AbuseIPDB » 47.99.56.244
47.99.56.244
This IP was reported 6 times. Confidence of
Abuse
is 39% : ?
ISP
Aliyun Computing Co., LTD
Usage Type
Data Center/Web Hosting/Transit
ASN
AS37963
Domain Name
alibabacloud.com
Country
๐จ๐ณ
China
City
Hangzhou, Zhejiang
IP info including ISP, Usage Type, and Location provided
by IPInfo . Updated weekly.
IP Abuse Reports for 47.99.56.244 :
This IP address has been reported a total of
6
times from
6 distinct
sources.
47.99.56.244 was first reported on
June 24th 2026 , and the most recent report was
14 hours ago
Recent Reports:
We have received reports of abusive activity from this IP address within the last week. It is
potentially still actively engaged in abusive activities.
Reporter
IoA Timestamp (UTC)
Comment
Categories
2026-06-25 10:25:30
(14 hours ago)
DNS Compromise
DDoS Attack
๐ฉ๐ช
MBombeck
2026-06-25 07:42:02
(17 hours ago)
Fail2Ban/traefik-botsearch on apps-01: banned after 5 failures
Web App Attack
๐ซ๐ฎ
oh.mg
2026-06-25 01:51:51
(22 hours ago)
[Thu Jun 25 03:51:49.526078 2026] [security2:error] [pid 840010:tid 840015] [client 47.99.56.244:565 ...
show more
[Thu Jun 25 03:51:49.526078 2026] [security2:error] [pid 840010:tid 840015] [client 47.99.56.244:56522] [client 47.99.56.244] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:blocking_inbound_anomaly_score. [file "/usr/share/modsecurity-crs/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "233"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 8)"] [ver "OWASP_CRS/4.10.0-dev"] [tag "anomaly-evaluation"] [tag "OWASP_CRS"] [hostname "95.216.72.247"] [uri "/.config/claude/.credentials.json"] [unique_id "ajyJtY7anLxV0dh0ZOSi1QAAAEM"]
[Thu Jun 25 03:51:50.213016 2026] [security2:error] [pid 840010:tid 840024] [client 47.99.56.244:34264] [client 47.99.56.244] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:blocking_inbound_anomaly_score. [file "/usr/share/modsecurity-crs/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "233"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 8)"] [ver "OWASP_CRS
...
show less
Web App Attack
Bad Web Bot
๐ฉ๐ช
ManagedStack
2026-06-25 01:30:01
(23 hours ago)
Probing access to unauthorized locations
Hacking
Exploited Host
Web App Attack
๐ช๐น
AlienBase
2026-06-25 00:06:00
(1 day ago)
47.99.56.244 - - [24/Jun/2026:21:37:14 +0000] "HEAD /.credentials.json HTTP/1.1" 301 0 "-" "opendirm ...
show more
47.99.56.244 - - [24/Jun/2026:21:37:14 +0000] "HEAD /.credentials.json HTTP/1.1" 301 0 "-" "opendirme-credhunt/1.0"
Attempts to steal credentials
47.99.56.244 - - [24/Jun/2026:21:37:14 +0000] "HEAD /.credentials.json HTTP/1.1" 400 0 "-" "opendirme-credhunt/1.0"
47.99.56.244 - - [24/Jun/2026:21:37:14 +0000] "\x16\x03\x01\x05\xCC\x01\x00\x05\xC8\x03\x03\xF468\xCE:\xCC&\xE2<\x1E\x9E?:\x87\xEFo\xCF#\xD9(\xE6\xF8?<\xE8,a\x117(\xA>
47.99.56.244 - - [24/Jun/2026:21:37:14 +0000] "HEAD /.claude/.credentials.json HTTP/1.1" 400 0 "-" "opendirme-credhunt/1.0"
47.99.56.244 - - [24/Jun/2026:21:37:14 +0000] "HEAD /.claude/.credentials.json HTTP/1.1" 301 0 "-" "opendirme-credhunt/1.0"
47.99.56.244 - - [24/Jun/2026:21:37:15 +0000] "\x16\x03\x01\x05\xCC\x01\x00\x05\xC8\x03\x03j\xD3\x83\xB2*\x1E\x83p\x1A\x1C\x86\xC1\x19K\x13\x10\xF9s\xA7'" 400 150 "-">
47.99.56.244 - - [24/Jun/2026:21:37:15 +0000] "HEAD /.config/claude/.credentials.json HTTP/1.1" 400 0 "-" "opendirme-credhunt/1.0"
show less
Bad Web Bot
Web App Attack
Hacking
๐บ๐ธ
micropedro
2026-06-24 21:32:14
(1 day ago)
6 incidents: web scanning/attack, port scanning. Ports: 5000/TCP(1), 8000/TCP(1), 8080/TCP(1), 8081/ ...
show more
6 incidents: web scanning/attack, port scanning. Ports: 5000/TCP(1), 8000/TCP(1), 8080/TCP(1), 8081/TCP(1), 8090/TCP(1). First: 2026-06-24 17:32, Last: 2026-06-24 17:32 UTC. Triggers: ufw-repeater,non-public-port,port-trap,recidive,firewall-tcp,firewall-http.
show less
Port Scan
Brute-Force
Web App Attack
Showing 1 to
6
of 6 reports
Think this IP has been falsely reported? You may request to have the associated
reports reviewed and removed.
Request Takedown ๐ฉ
Recently Reported IPs: