JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 47.128.58.99

47.128.58.99 was found in our database!

This IP was reported 304 times. Confidence of Abuse is 22%: ?

22%

ISP	Amazon Data Services Singapore
Usage Type	Data Center/Web Hosting/Transit
ASN	AS16509
Hostname(s)	ec2-47-128-58-99.ap-southeast-1.compute.amazonaws.com
Domain Name	amazon.com
Country	🇸🇬 Singapore
City	Singapore

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 47.128.58.99

Whois 47.128.58.99

IP Abuse Reports for 47.128.58.99:

This IP address has been reported a total of 304 times from 45 distinct sources. 47.128.58.99 was first reported on September 23rd 2023, and the most recent report was 12 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇪🇸 librebit	2026-06-11 03:25:26 (12 hours ago)	Brute force	Brute-Force
🇺🇸 TPI-Abuse	2026-05-24 14:04:01 (2 weeks ago)	(mod_security) mod_security (id:210730) triggered by 47.128.58.99 (ec2-47-128-58-99.ap-southeast-1.c ... show more (mod_security) mod_security (id:210730) triggered by 47.128.58.99 (ec2-47-128-58-99.ap-southeast-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun May 24 10:03:56.136835 2026] [security2:error] [pid 1858:tid 1858] [client 47.128.58.99:41680] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|informativearticles.com\|F\|2"] [data ".tripod.com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "informativearticles.com"] [uri "/poetry/at http:/dennissiluk.tripod.com"] [unique_id "ahMFTDTVmc4jr05vTUaOvwAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇪🇸 masterguru	2026-05-06 07:49:05 (1 month ago)	BAD BOT - Detected and Blocked.. Matched phrase "bytespider" at REQUEST_HEADERS:user-agent. (1100000 ... show more BAD BOT - Detected and Blocked.. Matched phrase "bytespider" at REQUEST_HEADERS:user-agent. (1100000-122) show less	Bad Web Bot
Anonymous	2026-04-21 22:37:41 (1 month ago)	Ports: 80,443; Direction: 1; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH
🇺🇸 TPI-Abuse	2026-04-19 15:51:58 (1 month ago)	(mod_security) mod_security (id:210730) triggered by 47.128.58.99 (ec2-47-128-58-99.ap-southeast-1.c ... show more (mod_security) mod_security (id:210730) triggered by 47.128.58.99 (ec2-47-128-58-99.ap-southeast-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Apr 19 11:51:50.082333 2026] [security2:error] [pid 3057637:tid 3057637] [client 47.128.58.99:43506] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|www.informativearticles.com\|F\|2"] [data ".adam-eason.com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.informativearticles.com"] [uri "/innovation/ww.adam-eason.com"] [unique_id "aeT6Fj_FqLWHgmD0UNaq9wAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇪🇸 masterguru	2026-04-13 08:23:24 (1 month ago)	BAD BOT - Detected and Blocked.. Matched phrase "bytespider" at REQUEST_HEADERS:user-agent. (1100000 ... show more BAD BOT - Detected and Blocked.. Matched phrase "bytespider" at REQUEST_HEADERS:user-agent. (1100000-122) show less	Bad Web Bot
🇦🇺 MAGIC	2026-04-09 01:41:26 (2 months ago)	VM1 Bad user agents ignoring web crawling rules. Draing bandwidth	DDoS Attack Bad Web Bot
🇺🇸 TPI-Abuse	2026-03-27 13:08:51 (2 months ago)	(mod_security) mod_security (id:210730) triggered by 47.128.58.99 (ec2-47-128-58-99.ap-southeast-1.c ... show more (mod_security) mod_security (id:210730) triggered by 47.128.58.99 (ec2-47-128-58-99.ap-southeast-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Mar 27 09:08:43.240012 2026] [security2:error] [pid 12479:tid 12479] [client 47.128.58.99:41700] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|www.informativearticles.com\|F\|2"] [data ".com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.informativearticles.com"] [uri "/[email protected]"] [unique_id "acaBW8Llamo7GdvsvD8KYAAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇱🇺 conseilgouz	2026-03-23 18:24:44 (2 months ago)	are-88 : Bloc AI bots=>/component/icagenda/23-st-sylvestre?Itemid=103&iccaldate=1970-11-1(Bytesp ... show more are-88 : Bloc AI bots=>/component/icagenda/23-st-sylvestre?Itemid=103&iccaldate=1970-11-1(Bytespider) show less	Hacking
🇮🇳 dineshskt4all	2026-03-20 19:58:51 (2 months ago)	47.128.58.99 - - [20/Mar/2026:19:58:46 +0000] "GET /trip/weekend-shimla-volvo-package/ HTTP/1.0" 200 ... show more 47.128.58.99 - - [20/Mar/2026:19:58:46 +0000] "GET /trip/weekend-shimla-volvo-package/ HTTP/1.0" 200 45544 "-" "Mozilla/5.0 (Linux; Android 5.0) AppleWebKit/537.36 (KHTML, like Gecko) Mobile Safari/537.36 (compatible; Bytespider; [email protected])" ... show less	IoT Targeted
🇦🇺 MAGIC	2026-03-12 02:03:53 (2 months ago)	VM1 Bad user agents ignoring web crawling rules. Draing bandwidth	DDoS Attack Bad Web Bot
🇪🇸 masterguru	2026-03-10 15:36:35 (3 months ago)	BAD BOT - Detected and Blocked.. Matched phrase "bytespider" at REQUEST_HEADERS:user-agent. (1100000 ... show more BAD BOT - Detected and Blocked.. Matched phrase "bytespider" at REQUEST_HEADERS:user-agent. (1100000-122) show less	Bad Web Bot
🇫🇷 bigorre.org	2026-03-08 13:12:14 (3 months ago)	Excessive crawling : exceed crawl-delay defined in robots.txt	Bad Web Bot
🇺🇸 TPI-Abuse	2026-03-08 13:09:18 (3 months ago)	(mod_security) mod_security (id:210730) triggered by 47.128.58.99 (ec2-47-128-58-99.ap-southeast-1.c ... show more (mod_security) mod_security (id:210730) triggered by 47.128.58.99 (ec2-47-128-58-99.ap-southeast-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Mar 08 09:09:11.440364 2026] [security2:error] [pid 7956:tid 7956] [client 47.128.58.99:38264] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|www.et.lobibilisim.com\|F\|2"] [data ".log"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.et.lobibilisim.com"] [uri "/storage/logs/laravel-2020-05-15.log"] [unique_id "aa1097It74Pfum6BN5o76QAAAB0"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 bigorre.org	2026-03-04 14:06:12 (3 months ago)	Excessive crawling : exceed crawl-delay defined in robots.txt	Bad Web Bot

Showing 1 to 15 of 304 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇹🇭 159.192.133.140

🇻🇳 118.69.53.191

🇷🇺 94.29.124.154

🇯🇵 34.153.221.226

🇵🇰 202.47.63.101

🇪🇹 196.190.220.168

🇧🇷 189.127.109.198

🇧🇷 177.140.13.240

🇲🇾 121.122.119.170

🇭🇰 119.246.15.94

🇨🇦 85.217.149.6

🇺🇸 66.132.172.243

🇹🇭 1.20.140.252

🇳🇱 2a06:a880:5:8a5f::1

🇺🇿 202.79.186.66

🇵🇰 103.105.209.65

🇩🇪 87.106.218.222

🇳🇱 45.148.10.152

🇩🇪 45.135.141.22

🇨🇳 8.145.56.19