JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 47.89.245.138

47.89.245.138 was found in our database!

This IP was reported 57 times. Confidence of Abuse is 0%: ?

ISP	Alibaba Cloud - US
Usage Type	Data Center/Web Hosting/Transit
ASN	AS45102
Domain Name	alibabacloud.com
Country	🇺🇸 United States of America
City	Los Angeles, California

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 47.89.245.138

Whois 47.89.245.138

IP Abuse Reports for 47.89.245.138:

This IP address has been reported a total of 57 times from 29 distinct sources. 47.89.245.138 was first reported on January 22nd 2022, and the most recent report was 2 years ago.

Old Reports: The most recent abuse report for this IP address is from 2 years ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2024-01-11 12:31:17 (2 years ago)	(mod_security) mod_security (id:210492) triggered by 47.89.245.138 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 47.89.245.138 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jan 11 07:31:12.230924 2024] [security2:error] [pid 2105] [client 47.89.245.138:38156] [client 47.89.245.138] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "register-yacht-delaware.com"] [uri "/.git/info/exclude"] [unique_id "ZZ_fkIGZzwaEIR2m2mx_xgAAABY"], referer: http://register-yacht-delaware.com/.git/info/exclude show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2024-01-11 11:31:08 (2 years ago)	(mod_security) mod_security (id:210492) triggered by 47.89.245.138 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 47.89.245.138 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jan 11 06:31:04.097239 2024] [security2:error] [pid 15733] [client 47.89.245.138:34108] [client 47.89.245.138] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "boatregistrationdelaware.com"] [uri "/.git/info/exclude"] [unique_id "ZZ_ReMZqbD7ytbp7DdYIcQAAABw"], referer: http://boatregistrationdelaware.com/.git/info/exclude show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2024-01-11 08:36:10 (2 years ago)	(mod_security) mod_security (id:210492) triggered by 47.89.245.138 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 47.89.245.138 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jan 11 03:36:03.933386 2024] [security2:error] [pid 2587] [client 47.89.245.138:51804] [client 47.89.245.138] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.coloradofingerprinting.com"] [uri "/.git/info/exclude"] [unique_id "ZZ-oc6VMCV5twRP6tm2cPQAAABU"], referer: http://mail.coloradofingerprinting.com/.git/info/exclude show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2024-01-03 10:31:13 (2 years ago)	(mod_security) mod_security (id:210492) triggered by 47.89.245.138 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 47.89.245.138 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jan 03 05:31:06.643581 2024] [security2:error] [pid 18799:tid 47039494760192] [client 47.89.245.138:43742] [client 47.89.245.138] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "aafm.us"] [uri "/.git/info/exclude"] [unique_id "ZZU3alIj5byi9_MzcCe6KQAAAFE"], referer: http://aafm.us/.git/info/exclude show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2023-12-30 07:49:28 (2 years ago)	WEB_SERVER 403 Forbidden	Hacking
🇦🇺 MAGIC	2023-12-29 06:08:38 (2 years ago)	VM1 Bad user agents ignoring web crawling rules. Draing bandwidth	DDoS Attack Bad Web Bot
🇩🇪 stinpriza	2023-12-26 07:11:34 (2 years ago)	common Web Exploits being scanned	Web App Attack
🇮🇩 Burayot	2023-12-26 04:55:54 (2 years ago)	LF_MODSEC: (mod_security) mod_security (id:949110) triggered by 47.89.245.138 (US/United States/-): ... show more LF_MODSEC: (mod_security) mod_security (id:949110) triggered by 47.89.245.138 (US/United States/-): 2 in the last 3600 secs show less	Web App Attack
Anonymous	2023-10-24 03:12:05 (2 years ago)	[04:12:04] 0*: Scanning for exploits - /.git/info/exclude	Web App Attack
Anonymous	2023-09-05 12:47:22 (2 years ago)		Web Spam Email Spam Blog Spam Bad Web Bot Web App Attack
🇩🇪 niceshops.com	2023-06-20 04:12:46 (2 years ago)	Web Attack ([20/Jun/2023:06:12:44.678] GET /.git/info/exclude)	Web App Attack
🇩🇪 niceshops.com	2023-06-20 01:12:43 (2 years ago)	Web Attack ([20/Jun/2023:03:12:41.416] GET /.git/info/exclude)	Web App Attack
🇩🇪 niceshops.com	2023-06-12 05:29:00 (3 years ago)	Web Attack ([12/Jun/2023:07:28:58.846] GET /.git/info/exclude)	Web App Attack
🇩🇪 niceshops.com	2023-06-12 04:17:03 (3 years ago)	Web Attack ([12/Jun/2023:06:17:01.473] GET /.git/info/exclude)	Web App Attack
🇩🇪 niceshops.com	2023-06-12 02:28:57 (3 years ago)	Web Attack ([12/Jun/2023:04:28:55.330] GET /.git/info/exclude)	Web App Attack

Showing 1 to 15 of 57 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 209.74.93.184

🇩🇪 95.90.13.168

🇳🇱 91.92.42.227

🇳🇱 91.92.40.5

🇱🇹 62.60.130.59

🇺🇸 192.185.4.61

🇺🇸 170.187.165.139

🇭🇰 154.221.23.232

🇨🇳 118.145.246.44

🇧🇷 45.164.251.67

🇮🇩 103.29.185.162

🇲🇾 47.250.54.161

🇫🇮 46.62.145.7

🇨🇱 34.176.213.180

🇨🇳 14.116.172.24

🇰🇷 14.39.99.2

🇨🇳 144.123.76.81

🇻🇳 116.96.77.113

🇮🇪 108.130.154.69

🇷🇴 80.94.92.165