JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 47.129.152.172

47.129.152.172 was found in our database!

This IP was reported 30 times. Confidence of Abuse is 100%: ?

100%

ISP	Amazon Data Services Singapore
Usage Type	Data Center/Web Hosting/Transit
ASN	AS16509
Hostname(s)	ec2-47-129-152-172.ap-southeast-1.compute.amazonaws.com
Domain Name	amazon.com
Country	🇸🇬 Singapore
City	Singapore

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 47.129.152.172

Whois 47.129.152.172

IP Abuse Reports for 47.129.152.172:

This IP address has been reported a total of 30 times from 22 distinct sources. 47.129.152.172 was first reported on June 23rd 2026, and the most recent report was 3 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇦🇺 Block Rockin' Beats	2026-06-27 09:56:03 (3 days ago)	Scanning for exploitable scripts	Hacking Web App Attack
🇺🇸 TPI-Abuse	2026-06-27 06:52:12 (3 days ago)	(mod_security) mod_security (id:210730) triggered by 47.129.152.172 (ec2-47-129-152-172.ap-southeast ... show more (mod_security) mod_security (id:210730) triggered by 47.129.152.172 (ec2-47-129-152-172.ap-southeast-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 27 02:52:05.887576 2026] [security2:error] [pid 17775:tid 17775] [client 47.129.152.172:63121] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|dunbeggan.com\|F\|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "dunbeggan.com"] [uri "/1.sql"] [unique_id "aj9zFavObGiGVR4fgBgmxQAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-27 06:10:59 (3 days ago)	(mod_security) mod_security (id:210730) triggered by 47.129.152.172 (ec2-47-129-152-172.ap-southeast ... show more (mod_security) mod_security (id:210730) triggered by 47.129.152.172 (ec2-47-129-152-172.ap-southeast-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 27 02:10:53.671149 2026] [security2:error] [pid 31669:tid 31669] [client 47.129.152.172:54556] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|distribuidoradecongeladoscdmx.com\|F\|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "distribuidoradecongeladoscdmx.com"] [uri "/1.sql"] [unique_id "aj9pbUUmouB0ceRhI2FYhgAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-27 05:18:36 (3 days ago)	<jail> banned by fail2ban	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-06-27 05:07:23 (3 days ago)	(mod_security) mod_security (id:210730) triggered by 47.129.152.172 (ec2-47-129-152-172.ap-southeast ... show more (mod_security) mod_security (id:210730) triggered by 47.129.152.172 (ec2-47-129-152-172.ap-southeast-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 27 01:07:18.440253 2026] [security2:error] [pid 24475:tid 24485] [client 47.129.152.172:61283] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|visionforandfromchildren.org\|F\|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "visionforandfromchildren.org"] [uri "/1.sql"] [unique_id "aj9ahlE62nKJJb-Pr7ljXgAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 kosada.com	2026-06-27 05:02:23 (3 days ago)	Web vulnerability probing: /db_backup.sql	Web App Attack
Anonymous	2026-06-27 03:55:08 (3 days ago)	(mod_security) mod_security triggered on hostname [redacted] 47.129.152.172 (SG/Singapore/ec2-47-129 ... show more (mod_security) mod_security triggered on hostname [redacted] 47.129.152.172 (SG/Singapore/ec2-47-129-152-172.ap-southeast-1.compute.amazonaws.com) show less	SQL Injection
🇺🇸 TPI-Abuse	2026-06-27 01:20:28 (3 days ago)	(mod_security) mod_security (id:210730) triggered by 47.129.152.172 (ec2-47-129-152-172.ap-southeast ... show more (mod_security) mod_security (id:210730) triggered by 47.129.152.172 (ec2-47-129-152-172.ap-southeast-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 26 21:20:24.603881 2026] [security2:error] [pid 11551:tid 11551] [client 47.129.152.172:60067] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|decisiontrace.org\|F\|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "decisiontrace.org"] [uri "/1.sql"] [unique_id "aj8lWERuU67HMNj2oVjvNAAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 LotPhantom	2026-06-26 23:56:09 (3 days ago)	47.129.152.172 - - [26/Jun/2026:23:56:06 +0000] "GET /1.sql HTTP/1.1" 404 9 "-" "Mozilla/5.0 (X11; L ... show more 47.129.152.172 - - [26/Jun/2026:23:56:06 +0000] "GET /1.sql HTTP/1.1" 404 9 "-" "Mozilla/5.0 (X11; Linux x86_64; rv:128.0) Gecko/20100101 Firefox/128.0" ... show less	Web App Attack
Anonymous	2026-06-26 22:40:12 (3 days ago)	Bot / seems abusive / Apache connections: 25	DDoS Attack Web Spam Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-26 22:39:14 (3 days ago)	(mod_security) mod_security (id:210730) triggered by 47.129.152.172 (ec2-47-129-152-172.ap-southeast ... show more (mod_security) mod_security (id:210730) triggered by 47.129.152.172 (ec2-47-129-152-172.ap-southeast-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 26 18:39:09.295982 2026] [security2:error] [pid 21569:tid 21569] [client 47.129.152.172:49897] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|www.theprobabilityis.bahamascruisersguide.com\|F\|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.theprobabilityis.bahamascruisersguide.com"] [uri "/1.sql"] [unique_id "aj7_jTTRuT3iGJBD0WTMPQAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 Site.eu	2026-06-26 22:25:00 (3 days ago)	Excessive multi-domain requests	Brute-Force
🇳🇱 homeshowdomain.nl	2026-06-26 22:01:14 (3 days ago)	Auto-ban: >3000 req/min op 2026-06-26	Web App Attack SSH Hacking
🇺🇸 TPI-Abuse	2026-06-26 21:04:54 (4 days ago)	(mod_security) mod_security (id:210730) triggered by 47.129.152.172 (ec2-47-129-152-172.ap-southeast ... show more (mod_security) mod_security (id:210730) triggered by 47.129.152.172 (ec2-47-129-152-172.ap-southeast-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 26 17:04:50.358572 2026] [security2:error] [pid 1850:tid 1850] [client 47.129.152.172:56288] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|americancryonics.org\|F\|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "americancryonics.org"] [uri "/1.sql"] [unique_id "aj7pcm9LvTIKWvyrMfiNdgAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇧🇾 lns.bz	2026-06-26 19:30:33 (4 days ago)	Too many 404 requests [BY]	Web App Attack

Showing 1 to 15 of 30 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇩🇪 194.187.176.195

🇬🇧 185.247.137.16

🇧🇷 181.218.9.86

🇧🇷 179.135.110.65

🇬🇧 179.61.169.5

🇺🇸 172.191.74.151

🇫🇷 152.228.213.32

🇮🇶 150.228.104.219

🇨🇦 148.113.190.153

🇺🇸 147.93.149.83

🇲🇼 105.234.177.226

🇯🇵 104.64.149.106

🇨🇳 101.87.40.191

🇺🇸 54.209.46.187

🇰🇭 49.156.43.22

🇵🇭 49.149.105.115

🇩🇪 49.13.57.248

🇧🇷 45.5.102.93

🇨🇳 43.136.88.51

🇯🇵 34.153.201.95