47.128.121.140
IP Intelligence Briefing: 47.128.121.140
*Generated via IPDebrief Threat Intelligence Platform*
---
**Key Findings**
1. Reputation & Risk
- Risk Score: 25 (Low Risk)
- Provider: Amazon Web Services (AWS)
- Geolocation: Singapore (AS16509, Amazon Data Services Singapore)
- Threat Indicators: No active malicious signals, no blacklists, no spam, or known attacker associations.
2. Network Context
- Infrastructure: AWS EC2 instance (`ec2-47-128-121-140.ap-southeast-1.compute.amazonaws.com`).
- Subnet: `47.128.121.140/24` (Abuse Density: 40.74%, mixed classification).
- Neighbors: 54 IPs in subnet, 23 active. 22 neighbors flagged as threats (medium/high risk).
3. Historical Observations
- Observed 18 times since May 31, 2026.
- No persistent malicious activity; threat observations are isolated.
- DNS and geolocation data consistent with AWS infrastructure.
4. Relationships
- Linked to AWS-hosted domains and networks (`AMAZON-SIN`).
- No direct ties to known malicious campaigns or organizations.
---
**Actionable Insights**
- Monitor Subnet: The `/24` subnet contains 22 high/medium-risk neighbors. Investigate potential lateral movement or shared infrastructure risks.
- Verify AWS Security: Confirm the EC2 instance is properly configured with IAM policies and security groups to prevent unauthorized access.
- Baseline Traffic: Establish baseline behavior for this AWS instance to detect anomalies (e.g., unexpected outbound connections).
---
**Recommendations**
- No Immediate Blocking: The IP itself is low-risk but resides in a subnet with mixed activity.
- Enhance Subnet Monitoring: Use IDS/IPS to detect suspicious traffic patterns within the `47.128.121.140/24` subnet.
- Check DNSSEC/CAA: Ensure DNS validation (DNSSEC, CAA records) is enforced to mitigate spoofing risks.
Conclusion: This IP is part of AWS infrastructure with no direct malicious activity. Focus on subnet-level threats and AWS-specific security hardening.
*Generated by IPDebrief | © 2026 Jason Alberino*
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
π’ Ownership & Registration
| Organization | Amazon Data Services Singapore |
| ASN | AS16509 |
| Network Name | β |
| CIDR Block | β |
| RIR | ARIN |
| Country | β |
| Abuse Contact | Available via RDAP |
π DNS Intelligence
| PTR | ec2-47-128-121-140.ap-southeast-1.compute.amazonaws.com |
| Forward Confirmed | Yes β FCrDNS verified |
| Forward Hostnames | ec2-47-128-121-140.ap-southeast-1.compute.amazonaws.com |
π DNS Hygiene
| Hygiene Score | 80% (Excellent) |
| SPF | Present |
| DMARC | Present |
| FCrDNS | Verified |
| DNSSEC | Valid |
| CAA | Not configured |
βοΈ Network Classification
| Infrastructure | Infrastructure / Datacenter |
| Service Purpose | Firewalled / No Services |
| Network Tier | Hosting β Infrastructure provider without advanced routing |
π Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Closed Ports | 22, 25, 80, 443, 3389, 8080, 8443 (0 open / 7 scanned) | ||
| Server | β |
| HTTP Title | β |
π TLS Certificate
| SANs | None |
| Valid From | β |
| Valid Until | β |
π― Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 45% | 2 | 5 |
| routing | 8% | 1 | 1 |
| services | 15% | 2 | 2 |
| ownership | 24% | 2 | 3 |
| reputation | 31% | 1 | 3 |
| geolocation | 33% | 2 | 3 |
| Overall | 26% | 10 | 17 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (70%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
π Observation Timeline π Live
| First Seen | 2026-05-16 14:59:24 UTC |
| Last Seen | 2026-06-28 03:42:50 UTC |
| Profile Built | 2026-06-28 21:48:01 UTC |
| Data Freshness | Live |
| Signal Types | 22 |
| Total Observations | 27 |
Full dossier details are available via our API.