IPDebrief

47.128.16.180

IP Intelligence Dossier
Your IP: 216.73.216.123
{ } JSON πŸ”§ Full Actions API
πŸ€– Witness AIThis summary was generated by AI and may contain inaccuracies. Verify critical details independently.

# IP INTELLIGENCE BRIEFING

Target IP: 47.128.16.180/32

Date of Analysis: 2026-06-16

Classification: Cloud Infrastructure - Moderate Risk

---

## EXECUTIVE SUMMARY

IP address 47.128.16.180 is identified as an Amazon Web Services EC2 instance deployed in the Singapore region (ap-southeast-1). The IP carries a moderate risk score of 40, primarily driven by subnet-level abuse activity rather than direct malicious behavior. No active threat indicators, blacklists, or known campaign associations were detected.

---

## OWNERSHIP & INFRASTRUCTURE

Provider: Amazon Web Services (ASN 16509)

Organization: AMAZON-SIN (AMAZON DATA SERVICES SINGAPORE)

CIDR Block: 47.128.0.0/14

Infrastructure Type: CloudCompute

Classification: Cloud Hosting (AWS EC2)

DNS Resolution:

Geolocation:

---

## THREAT ASSESSMENT

Risk Score: 40 (Moderate Risk)

Reputation: Moderate Risk

Abuse Confidence Score: Not Applicable

Threat Indicators:

Control Plane Analysis:

---

## NETWORK ACTIVITY

Services: No open ports detected

Connection Type: Firewalled / No Services

TLS Certificate: Not Configured

HTTP Banner: None Detected

Temporal Analysis:

---

## NEIGHBORHOOD ANALYSIS

Subnet: 47.128.16.0/24

Abuse Density: 0.7143 (High Abuse Classification)

Total Siblings: 14

Active Siblings: 10

Threat Siblings: 10

Inherited Risk Score: 25

Neighbor Risk Distribution:

The subnet exhibits elevated abuse density, with the majority of neighboring IPs carrying risk scores between 40-50. This suggests shared infrastructure characteristics typical of cloud hosting environments where multiple tenants coexist.

---

## OBSERVATION HISTORY

Total Observations: 19

Recent Activity: June 2026

Key Historical Signals:

No escalation in threat behavior observed over the observation period.

---

## RELATIONSHIP MAPPING

All detected relationships link to:

No external organization, certificate, or campaign relationships identified.

---

## RECOMMENDED ACTIONS

Detection & Monitoring:

1. Monitor for outbound connection anomalies from this subnet

2. Track subnet-level abuse patterns for 47.128.16.0/24

3. No immediate blocking recommended; this is legitimate cloud infrastructure

Firewall Configuration:

Investigation Priority: LOW

Threat Confidence: LOW (Infrastructure-level risk only)

---

## ANALYST NOTES

This IP represents standard AWS cloud hosting infrastructure. The moderate risk classification is inherited from subnet-level activity rather than direct malicious behavior associated with this specific endpoint. SOC analysts should monitor the broader subnet for abuse patterns but no immediate threat action is warranted against this IP.

Briefing Generated: 2026-06-16

Data Source: IPDebrief Intelligence Platform

This summary was generated by AI and may contain inaccuracies. Verify critical details independently.

🌍 Geolocation

CountryπŸ‡ΈπŸ‡¬ Singapore
RegionSG
CitySingapore
TimezoneAsia/Singapore
Latitude1.35
Longitude103.82

🏒 Ownership & Registration

OrganizationAmazon Data Services Singapore
ASNAS16509
Network NameAMAZON-SIN
CIDR Block47.128.0.0/14
RIRARIN
CountrySingapore
Abuse ContactAvailable via RDAP

🌐 DNS Intelligence

PTRec2-47-128-16-180.ap-southeast-1.compute.amazonaws.com
Forward ConfirmedYes β€” FCrDNS verified
Forward Hostnamesec2-47-128-16-180.ap-southeast-1.compute.amazonaws.com

πŸ” DNS Hygiene

Hygiene Score80% (Excellent)
SPFPresent
DMARCPresent
FCrDNSVerified
DNSSECValid
CAANot configured

☁️ Network Classification

InfrastructureInfrastructure / Datacenter
Service PurposeFirewalled / No Services
Network TierTier 3 β€” Basic operator with some routing infrastructure
CloudHosting

πŸ”Œ Services & Open Ports

PortServiceProtocolBanner
No open ports detected
Closed Ports22, 25, 80, 443, 3389, 8080, 8443 (0 open / 7 scanned)
Serverβ€”
HTTP Titleβ€”

πŸ” TLS Certificate

πŸ”’
No certificate
Issued by β€”
N/A
SANsNone
Valid Fromβ€”
Valid Untilβ€”

🎯 Confidence Breakdown

Per-dimension confidence scores based on source diversity and data freshness

DimensionScoreSourcesObservations
threat
35%
23
routing
17%
11
services
24%
22
ownership
35%
23
reputation
17%
12
geolocation
17%
11
Overall24%912
Coverage: 6/6 dimensions Β· Data sufficiency: sufficient
Data CoherenceMostly Consistent (80%) β€” 1 contradiction(s)
AttributionModerate (55%)
OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid
⚠ Geo sources disagree on country: US, SG

πŸ“… Observation Timeline πŸ”„ Live

First Seen2026-06-14 14:14:06 UTC
Last Seen2026-06-21 22:10:31 UTC
Profile Built2026-06-21 22:13:55 UTC
Data FreshnessLive
Signal Types21
Total Observations22
πŸ” 21 signal types Β· 22 observations collected
This report is generated from 21+ independent intelligence signals including ownership records, DNS analysis, BGP routing, TLS certificates, port scanning, threat feeds, behavioral fingerprinting, and more.
Full dossier details are available via our API.
{ } JSON API πŸ”§ Actions API πŸ“§ Enterprise Access

ℹ️ About This Report

All data shown is publicly available network metadata β€” IP addresses do not reliably identify individuals. Assessments are probabilistic and should not be used as sole basis for access control decisions. To report an issue or request data review, contact admin@ipdebrief.com.