JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 47.128.26.254

47.128.26.254 was found in our database!

This IP was reported 317 times. Confidence of Abuse is 17%: ?

17%

ISP	Amazon Data Services Singapore
Usage Type	Data Center/Web Hosting/Transit
ASN	AS16509
Hostname(s)	ec2-47-128-26-254.ap-southeast-1.compute.amazonaws.com
Domain Name	amazon.com
Country	🇸🇬 Singapore
City	Singapore

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 47.128.26.254

Whois 47.128.26.254

IP Abuse Reports for 47.128.26.254:

This IP address has been reported a total of 317 times from 43 distinct sources. 47.128.26.254 was first reported on August 14th 2023, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-04 05:34:37 (1 day ago)	(mod_security) mod_security (id:210730) triggered by 47.128.26.254 (ec2-47-128-26-254.ap-southeast-1 ... show more (mod_security) mod_security (id:210730) triggered by 47.128.26.254 (ec2-47-128-26-254.ap-southeast-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 04 01:34:30.942306 2026] [security2:error] [pid 16673:tid 16683] [client 47.128.26.254:56292] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|www.munatseng.org\|F\|2"] [data ".com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.munatseng.org"] [uri "/upcoming/stories/tsengkwongchi.com"] [unique_id "aiEOZgihZXAd2J4oHxNA7gAAAMU"] show less	Brute-Force Bad Web Bot Web App Attack
🇪🇸 masterguru	2026-05-06 18:01:21 (4 weeks ago)	BAD BOT - Detected and Blocked.. Matched phrase "bytespider" at REQUEST_HEADERS:user-agent. (1100000 ... show more BAD BOT - Detected and Blocked.. Matched phrase "bytespider" at REQUEST_HEADERS:user-agent. (1100000-122) show less	Bad Web Bot
🇳🇱 Mangelot Hosting	2026-04-20 15:18:28 (1 month ago)	(modsecurity) srv103 ModSecurity 47.128.26.254 (SG/Singapore/ec2-47-128-26-254.ap-southeast-1.comput ... show more (modsecurity) srv103 ModSecurity 47.128.26.254 (SG/Singapore/ec2-47-128-26-254.ap-southeast-1.compute.amazonaws.com): 10 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: show less	Web App Attack
🇺🇸 TPI-Abuse	2026-03-16 14:55:56 (2 months ago)	(mod_security) mod_security (id:210730) triggered by 47.128.26.254 (ec2-47-128-26-254.ap-southeast-1 ... show more (mod_security) mod_security (id:210730) triggered by 47.128.26.254 (ec2-47-128-26-254.ap-southeast-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Mar 16 10:55:50.063115 2026] [security2:error] [pid 1472142:tid 1472142] [client 47.128.26.254:33528] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|www.med-engineering.com\|F\|2"] [data ".albendazole.com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.med-engineering.com"] [uri "/www.albendazole.com"] [unique_id "abgZ9gAlXMCzU1cdXmhMsgAAABs"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 bigorre.org	2026-03-10 10:15:19 (2 months ago)	Excessive crawling : exceed crawl-delay defined in robots.txt	Bad Web Bot
🇩🇪 dbmwebdesign	2026-03-07 19:17:33 (2 months ago)	Bot detected and blocked by Fail2Ban in bytespider jail	Bad Web Bot
🇫🇷 bigorre.org	2026-03-04 14:05:42 (3 months ago)	Excessive crawling : exceed crawl-delay defined in robots.txt	Bad Web Bot
🇫🇷 bigorre.org	2026-02-27 20:52:35 (3 months ago)	Excessive crawling : exceed crawl-delay defined in robots.txt	Bad Web Bot
🇫🇷 bigorre.org	2026-02-15 13:18:37 (3 months ago)	Excessive crawling : exceed crawl-delay defined in robots.txt	Bad Web Bot
🇫🇷 bigorre.org	2026-02-07 16:14:19 (3 months ago)	Excessive crawling : exceed crawl-delay defined in robots.txt	Bad Web Bot
🇨🇦 1gz	2026-02-03 07:08:33 (4 months ago)	Triggered Cloudflare WAF (firewallCustom) from SG. Action taken: BLOCK Protocol: HTTP/2 (GET method) ... show more Triggered Cloudflare WAF (firewallCustom) from SG. Action taken: BLOCK Protocol: HTTP/2 (GET method) Endpoint: /lajme/como-bologna/ UA: Mozilla/5.0 (Linux; Android 5.0) AppleWebKit/537.36 (KHTML, like Gecko) Mobile Safari/537.36 (compatible; Bytespider; [email protected]) This report was generated by: https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
🇩🇪 Didier Lagaert	2026-02-01 19:18:49 (4 months ago)	lie-88 : Bloc AI bots=>/enseignements-en-france/88-enseignements/enseignements-en-france/a-belfort?l ... show more lie-88 : Bloc AI bots=>/enseignements-en-france/88-enseignements/enseignements-en-france/a-belfort?layout=*(Bytespider) show less	Hacking
🇩🇪 Didier Lagaert	2026-01-13 23:43:47 (4 months ago)	lie-88 : Bloc AI bots=>/component/jevents/evenementsparjour/2025/7/14/-?Itemid=950(Bytespider)	Hacking
🇩🇪 Didier Lagaert	2025-12-27 14:40:32 (5 months ago)	lie-88 : Bloc AI bots=>/component/jevents/evenementsparjour/2025/9/16/-?Itemid=1(Bytespider)	Hacking
🇨🇦 1gz	2025-12-22 21:38:09 (5 months ago)	Triggered Cloudflare WAF (firewallCustom) from SG. Action taken: BLOCK Protocol: HTTP/2 (GET method) ... show more Triggered Cloudflare WAF (firewallCustom) from SG. Action taken: BLOCK Protocol: HTTP/2 (GET method) Endpoint: /lajme/apeli-i-posacem-le-ne-fuqi-masat-ndaluese-per-belinda-ballukun/845261/amp/ UA: Mozilla/5.0 (Linux; Android 5.0) AppleWebKit/537.36 (KHTML, like Gecko) Mobile Safari/537.36 (compatible; Bytespider; [email protected]) This report was generated by: https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot

Showing 1 to 15 of 317 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇸🇬 146.70.199.174

🇺🇸 2607:f8b0:4001:c5f::12e

🇩🇪 213.209.159.231

🇨🇱 186.189.89.93

🇰🇷 183.104.26.197

🇩🇪 64.226.116.41

🇹🇿 41.59.10.42

🇺🇸 192.210.228.134

🇭🇰 154.92.17.30

🇺🇸 138.113.22.151

🇳🇱 82.170.250.27

🇸🇬 47.128.127.91

🇨🇦 15.195.1.42

🇷🇴 2.57.122.238

🇮🇳 223.181.108.208

🇦🇷 181.29.5.42

🇱🇧 178.135.18.155

🇷🇺 176.120.22.113

🇵🇰 119.157.76.100

🇯🇲 72.27.114.131