AbuseIPDB » 47.128.43.128

47.128.43.128 was found in our database!

This IP was reported 219 times. Confidence of Abuse is 38%: ?

38%

ISP	Amazon Data Services Singapore
Usage Type	Data Center/Web Hosting/Transit
ASN	AS16509
Hostname(s)	ec2-47-128-43-128.ap-southeast-1.compute.amazonaws.com
Domain Name	amazon.com
Country	Singapore
City	Singapore

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated biweekly.

Report 47.128.43.128

Whois 47.128.43.128

IP Abuse Reports for 47.128.43.128:

This IP address has been reported a total of 219 times from 37 distinct sources. 47.128.43.128 was first reported on September 15th 2023, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago. It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp in UTC	Comment	Categories
MAGIC	2025-03-18 17:05:59 (1 week ago)	VM1 Bad user agents ignoring web crawling rules. Draing bandwidth	DDoS Attack Bad Web Bot
Anonymous	2025-03-13 00:04:35 (2 weeks ago)	Ports: 80,443; Direction: 1; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH
hermawan	2025-03-08 20:25:53 (2 weeks ago)	[Sun Mar 09 03:25:53.184208 2025] [security2:error] [pid 69556:tid 140075646011072] [client 47.128.4 ... show more[Sun Mar 09 03:25:53.184208 2025] [security2:error] [pid 69556:tid 140075646011072] [client 47.128.43.128:46076] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "Feed" at REQUEST_HEADERS:User-Agent. [file "/etc/modsecurity/coreruleset-4.10.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "187"] [id "440000"] [msg "BAD BOT - Detected and Blocked"] [data "Matched Data: Feed found within REQUEST_HEADERS:User-Agent: Mozilla/5.0 (Linux; Android 5.0) AppleWebKit/537.36 (KHTML, like Gecko) Mobile Safari/537.36 (compatible; Bytespider; [email protected]) request_line = GET /index.php/prakiraan-musim/4104-prakiraan-musim-kemarau/prakiraan-puncak-musim-kemarau/prakiraan-puncak-musim-kemarau-zona-musim-di-provinsi-jawa-timur/prakiraan-puncak-musim-kemarau-tahun-2021-zona-musim-di-provinsi-jawa-timur HTTP/2.0"] [severity "NOTICE"] [hostname "staklim-malang.info"] [uri "/index.php/prakiraan-musim/4104-prakiraan-musim-kemarau/prakiraan-puncak-musim-kemarau/prakira ... show less	Hacking Web App Attack
Mendip_Defender	2025-03-04 06:23:58 (3 weeks ago)	47.128.43.128 - - [04/Mar/2025:06:23:54 +0000] "GET /?s=cca4296f5193115bfc1d74d2cb1f7ffd&f=8 HTTP/1. ... show more47.128.43.128 - - [04/Mar/2025:06:23:54 +0000] "GET /?s=cca4296f5193115bfc1d74d2cb1f7ffd&f=8 HTTP/1.0" 200 10102 "-" "Mozilla/5.0 (Linux; Android 5.0) AppleWebKit/537.36 (KHTML, like Gecko) Mobile Safari/537.36 (compatible; Bytespider; [email protected])" ... show less	Bad Web Bot
Anonymous	2025-03-04 03:48:06 (3 weeks ago)	Ports: 80,443; Direction: 1; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH
backslash	2025-02-28 04:30:12 (3 weeks ago)	block ruleset 3D3AFA921A373ECE19B6BA285C2D722163304638	Bad Web Bot
ipblock.com	2025-02-20 00:28:59 (1 month ago)	IPBlock protected site ID [3192-af]. Bad agent	Bad Web Bot
Josh S.	2025-02-17 00:08:18 (1 month ago)	Triggered Cloudflare WAF (firewallCustom) from SG. Action taken: BLOCK ASN: 16509 (AMAZO ... show moreTriggered Cloudflare WAF (firewallCustom) from SG. Action taken: BLOCK ASN: 16509 (AMAZON-02) Protocol: HTTP/2 (GET method) Zone: git.joshseveros.cloud Timestamp: 2025-02-16T22:05:44Z UA: Mozilla/5.0 (compatible; Bytespider; [email protected]) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.0.0 Safari/537.36 If this was a mistake contact me: [email protected] show less	Bad Web Bot
Josh S.	2025-02-15 09:58:34 (1 month ago)	Triggered Cloudflare WAF (firewallCustom) from SG. Action taken: BLOCK ASN: 16509 (AMAZO ... show moreTriggered Cloudflare WAF (firewallCustom) from SG. Action taken: BLOCK ASN: 16509 (AMAZON-02) Protocol: HTTP/2 (GET method) Zone: git.joshseveros.cloud Timestamp: 2025-02-15T09:56:53Z UA: Mozilla/5.0 (compatible; Bytespider; [email protected]) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.0.0 Safari/537.36 If this was a mistake contact me: [email protected] show less	Bad Web Bot
Steve	2025-02-11 20:12:59 (1 month ago)	Excessive crawling - not obeying robots.txt	Bad Web Bot
Séfora Srl	2025-02-11 13:51:35 (1 month ago)	Bad user agents ignoring web crawling rules. Draing bandwidth - detected by Fail2Ban in plesk-apache ... show moreBad user agents ignoring web crawling rules. Draing bandwidth - detected by Fail2Ban in plesk-apache-badbot jail show less	Bad Web Bot
Mendip_Defender	2025-02-11 11:48:20 (1 month ago)	47.128.43.128 - - [11/Feb/2025:11:48:18 +0000] "GET /?c=1&do=displayweek&month=1&s=1ed99b4363c4b05a5 ... show more47.128.43.128 - - [11/Feb/2025:11:48:18 +0000] "GET /?c=1&do=displayweek&month=1&s=1ed99b4363c4b05a519204bff7580ba3&week=1388880000 HTTP/1.0" 200 10100 "-" "Mozilla/5.0 (Linux; Android 5.0) AppleWebKit/537.36 (KHTML, like Gecko) Mobile Safari/537.36 (compatible; Bytespider; [email protected])" ... show less	Bad Web Bot
TPI-Abuse	2025-02-09 13:38:08 (1 month ago)	(mod_security) mod_security (id:210730) triggered by 47.128.43.128 (ec2-47-128-43-128.ap-southeast-1 ... show more(mod_security) mod_security (id:210730) triggered by 47.128.43.128 (ec2-47-128-43-128.ap-southeast-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 09 08:38:02.809542 2025] [security2:error] [pid 2579305:tid 2579305] [client 47.128.43.128:56848] [client 47.128.43.128] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|med-engineering.com\|F\|2"] [data ".com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "med-engineering.com"] [uri "/era.com"] [unique_id "Z6ivuvs-ZHr06nXSON9K0AAAABk"] show less	Brute-Force Bad Web Bot Web App Attack
librebit	2025-02-08 23:57:46 (1 month ago)	Brute force	Brute-Force
Anonymous	2025-02-08 16:49:47 (1 month ago)	Ports: 80,443; Direction: 1; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH