JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 47.82.8.16

47.82.8.16 was found in our database!

This IP was reported 38 times. Confidence of Abuse is 48%: ?

48%

ISP	Alibaba Cloud LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS45102
Domain Name	alibaba-inc.com
Country	🇸🇬 Singapore
City	Singapore

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 47.82.8.16

Whois 47.82.8.16

IP Abuse Reports for 47.82.8.16:

This IP address has been reported a total of 38 times from 18 distinct sources. 47.82.8.16 was first reported on January 21st 2025, and the most recent report was 2 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇮🇹 A000Z	2026-06-04 20:53:44 (2 hours ago)	Fail2Ban: 47.82.8.16 was banned for Aggressive Bad Bot detected by Nginx/Fail2Ban. UA: Mozilla/5.0 ( ... show more Fail2Ban: 47.82.8.16 was banned for Aggressive Bad Bot detected by Nginx/Fail2Ban. UA: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/139.0.0.0 Safari/537.36 show less	Bad Web Bot
🇵🇹 Information Security	2026-05-30 23:44:42 (4 days ago)	Web App Attack	Web App Attack
🇵🇹 Information Security	2026-05-28 17:39:51 (1 week ago)	Web App Attack	Web App Attack
🇵🇹 Information Security	2026-05-27 04:46:11 (1 week ago)	Web App Attack	Web App Attack
🇨🇿 vitex	2026-05-26 04:00:00 (1 week ago)	Automated distributed scraping of Forgejo git server (git.vitexsoftware.com). Bots systematically cr ... show more Automated distributed scraping of Forgejo git server (git.vitexsoftware.com). Bots systematically crawled git blame endpoints (/*/blame/commit/<hash>/file) across all commits of public repositories, causing server load of 17+ (normal: <2). Over 71,000 unique IPs involved. Attack window: 2026-05-26 03:30-06:37 UTC. Primary target: PureHTML/purezencart (9933 commits, 5065 files). Each blame request triggers expensive git operations; 30,000+ slow requests per hour. show less	DDoS Attack Bad Web Bot
🇺🇸 ersei.net	2026-05-17 02:31:21 (2 weeks ago)	Nonstop scanning with no cooldown or respect for 429.	Bad Web Bot
🇨🇦 1gz	2026-05-14 00:38:45 (3 weeks ago)	Triggered Cloudflare WAF (firewallCustom) from SG. Action taken: BLOCK Protocol: HTTP/2 (GET method) ... show more Triggered Cloudflare WAF (firewallCustom) from SG. Action taken: BLOCK Protocol: HTTP/2 (GET method) Endpoint: /showbiz/familja-e-mateos-thyen-heshtjen-per-raportin-e-tij-me-brikenen-motra-e-banorit-ai-u-ndje-i-detyruar-te-fliste/853668/ UA: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/140.0.0.0 Safari/537.36 This report was generated by: https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
🇺🇸 TPI-Abuse	2026-05-11 18:10:33 (3 weeks ago)	(mod_security) mod_security (id:210730) triggered by 47.82.8.16 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210730) triggered by 47.82.8.16 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon May 11 14:10:28.800855 2026] [security2:error] [pid 3521:tid 3521] [client 47.82.8.16:51404] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|www.med-engineering.com\|F\|2"] [data ".nicotinell.com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.med-engineering.com"] [uri "/www.nicotinell.com"] [unique_id "agIblH3iyGFaOyioyE_yKQAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇷🇺 Mga Admin	2026-05-09 03:08:40 (3 weeks ago)	47.82.8.16 - - [09/May/2026:10:08:37 +0700] "GET /sumFREGAT/bychr/chr1/DDOST.RData HTTP/1.1" 403 199 ... show more 47.82.8.16 - - [09/May/2026:10:08:37 +0700] "GET /sumFREGAT/bychr/chr1/DDOST.RData HTTP/1.1" 403 199 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36" ... show less	Web App Attack
🇺🇸 ersei.net	2026-05-09 02:24:04 (3 weeks ago)	Nonstop scanning with no cooldown or respect for 429.	Bad Web Bot
🇺🇸 ersei.net	2026-05-07 11:06:42 (4 weeks ago)	Nonstop scanning with no cooldown or respect for 429.	Bad Web Bot
🇩🇪 pltcldvlpr	2026-05-03 15:54:16 (1 month ago)	Unidentified crawler ignoring robots.txt: 47.82.8.16 - - [03/May/2026:17:53:26 +0200] "GET /protocol ... show more Unidentified crawler ignoring robots.txt: 47.82.8.16 - - [03/May/2026:17:53:26 +0200] "GET /protocol?id=sn_6_70&offset=100&seq=289 HTTP/2.0" 200 346147 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/139.0.0.0 Safari/537.36" asn=45102 org="Alibaba (US) Technology Co., Ltd." 47.82.8.16 - - [03/May/2026:17:54:15 +0200] "GET /protocol?id=be_16_57&offset=350&seq=282 HTTP/2.0" 200 336743 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/140.0.0.0 Safari/537.36" asn=45102 org="Alibaba (US) Technology Co., Ltd." 47.82.8.16 - - [03/May/2026:17:54:16 +0200] "GET /protocol?id=sn_6_78&offset=200&seq=76 HTTP/2.0" 200 343499 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/139.0.0.0 Safari/537.36" asn=45102 org="Alibaba (US) Technology Co., Ltd." ... show less	Bad Web Bot
🇳🇱 jjnxpct	2026-05-03 04:07:45 (1 month ago)	Automated security incident from hosting server. ModSecurity blocked suspicious request targeting UR ... show more Automated security incident from hosting server. ModSecurity blocked suspicious request targeting URI: /nl/nieuws/2015/sluitstuk-civiele-procedures-srebrenica-zaken-nuhanovic-mustafic (Rule ID: 920171) - GET or HEAD Request with Transfer-Encoding show less	Web App Attack
🇺🇸 TPI-Abuse	2026-05-02 02:06:10 (1 month ago)	(mod_security) mod_security (id:210730) triggered by 47.82.8.16 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210730) triggered by 47.82.8.16 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri May 01 22:06:05.712788 2026] [security2:error] [pid 5780:tid 5798] [client 47.82.8.16:41870] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|gafm.org\|F\|2"] [data ".gafm.com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "gafm.org"] [uri "/www.GAFM.com"] [unique_id "afVcDRRQCYTW4ZI8__lELgAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇨🇭 backslash	2026-05-01 19:36:00 (1 month ago)	block ruleset CC531825F9395F9A07FB06C1247C46770A2690F8	Bad Web Bot

Showing 1 to 15 of 38 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 222.219.131.47

🇳🇱 176.65.139.66

🇺🇸 172.110.223.181

🇮🇳 122.185.146.166

🇩🇪 181.214.99.186

🇷🇺 176.109.97.11

🇫🇮 147.185.133.219

🇨🇳 120.48.26.185

🇨🇳 117.141.79.159

🇨🇳 114.219.137.173

🇨🇳 113.201.185.242

🇹🇼 111.70.32.2

🇸🇪 83.252.42.169

🇩🇪 64.89.163.247

🇰🇷 8.220.207.202

🇺🇸 135.237.126.250

🇨🇳 113.79.161.207

🇺🇸 104.23.253.106

🇧🇩 103.26.136.173

🇳🇱 88.119.169.71