AbuseIPDB » 47.128.115.15

47.128.115.15 was found in our database!

This IP was reported 195 times. Confidence of Abuse is 45%: ?

45%

ISP	Amazon Data Services Singapore
Usage Type	Data Center/Web Hosting/Transit
ASN	AS16509
Hostname(s)	ec2-47-128-115-15.ap-southeast-1.compute.amazonaws.com
Domain Name	amazon.com
Country	Singapore
City	Singapore

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated biweekly.

Report 47.128.115.15

Whois 47.128.115.15

IP Abuse Reports for 47.128.115.15:

This IP address has been reported a total of 195 times from 30 distinct sources. 47.128.115.15 was first reported on December 20th 2023, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago. It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp in UTC	Comment	Categories
hermawan	2025-03-17 15:30:15 (1 week ago)	[Mon Mar 17 22:29:29.633413 2025] [security2:error] [pid 32259:tid 140568120886976] [client 47.128.1 ... show more[Mon Mar 17 22:29:29.633413 2025] [security2:error] [pid 32259:tid 140568120886976] [client 47.128.115.15:28374] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "Feed" at REQUEST_HEADERS:User-Agent. [file "/etc/modsecurity/coreruleset-4.10.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "187"] [id "440000"] [msg "BAD BOT - Detected and Blocked"] [data "Matched Data: Feed found within REQUEST_HEADERS:User-Agent: Mozilla/5.0 (Linux; Android 5.0) AppleWebKit/537.36 (KHTML, like Gecko) Mobile Safari/537.36 (compatible; Bytespider; [email protected]) request_line = GET /index.php/profil/arsip-artikel?catid=628&id=2444%3Aprakiraan-cuaca-daerah-malang-dan-batu-seminggu-ke-depan-berlaku-tanggal-28-februari-6-maret-2017&start=50 HTTP/2.0"] [severity "NOTICE"] [hostname "staklim-malang.info"] [uri "/index.php/profil/arsip-artikel"] [unique_id "Z9g_2QyTD5pIq9lJRRiHoAABVQg"] [staklim-malang.info] [staklim-malang.info] top=[32268] [GKRDdMOU180] [Z9g_2QyTD5pIq9lJ ... show less	Hacking Web App Attack
Progetto1	2025-03-16 03:10:02 (1 week ago)	Website Scanning / Scraping	Bad Web Bot Exploited Host Web App Attack
Anonymous	2025-03-15 01:13:39 (1 week ago)	Ports: 80,443; Direction: 1; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH
Séfora Srl	2025-03-12 14:00:28 (2 weeks ago)	Bad user agents ignoring web crawling rules. Draing bandwidth - detected by Fail2Ban in plesk-apache ... show moreBad user agents ignoring web crawling rules. Draing bandwidth - detected by Fail2Ban in plesk-apache-badbot jail show less	Bad Web Bot
Anonymous	2025-03-06 00:33:09 (3 weeks ago)	Ports: 80,443; Direction: 1; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH
Mendip_Defender	2025-03-05 23:14:55 (3 weeks ago)	47.128.115.15 - - [05/Mar/2025:23:14:51 +0000] "GET /?%3Fs=d151d4e6443fa5bc38038d2b056cdd2b HTTP/1.0 ... show more47.128.115.15 - - [05/Mar/2025:23:14:51 +0000] "GET /?%3Fs=d151d4e6443fa5bc38038d2b056cdd2b HTTP/1.0" 301 850 "-" "Mozilla/5.0 (Linux; Android 5.0) AppleWebKit/537.36 (KHTML, like Gecko) Mobile Safari/537.36 (compatible; Bytespider; [email protected])" ... show less	Bad Web Bot
Anonymous	2025-03-03 06:39:51 (3 weeks ago)	Action: Block, Reason: DDOS attack detected	DDoS Attack
Steve	2025-02-28 20:06:49 (3 weeks ago)	Excessive crawling - not obeying robots.txt	Bad Web Bot
MAGIC	2025-02-28 01:01:35 (3 weeks ago)	VM1 Bad user agents ignoring web crawling rules. Draing bandwidth	DDoS Attack Bad Web Bot
backslash	2025-02-25 14:00:15 (1 month ago)	block ruleset 3D3AFA921A373ECE19B6BA285C2D722163304638	Bad Web Bot
MAGIC	2025-02-21 03:04:28 (1 month ago)	VM1 Bad user agents ignoring web crawling rules. Draing bandwidth	DDoS Attack Bad Web Bot
Mehmet_The_Script_Kiddie	2025-02-18 21:10:56 (1 month ago)	CloudFlare WAF REPORT: Disobey robots.txt. Suspicious web crawler.	Bad Web Bot Web App Attack
TPI-Abuse	2025-02-16 15:31:37 (1 month ago)	(mod_security) mod_security (id:210730) triggered by 47.128.115.15 (ec2-47-128-115-15.ap-southeast-1 ... show more(mod_security) mod_security (id:210730) triggered by 47.128.115.15 (ec2-47-128-115-15.ap-southeast-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 16 10:31:32.727295 2025] [security2:error] [pid 23624:tid 23624] [client 47.128.115.15:40698] [client 47.128.115.15] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||alexgitlin.com|F|2"] [data ".thehighwaystar.com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "alexgitlin.com"] [uri "/npp/www.thehighwaystar.com"] [unique_id "Z7IE1J1jaAglgGTx9YCy8QAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
Josh S.	2025-02-08 00:52:38 (1 month ago)	Triggered Cloudflare WAF (firewallCustom) from SG. Action taken: BLOCK ASN: 16509 (AMAZO ... show moreTriggered Cloudflare WAF (firewallCustom) from SG. Action taken: BLOCK ASN: 16509 (AMAZON-02) Protocol: HTTP/2 (GET method) Zone: git.joshseveros.cloud Timestamp: 2025-02-07T23:50:23Z UA: Mozilla/5.0 (compatible; Bytespider; [email protected]) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.0.0 Safari/537.36 If this was a mistake contact me: [email protected] show less	Bad Web Bot
Anonymous	2025-02-07 05:29:39 (1 month ago)	Ports: 80,443; Direction: 1; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH

Is this your IP? You may request to takedown any associated reports. We will attempt to verify your ownership. Request Takedown 🚩