JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 47.79.201.239

47.79.201.239 was found in our database!

This IP was reported 51 times. Confidence of Abuse is 59%: ?

59%

ISP	Alibaba Cloud LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS45102
Domain Name	alibaba-inc.com
Country	🇸🇬 Singapore
City	Singapore

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 47.79.201.239

Whois 47.79.201.239

IP Abuse Reports for 47.79.201.239:

This IP address has been reported a total of 51 times from 22 distinct sources. 47.79.201.239 was first reported on May 10th 2025, and the most recent report was 9 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇨🇦 1gz	2026-06-17 00:32:11 (9 hours ago)	Triggered Cloudflare WAF (firewallCustom) from SG. Action taken: BLOCK Protocol: HTTP/1.1 (GET metho ... show more Triggered Cloudflare WAF (firewallCustom) from SG. Action taken: BLOCK Protocol: HTTP/1.1 (GET method) Endpoint: /uncategorized/intimate-relationship-meaning-different-types/101522 UA: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Mobile Safari/537.36 This report was generated by: https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
Anonymous	2026-06-16 13:39:01 (20 hours ago)	Malicious activity detected	Hacking Web App Attack
🇺🇸 ChamberofCommerce.com	2026-06-16 09:27:24 (1 day ago)	Unauthorized Scraping Attempt - More then 225 Pages Requested in a 24 hour period - Total Requested ... show more Unauthorized Scraping Attempt - More then 225 Pages Requested in a 24 hour period - Total Requested Before Block:226 show less	Bad Web Bot
Anonymous	2026-06-16 09:21:19 (1 day ago)	FortiWeb WAF: 42 attacks detected. Threat Score: 15000. Types: Client Management(21), GEO IP(21). Or ... show more FortiWeb WAF: 42 attacks detected. Threat Score: 15000. Types: Client Management(21), GEO IP(21). Origin: Singapore. show less	Web App Attack
🇫🇷 Sklurk	2026-06-15 04:04:29 (2 days ago)	Web App Attack	Web App Attack
🇦🇺 FireGuard Server	2026-06-14 16:20:12 (2 days ago)	Blocked by OPNsense firewall; 4 hits, proto=tcp, ports=443	Port Scan Hacking
Anonymous	2026-06-14 09:20:58 (3 days ago)	FortiWeb WAF: 44 attacks detected. Threat Score: 16800. Types: Client Management(22), GEO IP(22). Or ... show more FortiWeb WAF: 44 attacks detected. Threat Score: 16800. Types: Client Management(22), GEO IP(22). Origin: Singapore. show less	Web App Attack
🇺🇸 TPI-Abuse	2026-06-14 04:30:47 (3 days ago)	(mod_security) mod_security (id:210730) triggered by 47.79.201.239 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210730) triggered by 47.79.201.239 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 14 00:30:43.274129 2026] [security2:error] [pid 26209:tid 26209] [client 47.79.201.239:48680] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|3905ccn.org\|F\|2"] [data ".qrz.com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "3905ccn.org"] [uri "/\\\\\\\\www.qrz.com"] [unique_id "ai4uc875NS8zDwCgk3S0QgAAABc"], referer: https://www.google.com/ show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 Sklurk	2026-06-14 03:13:29 (3 days ago)	Web App Attack	Web App Attack
🇫🇷 Sklurk	2026-06-13 02:29:38 (4 days ago)	Web App Attack	Web App Attack
🇺🇸 TPI-Abuse	2026-06-12 14:27:28 (4 days ago)	(mod_security) mod_security (id:210730) triggered by 47.79.201.239 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210730) triggered by 47.79.201.239 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 12 10:27:21.713708 2026] [security2:error] [pid 20724:tid 20724] [client 47.79.201.239:3112] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|www.natural-history-conservation.com\|F\|2"] [data ".plesiosaur.com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.natural-history-conservation.com"] [uri "/www.plesiosaur.com"] [unique_id "aiwXSVSqsg8WKkUM0GL2GAAAAA8"], referer: https://www.google.com/ show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-12 09:21:53 (5 days ago)	FortiWeb WAF: 80 attacks detected. Threat Score: 11800. Types: Client Management(40), GEO IP(40). Or ... show more FortiWeb WAF: 80 attacks detected. Threat Score: 11800. Types: Client Management(40), GEO IP(40). Origin: Singapore. show less	Web App Attack
Anonymous	2026-06-12 05:25:02 (5 days ago)	Malicious activity detected	Hacking Web App Attack
🇺🇸 COMPLEX	2026-06-11 09:09:28 (6 days ago)	Triggered Cloudflare WAF (firewallCustom) from SG. Action taken: MANAGED_CHALLENGE ASN: undefined (u ... show more Triggered Cloudflare WAF (firewallCustom) from SG. Action taken: MANAGED_CHALLENGE ASN: undefined (undefined) Protocol: HTTP/1.1 (GET method) Endpoint: / UA: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Mobile Safari/537.36 show less	Bad Web Bot
🇺🇸 TPI-Abuse	2026-06-11 06:06:18 (6 days ago)	(mod_security) mod_security (id:240950) triggered by 47.79.201.239 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:240950) triggered by 47.79.201.239 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 11 02:06:14.670838 2026] [security2:error] [pid 18795:tid 18795] [client 47.79.201.239:30408] ModSecurity: Access denied with code 403 (phase 1). Pattern match "\\\\D" at TX:1. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "4530"] [id "240950"] [rev "2"] [msg "COMODO WAF: XSS & SQL injection vulnerability in Pragyan CMS 3.0 (CVE-2015-1471)\|\|beckersystems.net\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "beckersystems.net"] [uri "/beckerwiki/index.php"] [unique_id "aipQVhu-rIkWBxHABZUwnAAAAAQ"], referer: https://www.google.com/ show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 51 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇦🇷 181.28.101.14

🇺🇸 162.240.109.188

🇸🇬 103.250.11.176

🇮🇳 103.38.219.22

🇺🇸 66.132.172.105

🇫🇷 51.158.120.121

🇫🇷 5.135.167.5

🇲🇦 196.92.7.249

🇮🇳 117.245.84.221

🇨🇳 112.86.146.178

🇷🇴 92.118.39.62

🇨🇳 60.25.55.223

🇨🇳 47.122.127.10

🇮🇳 34.93.128.179

🇷🇺 31.6.120.29

🇭🇰 23.249.18.127

🇹🇷 213.43.6.65

🇺🇸 198.37.116.149

🇵🇰 160.187.180.175

🇳🇱 160.119.69.16