JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 47.251.42.6

47.251.42.6 was found in our database!

This IP was reported 819 times. Confidence of Abuse is 100%: ?

100%

ISP	Alibaba Cloud - US
Usage Type	Data Center/Web Hosting/Transit
ASN	AS45102
Domain Name	alibabacloud.com
Country	🇺🇸 United States of America
City	Los Angeles, California

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 47.251.42.6

Whois 47.251.42.6

IP Abuse Reports for 47.251.42.6:

This IP address has been reported a total of 819 times from 163 distinct sources. 47.251.42.6 was first reported on December 18th 2025, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇿🇦 slartybartfast69420blazit	2026-06-09 20:43:48 (1 day ago)	Fail2ban picked up 47.251.42.6 attacking nginx	Web App Attack
🇿🇦 slartybartfast69420blazit	2026-06-07 20:45:56 (3 days ago)	Fail2ban picked up 47.251.42.6 attacking nginx	Web App Attack
Anonymous	2026-06-06 21:53:05 (4 days ago)	Reported from Nginx log analysis 11. Log: 47.251.42.6 - - [06/Jun/2026:xx:xx:xx 0200] "GET / HTTP/1 ... show more Reported from Nginx log analysis 11. Log: 47.251.42.6 - - [06/Jun/2026:xx:xx:xx 0200] "GET / HTTP/1.1" xxx xxx "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" "-" "US United States Santa Clara" "AS45102" "Alibaba (US) Technology Co., Ltd." show less	Port Scan Brute-Force SSH
🇿🇦 slartybartfast69420blazit	2026-06-06 20:44:41 (4 days ago)	Fail2ban picked up 47.251.42.6 attacking nginx	Web App Attack
🇫🇷 polido	2026-06-06 20:40:43 (4 days ago)	Unauthorized connection attempt to port 443 from 47.251.42.6	Port Scan
🇨🇭 GAS	2026-06-06 19:49:58 (4 days ago)	Direct IP access. 47.251.42.6 - - [06/Jun/2026:21:49:55 +0200] "GET / HTTP/1.1" 402 4931 "-" "Mozill ... show more Direct IP access. 47.251.42.6 - - [06/Jun/2026:21:49:55 +0200] "GET / HTTP/1.1" 402 4931 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.2 Safari/605.1.15" "REDACTED" "" 47.251.42.6 - - [06/Jun/2026:21:49:57 +0200] "POST / HTTP/1.1" 402 3056 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36 Edg/120.0.0.0" "REDACTED" "" ... show less	Port Scan Web App Attack
🇺🇸 Starburst SysOp Team	2026-06-06 16:47:24 (5 days ago)	Host header is a numeric IP address. Pattern match "(?:^( (920350-mnz6-1)	Hacking Bad Web Bot
Anonymous	2026-06-06 15:52:40 (5 days ago)	Reported from Nginx log analysis 6. Log: 47.251.42.6 - - [06/Jun/2026:xx:xx:xx 0200] "GET / HTTP/1. ... show more Reported from Nginx log analysis 6. Log: 47.251.42.6 - - [06/Jun/2026:xx:xx:xx 0200] "GET / HTTP/1.1" xxx xxx "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:121.0) Gecko/20100101 Firefox/121.0" "-" "US United States Santa Clara" "AS45102" "Alibaba (US) Technology Co., Ltd." \| 47.251.42.6 - - [06/Jun/2026:xx:xx:xx 0200] "POST / HTTP/1.1" xxx xxx "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:121.0) Gecko/20100101 Firefox/121.0" "-" "US United States Santa Clara" "AS45102" "Alibaba (US) Technology Co., Ltd." show less	Port Scan Brute-Force SSH
🇦🇹 Pingger Shikkoken	2026-06-06 15:49:58 (5 days ago)	2026-06-06T15:49:58+00:00 iskariot kernel: AbuseIPDB-Blacklist-Dropped: IN=ens3 OUT=ServerBridge MAC ... show more 2026-06-06T15:49:58+00:00 iskariot kernel: AbuseIPDB-Blacklist-Dropped: IN=ens3 OUT=ServerBridge MAC=b6:ab:74:e6:2e:14:84:03:28:62:58:1a:08:00 SRC=47.251.42.6 DST=10.1.1.2 LEN=40 TOS=0x00 PREC=0x00 TTL=232 ID=9137 PROTO=TCP SPT=40911 DPT=443 WINDOW=1024 RES=0x00 SYN URGP=0 show less	Hacking Bad Web Bot
🇺🇸 MPL	2026-06-06 13:45:03 (5 days ago)	tcp/443	Port Scan
🇺🇸 MPL	2026-06-06 09:24:59 (5 days ago)	tcp/443 (2 or more attempts)	Port Scan
🇺🇸 xmission.com	2026-06-06 08:02:05 (5 days ago)	Blocked by UFW (TCP on 443) Source port: 52867 TTL: 247 Packet length: 40 TOS: 0x14 This report (fo ... show more Blocked by UFW (TCP on 443) Source port: 52867 TTL: 247 Packet length: 40 TOS: 0x14 This report (for 47.251.42.6) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan Web App Attack
🇳🇱 donarev419	2026-06-06 04:37:34 (5 days ago)	Connection to port 443 with data transfer. Data preview:	Port Scan Hacking
🇩🇪 Admins@FBN	2026-06-06 02:22:15 (5 days ago)	Threat Host blocked...	Hacking Exploited Host
🇳🇱 Eric	2026-06-06 00:49:25 (5 days ago)	[Sat Jun 06 00:49:24.515127 2026] [security2:error] [pid 866705:tid 866705] [client 47.251.42.6:5267 ... show more [Sat Jun 06 00:49:24.515127 2026] [security2:error] [pid 866705:tid 866705] [client 47.251.42.6:52676] [client 47.251.42.6] ModSecurity: Warning. Pattern match "^[\\\\d.:]+$" at REQUEST_HEADERS:Host. [file "/usr/share/modsecurity-crs/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "736"] [id "920350"] [msg "Host header is a numeric IP address"] [data "94.209.38.171"] [severity "WARNING"] [ver "OWASP_CRS/3.3.4"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/210/272"] [tag "PCI/6.5.10"] [hostname "94.209.38.171"] [uri "/"] [unique_id "aiNulK7JP2g9OWMIbiD_EQAAAAg"] [Sat Jun 06 00:49:24.673631 2026] [security2:error] [pid 866705:tid 866705] [client 47.251.42.6:52676] [client 47.251.42.6] ModSecurity: Warning. Pattern match "^[\\\\d.:]+$" at REQUEST_HEADERS:Host. [file "/usr/share/modsecurity-crs/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "736"] [id "920350"] [msg "Host ... show less	Hacking Web App Attack

Showing 1 to 15 of 819 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇬🇧 193.163.125.29

🇨🇳 175.178.184.121

🇷🇴 80.94.92.168

🇺🇸 66.132.186.191

🇭🇰 199.45.154.183

🇺🇸 192.210.193.216

🇺🇸 147.185.132.56

🇷🇺 78.36.200.146

🇺🇸 34.63.188.69

🇺🇸 205.210.31.106

🇩🇪 193.124.20.228

🇺🇸 162.217.163.147

🇨🇳 114.66.17.195

🇸🇬 47.79.240.57

🇬🇧 35.203.210.140

🇺🇸 35.169.206.177

🇧🇷 20.226.70.167

🇩🇪 213.209.159.225

🇩🇪 157.230.18.133

🇸🇬 47.128.60.234