JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 47.79.11.219

47.79.11.219 was found in our database!

This IP was reported 35 times. Confidence of Abuse is 53%: ?

53%

ISP	Alibaba Cloud LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS45102
Domain Name	alibaba-inc.com
Country	🇸🇬 Singapore
City	Singapore

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 47.79.11.219

Whois 47.79.11.219

IP Abuse Reports for 47.79.11.219:

This IP address has been reported a total of 35 times from 16 distinct sources. 47.79.11.219 was first reported on April 1st 2026, and the most recent report was 3 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇯🇵 Aaaa Bbbb	2026-06-08 04:59:05 (3 days ago)		DNS Compromise DNS Poisoning Fraud Orders DDoS Attack FTP Brute-Force Ping of Death Phishing Fraud VoIP Open Proxy Web Spam Email Spam Blog Spam VPN IP Port Scan Hacking SQL Injection Spoofing Brute-Force Bad Web Bot Exploited Host Web App Attack SSH IoT Targeted
🇫🇷 Sklurk	2026-06-07 03:52:36 (4 days ago)	Web App Attack	Web App Attack
🇺🇸 ersei.net	2026-06-05 19:43:19 (5 days ago)	Nonstop scanning with no cooldown or respect for 429.	Bad Web Bot
🇮🇹 A000Z	2026-06-04 21:59:40 (6 days ago)	Fail2Ban: 47.79.11.219 was banned for Aggressive Bad Bot detected by Nginx/Fail2Ban. UA: Mozilla/5.0 ... show more Fail2Ban: 47.79.11.219 was banned for Aggressive Bad Bot detected by Nginx/Fail2Ban. UA: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/140.0.0.0 Safari/537.36 show less	Bad Web Bot
🇵🇹 Information Security	2026-05-28 02:40:51 (2 weeks ago)	Web App Attack	Web App Attack
🇵🇹 Information Security	2026-05-26 20:02:16 (2 weeks ago)	Web App Attack	Web App Attack
🇬🇧 seniorlinuxadmin	2026-05-26 07:09:31 (2 weeks ago)	47.79.11.219 - - [26/May/2026:08:09:29 +0100] "GET / HTTP/2.0" 400 162 "-" "Mozilla/5.0 (Windows NT ... show more 47.79.11.219 - - [26/May/2026:08:09:29 +0100] "GET / HTTP/2.0" 400 162 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36" show less	Port Scan Web App Attack
🇨🇿 vitex	2026-05-26 04:00:00 (2 weeks ago)	Automated distributed scraping of Forgejo git server (git.vitexsoftware.com). Bots systematically cr ... show more Automated distributed scraping of Forgejo git server (git.vitexsoftware.com). Bots systematically crawled git blame endpoints (/*/blame/commit/<hash>/file) across all commits of public repositories, causing server load of 17+ (normal: <2). Over 71,000 unique IPs involved. Attack window: 2026-05-26 03:30-06:37 UTC. Primary target: PureHTML/purezencart (9933 commits, 5065 files). Each blame request triggers expensive git operations; 30,000+ slow requests per hour. show less	DDoS Attack Bad Web Bot
🇺🇸 TPI-Abuse	2026-05-24 05:17:38 (2 weeks ago)	(mod_security) mod_security (id:210730) triggered by 47.79.11.219 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210730) triggered by 47.79.11.219 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun May 24 01:17:31.084107 2026] [security2:error] [pid 22281:tid 22281] [client 47.79.11.219:42684] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "4"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|www.flavornet.org\|F\|2"] [data ".pdb"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.flavornet.org"] [uri "/info/jmol/pdb/1669-44-9.pdb"] [unique_id "ahKJ68Nuq5tunOuOSDSVJwAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 kosada.com	2026-05-23 09:15:09 (2 weeks ago)	Web bot: DDoS	DDoS Attack Bad Web Bot
🇩🇪 milcraft.nl	2026-05-19 00:35:37 (3 weeks ago)	Suspicious WooCommerce query combination detected. Not default available on websites. Matched combi ... show more Suspicious WooCommerce query combination detected. Not default available on websites. Matched combi patterns: filter_, add-to-cart=, orderby=, product_count=. Activity is consistent with high-volume request abuse. show less	DDoS Attack Web App Attack
🇷🇺 Mga Admin	2026-05-09 03:05:52 (1 month ago)	47.79.11.219 - - [09/May/2026:10:05:28 +0700] "GET /sumFREGAT/bychr/chr20/TMC2.RData HTTP/1.1" 403 1 ... show more 47.79.11.219 - - [09/May/2026:10:05:28 +0700] "GET /sumFREGAT/bychr/chr20/TMC2.RData HTTP/1.1" 403 199 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/140.0.0.0 Safari/537.36" ... show less	Web App Attack
🇺🇸 ersei.net	2026-05-09 02:10:58 (1 month ago)	Nonstop scanning with no cooldown or respect for 429.	Bad Web Bot
🇺🇸 ersei.net	2026-05-04 09:43:20 (1 month ago)	Nonstop scanning with no cooldown or respect for 429.	Bad Web Bot
🇧🇬 pa4080	2026-05-03 05:02:06 (1 month ago)	Detected by ModSecurity. Request URI: /index.php?returnto=SSH+and+SFTP+Jail+a+User+%28refs%29&return ... show more Detected by ModSecurity. Request URI: /index.php?returnto=SSH+and+SFTP+Jail+a+User+%28refs%29&returntoquery=diff%3Dnext%26oldid%3D31396&title=Special%3AUserLogin show less	Hacking Web App Attack

Showing 1 to 15 of 35 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇴 186.1.186.40

🇺🇸 66.132.186.207

🇳🇱 45.148.10.152

🇨🇳 218.17.184.95

🇺🇸 216.73.161.82

🇲🇽 186.96.145.241

🇺🇸 162.243.87.135

🇺🇸 162.216.149.243

🇫🇷 92.103.134.183

🇧🇷 72.61.57.152

🇩🇪 64.89.163.145

🇫🇷 51.178.111.236

🇸🇳 41.82.107.77

🇯🇵 34.104.237.242

🇻🇳 123.20.50.96

🇨🇿 82.118.30.97

🇩🇪 69.5.169.17

🇸🇬 43.173.181.82

🇳🇱 31.42.176.142

🇷🇴 2.57.122.238