action: Monitor subnet-level activity. No immediate blocking advised unless additional context indicates suspicious traffic patterns.
---
*Intel generated by IPDebrief Intelligence Platform. All data sourced from active network intelligence feeds.*
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
π’ Ownership & Registration
| Organization | Amazon Data Services Singapore |
| ASN | AS16509 |
| Network Name | β |
| CIDR Block | 47.128.0.0/14 |
| RIR | ARIN |
| Country | β |
| Abuse Contact | Available via RDAP |
π DNS Intelligence
| PTR | ec2-47-128-112-235.ap-southeast-1.compute.amazonaws.com |
| Forward Confirmed | Yes β FCrDNS verified |
| Forward Hostnames | ec2-47-128-112-235.ap-southeast-1.compute.amazonaws.com |
π DNS Hygiene
| Hygiene Score | 80% (Excellent) |
| SPF | Present |
| DMARC | Present |
| FCrDNS | Verified |
| DNSSEC | Valid |
| CAA | Not configured |
βοΈ Network Classification
| Infrastructure | Infrastructure / Datacenter |
| Service Purpose | Firewalled / No Services |
| Network Tier | Hosting β Infrastructure provider without advanced routing |
π Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Server | β |
| HTTP Title | β |
π TLS Certificate
| SANs | None |
| Valid From | β |
| Valid Until | β |
π― Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 30% | 2 | 3 |
| routing | 26% | 2 | 3 |
| services | 8% | 1 | 1 |
| ownership | 35% | 3 | 6 |
| reputation | 28% | 1 | 3 |
| geolocation | 25% | 2 | 2 |
| Overall | 25% | 11 | 18 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (70%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
π Observation Timeline π Live
| First Seen | 2026-05-09 17:41:38 UTC |
| Last Seen | 2026-06-27 16:21:40 UTC |
| Profile Built | 2026-06-28 10:27:31 UTC |
| Data Freshness | Live |
| Signal Types | 24 |
| Total Observations | 30 |
Full dossier details are available via our API.