JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 47.79.200.56

47.79.200.56 was found in our database!

This IP was reported 55 times. Confidence of Abuse is 54%: ?

54%

ISP	Alibaba Cloud LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS45102
Domain Name	alibaba-inc.com
Country	🇸🇬 Singapore
City	Singapore

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 47.79.200.56

Whois 47.79.200.56

IP Abuse Reports for 47.79.200.56:

This IP address has been reported a total of 55 times from 21 distinct sources. 47.79.200.56 was first reported on May 24th 2025, and the most recent report was 5 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-15 20:12:36 (5 hours ago)	(mod_security) mod_security (id:210730) triggered by 47.79.200.56 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210730) triggered by 47.79.200.56 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 15 16:12:32.669485 2026] [security2:error] [pid 28768:tid 28768] [client 47.79.200.56:7270] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|soviaenterprises.com\|F\|2"] [data ".com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "soviaenterprises.com"] [uri "/manninglandservices.com"] [unique_id "ajBcsAqawzcabRuV65Mr2AAAABU"], referer: https://www.google.com/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 ChamberofCommerce.com	2026-06-15 17:08:09 (8 hours ago)	Unauthorized Scraping Attempt - More then 225 Pages Requested in a 24 hour period - Total Requested ... show more Unauthorized Scraping Attempt - More then 225 Pages Requested in a 24 hour period - Total Requested Before Block:226 show less	Bad Web Bot
🇺🇸 TPI-Abuse	2026-06-15 13:33:57 (12 hours ago)	(mod_security) mod_security (id:210730) triggered by 47.79.200.56 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210730) triggered by 47.79.200.56 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 15 09:33:50.696999 2026] [security2:error] [pid 21325:tid 21325] [client 47.79.200.56:64538] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|www.aaattanasio.com\|F\|2"] [data ".aaattanasio.com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.aaattanasio.com"] [uri "/book/epoch/www.aaattanasio.com"] [unique_id "ai__Pr2FJqDLUdBcY_wGUQAAAAU"], referer: https://www.google.com/ show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-15 09:26:36 (16 hours ago)	FortiWeb WAF: 36 attacks detected. Threat Score: 13800. Types: Client Management(18), GEO IP(18). Or ... show more FortiWeb WAF: 36 attacks detected. Threat Score: 13800. Types: Client Management(18), GEO IP(18). Origin: Singapore. show less	Web App Attack
🇺🇸 TPI-Abuse	2026-06-15 08:38:04 (17 hours ago)	(mod_security) mod_security (id:210730) triggered by 47.79.200.56 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210730) triggered by 47.79.200.56 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 15 04:37:57.924574 2026] [security2:error] [pid 2557:tid 2557] [client 47.79.200.56:11400] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|www.beirutbazar.com\|F\|2"] [data ".davidandnicolas.com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.beirutbazar.com"] [uri "/nstores/david-and-nicolas/www.davidandnicolas.com"] [unique_id "ai-55fb9wi26u5VR5xNViAAAAAE"], referer: https://www.google.com/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-14 13:12:08 (1 day ago)	(mod_security) mod_security (id:210730) triggered by 47.79.200.56 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210730) triggered by 47.79.200.56 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 14 09:12:01.068073 2026] [security2:error] [pid 17645:tid 17645] [client 47.79.200.56:32170] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|www.med-engineering.com\|F\|2"] [data ".com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.med-engineering.com"] [uri "/lyrica.com"] [unique_id "ai6oocQfbF9T3b6z15yB7gAAABc"], referer: https://www.google.com/ show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 Sklurk	2026-06-13 19:18:53 (2 days ago)	Web App Attack	Web App Attack
Anonymous	2026-06-13 10:48:01 (2 days ago)	Malicious activity detected	Hacking Web App Attack
Anonymous	2026-06-13 09:26:33 (2 days ago)	FortiWeb WAF: 32 attacks detected. Threat Score: 15200. Types: Client Management(16), GEO IP(16). Or ... show more FortiWeb WAF: 32 attacks detected. Threat Score: 15200. Types: Client Management(16), GEO IP(16). Origin: Singapore. show less	Web App Attack
🇺🇸 TPI-Abuse	2026-06-13 06:10:06 (2 days ago)	(mod_security) mod_security (id:210730) triggered by 47.79.200.56 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210730) triggered by 47.79.200.56 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 13 02:09:59.491575 2026] [security2:error] [pid 24691:tid 24691] [client 47.79.200.56:10112] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|3905ccn.org\|F\|2"] [data ".qrzcq.com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "3905ccn.org"] [uri "/\\\\\\\\www.qrzcq.com"] [unique_id "aiz0N1wlsrqdNiq_49HhGQAAAAI"], referer: https://www.google.com/ show less	Brute-Force Bad Web Bot Web App Attack
🇨🇦 1gz	2026-06-13 05:04:11 (2 days ago)	Triggered Cloudflare WAF (firewallCustom) from SG. Action taken: BLOCK Protocol: HTTP/1.1 (GET metho ... show more Triggered Cloudflare WAF (firewallCustom) from SG. Action taken: BLOCK Protocol: HTTP/1.1 (GET method) Endpoint: /shqiperi/e-konfirmon-agjenti-kumbulla-drejt-gjigantit-italian/497829 UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36 This report was generated by: https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
🇫🇷 Sklurk	2026-06-12 16:30:34 (3 days ago)	Web App Attack	Web App Attack
🇺🇸 TPI-Abuse	2026-06-12 01:19:15 (4 days ago)	(mod_security) mod_security (id:210730) triggered by 47.79.200.56 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210730) triggered by 47.79.200.56 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 11 21:19:10.576031 2026] [security2:error] [pid 8087:tid 8087] [client 47.79.200.56:31690] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "4"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|www.ilikeabe.com\|F\|2"] [data ".com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.ilikeabe.com"] [uri "/michleencollins.com"] [unique_id "aitejieiNb45GON-re42NgAAAB4"], referer: https://www.google.com/ show less	Brute-Force Bad Web Bot Web App Attack
🇦🇺 FireGuard Server	2026-06-11 20:15:04 (4 days ago)	Blocked by OPNsense firewall; 4 hits, proto=tcp, ports=443	Port Scan Hacking
Anonymous	2026-06-11 12:21:01 (4 days ago)	Malicious activity detected	Hacking Web App Attack

Showing 1 to 15 of 55 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇭🇰 199.45.154.184

🇨🇳 182.244.0.150

🇰🇷 180.71.9.31

🇺🇸 135.119.27.130

🇹🇼 118.194.252.168

🇳🇱 77.83.39.197

🇰🇷 59.11.246.91

🇩🇴 38.50.173.147

🇺🇸 162.216.149.131

🇰🇷 115.22.172.123

🇻🇳 113.183.5.104

🇺🇸 103.234.62.20

🇷🇴 80.94.92.168

🇺🇸 64.62.156.134

🇩🇪 213.209.159.56

🇮🇩 180.252.150.60

🇺🇸 162.142.125.48

🇨🇦 142.93.150.9

🇫🇷 51.68.111.214

🇨🇳 36.33.167.165