AbuseIPDB » 47.128.48.91

47.128.48.91 was found in our database!

This IP was reported 212 times. Confidence of Abuse is 38%: ?

38%

ISP	Amazon Data Services Singapore
Usage Type	Data Center/Web Hosting/Transit
ASN	AS16509
Hostname(s)	ec2-47-128-48-91.ap-southeast-1.compute.amazonaws.com
Domain Name	amazon.com
Country	Singapore
City	Singapore

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated biweekly.

Report 47.128.48.91

Whois 47.128.48.91

IP Abuse Reports for 47.128.48.91:

This IP address has been reported a total of 212 times from 33 distinct sources. 47.128.48.91 was first reported on September 22nd 2023, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago. It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp in UTC	Comment	Categories
MAGIC	2025-03-19 12:01:37 (1 week ago)	VM1 Bad user agents ignoring web crawling rules. Draing bandwidth	DDoS Attack Bad Web Bot
hermawan	2025-03-15 04:24:10 (1 week ago)	[Sat Mar 15 11:23:11.031530 2025] [security2:error] [pid 182078:tid 139974305150656] [client 47.128. ... show more[Sat Mar 15 11:23:11.031530 2025] [security2:error] [pid 182078:tid 139974305150656] [client 47.128.48.91:19606] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "Feed" at REQUEST_HEADERS:User-Agent. [file "/etc/modsecurity/coreruleset-4.10.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "187"] [id "440000"] [msg "BAD BOT - Detected and Blocked"] [data "Matched Data: Feed found within REQUEST_HEADERS:User-Agent: Mozilla/5.0 (Linux; Android 5.0) AppleWebKit/537.36 (KHTML, like Gecko) Mobile Safari/537.36 (compatible; Bytespider; [email protected]) request_line = GET /index.php/profil/meteorologi/list-all-categories/4217-klimatologi/prakiraan-klimatologi/prakiraan-dasarian/prakiraan-curah-hujan-dasarian/prakiraan-probabilistik-curah-hujan-dasarian/prakiraan-probabilistik-curah-hujan-dasarian-provinsi-jawa-timur/prakiraan-dasarian-probabilistik..."] [severity "NOTICE"] [hostname "staklim-malang.info"] [uri "/index.php/profil/meteorologi/list-all-categor ... show less	Hacking Web App Attack
Séfora Srl	2025-03-12 14:00:20 (2 weeks ago)	Bad user agents ignoring web crawling rules. Draing bandwidth - detected by Fail2Ban in plesk-apache ... show moreBad user agents ignoring web crawling rules. Draing bandwidth - detected by Fail2Ban in plesk-apache-badbot jail show less	Bad Web Bot
Anonymous	2025-03-04 00:44:09 (3 weeks ago)	Ports: 80,443; Direction: 1; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH
Anonymous	2025-03-03 19:25:47 (3 weeks ago)	Excessive crawling/scraping	Hacking Brute-Force
backslash	2025-02-26 08:45:11 (1 month ago)	block ruleset 3D3AFA921A373ECE19B6BA285C2D722163304638	Bad Web Bot
MAGIC	2025-02-25 01:08:47 (1 month ago)	VM1 Bad user agents ignoring web crawling rules. Draing bandwidth	DDoS Attack Bad Web Bot
MAGIC	2025-02-12 00:03:06 (1 month ago)	VM1 Bad user agents ignoring web crawling rules. Draing bandwidth	DDoS Attack Bad Web Bot
Séfora Srl	2025-02-11 10:24:34 (1 month ago)	Bad user agents ignoring web crawling rules. Draing bandwidth - detected by Fail2Ban in plesk-apache ... show moreBad user agents ignoring web crawling rules. Draing bandwidth - detected by Fail2Ban in plesk-apache-badbot jail show less	Bad Web Bot
librebit	2025-02-08 14:59:11 (1 month ago)	Brute force	Brute-Force
Mangelot Hosting	2025-02-05 13:51:01 (1 month ago)	(BADBOT) ModSecurity BAD BOT Detected 47.128.48.91 (SG/Singapore/ec2-47-128-48-91.ap-southeast-1.com ... show more(BADBOT) ModSecurity BAD BOT Detected 47.128.48.91 (SG/Singapore/ec2-47-128-48-91.ap-southeast-1.compute.amazonaws.com): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: show less	Web App Attack
MAGIC	2025-02-04 19:06:30 (1 month ago)	VM1 Bad user agents ignoring web crawling rules. Draing bandwidth	DDoS Attack Bad Web Bot
Mendip_Defender	2025-02-04 17:58:50 (1 month ago)	47.128.48.91 - - [04/Feb/2025:17:58:51 +0000] "GET /?%3Fs=12e7088a167e36a950528e56f0779ea9 HTTP/1.0" ... show more47.128.48.91 - - [04/Feb/2025:17:58:51 +0000] "GET /?%3Fs=12e7088a167e36a950528e56f0779ea9 HTTP/1.0" 301 824 "-" "Mozilla/5.0 (Linux; Android 5.0) AppleWebKit/537.36 (KHTML, like Gecko) Mobile Safari/537.36 (compatible; Bytespider; [email protected])" ... show less	Bad Web Bot
TPI-Abuse	2025-01-29 07:42:37 (1 month ago)	(mod_security) mod_security (id:211190) triggered by 47.128.48.91 (ec2-47-128-48-91.ap-southeast-1.c ... show more(mod_security) mod_security (id:211190) triggered by 47.128.48.91 (ec2-47-128-48-91.ap-southeast-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jan 29 02:42:32.047168 2025] [security2:error] [pid 6537:tid 6537] [client 47.128.48.91:34316] [client 47.128.48.91] ModSecurity: Access denied with code 403 (phase 2). Match of "contains cpanel" against "REQUEST_URI" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "55"] [id "211190"] [rev "9"] [msg "COMODO WAF: Remote File Access Attempt||heuristicbooks.com|F|2"] [data "Matched Data: /etc/ found within REQUEST_URI: /Heuristic Books -- Algorithms for Better Living_files/ccx/?dir=%2Fhome%2Frbanis%2Fetc%2Fearlyeditionbooks.com"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "heuristicbooks.com"] [uri "/Heuristic Books -- Algorithms for Better Living_files/ccx/"] [unique_id "Z5nb6LwB8sIWt919DpJOBgAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-01-27 10:38:06 (1 month ago)	Ports: 80,443; Direction: 1; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH

Is this your IP? You may request to takedown any associated reports. We will attempt to verify your ownership. Request Takedown 🚩