AbuseIPDB » 47.128.126.121

47.128.126.121 was found in our database!

This IP was reported 159 times. Confidence of Abuse is 40%: ?

40%

ISP	Amazon Data Services Singapore
Usage Type	Data Center/Web Hosting/Transit
ASN	AS16509
Hostname(s)	ec2-47-128-126-121.ap-southeast-1.compute.amazonaws.com
Domain Name	amazon.com
Country	Singapore
City	Singapore

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated biweekly.

Report 47.128.126.121

Whois 47.128.126.121

IP Abuse Reports for 47.128.126.121:

This IP address has been reported a total of 159 times from 29 distinct sources. 47.128.126.121 was first reported on December 24th 2023, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago. It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp in UTC	Comment	Categories
librebit	2025-03-18 18:37:09 (1 week ago)	Brute force	Brute-Force
Mendip_Defender	2025-03-15 19:48:01 (1 week ago)	47.128.126.121 - - [15/Mar/2025:19:47:57 +0000] "GET /?page=4&pp=25&searchid=1813183 HTTP/1.0" 301 9 ... show more47.128.126.121 - - [15/Mar/2025:19:47:57 +0000] "GET /?page=4&pp=25&searchid=1813183 HTTP/1.0" 301 928 "-" "Mozilla/5.0 (Linux; Android 5.0) AppleWebKit/537.36 (KHTML, like Gecko) Mobile Safari/537.36 (compatible; Bytespider; [email protected])" ... show less	Bad Web Bot
MAGIC	2025-03-12 12:17:01 (2 weeks ago)	VM1 Bad user agents ignoring web crawling rules. Draing bandwidth	DDoS Attack Bad Web Bot
TPI-Abuse	2025-03-08 14:13:39 (2 weeks ago)	(mod_security) mod_security (id:210730) triggered by 47.128.126.121 (ec2-47-128-126-121.ap-southeast ... show more(mod_security) mod_security (id:210730) triggered by 47.128.126.121 (ec2-47-128-126-121.ap-southeast-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Mar 08 09:13:35.092199 2025] [security2:error] [pid 10864:tid 10864] [client 47.128.126.121:35972] [client 47.128.126.121] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||digbie.com|F|2"] [data ".com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "digbie.com"] [uri "/[email protected]"] [unique_id "Z8xQj-Z1Gaqrq2BdGps_RwAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
Séfora Srl	2025-03-06 14:01:02 (2 weeks ago)	Bad user agents ignoring web crawling rules. Draing bandwidth - detected by Fail2Ban in plesk-apache ... show moreBad user agents ignoring web crawling rules. Draing bandwidth - detected by Fail2Ban in plesk-apache-badbot jail show less	Bad Web Bot
Anonymous	2025-03-06 05:27:10 (2 weeks ago)	Ports: 80,443; Direction: 1; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH
MAGIC	2025-03-02 15:01:39 (3 weeks ago)	VM5 Bad user agents ignoring web crawling rules. Draing bandwidth	DDoS Attack Bad Web Bot
backslash	2025-02-28 00:05:09 (3 weeks ago)	block ruleset 3D3AFA921A373ECE19B6BA285C2D722163304638	Bad Web Bot
Séfora Srl	2025-02-11 13:46:57 (1 month ago)	Bad user agents ignoring web crawling rules. Draing bandwidth - detected by Fail2Ban in plesk-apache ... show moreBad user agents ignoring web crawling rules. Draing bandwidth - detected by Fail2Ban in plesk-apache-badbot jail show less	Bad Web Bot
Steve	2025-02-10 06:02:19 (1 month ago)	Excessive crawling - not obeying robots.txt	Bad Web Bot
Josh S.	2025-02-08 00:03:13 (1 month ago)	Triggered Cloudflare WAF (firewallCustom) from SG. Action taken: BLOCK ASN: 16509 (AMAZO ... show moreTriggered Cloudflare WAF (firewallCustom) from SG. Action taken: BLOCK ASN: 16509 (AMAZON-02) Protocol: HTTP/2 (GET method) Zone: git.joshseveros.cloud Timestamp: 2025-02-07T14:48:39Z UA: Mozilla/5.0 (Linux; Android 5.0) AppleWebKit/537.36 (KHTML, like Gecko) Mobile Safari/537.36 (compatible; Bytespider; [email protected]) If this was a mistake contact me: [email protected] show less	Bad Web Bot
Anonymous	2025-02-03 08:09:47 (1 month ago)	Malicious activity detected	Hacking Web App Attack
MAGIC	2025-01-31 01:07:03 (1 month ago)	VM1 Bad user agents ignoring web crawling rules. Draing bandwidth	DDoS Attack Bad Web Bot
TPI-Abuse	2025-01-28 15:09:37 (1 month ago)	(mod_security) mod_security (id:210730) triggered by 47.128.126.121 (ec2-47-128-126-121.ap-southeast ... show more(mod_security) mod_security (id:210730) triggered by 47.128.126.121 (ec2-47-128-126-121.ap-southeast-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jan 28 10:09:30.083866 2025] [security2:error] [pid 3377262:tid 3377262] [client 47.128.126.121:45364] [client 47.128.126.121] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||yarbro.org|F|2"] [data ".db"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "yarbro.org"] [uri "/images/Thumbs.db"] [unique_id "Z5jzKraFCnLkX3BHRZu9uwAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-01-26 12:59:08 (2 months ago)	Ports: 80,443; Direction: 1; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH

Is this your IP? You may request to takedown any associated reports. We will attempt to verify your ownership. Request Takedown 🚩