47.128.121.7
## IP Intelligence Briefing: 47.128.121.7
Classification: MODERATE RISK β Cloud Infrastructure
Date: 2026-06-15
Analyst: IPDebrief Intelligence Team
---
Executive Summary
IP address 47.128.121.7 is a legitimate Amazon Web Services cloud compute instance located in Singapore (ap-southeast-1). Current risk assessment indicates moderate risk (score: 40/100) with no direct threat indicators. However, the IP resides within a /24 subnet exhibiting high abuse density (53.52%), suggesting potential collateral risk from neighboring addresses.
---
Technical Profile
| Attribute | Value |
|---|---|
| **Organization** | Amazon Data Services Singapore |
| **ASN** | 16509 (Amazon.com, Inc.) |
| **Geolocation** | Singapore (1.35°N, 103.82°E) |
| **Infrastructure** | AWS Cloud (EC2) |
| **Network Role** | Cloud Compute / Provider |
| **Risk Score** | 40 (Moderate) |
| **Blacklist Status** | Clean (0 listings) |
DNS Resolution:
- PTR Record: ec2-47-128-121-7.ap-southeast-1.compute.amazonaws.com
- Forward Resolution: Confirmed (1 record)
- Email Auth: SPF and DMARC records present
Services: No open ports detected (firewalled/no services exposed)
---
Threat Assessment
Current Status: No active threat indicators identified.
- Known Attacker: No
- Tor Exit Node: No
- Spam Source: No
- CDN/Proxy/VPN: No
- Malware Campaigns: None detected
Observed Indicators:
- 26 historical observations collected
- Threat observation count: 1
- Not persistently malicious
- Route stability: Stable (no route changes in 30 days)
---
Neighborhood Analysis
Subnet: 47.128.121.0/24
- Total Siblings: 71 IPs
- Active Siblings: 43
- Threat Siblings: 38 (53.52% abuse density)
- Classification: High Abuse
Risk Distribution in Subnet:
- High Risk: 0
- Medium Risk: 72
- Low Risk: 6
Notable Neighboring IPs:
- 47.128.121.6 (Risk: 40, Authority: 60)
- 47.128.121.9 (Risk: 40, Authority: 60)
- 47.128.121.13 (Risk: 40, Authority: 60)
- 47.128.121.52 (Risk: 40, Authority: 60)
- 47.128.121.53 (Risk: 40, Authority: 60)
---
Relationship Graph
Primary associations identified:
- DNS Associations: Multiple entries to ec2-47-128-121-7.ap-southeast-1.compute.amazonaws.com
- Network Association: AMAZON-SIN (same network)
- Related Entities: 42 total relationship records
---
Historical Observation Timeline
Recent Activity (June 2026):
- 2026-06-15 04:48: Cloud infrastructure classification confirmed (AWS provider)
- 2026-06-15 02:37: Subnet abuse density recorded (0.5352, high_abuse classification)
- 2026-06-15 02:30: DNS blacklist listing detected (1 of 8 total lists, max severity: high)
- 2026-06-15 02:29: Operator score recorded (0.5217, Moderate)
Temporal Analysis: No ownership changes observed. Threat persistence days: 0.
---
Recommended Actions
Firewall Blocking Rules (Recommended):
```bash
# iptables
iptables -A INPUT -s 47.128.121.7 -j DROP
# nftables
nft add rule inet filter input ip saddr 47.128.121.7 drop
# nginx
deny 47.128.121.7;
# pfSense
47.128.121.7/32
# Cloudflare WAF
ip.src eq 47.128.121.7 β Block
# AWS WAF
Addresses: 47.128.121.7/32
```
Risk Mitigation Notes:
- Despite moderate risk score, the subnet's high abuse density warrants consideration for blocking
- This is a cloud infrastructure IP; false positives should be evaluated before blocking
- Monitor for any service activity if previously blocked
- Consider blocking the entire /24 subnet if threat correlates with neighbor IPs
---
Intelligence Confidence
Data Sufficiency: 17 dimensions covered across 7 total sources
Overall Confidence: Moderate (0.29 confidence score)
Geolocation Validation: Plausible (ICMP validation blocked)
---
End of Briefing
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
π’ Ownership & Registration
| Organization | Amazon Data Services Singapore |
| ASN | AS16509 |
| Network Name | β |
| CIDR Block | 47.128.0.0/14 |
| RIR | ARIN |
| Country | β |
| Abuse Contact | Available via RDAP |
π DNS Intelligence
| PTR | ec2-47-128-121-7.ap-southeast-1.compute.amazonaws.com |
| Forward Confirmed | Yes β FCrDNS verified |
| Forward Hostnames | ec2-47-128-121-7.ap-southeast-1.compute.amazonaws.com |
π DNS Hygiene
| Hygiene Score | 80% (Excellent) |
| SPF | Present |
| DMARC | Present |
| FCrDNS | Verified |
| DNSSEC | Valid |
| CAA | Not configured |
βοΈ Network Classification
| Infrastructure | Infrastructure / Datacenter |
| Service Purpose | Firewalled / No Services |
| Network Tier | Hosting β Infrastructure provider without advanced routing |
π Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Closed Ports | 22, 25, 80, 443, 3389, 8080, 8443 (0 open / 7 scanned) | ||
| Server | β |
| HTTP Title | β |
π TLS Certificate
| SANs | None |
| Valid From | β |
| Valid Until | β |
π― Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 29% | 2 | 4 |
| routing | 20% | 2 | 3 |
| services | 12% | 2 | 2 |
| ownership | 27% | 3 | 4 |
| reputation | 31% | 1 | 3 |
| geolocation | 33% | 2 | 3 |
| Overall | 25% | 12 | 19 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (70%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
π Observation Timeline π Live
| First Seen | 2026-05-17 03:09:11 UTC |
| Last Seen | 2026-06-28 04:33:48 UTC |
| Profile Built | 2026-06-28 22:38:54 UTC |
| Data Freshness | Live |
| Signal Types | 27 |
| Total Observations | 31 |
Full dossier details are available via our API.