JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 47.82.8.52

47.82.8.52 was found in our database!

This IP was reported 37 times. Confidence of Abuse is 56%: ?

56%

ISP	Alibaba Cloud LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS45102
Domain Name	alibaba-inc.com
Country	🇸🇬 Singapore
City	Singapore

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 47.82.8.52

Whois 47.82.8.52

IP Abuse Reports for 47.82.8.52:

This IP address has been reported a total of 37 times from 18 distinct sources. 47.82.8.52 was first reported on April 1st 2026, and the most recent report was 4 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 Vegascosmetics	2026-06-18 15:45:11 (4 hours ago)	(Kingcopy.org-AI-IDS-Report):IP automatically blocked after suspicious activity. Vegas Security	DDoS Attack Hacking Exploited Host
Anonymous	2026-06-16 15:30:31 (2 days ago)	Large-scale coordinated botnet (200+k IPs). Attacker: mikhail-smirnov-79830323 (LinkedIn/profile ID) ... show more Large-scale coordinated botnet (200+k IPs). Attacker: mikhail-smirnov-79830323 (LinkedIn/profile ID) employed by Angara Technologies Group (Explicitly identified himself as enemy a week before attack began) \| Attack Signature Blocked: /wishlist/index/add/product/217/form_key/8lGKfvbIuSihabFS/ \| UA: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/139.0.0.0 Safari/537.36 \| (Magento Site) show less	Hacking Bad Web Bot Web App Attack
🇨🇦 1gz	2026-06-13 05:11:35 (5 days ago)	Triggered Cloudflare WAF (firewallCustom) from SG. Action taken: BLOCK Protocol: HTTP/2 (GET method) ... show more Triggered Cloudflare WAF (firewallCustom) from SG. Action taken: BLOCK Protocol: HTTP/2 (GET method) Endpoint: /lajme/perjashtimi-i-29-deputeteve-te-pd-se-mblidhet-sot-sekretariati-i-etikes/846352/ UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/139.0.0.0 Safari/537.36 This report was generated by: https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
🇮🇹 A000Z	2026-06-12 07:55:46 (6 days ago)	Fail2Ban: 47.82.8.52 was banned for Aggressive Bad Bot detected by Nginx/Fail2Ban. UA: Mozilla/5.0 ( ... show more Fail2Ban: 47.82.8.52 was banned for Aggressive Bad Bot detected by Nginx/Fail2Ban. UA: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/139.0.0.0 Safari/537.36 show less	Bad Web Bot
🇺🇸 kosada.com	2026-06-12 07:46:21 (6 days ago)	Web bot: DDoS	DDoS Attack Bad Web Bot
Anonymous	2026-06-09 21:07:43 (1 week ago)	Repeated automated scraping and high-volume requests against a secured web server following multiple ... show more Repeated automated scraping and high-volume requests against a secured web server following multiple rate limit violations. show less	Web App Attack
🇫🇷 Sklurk	2026-06-07 04:26:37 (1 week ago)	Web App Attack	Web App Attack
🇮🇹 A000Z	2026-06-04 20:25:41 (1 week ago)	Fail2Ban: 47.82.8.52 was banned for Aggressive Bad Bot detected by Nginx/Fail2Ban. UA: Mozilla/5.0 ( ... show more Fail2Ban: 47.82.8.52 was banned for Aggressive Bad Bot detected by Nginx/Fail2Ban. UA: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36 show less	Bad Web Bot
🇩🇪 Vegascosmetics	2026-06-01 10:37:40 (2 weeks ago)	Kingcopy(AI-IDS) Report: IP 47.82.8.52 wurde nach 3 Angriffsversuchen automatisch geblockt. Pattern: ... show more Kingcopy(AI-IDS) Report: IP 47.82.8.52 wurde nach 3 Angriffsversuchen automatisch geblockt. Pattern: High Priority: ChangeCountry - Vegas Cosmetics Security System show less	DDoS Attack Hacking Bad Web Bot
🇨🇿 vitex	2026-05-26 04:00:00 (3 weeks ago)	Automated distributed scraping of Forgejo git server (git.vitexsoftware.com). Bots systematically cr ... show more Automated distributed scraping of Forgejo git server (git.vitexsoftware.com). Bots systematically crawled git blame endpoints (/*/blame/commit/<hash>/file) across all commits of public repositories, causing server load of 17+ (normal: <2). Over 71,000 unique IPs involved. Attack window: 2026-05-26 03:30-06:37 UTC. Primary target: PureHTML/purezencart (9933 commits, 5065 files). Each blame request triggers expensive git operations; 30,000+ slow requests per hour. show less	DDoS Attack Bad Web Bot
🇺🇸 TPI-Abuse	2026-05-23 17:23:35 (3 weeks ago)	(mod_security) mod_security (id:210730) triggered by 47.82.8.52 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210730) triggered by 47.82.8.52 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat May 23 13:23:28.019947 2026] [security2:error] [pid 15347:tid 15347] [client 47.82.8.52:51276] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "4"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|www.flavornet.org\|F\|2"] [data ".pdb"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.flavornet.org"] [uri "/info/jmol/pdb/111-35-3.pdb"] [unique_id "ahHikFmRbanx2rLxiP9R0AAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 kosada.com	2026-05-23 09:03:01 (3 weeks ago)	Web bot: DDoS	DDoS Attack Bad Web Bot
🇩🇪 pltcldvlpr	2026-05-03 11:29:20 (1 month ago)	47.82.8.52 - - [03/May/2026:13:29:00 +0200] "GET /protocol?id=sh_18_26&offset=0 HTTP/2.0" 200 343365 ... show more 47.82.8.52 - - [03/May/2026:13:29:00 +0200] "GET /protocol?id=sh_18_26&offset=0 HTTP/2.0" 200 343365 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/145.0.0.0 Safari/537.36" asn=45102 org="Alibaba (US) Technology Co., Ltd." 47.82.8.52 - - [03/May/2026:13:29:19 +0200] "GET /protocol?id=sh_18_142&offset=700&seq=699 HTTP/2.0" 200 344972 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36" asn=45102 org="Alibaba (US) Technology Co., Ltd." 47.82.8.52 - - [03/May/2026:13:29:19 +0200] "GET /protocol?id=be_16_81&offset=350&seq=438 HTTP/2.0" 200 345749 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/139.0.0.0 Safari/537.36" asn=45102 org="Alibaba (US) Technology Co., Ltd." ... show less	Bad Web Bot
🇳🇱 jjnxpct	2026-05-03 04:07:44 (1 month ago)	Automated security incident from hosting server. ModSecurity blocked suspicious request targeting UR ... show more Automated security incident from hosting server. ModSecurity blocked suspicious request targeting URI: /images/nieuws/2016/161103_vk_waarom_is_mijn_zoon_bij_de_punt_ge%C3%ABxecuteerd.pdf (Rule ID: 920171) - GET or HEAD Request with Transfer-Encoding show less	Web App Attack
🇦🇺 mjmouse	2026-05-02 01:32:06 (1 month ago)	Visited honeypot banned in robots.txt 47.82.8.52 darbybible.app - [02/May/2026:01:32:06 +0000] "GET ... show more Visited honeypot banned in robots.txt 47.82.8.52 darbybible.app - [02/May/2026:01:32:06 +0000] "GET /[honeypot]/?from=%2FMalachi%2F HTTP/1.0" 403 158 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/146.0.0.0 Safari/537.36" show less	Bad Web Bot

Showing 1 to 15 of 37 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 208.87.243.251

🇧🇷 177.101.0.11

🇩🇪 151.245.73.147

🇨🇳 121.237.10.246

🇨🇳 120.217.7.175

🇹🇼 110.25.109.53

🇨🇳 101.126.23.159

🇺🇸 20.64.106.118

🇺🇸 216.25.89.122

🇬🇧 193.163.125.238

🇰🇷 110.14.190.221

🇺🇸 107.173.242.73

🇨🇦 20.104.203.253

🇺🇸 2607:f8b0:4004:1002::121

🇺🇦 195.225.49.173

🇺🇸 103.143.10.79

🇨🇳 39.154.6.77

🇭🇰 199.45.154.128

🇫🇮 147.185.133.226

🇺🇸 143.42.1.34