47.128.112.255
IP Intelligence Dossier
Your IP: 216.73.216.123
π€ Witness AIThis summary was generated by AI and may contain inaccuracies. Verify critical details independently.
IP Intelligence Briefing: 47.128.112.255/32
*Generated via IPDebrief Tools*
---
**1. Core Profile**
- Risk Score: 40 (Moderate Risk)
- Ownership: Amazon Data Services Singapore (ASN 16509)
- Geolocation: Singapore (City: Singapore, Latitude: 1.35, Longitude: 103.82)
- Network Role: AWS CloudCompute instance (ec2-47-128-112-255.ap-southeast-1.compute.amazonaws.com)
- Threat Indicators: No direct malicious activity detected.
---
**2. Subnet Analysis**
- Subnet: 47.128.112.0/24
- Abuse Density: 59.34% (High Abuse Classification)
- Neighbor Risk: 84 IPs rated Medium Risk (40), 14 Low Risk (60).
- Inherited Risk: 23 points from subnet activity.
- Key Neighbors:
- 47.128.112.2 (Risk: 40)
- 47.128.112.3 (Risk: 40)
- ... (93 additional IPs).
---
**3. Historical Observations**
- Last 30 Days:
- 17 observations (e.g., subnet abuse density, geolocation, network role).
- No persistent malicious activity or campaign correlations.
- Stability: Route instability detected (isRouteStable: false).
---
**4. Relationships & Context**
- DNS Associations: Linked to AWS EC2 instance (ec2-47-128-112-255.ap-southeast-1.compute.amazonaws.com).
- Network Affiliation: Part of AWS subnet "AMAZON-SIN" (Singapore region).
- No Tor/Proxy/VPN: Identified as a cloud-hosted server, not a proxy or anonymization service.
---
**5. Recommendations**
- Monitor Subnet: High abuse density in 47.128.112.0/24 suggests potential for lateral movement or compromised hosts.
- Verify Cloud Activity: Confirm AWS EC2 instance legitimacy via AWS console; check for unauthorized access logs.
- Network Segmentation: Isolate high-risk subnet traffic to prevent potential lateral spread.
- DNS & TLS Inspection: Analyze DNS resolution and TLS certificates for unusual behavior, even though no direct threats were found.
---
Conclusion: While 47.128.112.255 itself shows no direct malicious indicators, its association with a high-abuse subnet warrants closer scrutiny. SOC teams should prioritize monitoring AWS cloud infrastructure and subnet-level activity for signs of compromise.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
π’ Ownership & Registration
| Organization | Amazon Data Services Singapore |
| ASN | AS16509 |
| Network Name | β |
| CIDR Block | 47.128.0.0/14 |
| RIR | ARIN |
| Country | β |
| Abuse Contact | Available via RDAP |
π DNS Intelligence
| PTR | ec2-47-128-112-255.ap-southeast-1.compute.amazonaws.com |
| Forward Confirmed | Yes β FCrDNS verified |
| Forward Hostnames | ec2-47-128-112-255.ap-southeast-1.compute.amazonaws.com |
π DNS Hygiene
| Hygiene Score | 80% (Excellent) |
| SPF | Present |
| DMARC | Present |
| FCrDNS | Verified |
| DNSSEC | Valid |
| CAA | Not configured |
βοΈ Network Classification
| Infrastructure | Infrastructure / Datacenter |
| Service Purpose | Firewalled / No Services |
| Network Tier | Hosting β Infrastructure provider without advanced routing |
π Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Closed Ports | 22, 25, 80, 443, 3389, 8080, 8443 (0 open / 7 scanned) | ||
| Server | β |
| HTTP Title | β |
π TLS Certificate
No certificate
Issued by β
N/A
| SANs | None |
| Valid From | β |
| Valid Until | β |
π― Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 49% | 2 | 5 |
| routing | 24% | 2 | 3 |
| services | 15% | 2 | 2 |
| ownership | 27% | 3 | 4 |
| reputation | 31% | 1 | 3 |
| geolocation | 25% | 2 | 2 |
| Overall | 28% | 12 | 19 |
Coverage: 6/6 dimensions Β· Data sufficiency: sufficient
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (70%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
π Observation Timeline π Live
| First Seen | 2026-05-17 15:13:33 UTC |
| Last Seen | 2026-06-28 05:31:10 UTC |
| Profile Built | 2026-06-28 23:36:00 UTC |
| Data Freshness | Live |
| Signal Types | 24 |
| Total Observations | 28 |
π 24 signal types Β· 28 observations collected
This report is generated from 24+ independent intelligence signals including
ownership records, DNS analysis, BGP routing, TLS certificates, port scanning, threat feeds,
behavioral fingerprinting, and more.
Full dossier details are available via our API.
Full dossier details are available via our API.
βΉοΈ About This Report
All data shown is publicly available network metadata β IP addresses do not reliably identify individuals.
Assessments are probabilistic and should not be used as sole basis for access control decisions.
To report an issue or request data review, contact admin@ipdebrief.com.