JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 47.128.37.59

47.128.37.59 was found in our database!

This IP was reported 261 times. Confidence of Abuse is 13%: ?

13%

ISP	Amazon Data Services Singapore
Usage Type	Data Center/Web Hosting/Transit
ASN	AS16509
Hostname(s)	ec2-47-128-37-59.ap-southeast-1.compute.amazonaws.com
Domain Name	amazon.com
Country	🇸🇬 Singapore
City	Singapore

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 47.128.37.59

Whois 47.128.37.59

IP Abuse Reports for 47.128.37.59:

This IP address has been reported a total of 261 times from 43 distinct sources. 47.128.37.59 was first reported on September 14th 2023, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 Thaliruth	2026-06-18 09:22:38 (1 day ago)	[18/Jun/2026:11:22:38.245921 +0200] ajO43lfBsq_0YlycICtSxgAAAIM 47.128.37.59 58012 127.0.0.1 7081 .. ... show more [18/Jun/2026:11:22:38.245921 +0200] ajO43lfBsq_0YlycICtSxgAAAIM 47.128.37.59 58012 127.0.0.1 7081 ... show less	Hacking
🇩🇪 Hazzard	2026-06-02 22:09:15 (2 weeks ago)	(apache-useragents) Failed apache-useragents trigger with match [redacted]): (CF_ENABLE)	Bad Web Bot
🇫🇷 bigorre.org	2026-03-05 14:48:30 (3 months ago)	Excessive crawling : exceed crawl-delay defined in robots.txt	Bad Web Bot
🇨🇭 backslash	2026-03-03 07:48:10 (3 months ago)	block ruleset 3D3AFA921A373ECE19B6BA285C2D722163304638	Bad Web Bot
🇫🇷 bigorre.org	2026-03-02 15:44:30 (3 months ago)	Excessive crawling : exceed crawl-delay defined in robots.txt	Bad Web Bot
🇪🇸 librebit	2026-02-24 06:43:14 (3 months ago)	Brute force	Brute-Force
🇺🇸 TPI-Abuse	2026-02-14 11:14:54 (4 months ago)	(mod_security) mod_security (id:210730) triggered by 47.128.37.59 (ec2-47-128-37-59.ap-southeast-1.c ... show more (mod_security) mod_security (id:210730) triggered by 47.128.37.59 (ec2-47-128-37-59.ap-southeast-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 06:14:46.171080 2026] [security2:error] [pid 31001:tid 31001] [client 47.128.37.59:64218] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|www.scoutinsignia.com\|F\|2"] [data ".log"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.scoutinsignia.com"] [uri "/patrol/WS_FTP.LOG"] [unique_id "aZBZJkeyCn9SGhdjZGrRxwAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇷🇸 Smel	2026-02-02 07:52:02 (4 months ago)	HTTP/80/443/8080 Unauthorized Probe, Hack -	Hacking Web App Attack
🇪🇸 librebit	2026-01-30 13:59:06 (4 months ago)	Brute force	Brute-Force
🇸🇬 anotherwatcher	2026-01-25 21:11:20 (4 months ago)	bad bot	Bad Web Bot
Anonymous	2026-01-18 04:29:00 (5 months ago)	WP Probing and/or Hacking	Port Scan Web App Attack
🇦🇺 MAGIC	2025-12-27 00:25:56 (5 months ago)	VM1 Bad user agents ignoring web crawling rules. Draing bandwidth	DDoS Attack Bad Web Bot
🇨🇦 1gz	2025-12-17 00:29:07 (6 months ago)	Triggered Cloudflare WAF (firewallCustom) from SG. Action taken: BLOCK Protocol: HTTP/1.1 (GET metho ... show more Triggered Cloudflare WAF (firewallCustom) from SG. Action taken: BLOCK Protocol: HTTP/1.1 (GET method) Endpoint: /kerko.php UA: Mozilla/5.0 (Linux; Android 5.0) AppleWebKit/537.36 (KHTML, like Gecko) Mobile Safari/537.36 (compatible; Bytespider; [email protected]) This report was generated by: https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
🇮🇩 hermawan	2025-12-12 12:50:28 (6 months ago)	[Fri Dec 12 19:49:45.190448 2025] [security2:error] [pid 514455:tid 139917995759296] [client 47.128. ... show more [Fri Dec 12 19:49:45.190448 2025] [security2:error] [pid 514455:tid 139917995759296] [client 47.128.37.59:46152] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "Feed" at REQUEST_HEADERS:User-Agent. [file "/etc/modsecurity/coreruleset-4.20.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "253"] [id "440000"] [msg "BAD BOT - Detected and Blocked"] [data "Matched Data: Feed found within REQUEST_HEADERS:User-Agent: Mozilla/5.0 (Linux; Android 5.0) AppleWebKit/537.36 (KHTML, like Gecko) Mobile Safari/537.36 (compatible; Bytespider; [email protected]) request_line = GET /index.php/profil/meteorologi/geofisika/555558585-poster-antisipasi-gempa HTTP/2.0"] [severity "NOTICE"] [hostname "staklim-jatim.bmkg.go.id"] [uri "/index.php/profil/meteorologi/geofisika/555558585-poster-antisipasi-gempa"] [unique_id "aTwPaZ7v08geVilA_TTQPQAAlAo"] [staklim-jatim.bmkg.go.id] [staklim-jatim.bmkg.go.id] top=[514466] [qN4hsoAkK0k] [aTwPaZ7v08geVilA_TTQPQAAlAo] keep_alive=[1] ... show less	Hacking Web App Attack
🇮🇩 hermawan	2025-12-10 03:12:28 (6 months ago)	[Wed Dec 10 10:09:50.397784 2025] [security2:error] [pid 364957:tid 140235771995840] [client 47.128. ... show more [Wed Dec 10 10:09:50.397784 2025] [security2:error] [pid 364957:tid 140235771995840] [client 47.128.37.59:51464] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "Feed" at REQUEST_HEADERS:User-Agent. [file "/etc/modsecurity/coreruleset-4.20.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "253"] [id "440000"] [msg "BAD BOT - Detected and Blocked"] [data "Matched Data: Feed found within REQUEST_HEADERS:User-Agent: Mozilla/5.0 (Linux; Android 5.0) AppleWebKit/537.36 (KHTML, like Gecko) Mobile Safari/537.36 (compatible; Bytespider; [email protected]) request_line = GET /index.php/profil/meteorologi/geofisika/555558585-poster-antisipasi-gempa HTTP/2.0"] [severity "NOTICE"] [hostname "staklim-jatim.bmkg.go.id"] [uri "/index.php/profil/meteorologi/geofisika/555558585-poster-antisipasi-gempa"] [unique_id "aTjkfpQRsvOzaDuMEQwKXgAARwM"] [staklim-jatim.bmkg.go.id] [staklim-jatim.bmkg.go.id] top=[364961] [etKHXNCrIj8] [aTjkfpQRsvOzaDuMEQwKXgAARwM] keep_alive=[1] ... show less	Hacking Web App Attack

Showing 1 to 15 of 261 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 219.159.91.46

🇱🇰 192.248.24.53

🇳🇱 172.94.9.65

🇵🇪 161.132.54.218

🇪🇸 149.91.97.132

🇭🇰 103.14.33.174

🇷🇴 80.94.92.171

🇭🇰 46.247.61.136

🇬🇧 35.203.210.231

🇨🇱 179.57.170.71

🇺🇸 107.173.146.37

🇮🇳 103.54.101.248

🇫🇷 85.217.140.16

🇺🇸 64.62.156.222

🇫🇷 51.159.202.36

🇮🇳 49.43.235.78

🇩🇪 45.135.194.83

🇩🇪 3.77.221.157

🇺🇸 165.154.173.83

🇩🇪 155.117.127.5