AbuseIPDB » 47.84.52.129
47.84.52.129 was found in our database!
This IP was reported 4 times. Confidence of
Abuse
is 30% : ?
ISP
Alibaba Cloud LLC
Usage Type
Data Center/Web Hosting/Transit
ASN
AS45102
Domain Name
alibaba-inc.com
Country
πΈπ¬
Singapore
City
Singapore
IP info including ISP, Usage Type, and Location provided
by IPInfo . Updated weekly.
IP Abuse Reports for 47.84.52.129 :
This IP address has been reported a total of
4
times from
4 distinct
sources.
47.84.52.129 was first reported on
July 15th 2026 , and the most recent report was
1 day ago .
Recent Reports:
We have received reports of abusive activity from this IP address within the last week. It is
potentially still actively engaged in abusive activities.
Reporter
IoA Timestamp (UTC)
Comment
Categories
π³π±
homeshowdomain.nl
2026-07-17 22:02:04
(1 day ago)
Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on ...
show more
Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on 2026-07-16.
show less
Web App Attack
SSH
Hacking
πΊπΈ
TPI-Abuse
2026-07-16 13:27:37
(2 days ago)
(mod_security) mod_security (id:210730) triggered by 47.84.52.129 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210730) triggered by 47.84.52.129 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 09:27:30.920840 2026] [security2:error] [pid 2247:tid 2273] [client 47.84.52.129:50674] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||certifiedpoliticalscientist.com|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "certifiedpoliticalscientist.com"] [uri "/dump.sql"] [unique_id "aljcQoMvgqOggb0P5dwsWwAAAEM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
π©πͺ
FeG Deutschland
2026-07-15 18:16:02
(3 days ago)
Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 124
Exploited Host
Web App Attack
π©πͺ
ut-addicted.com
2026-07-15 17:04:33
(3 days ago)
\[Wed Jul 15 19:04:28.902937 2026\] \[:error\] \[pid 8762:tid 139785790252800\] \[client 47.84.52.12 ...
show more
\[Wed Jul 15 19:04:28.902937 2026\] \[:error\] \[pid 8762:tid 139785790252800\] \[client 47.84.52.129:56776\] \[client 47.84.52.129\] ModSecurity: Access denied with code 403 \(phase 2\). Operator GE matched 5 at TX:anomaly_score. \[file "/usr/local/apache/modsecurity-owasp-latest/rules/REQUEST-949-BLOCKING-EVALUATION.conf"\] \[line "57"\] \[id "949110"\] \[msg "Inbound Anomaly Score Exceeded \(Total Score: 5\)"\] \[severity "CRITICAL"\] \[tag "application-multi"\] \[tag "language-multi"\] \[tag "platform-multi"\] \[tag "attack-generic"\] \[hostname "crx.it"\] \[uri "/.env.production"\] \[unique_id "ale9nPTIxMjJP2zsMR5RwAAAAAs"\]
show less
Brute-Force
Web App Attack
Showing 1 to
4
of 4 reports
Think this IP has been falsely reported? You may request to have the associated
reports reviewed and removed.
Request Takedown π©
Recently Reported IPs: