47.128.96.154
IP Intelligence Briefing: 47.128.96.154
Date: 2026-06-13
---
**1. Risk Profile**
- Overall Risk: Low Risk (Risk Score: 0)
- Provider Score: 0 | Authority Score: 0 | Stability Score: 0
- Threat Indicators: No malicious activity, spam, or known attacker associations detected.
- Network Role: Firewalled / No Services (no open ports, no TLS/HTTP services).
---
**2. Geolocation & Ownership**
- Location: Chicago, Illinois, US (GeoPlausible: False).
- ASN: Unassigned (ASN: null).
- Organization: Not registered in public databases.
- Subnet: 47.128.96.0/24 (28 neighbors analyzed).
---
**3. Threat & Behavioral Analysis**
- Threat History:
- No abuse confidence scores, blacklists, or campaign associations.
- Traceroute to the IP failed to reach the target (29 hops, 12 timeouts).
- No DNS anomalies, email reputation issues, or honeypot hits.
- Behavioral Flags: No enumeration strikes, WAF violations, or active attacker patterns.
---
**4. Subnet & Neighborhood**
- Subnet Abuse Density: 0% (no malicious neighbors).
- Neighbor Risk Distribution:
- 28 IPs in subnet (25% medium risk, 75% low risk).
- Notable neighbors: 47.128.96.12, 47.128.96.14, 47.128.96.15 (all medium risk).
- Subnet Classification: Unrated (no inherited risk).
---
**5. Network Relationships**
- Connections: No linked subnets, hostnames, or certificates.
- BGP/Control Plane: No BGP data or route stability indicators.
---
**6. Recommended Actions**
- Firewall Rules: No rules recommended due to low risk.
- Monitoring: Monitor subnet for emerging threats (neighbors show mixed risk).
- Verification: Confirm ownership and geolocation anomalies (GeoPlausible: False).
---
Conclusion:
47.128.96.154 is a low-risk, firewalled host with no malicious activity detected. While its subnet contains some medium-risk neighbors, the IP itself appears benign. Further investigation into subnet anomalies and geolocation discrepancies is advised. No immediate action required.
Source: IPDebrief Threat Intelligence Platform.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
π’ Ownership & Registration
| Organization | Amazon Data Services Singapore |
| ASN | AS16509 |
| Network Name | AMAZON-SIN |
| CIDR Block | 47.128.0.0/14 |
| RIR | ARIN |
| Country | Singapore |
| Abuse Contact | Available via RDAP |
π DNS Intelligence
| PTR | ec2-47-128-96-154.ap-southeast-1.compute.amazonaws.com |
| Forward Confirmed | Yes β FCrDNS verified |
| Forward Hostnames | ec2-47-128-96-154.ap-southeast-1.compute.amazonaws.com |
π DNS Hygiene
| Hygiene Score | 80% (Excellent) |
| SPF | Present |
| DMARC | Present |
| FCrDNS | Verified |
| DNSSEC | Valid |
| CAA | Not configured |
βοΈ Network Classification
| Infrastructure | Infrastructure / Datacenter |
| Service Purpose | Firewalled / No Services |
| Network Tier | Tier 3 β Basic operator with some routing infrastructure |
π Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Closed Ports | 22, 25, 80, 443, 3389, 8080, 8443 (0 open / 7 scanned) | ||
| Server | β |
| HTTP Title | β |
π TLS Certificate
| SANs | None |
| Valid From | β |
| Valid Until | β |
π― Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 36% | 2 | 4 |
| routing | 13% | 1 | 1 |
| services | 19% | 2 | 2 |
| ownership | 27% | 2 | 3 |
| reputation | 17% | 1 | 2 |
| geolocation | 19% | 2 | 2 |
| Overall | 22% | 10 | 14 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (70%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
π Observation Timeline π Live
| First Seen | 2026-06-05 19:24:05 UTC |
| Last Seen | 2026-06-21 12:38:51 UTC |
| Profile Built | 2026-06-21 12:46:15 UTC |
| Data Freshness | Live |
| Signal Types | 22 |
| Total Observations | 25 |
Full dossier details are available via our API.