47.128.16.181
# IP INTELLIGENCE BRIEFING: 47.128.16.181/32
Classification: Moderate Risk - Cloud Infrastructure Asset
Date: Current Analysis
Risk Score: 40/100
## EXECUTIVE SUMMARY
IP 47.128.16.181 is an Amazon Web Services (AWS) cloud compute instance located in Singapore (ap-southeast-1). The asset operates within a high-abuse-density subnet (47.128.16.0/24) but demonstrates no active malicious indicators. Recommended for monitoring with standard cloud provider mitigation controls.
## INFRASTRUCTURE PROFILE
Network Ownership:
- ASN: 16509 (Amazon Data Services Singapore)
- Organization: AMAZON-SIN (AMAZON-ASIA-PACIFIC-SINGAPORE)
- CIDR Block: 47.128.0.0/14
- RIR: ARIN
Geolocation:
- Country: Singapore (SG)
- Region: Asia-Pacific (ap-southeast-1)
- Coordinates: 1.35°N, 103.82°E
- Accuracy Radius: 150km
Network Role:
- Infrastructure Type: CloudCompute
- Classification: Cloud Hosting Provider
- Status: Firewalled / No Services Exposed
- DNS Resolution: ec2-47-128-16-181.ap-southeast-1.compute.amazonaws.com
## THREAT ASSESSMENT
Risk Indicators:
- Risk Score: 40 (Moderate)
- Abuse Confidence Score: Not Available
- Known Attacker: No
- Spam Source: No
- Tor Exit Node: No
- Blacklist Count: 0
- Known Campaigns: None Identified
DNSBL Status:
- Listed on 1 of 8 DNSBLs
- RPKI State: Validated
- Route Stability: False
Services:
- No open ports detected
- No TLS certificates present
- No HTTP banner information
- No active web services
## NEIGHBORHOOD ANALYSIS
Subnet: 47.128.16.0/24
Abuse Density: 0.5625 (High)
Subnet Classification: high_abuse
Neighbor Distribution (15 peers):
- High Risk (40-50): 15 IPs
- Medium Risk: 0 IPs
- Low Risk: 0 IPs
Sample High-Risk Neighbors:
- 47.128.16.115 (Risk: 40)
- 47.128.16.120 (Risk: 40)
- 47.128.16.131 (Risk: 50)
Assessment: High abuse density is consistent with AWS cloud infrastructure environments where legitimate services share subnets with potentially compromised instances. Target IP shows no inherited malicious behavior.
## OBSERVATION HISTORY
Signal Count: 23 observations
Most Recent: 2026-06-21
Historical Signals:
- Subnet abuse density: 0.5625 (consistent)
- Geolocation: Singapore (consistent)
- Operator score: 0.2609 (Basic)
- Overall profile confidence: 0.2444
Temporal Analysis:
- Ownership Changes: 0
- Threat Persistence Days: 0
- Threat Observation Count: 1
- Persistently Malicious: No
## RELATIONSHIP GRAPH
Primary Associations:
- Same Network: AMAZON-SIN (33 relationships)
- DNS Association: ec2-47-128-16-181.ap-southeast-1.compute.amazonaws.com
- No external certificate associations detected
## RECOMMENDED ACTIONS
Firewall Rules:
- Block at perimeter: `iptables -A INPUT -s 47.128.16.181 -j DROP`
- Block at application level: `deny 47.128.16.181`
Cloud Provider Controls:
- AWS WAF: Add to blocked addresses list
- Cloudflare WAF: Block with filter expression `ip.src eq 47.128.16.181`
Monitoring Recommendations:
- Monitor for service exposure changes
- Watch for DNS resolution changes
- Track subnet-level activity patterns
## INTELLIGENCE NARRATIVE
IP 47.128.16.181 represents legitimate AWS cloud infrastructure with moderate baseline risk. The IP's classification as a firewalled compute instance with no exposed services reduces immediate threat exposure. However, the subnet's high abuse density (0.5625) warrants contextual awareness. No active threat indicators or campaign associations detected. The IP demonstrates stable geolocation signals to Singapore with consistent DNS resolution to AWS infrastructure. Standard cloud provider controls and monitoring are sufficient; no immediate blocking required unless additional threat intelligence emerges.
---
*Generated by IPDebrief Intelligence Analysis Platform*
*Analysis based on 23 historical observations and 33 relationship mappings*
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
π’ Ownership & Registration
| Organization | Amazon Data Services Singapore |
| ASN | AS16509 |
| Network Name | AMAZON-SIN |
| CIDR Block | 47.128.0.0/14 |
| RIR | ARIN |
| Country | Singapore |
| Abuse Contact | Available via RDAP |
π DNS Intelligence
| PTR | ec2-47-128-16-181.ap-southeast-1.compute.amazonaws.com |
| Forward Confirmed | Yes β FCrDNS verified |
| Forward Hostnames | ec2-47-128-16-181.ap-southeast-1.compute.amazonaws.com |
π DNS Hygiene
| Hygiene Score | 80% (Excellent) |
| SPF | Present |
| DMARC | Present |
| FCrDNS | Verified |
| DNSSEC | Valid |
| CAA | Not configured |
βοΈ Network Classification
| Infrastructure | Infrastructure / Datacenter |
| Service Purpose | Firewalled / No Services |
| Network Tier | Tier 3 β Basic operator with some routing infrastructure |
π Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Closed Ports | 22, 25, 80, 443, 3389, 8080, 8443 (0 open / 7 scanned) | ||
| Server | β |
| HTTP Title | β |
π TLS Certificate
| SANs | None |
| Valid From | β |
| Valid Until | β |
π― Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 33% | 2 | 4 |
| routing | 13% | 1 | 1 |
| services | 19% | 2 | 2 |
| ownership | 27% | 2 | 3 |
| reputation | 26% | 1 | 4 |
| geolocation | 20% | 2 | 3 |
| Overall | 23% | 10 | 17 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (70%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
π Observation Timeline π Live
| First Seen | 2026-05-28 23:51:52 UTC |
| Last Seen | 2026-06-29 06:02:34 UTC |
| Profile Built | 2026-06-29 06:04:28 UTC |
| Data Freshness | Live |
| Signal Types | 24 |
| Total Observations | 24 |
Full dossier details are available via our API.