JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 47.79.199.54

47.79.199.54 was found in our database!

This IP was reported 43 times. Confidence of Abuse is 20%: ?

20%

ISP	Alibaba Cloud LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS45102
Domain Name	alibaba-inc.com
Country	🇸🇬 Singapore
City	Singapore

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 47.79.199.54

Whois 47.79.199.54

IP Abuse Reports for 47.79.199.54:

This IP address has been reported a total of 43 times from 19 distinct sources. 47.79.199.54 was first reported on May 23rd 2025, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-13 22:41:05 (1 day ago)	(mod_security) mod_security (id:210730) triggered by 47.79.199.54 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210730) triggered by 47.79.199.54 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 13 18:40:58.646799 2026] [security2:error] [pid 4787:tid 4787] [client 47.79.199.54:28552] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|www.civilwarzone.com\|F\|2"] [data ".dll"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.civilwarzone.com"] [uri "/~site/Scripts_ExternalRedirect/ExternalRedirect.dll"] [unique_id "ai3cesqi3v8MBIzI5fqzvwAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 MusicLibrary	2026-05-14 13:34:20 (1 month ago)	Apache HTTP Authentication failed (Brute Force)	Brute-Force Web App Attack
🇫🇷 Sklurk	2026-05-05 06:32:44 (1 month ago)	Web App Attack	Web App Attack
🇺🇸 gui-ying233	2026-04-29 02:07:27 (1 month ago)	Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/53 ... show more Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36 show less	Bad Web Bot
🇺🇸 TPI-Abuse	2026-04-06 06:06:08 (2 months ago)	(mod_security) mod_security (id:210730) triggered by 47.79.199.54 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210730) triggered by 47.79.199.54 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Apr 06 02:06:02.041018 2026] [security2:error] [pid 5374:tid 5391] [client 47.79.199.54:25854] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|aafm.us\|F\|2"] [data ".prodemyasia.com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "aafm.us"] [uri "/www.prodemyasia.com"] [unique_id "adNNSq2x_Bcy-K5pZy7CqAAAAA8"], referer: https://www.google.com/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-04-04 03:55:54 (2 months ago)	(mod_security) mod_security (id:210730) triggered by 47.79.199.54 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210730) triggered by 47.79.199.54 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Apr 03 23:55:49.051697 2026] [security2:error] [pid 9798:tid 9798] [client 47.79.199.54:44652] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|www.beirutbazar.com\|F\|2"] [data ".beirutbazar.com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.beirutbazar.com"] [uri "/tags/dinnerware/www.beirutbazar.com"] [unique_id "adCLxRiA6ByEpthDmJuuNAAAAAI"], referer: https://www.google.com/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 ersei.net	2026-01-15 20:11:43 (5 months ago)	Nonstop scanning with no cooldown or respect for 429.	Bad Web Bot
🇮🇹 VHosting	2026-01-08 11:36:17 (5 months ago)	Detected attack and reported by a human	DDoS Attack Brute-Force Bad Web Bot Exploited Host Web App Attack SSH
🇺🇸 kosada.com	2026-01-05 07:05:20 (5 months ago)	Web bot: DDoS	DDoS Attack Bad Web Bot
🇺🇸 kosada.com	2025-12-26 17:05:50 (5 months ago)	Web bot: DDoS	DDoS Attack Bad Web Bot
🇺🇸 ersei.net	2025-12-14 07:23:19 (6 months ago)	Nonstop scanning with no cooldown or respect for 429.	Bad Web Bot
🇨🇦 1gz	2025-12-13 01:32:45 (6 months ago)	Triggered Cloudflare WAF (firewallCustom) from SG. Action taken: BLOCK Protocol: HTTP/1.1 (GET metho ... show more Triggered Cloudflare WAF (firewallCustom) from SG. Action taken: BLOCK Protocol: HTTP/1.1 (GET method) Endpoint: /lajme/aksident-rrugor UA: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/132.0.0.0 Safari/537.36 This report was generated by: https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
Anonymous	2025-12-09 17:04:22 (6 months ago)	Web attack	Bad Web Bot Web App Attack
🇺🇸 ersei.net	2025-12-07 21:41:44 (6 months ago)	Nonstop scanning with no cooldown or respect for 429.	Bad Web Bot
🇦🇺 MAGIC	2025-12-07 02:08:43 (6 months ago)	VM1 Bad user agents ignoring web crawling rules. Draing bandwidth	DDoS Attack Bad Web Bot

Showing 1 to 15 of 43 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇰🇷 106.246.224.218

🇳🇱 104.23.166.67

🇨🇳 221.226.17.34

🇨🇳 218.98.6.202

🇳🇱 172.71.95.103

🇳🇱 104.23.170.140

🇬🇧 62.49.220.78

🇸🇬 43.133.61.150

🇧🇪 35.205.94.86

🇰🇷 211.187.7.14

🇨🇷 190.112.222.28

🇲🇽 189.147.19.238

🇸🇬 172.217.97.26

🇳🇱 172.71.182.3

🇺🇸 147.185.132.84

🇳🇱 141.101.76.158

🇸🇬 128.199.231.249

🇰🇷 121.188.193.96

🇳🇱 62.195.135.29

🇧🇷 45.205.1.244