JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 47.128.61.96

47.128.61.96 was found in our database!

This IP was reported 245 times. Confidence of Abuse is 4%: ?

ISP	Amazon Data Services Singapore
Usage Type	Data Center/Web Hosting/Transit
ASN	AS16509
Hostname(s)	ec2-47-128-61-96.ap-southeast-1.compute.amazonaws.com
Domain Name	amazon.com
Country	🇸🇬 Singapore
City	Singapore

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 47.128.61.96

Whois 47.128.61.96

IP Abuse Reports for 47.128.61.96:

This IP address has been reported a total of 245 times from 51 distinct sources. 47.128.61.96 was first reported on September 16th 2023, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 Hazzard	2026-06-26 08:36:42 (1 day ago)	(apache-useragents) Failed apache-useragents trigger with match [redacted]): (CF_ENABLE)	Bad Web Bot
🇫🇷 bigorre.org	2026-03-10 14:34:49 (3 months ago)	Excessive crawling : exceed crawl-delay defined in robots.txt	Bad Web Bot
🇫🇷 bigorre.org	2026-03-05 15:20:03 (3 months ago)	Excessive crawling : exceed crawl-delay defined in robots.txt	Bad Web Bot
🇪🇸 masterguru	2026-02-26 20:49:09 (4 months ago)	BAD BOT - Detected and Blocked.. Matched phrase "bytespider" at REQUEST_HEADERS:user-agent. (1100000 ... show more BAD BOT - Detected and Blocked.. Matched phrase "bytespider" at REQUEST_HEADERS:user-agent. (1100000-122) show less	Bad Web Bot
🇩🇪 Didier Lagaert	2026-01-14 03:22:16 (5 months ago)	lie-88 : Bloc AI bots=>/component/jevents/evenementsparjour/2028/4/6/99?Itemid=950(Bytespider)	Hacking
🇩🇪 Reinhard	2026-01-01 11:05:22 (5 months ago)	Unknown activity, but too many attacks with too many users.	Hacking
🇫🇷 bigorre.org	2025-12-31 10:14:34 (5 months ago)	Excessive crawling : exceed crawl-delay defined in robots.txt	Bad Web Bot
🇺🇸 TPI-Abuse	2025-12-11 19:37:48 (6 months ago)	(mod_security) mod_security (id:210730) triggered by 47.128.61.96 (ec2-47-128-61-96.ap-southeast-1.c ... show more (mod_security) mod_security (id:210730) triggered by 47.128.61.96 (ec2-47-128-61-96.ap-southeast-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Dec 11 14:37:41.577249 2025] [security2:error] [pid 29862:tid 29862] [client 47.128.61.96:48180] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|www.med-engineering.com\|F\|2"] [data ".cgyq.med-engineering.com.cea.db"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.med-engineering.com"] [uri "/vha.cgyq.med-engineering.com.cea.db"] [unique_id "aTsdhXaezhdXmYUZUI8UNAAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-08 14:14:32 (6 months ago)	(mod_security) mod_security (id:211180) triggered by 47.128.61.96 (ec2-47-128-61-96.ap-southeast-1.c ... show more (mod_security) mod_security (id:211180) triggered by 47.128.61.96 (ec2-47-128-61-96.ap-southeast-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 08 09:14:27.257080 2025] [security2:error] [pid 32133:tid 32133] [client 47.128.61.96:30996] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_HEADERS. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "50"] [id "211180"] [rev "3"] [msg "COMODO WAF: Session Fixation: SessionID Parameter Name with No Referer\|\|wisconsinstatehuntingexpo.com\|F\|2"] [data "Matched Data: cftoken found within REQUEST_HEADERS: 0"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "wisconsinstatehuntingexpo.com"] [uri "/"] [unique_id "aTbdQ9iXfMCWhGxmoFgjuQAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇦🇺 clapper	2025-12-03 08:07:45 (6 months ago)	(mod_security) mod_security (id:980001) triggered by 47.128.61.96 (SG/Singapore/ec2-47-128-61-96.ap- ... show more (mod_security) mod_security (id:980001) triggered by 47.128.61.96 (SG/Singapore/ec2-47-128-61-96.ap-southeast-1.compute.amazonaws.com): 5 in the last 3600 secs; ID: rub show less	Brute-Force Bad Web Bot
🇵🇱 sefinek.net	2025-11-08 20:26:29 (7 months ago)	Triggered Cloudflare WAF (firewallCustom) from SG. Action taken: BLOCK Protocol: HTTP/2 (GET method) ... show more Triggered Cloudflare WAF (firewallCustom) from SG. Action taken: BLOCK Protocol: HTTP/2 (GET method) Endpoint: /genshin-stella-mod/download UA: Mozilla/5.0 (Linux; Android 5.0) AppleWebKit/537.36 (KHTML, like Gecko) Mobile Safari/537.36 (compatible; Bytespider; [email protected]) This report was generated by: https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
🇺🇸 TPI-Abuse	2025-10-28 13:22:30 (7 months ago)	(mod_security) mod_security (id:210730) triggered by 47.128.61.96 (ec2-47-128-61-96.ap-southeast-1.c ... show more (mod_security) mod_security (id:210730) triggered by 47.128.61.96 (ec2-47-128-61-96.ap-southeast-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Oct 28 09:22:25.192051 2025] [security2:error] [pid 31502:tid 31502] [client 47.128.61.96:28284] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|www.player-care.com\|F\|2"] [data ".db"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.player-care.com"] [uri "/cb/sofi-cds/Thumbs.db"] [unique_id "aQDDkcXaDOnGYJncjdDn5gAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-10-23 12:13:01 (8 months ago)	Ports: 80,443; Direction: 1; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH
🇺🇸 TPI-Abuse	2025-10-12 13:18:39 (8 months ago)	(mod_security) mod_security (id:210730) triggered by 47.128.61.96 (ec2-47-128-61-96.ap-southeast-1.c ... show more (mod_security) mod_security (id:210730) triggered by 47.128.61.96 (ec2-47-128-61-96.ap-southeast-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Oct 12 09:18:35.081462 2025] [security2:error] [pid 9313:tid 9313] [client 47.128.61.96:16866] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|www.elcalamo.com\|F\|2"] [data ".pdb"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.elcalamo.com"] [uri "/pda/magana-calendas.PDB"] [unique_id "aOuqq82TMEqJCMvIa9FevQAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇮🇳 dineshskt4all	2025-09-25 15:42:09 (9 months ago)	[Thu Sep 25 15:42:06.916012 2025] [proxy_fcgi:error] [pid 2797179:tid 139993385203392] [client 47.12 ... show more [Thu Sep 25 15:42:06.916012 2025] [proxy_fcgi:error] [pid 2797179:tid 139993385203392] [client 47.128.61.96:0] AH01071: Got error 'Primary script unknown' ... show less	Brute-Force

Showing 1 to 15 of 245 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇵🇰 223.123.36.78

🇧🇷 187.111.28.131

🇷🇺 178.163.104.134

🇻🇳 171.244.37.103

🇩🇪 52.28.204.83

🇱🇹 45.227.254.170

🇧🇷 205.210.31.175

🇬🇧 193.163.125.84

🇧🇷 187.17.228.218

🇫🇷 172.71.134.197

🇺🇸 172.59.117.60

🇬🇧 90.243.208.143

🇺🇸 68.104.227.135

🇫🇷 51.158.37.5

🇸🇳 41.82.50.218

🇸🇬 35.187.231.181

🇺🇸 20.118.202.209

🇲🇽 189.169.4.149

🇷🇸 188.120.100.0

🇻🇳 180.93.138.150