JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 47.128.33.20

47.128.33.20 was found in our database!

This IP was reported 273 times. Confidence of Abuse is 11%: ?

11%

ISP	Amazon Data Services Singapore
Usage Type	Data Center/Web Hosting/Transit
ASN	AS16509
Hostname(s)	ec2-47-128-33-20.ap-southeast-1.compute.amazonaws.com
Domain Name	amazon.com
Country	🇸🇬 Singapore
City	Singapore

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 47.128.33.20

Whois 47.128.33.20

IP Abuse Reports for 47.128.33.20:

This IP address has been reported a total of 273 times from 35 distinct sources. 47.128.33.20 was first reported on September 16th 2023, and the most recent report was 4 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-25 19:59:24 (4 days ago)	(mod_security) mod_security (id:210730) triggered by 47.128.33.20 (ec2-47-128-33-20.ap-southeast-1.c ... show more (mod_security) mod_security (id:210730) triggered by 47.128.33.20 (ec2-47-128-33-20.ap-southeast-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 25 15:59:17.349868 2026] [security2:error] [pid 26599:tid 26599] [client 47.128.33.20:49710] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|www.pages4you.com\|F\|2"] [data ".old"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.pages4you.com"] [uri "/default.old"] [unique_id "aj2IlYCFh1KQcGOnzm7dQAAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-15 19:25:06 (2 weeks ago)	(mod_security) mod_security (id:210730) triggered by 47.128.33.20 (ec2-47-128-33-20.ap-southeast-1.c ... show more (mod_security) mod_security (id:210730) triggered by 47.128.33.20 (ec2-47-128-33-20.ap-southeast-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 15 15:24:58.540065 2026] [security2:error] [pid 23992:tid 23992] [client 47.128.33.20:49366] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|www.lertap5.com\|F\|2"] [data ".sas.com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.lertap5.com"] [uri "/HTMLHelp/Lrtp59HTML/www.sas.com"] [unique_id "ajBRioVxFHAU7hN95Fis6AAAABI"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-05-17 18:04:43 (1 month ago)	Ports: 80,443; Direction: 1; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH
🇫🇷 bigorre.org	2026-03-02 14:58:35 (3 months ago)	Excessive crawling : exceed crawl-delay defined in robots.txt	Bad Web Bot
🇨🇭 backslash	2026-03-02 08:21:11 (3 months ago)	block ruleset 3D3AFA921A373ECE19B6BA285C2D722163304638	Bad Web Bot
🇪🇸 librebit	2026-02-24 01:01:09 (4 months ago)	Brute force	Brute-Force
🇺🇸 TPI-Abuse	2026-02-22 09:41:15 (4 months ago)	(mod_security) mod_security (id:211190) triggered by 47.128.33.20 (ec2-47-128-33-20.ap-southeast-1.c ... show more (mod_security) mod_security (id:211190) triggered by 47.128.33.20 (ec2-47-128-33-20.ap-southeast-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 22 04:41:10.749412 2026] [security2:error] [pid 1727:tid 1727] [client 47.128.33.20:61206] ModSecurity: Access denied with code 403 (phase 2). Match of "contains cpanel" against "REQUEST_URI" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "55"] [id "211190"] [rev "9"] [msg "COMODO WAF: Remote File Access Attempt\|\|heuristicbooks.com\|F\|2"] [data "Matched Data: /etc/ found within REQUEST_URI: /Heuristic Books -- Algorithms for Better Living_files/ccx/?dir=%2Fhome%2Frbanis%2Fetc%2Fjuliahowell.banis-associates.com"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "heuristicbooks.com"] [uri "/Heuristic Books -- Algorithms for Better Living_files/ccx/"] [unique_id "aZrPNr1s0EEGBV-2pgkGXQAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
🇨🇦 1gz	2026-01-24 23:01:36 (5 months ago)	Triggered Cloudflare WAF (firewallCustom) from SG. Action taken: BLOCK Protocol: HTTP/2 (GET method) ... show more Triggered Cloudflare WAF (firewallCustom) from SG. Action taken: BLOCK Protocol: HTTP/2 (GET method) Endpoint: /showbiz/shperthen-elton-deda-ketu-kane-vlere-vetem-ordineret/378820/ UA: Mozilla/5.0 (Linux; Android 5.0) AppleWebKit/537.36 (KHTML, like Gecko) Mobile Safari/537.36 (compatible; Bytespider; [email protected]) This report was generated by: https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
🇪🇸 masterguru	2026-01-02 06:28:37 (5 months ago)	BAD BOT - Detected and Blocked.. Matched phrase "bytespider" at REQUEST_HEADERS:user-agent. (1100000 ... show more BAD BOT - Detected and Blocked.. Matched phrase "bytespider" at REQUEST_HEADERS:user-agent. (1100000-122) show less	Bad Web Bot
🇸🇬 anotherwatcher	2025-12-16 21:46:18 (6 months ago)	bad bot	Bad Web Bot
Anonymous	2025-12-08 15:56:18 (6 months ago)	Ports: 80,443; Direction: 1; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH
🇬🇧 NotCool	2025-11-20 20:27:49 (7 months ago)	(CRAWLDELAY) Generic Bot Crawl-delay Violation 47.128.33.20 (ec2-47-128-33-20.ap-southeast-1.compute ... show more (CRAWLDELAY) Generic Bot Crawl-delay Violation 47.128.33.20 (ec2-47-128-33-20.ap-southeast-1.compute.amazonaws.com): 10 in the last 3600 secs show less	Bad Web Bot
🇺🇸 TPI-Abuse	2025-10-16 12:22:33 (8 months ago)	(mod_security) mod_security (id:210730) triggered by 47.128.33.20 (ec2-47-128-33-20.ap-southeast-1.c ... show more (mod_security) mod_security (id:210730) triggered by 47.128.33.20 (ec2-47-128-33-20.ap-southeast-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Oct 16 08:22:29.721992 2025] [security2:error] [pid 9905:tid 9905] [client 47.128.33.20:42850] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|www.med-engineering.com\|F\|2"] [data ".com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.med-engineering.com"] [uri "/bitarkanews.com"] [unique_id "aPDjhfrK_mtlM6pAus_86gAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
🇮🇹 VHosting	2025-09-20 15:46:27 (9 months ago)	Detected attack by Imunify360	Brute-Force Web App Attack
🇫🇷 bigorre.org	2025-09-16 13:37:40 (9 months ago)	Excessive crawling : exceed crawl-delay defined in robots.txt	Bad Web Bot

Showing 1 to 15 of 273 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇮🇩 2406:da19:776:6e02:70c1:6dd0:b70c:ce5d

🇪🇬 197.51.36.129

🇧🇷 186.215.191.192

🇺🇸 135.237.122.43

🇨🇳 114.132.231.42

🇧🇬 94.155.124.98

🇷🇴 2.57.121.25

🇯🇵 204.93.235.239

🇷🇺 201.51.30.217

🇬🇧 193.32.209.239

🇬🇧 172.68.229.188

🇺🇸 162.216.149.105

🇨🇳 144.123.37.78

🇨🇿 78.44.192.210

🇪🇸 46.27.119.37

🇵🇱 20.215.210.222

🇰🇷 14.63.192.228

🇫🇮 147.185.133.202

🇺🇦 188.191.236.60

🇸🇬 173.239.196.56