47.128.16.180
# IP INTELLIGENCE BRIEFING
Target IP: 47.128.16.180/32
Date of Analysis: 2026-06-16
Classification: Cloud Infrastructure - Moderate Risk
---
## EXECUTIVE SUMMARY
IP address 47.128.16.180 is identified as an Amazon Web Services EC2 instance deployed in the Singapore region (ap-southeast-1). The IP carries a moderate risk score of 40, primarily driven by subnet-level abuse activity rather than direct malicious behavior. No active threat indicators, blacklists, or known campaign associations were detected.
---
## OWNERSHIP & INFRASTRUCTURE
Provider: Amazon Web Services (ASN 16509)
Organization: AMAZON-SIN (AMAZON DATA SERVICES SINGAPORE)
CIDR Block: 47.128.0.0/14
Infrastructure Type: CloudCompute
Classification: Cloud Hosting (AWS EC2)
DNS Resolution:
- PTR Record: ec2-47-128-16-180.ap-southeast-1.compute.amazonaws.com
- Forward Resolution: Confirmed
- Hosted Domain: amazonaws.com
Geolocation:
- Country: Singapore (SG)
- City: Singapore
- Coordinates: 1.35°N, 103.82°E
- Timezone: Asia/Singapore
- Accuracy Radius: 150km
---
## THREAT ASSESSMENT
Risk Score: 40 (Moderate Risk)
Reputation: Moderate Risk
Abuse Confidence Score: Not Applicable
Threat Indicators:
- Blacklist Count: 0
- Known Attacker: False
- Spam Source: False
- Tor Exit Node: False
- Known Campaigns: None
- Pulsedive Risk: Not Detected
Control Plane Analysis:
- Route Stability: False
- Route Changes (30d): 0
- DNSSEC Valid: True
- DNSBL Listed: 0 (of 8 total lists checked)
- Operator Score: 0.2609 (Basic)
---
## NETWORK ACTIVITY
Services: No open ports detected
Connection Type: Firewalled / No Services
TLS Certificate: Not Configured
HTTP Banner: None Detected
Temporal Analysis:
- Threat Observation Count: 0
- Persistent Malicious Activity: False
- Ownership Changes: 0
---
## NEIGHBORHOOD ANALYSIS
Subnet: 47.128.16.0/24
Abuse Density: 0.7143 (High Abuse Classification)
Total Siblings: 14
Active Siblings: 10
Threat Siblings: 10
Inherited Risk Score: 25
Neighbor Risk Distribution:
- High Risk: 0
- Medium Risk: 13
- Low Risk: 2
The subnet exhibits elevated abuse density, with the majority of neighboring IPs carrying risk scores between 40-50. This suggests shared infrastructure characteristics typical of cloud hosting environments where multiple tenants coexist.
---
## OBSERVATION HISTORY
Total Observations: 19
Recent Activity: June 2026
Key Historical Signals:
- Port scanning activity detected (confidence: 70%)
- Geolocation inference confirmed (confidence: 56%)
- Subnet abuse classification verified (confidence: 75%)
- Ownership stability confirmed (confidence: 85%)
No escalation in threat behavior observed over the observation period.
---
## RELATIONSHIP MAPPING
All detected relationships link to:
- Network: AMAZON-SIN
- Hostname: ec2-47-128-16-180.ap-southeast-1.compute.amazonaws.com
No external organization, certificate, or campaign relationships identified.
---
## RECOMMENDED ACTIONS
Detection & Monitoring:
1. Monitor for outbound connection anomalies from this subnet
2. Track subnet-level abuse patterns for 47.128.16.0/24
3. No immediate blocking recommended; this is legitimate cloud infrastructure
Firewall Configuration:
- No specific iptables/nftables rules required
- Standard cloud egress filtering applies
- No WAF rules necessary for this IP classification
Investigation Priority: LOW
Threat Confidence: LOW (Infrastructure-level risk only)
---
## ANALYST NOTES
This IP represents standard AWS cloud hosting infrastructure. The moderate risk classification is inherited from subnet-level activity rather than direct malicious behavior associated with this specific endpoint. SOC analysts should monitor the broader subnet for abuse patterns but no immediate threat action is warranted against this IP.
Briefing Generated: 2026-06-16
Data Source: IPDebrief Intelligence Platform
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
π’ Ownership & Registration
| Organization | Amazon Data Services Singapore |
| ASN | AS16509 |
| Network Name | AMAZON-SIN |
| CIDR Block | 47.128.0.0/14 |
| RIR | ARIN |
| Country | Singapore |
| Abuse Contact | Available via RDAP |
π DNS Intelligence
| PTR | ec2-47-128-16-180.ap-southeast-1.compute.amazonaws.com |
| Forward Confirmed | Yes β FCrDNS verified |
| Forward Hostnames | ec2-47-128-16-180.ap-southeast-1.compute.amazonaws.com |
π DNS Hygiene
| Hygiene Score | 80% (Excellent) |
| SPF | Present |
| DMARC | Present |
| FCrDNS | Verified |
| DNSSEC | Valid |
| CAA | Not configured |
βοΈ Network Classification
| Infrastructure | Infrastructure / Datacenter |
| Service Purpose | Firewalled / No Services |
| Network Tier | Tier 3 β Basic operator with some routing infrastructure |
π Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Closed Ports | 22, 25, 80, 443, 3389, 8080, 8443 (0 open / 7 scanned) | ||
| Server | β |
| HTTP Title | β |
π TLS Certificate
| SANs | None |
| Valid From | β |
| Valid Until | β |
π― Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 35% | 2 | 3 |
| routing | 17% | 1 | 1 |
| services | 24% | 2 | 2 |
| ownership | 35% | 2 | 3 |
| reputation | 17% | 1 | 2 |
| geolocation | 17% | 1 | 1 |
| Overall | 24% | 9 | 12 |
| Data Coherence | Mostly Consistent (80%) β 1 contradiction(s) |
| Attribution | Moderate (55%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
π Observation Timeline π Live
| First Seen | 2026-06-14 14:14:06 UTC |
| Last Seen | 2026-06-21 22:10:31 UTC |
| Profile Built | 2026-06-21 22:13:55 UTC |
| Data Freshness | Live |
| Signal Types | 21 |
| Total Observations | 22 |
Full dossier details are available via our API.