IPDebrief

47.128.119.181

IP Intelligence Dossier
Your IP: 216.73.216.123
{ } JSON πŸ”§ Full Actions API
πŸ€– Witness AIThis summary was generated by AI and may contain inaccuracies. Verify critical details independently.

Threat Intelligence Briefing: IP Address 47.128.119.181/32

Summary:

The IP address 47.128.119.181/32 is associated with Amazon Data Services Singapore (ASN 16509) and is registered to Amazon Web Services (AWS). It is geolocated in Singapore and classified as a cloud compute infrastructure node. While the IP itself is rated Low Risk (risk score: 25), its subnet (47.128.119.181/24) contains a mix of low/medium-risk IPs, with 68% of neighbors classified as medium risk.

Key Findings:

1. Network Context:

- Hosted on AWS, likely an EC2 instance (DNS records point to `ec2-47-128-119-181.ap-southeast-1.compute.amazonaws.com`).

- Subnet 47.128.119.0/24 has an abuse density of 0.2462, indicating a small but non-negligible risk of malicious activity within the network.

2. Threat Indicators:

- No direct malicious indicators (no known campaigns, spam, or blacklists).

- Historical data shows minimal threat signals (26 pulses detected over 30 days, but no persistent malicious activity).

- No Tor exit nodes, VPNs, or CDN associations.

3. Neighbor Analysis:

- The subnet contains 85 IPs, with 68 medium-risk and 16 low-risk siblings.

- Notable neighbors include IPs with risk scores up to 40, suggesting potential for lateral movement or shared infrastructure risks.

4. Operational Context:

- AWS infrastructure is inherently secure, but misconfigurations or compromised instances could elevate risk.

- DNSSEC and CAA records are valid, but the subnet’s mixed risk profile warrants closer monitoring.

Recommendations:

Conclusion:

While the IP itself is legitimate AWS infrastructure, its subnet’s mixed risk profile necessitates vigilance. SOC teams should focus on subnet-level monitoring and ensure AWS security best practices are enforced to mitigate potential risks from neighboring IPs.

This summary was generated by AI and may contain inaccuracies. Verify critical details independently.

🌍 Geolocation

CountryπŸ‡ΈπŸ‡¬ Singapore
RegionSG
CitySingapore
TimezoneAsia/Singapore
Latitude1.35
Longitude103.82

🏒 Ownership & Registration

OrganizationAmazon Data Services Singapore
ASNAS16509
Network Nameβ€”
CIDR Blockβ€”
RIRARIN
Countryβ€”
Abuse ContactAvailable via RDAP

🌐 DNS Intelligence

PTRec2-47-128-119-181.ap-southeast-1.compute.amazonaws.com
Forward ConfirmedYes β€” FCrDNS verified
Forward Hostnamesec2-47-128-119-181.ap-southeast-1.compute.amazonaws.com

πŸ” DNS Hygiene

Hygiene Score80% (Excellent)
SPFPresent
DMARCPresent
FCrDNSVerified
DNSSECValid
CAANot configured

☁️ Network Classification

InfrastructureInfrastructure / Datacenter
Service PurposeFirewalled / No Services
Network TierHosting β€” Infrastructure provider without advanced routing
CloudHosting

πŸ”Œ Services & Open Ports

PortServiceProtocolBanner
No open ports detected
Closed Ports22, 25, 80, 443, 3389, 8080, 8443 (0 open / 7 scanned)
Serverβ€”
HTTP Titleβ€”

πŸ” TLS Certificate

πŸ”’
No certificate
Issued by β€”
N/A
SANsNone
Valid Fromβ€”
Valid Untilβ€”

🎯 Confidence Breakdown

Per-dimension confidence scores based on source diversity and data freshness

DimensionScoreSourcesObservations
threat
26%
24
routing
8%
11
services
12%
22
ownership
24%
23
reputation
31%
13
geolocation
33%
23
Overall22%1016
Coverage: 6/6 dimensions Β· Data sufficiency: sufficient
Data CoherenceConsistent (100%)
AttributionModerate (70%)
OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid

πŸ“… Observation Timeline πŸ”„ Live

First Seen2026-05-17 21:15:45 UTC
Last Seen2026-06-28 05:54:01 UTC
Profile Built2026-06-28 23:58:00 UTC
Data FreshnessLive
Signal Types22
Total Observations26
πŸ” 22 signal types Β· 26 observations collected
This report is generated from 22+ independent intelligence signals including ownership records, DNS analysis, BGP routing, TLS certificates, port scanning, threat feeds, behavioral fingerprinting, and more.
Full dossier details are available via our API.
{ } JSON API πŸ”§ Actions API πŸ“§ Enterprise Access

ℹ️ About This Report

All data shown is publicly available network metadata β€” IP addresses do not reliably identify individuals. Assessments are probabilistic and should not be used as sole basis for access control decisions. To report an issue or request data review, contact admin@ipdebrief.com.