JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 47.79.11.106

47.79.11.106 was found in our database!

This IP was reported 29 times. Confidence of Abuse is 43%: ?

43%

ISP	Alibaba Cloud LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS45102
Domain Name	alibaba-inc.com
Country	🇸🇬 Singapore
City	Singapore

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 47.79.11.106

Whois 47.79.11.106

IP Abuse Reports for 47.79.11.106:

This IP address has been reported a total of 29 times from 11 distinct sources. 47.79.11.106 was first reported on April 1st 2026, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇵🇹 Information Security	2026-06-03 21:24:07 (1 day ago)	Web App Attack	Web App Attack
🇵🇹 Information Security	2026-05-31 02:37:04 (5 days ago)	Web App Attack	Web App Attack
🇵🇹 Information Security	2026-05-28 19:05:00 (1 week ago)	Web App Attack	Web App Attack
🇵🇹 Information Security	2026-05-26 22:09:47 (1 week ago)	Web App Attack	Web App Attack
🇨🇿 vitex	2026-05-26 04:00:00 (1 week ago)	Automated distributed scraping of Forgejo git server (git.vitexsoftware.com). Bots systematically cr ... show more Automated distributed scraping of Forgejo git server (git.vitexsoftware.com). Bots systematically crawled git blame endpoints (/*/blame/commit/<hash>/file) across all commits of public repositories, causing server load of 17+ (normal: <2). Over 71,000 unique IPs involved. Attack window: 2026-05-26 03:30-06:37 UTC. Primary target: PureHTML/purezencart (9933 commits, 5065 files). Each blame request triggers expensive git operations; 30,000+ slow requests per hour. show less	DDoS Attack Bad Web Bot
🇷🇺 Mga Admin	2026-05-24 02:20:38 (1 week ago)	47.79.11.106 - - [24/May/2026:09:20:31 +0700] "GET /_next/data/ HTTP/1.1" 404 196 "-" "Mozilla/5.0 ( ... show more 47.79.11.106 - - [24/May/2026:09:20:31 +0700] "GET /_next/data/ HTTP/1.1" 404 196 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36" ... show less	Web App Attack
🇺🇸 TPI-Abuse	2026-05-23 20:59:14 (1 week ago)	(mod_security) mod_security (id:210730) triggered by 47.79.11.106 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210730) triggered by 47.79.11.106 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat May 23 16:59:07.652858 2026] [security2:error] [pid 27759:tid 27759] [client 47.79.11.106:45816] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "4"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|www.flavornet.org\|F\|2"] [data ".pdb"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.flavornet.org"] [uri "/info/jmol/pdb/14049-11-7.pdb"] [unique_id "ahIVG6KT1obgpN4hJ8WJxgAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 kosada.com	2026-05-23 11:20:02 (1 week ago)	Web bot: DDoS	DDoS Attack Bad Web Bot
🇺🇸 gui-ying233	2026-05-17 00:19:17 (2 weeks ago)	Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0. ... show more Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36 show less	Bad Web Bot
🇷🇺 Mga Admin	2026-05-09 03:04:39 (3 weeks ago)	47.79.11.106 - - [09/May/2026:10:02:06 +0700] "GET /sumFREGAT/bychr/chr1/CROCC.RData HTTP/1.1" 403 1 ... show more 47.79.11.106 - - [09/May/2026:10:02:06 +0700] "GET /sumFREGAT/bychr/chr1/CROCC.RData HTTP/1.1" 403 199 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36" ... show less	Web App Attack
🇳🇱 jjnxpct	2026-05-03 04:07:31 (1 month ago)	Automated security incident from hosting server. ModSecurity blocked suspicious request targeting UR ... show more Automated security incident from hosting server. ModSecurity blocked suspicious request targeting URI: /images/Uploads_Brechtje/20230909_Parool_Derdelanders_UdO.pdf (Rule ID: 920171) - GET or HEAD Request with Transfer-Encoding show less	Web App Attack
Anonymous	2026-05-01 02:37:39 (1 month ago)	Malicious activity detected	Hacking Web App Attack
🇪🇸 el-brujo	2026-04-30 06:24:40 (1 month ago)	Cloudflare WAF: Request Path: /geolocalizacion.html Request Query: ?host=kytaxfirm.com Host: elhacke ... show more Cloudflare WAF: Request Path: /geolocalizacion.html Request Query: ?host=kytaxfirm.com Host: elhacker.net userAgent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36 Action: managed_challenge Source: firewallCustom ASN Description: Alibaba (US) Technology Co., Ltd. Country: SG Method: GET Timestamp: 2026-04-30T06:24:40Z ruleId: 3c55069d689d450eb591f3b84da7ce04. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/MHG-LAB/Cloudflare-WAF-to-AbuseIPDB). show less	Hacking SQL Injection Web App Attack
🇪🇸 el-brujo	2026-04-22 20:30:35 (1 month ago)	Cloudflare WAF: Request Path: /whois.html Request Query: ?domain=177.239.34.158 Host: elhacker.net u ... show more Cloudflare WAF: Request Path: /whois.html Request Query: ?domain=177.239.34.158 Host: elhacker.net userAgent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36 Action: managed_challenge Source: firewallCustom ASN Description: ALIBABA-CN-NET Alibaba US Technology Co., Ltd. Country: SG Method: GET Timestamp: 2026-04-22T20:30:35Z ruleId: 3c55069d689d450eb591f3b84da7ce04. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/MHG-LAB/Cloudflare-WAF-to-AbuseIPDB). show less	Hacking SQL Injection Web App Attack
🇪🇸 el-brujo	2026-04-21 00:40:00 (1 month ago)	Cloudflare WAF: Request Path: /geolocalizacion.html Request Query: ?host=collemcvoy.tv Host: elhacke ... show more Cloudflare WAF: Request Path: /geolocalizacion.html Request Query: ?host=collemcvoy.tv Host: elhacker.net userAgent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36 Action: managed_challenge Source: firewallCustom ASN Description: ALIBABA-CN-NET Alibaba US Technology Co., Ltd. Country: SG Method: GET Timestamp: 2026-04-21T00:40:00Z ruleId: 3c55069d689d450eb591f3b84da7ce04. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/MHG-LAB/Cloudflare-WAF-to-AbuseIPDB). show less	Hacking SQL Injection Web App Attack

Showing 1 to 15 of 29 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇮🇩 157.15.73.34

🇮🇳 139.59.8.50

🇬🇧 35.203.210.13

🇺🇸 205.210.31.90

🇮🇷 193.151.140.91

🇺🇸 172.253.8.155

🇩🇪 167.94.145.22

🇻🇳 157.10.52.221

🇹🇬 156.38.73.89

🇯🇵 139.162.78.6

🇰🇷 61.72.55.130

🇮🇳 52.172.177.191

🇹🇷 45.158.14.124

🇧🇪 34.76.237.251

🇮🇳 203.145.143.163

🇮🇳 182.78.108.126

🇨🇴 179.33.210.213

🇸🇬 161.118.203.255

🇳🇱 156.255.1.208

🇳🇱 156.253.5.146