JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 47.128.31.157

47.128.31.157 was found in our database!

This IP was reported 302 times. Confidence of Abuse is 4%: ?

ISP	Amazon Data Services Singapore
Usage Type	Data Center/Web Hosting/Transit
ASN	AS16509
Hostname(s)	ec2-47-128-31-157.ap-southeast-1.compute.amazonaws.com
Domain Name	amazon.com
Country	🇸🇬 Singapore
City	Singapore

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 47.128.31.157

Whois 47.128.31.157

IP Abuse Reports for 47.128.31.157:

This IP address has been reported a total of 302 times from 47 distinct sources. 47.128.31.157 was first reported on August 13th 2023, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 Hazzard	2026-06-11 10:43:03 (1 day ago)	(apache-useragents) Failed apache-useragents trigger with match [redacted]): (CF_ENABLE)	Bad Web Bot
🇩🇪 Hazzard	2026-06-08 06:21:06 (4 days ago)	(apache-useragents) Failed apache-useragents trigger with match [redacted]): (CF_ENABLE)	Bad Web Bot
🇺🇸 TPI-Abuse	2026-04-10 19:28:44 (2 months ago)	(mod_security) mod_security (id:210730) triggered by 47.128.31.157 (ec2-47-128-31-157.ap-southeast-1 ... show more (mod_security) mod_security (id:210730) triggered by 47.128.31.157 (ec2-47-128-31-157.ap-southeast-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Apr 10 15:28:36.984227 2026] [security2:error] [pid 1936514:tid 1936514] [client 47.128.31.157:53756] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "4"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|homebuilt.org\|F\|2"] [data ".com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "homebuilt.org"] [uri "/directory/[email protected]"] [unique_id "adlPZCty74byH6Ken0zEXAAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-03-15 15:29:04 (2 months ago)	(mod_security) mod_security (id:210730) triggered by 47.128.31.157 (ec2-47-128-31-157.ap-southeast-1 ... show more (mod_security) mod_security (id:210730) triggered by 47.128.31.157 (ec2-47-128-31-157.ap-southeast-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Mar 15 11:28:58.242759 2026] [security2:error] [pid 25790:tid 25790] [client 47.128.31.157:16624] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "4"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|mail.homebuilt.org\|F\|2"] [data ".com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "mail.homebuilt.org"] [uri "/directory/[email protected]"] [unique_id "abbQOvzxeDt5xqZww3nNnwAAACQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇬🇧 NotCool	2025-12-27 04:17:18 (5 months ago)	(CRAWLDELAY) Generic Bot Crawl-delay Violation 47.128.31.157 (ec2-47-128-31-157.ap-southeast-1.compu ... show more (CRAWLDELAY) Generic Bot Crawl-delay Violation 47.128.31.157 (ec2-47-128-31-157.ap-southeast-1.compute.amazonaws.com): 10 in the last 3600 secs show less	Bad Web Bot
🇺🇸 TPI-Abuse	2025-12-22 19:26:18 (5 months ago)	(mod_security) mod_security (id:210730) triggered by 47.128.31.157 (ec2-47-128-31-157.ap-southeast-1 ... show more (mod_security) mod_security (id:210730) triggered by 47.128.31.157 (ec2-47-128-31-157.ap-southeast-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 22 14:26:11.375807 2025] [security2:error] [pid 6390:tid 6390] [client 47.128.31.157:27628] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|growtowork.com\|F\|2"] [data ".com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "growtowork.com"] [uri "/[email protected]"] [unique_id "aUmbUyMxPWkYpkaHjV5OTwAAAB0"] show less	Brute-Force Bad Web Bot Web App Attack
🇦🇺 MAGIC	2025-12-19 00:24:42 (5 months ago)	VM1 Bad user agents ignoring web crawling rules. Draing bandwidth	DDoS Attack Bad Web Bot
🇩🇪 Reinhard	2025-12-18 07:55:27 (5 months ago)	Harvesting non-existent pages or unknown malicious BOT.	Bad Web Bot
🇺🇸 TPI-Abuse	2025-12-15 07:49:23 (5 months ago)	(mod_security) mod_security (id:211190) triggered by 47.128.31.157 (ec2-47-128-31-157.ap-southeast-1 ... show more (mod_security) mod_security (id:211190) triggered by 47.128.31.157 (ec2-47-128-31-157.ap-southeast-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 15 02:49:17.860894 2025] [security2:error] [pid 23909:tid 23909] [client 47.128.31.157:28430] ModSecurity: Access denied with code 403 (phase 2). Match of "contains cpanel" against "REQUEST_URI" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "55"] [id "211190"] [rev "9"] [msg "COMODO WAF: Remote File Access Attempt\|\|heuristicbooks.com\|F\|2"] [data "Matched Data: /etc/ found within REQUEST_URI: /Heuristic Books -- Algorithms for Better Living_files/ccx/?dir=%2Fhome%2Frbanis%2Fetc%2Febookbargainlist.banis-associates.com"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "heuristicbooks.com"] [uri "/Heuristic Books -- Algorithms for Better Living_files/ccx/"] [unique_id "aT-9fRQe5qDh36L720RXuQAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 bigorre.org	2025-12-13 11:41:29 (5 months ago)	Excessive crawling : exceed crawl-delay defined in robots.txt	Bad Web Bot
🇸🇬 Charles	2025-12-02 01:26:23 (6 months ago)	47.128.31.157 - - [02/Dec/2025:09:26:21 +0800] "GET /robots.txt HTTP/1.1" 200 386 "-" "Mozilla/5.0 ( ... show more 47.128.31.157 - - [02/Dec/2025:09:26:21 +0800] "GET /robots.txt HTTP/1.1" 200 386 "-" "Mozilla/5.0 (Linux; Android 5.0) AppleWebKit/537.36 (KHTML, like Gecko) Mobile Safari/537.36 (compatible; Bytespider; [email protected])" ... show less	Web Spam Email Spam Brute-Force Bad Web Bot Web App Attack SSH
🇦🇷 RocketEmi	2025-11-18 10:23:41 (6 months ago)	Repeated access attempts from blocked IP after being denied. Behavior consistent with brute-force or ... show more Repeated access attempts from blocked IP after being denied. Behavior consistent with brute-force or persistent unauthorized probing. show less	Hacking
🇦🇺 MAGIC	2025-11-17 01:32:35 (6 months ago)	VM1 Bad user agents ignoring web crawling rules. Draing bandwidth	DDoS Attack Bad Web Bot
🇸🇬 anotherwatcher	2025-11-08 07:19:14 (7 months ago)	bad bot	Bad Web Bot
🇮🇳 dineshskt4all	2025-11-02 09:05:07 (7 months ago)	47.128.31.157 - - [02/Nov/2025:09:05:05 +0000] "GET /index.php?limit=100&order=ASC&path=80_82_83&pro ... show more 47.128.31.157 - - [02/Nov/2025:09:05:05 +0000] "GET /index.php?limit=100&order=ASC&path=80_82_83&product_id=204&route=product%2Fproduct&sort=p.price HTTP/1.0" 200 16382 "-" "Mozilla/5.0 (compatible; Bytespider; [email protected]) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.0.0 Safari/537.36" ... show less	IoT Targeted

Showing 1 to 15 of 302 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇧🇷 205.210.31.240

🇧🇷 200.218.232.188

🇺🇸 162.216.150.136

🇮🇳 122.185.185.18

🇷🇺 89.109.44.221

🇰🇷 222.232.176.7

🇬🇪 194.31.8.12

🇺🇸 191.102.163.101

🇺🇸 159.223.103.141

🇯🇵 150.230.103.115

🇨🇳 122.97.138.232

🇰🇷 121.131.220.148

🇨🇳 115.195.97.22

🇲🇾 103.76.88.37

🇩🇪 94.228.168.132

🇨🇦 85.217.149.9

🇨🇦 85.217.149.2

🇺🇸 50.6.228.32

🇬🇧 35.203.210.182

🇺🇸 191.102.162.247