JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 47.79.201.94

47.79.201.94 was found in our database!

This IP was reported 37 times. Confidence of Abuse is 24%: ?

24%

ISP	Alibaba Cloud LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS45102
Domain Name	alibaba-inc.com
Country	🇸🇬 Singapore
City	Singapore

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 47.79.201.94

Whois 47.79.201.94

IP Abuse Reports for 47.79.201.94:

This IP address has been reported a total of 37 times from 15 distinct sources. 47.79.201.94 was first reported on May 10th 2025, and the most recent report was 2 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-11 22:21:58 (2 hours ago)	(mod_security) mod_security (id:210730) triggered by 47.79.201.94 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210730) triggered by 47.79.201.94 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 11 18:21:53.840764 2026] [security2:error] [pid 4589:tid 4589] [client 47.79.201.94:29752] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|www.avaliantlife.com\|F\|2"] [data ".avaliantlife.com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.avaliantlife.com"] [uri "/2015/06/www.avaliantlife.com"] [unique_id "ais1AUKllcL68SXEdU0h9gAAAAg"], referer: https://www.google.com/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 omc	2026-06-11 17:19:06 (7 hours ago)	Unauthorized file [PP]	Bad Web Bot
🇺🇸 TPI-Abuse	2026-06-11 14:24:18 (10 hours ago)	(mod_security) mod_security (id:210730) triggered by 47.79.201.94 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210730) triggered by 47.79.201.94 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 11 10:24:13.273357 2026] [security2:error] [pid 8430:tid 8430] [client 47.79.201.94:1036] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|dc406.org\|F\|2"] [data ".com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "dc406.org"] [uri "/fallsgreatestcookies.com"] [unique_id "airFDTLyWc6PhPt3k5s4IgAAAA0"], referer: https://www.google.com/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-11 10:09:19 (15 hours ago)	(mod_security) mod_security (id:210730) triggered by 47.79.201.94 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210730) triggered by 47.79.201.94 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 11 06:09:14.167388 2026] [security2:error] [pid 2252:tid 2252] [client 47.79.201.94:28892] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|cafink.name\|F\|2"] [data ".com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "cafink.name"] [uri "/insect-politics.com"] [unique_id "aiqJSgvO2qRE_cLI_n477gAAAAQ"], referer: https://www.google.com/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-10 23:19:47 (1 day ago)	(mod_security) mod_security (id:210730) triggered by 47.79.201.94 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210730) triggered by 47.79.201.94 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 10 19:19:42.011718 2026] [security2:error] [pid 6240:tid 6264] [client 47.79.201.94:27440] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|marinkovich.name\|F\|2"] [data ".com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "marinkovich.name"] [uri "/ariel95.com"] [unique_id "ainxDkgtMujKbguyO9OEFQAAAJU"], referer: https://www.google.com/ show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-10 20:38:04 (1 day ago)	Malicious activity detected	Hacking Web App Attack
🇩🇪 FeG Deutschland	2026-04-04 06:20:52 (2 months ago)	Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 24	Exploited Host Web App Attack
🇺🇸 TPI-Abuse	2026-03-31 06:03:19 (2 months ago)	(mod_security) mod_security (id:210730) triggered by 47.79.201.94 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210730) triggered by 47.79.201.94 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Mar 31 02:03:15.380448 2026] [security2:error] [pid 16975:tid 16975] [client 47.79.201.94:14072] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|www.beirutbazar.com\|F\|2"] [data ".beirutbazar.com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.beirutbazar.com"] [uri "/item/cookie-dough-coco-go-usd-350-2/www.beirutbazar.com"] [unique_id "actjo7chUTaREoWmIu2chQAAAA0"], referer: https://www.google.com/ show less	Brute-Force Bad Web Bot Web App Attack
🇨🇦 1gz	2026-03-23 14:12:59 (2 months ago)	Triggered Cloudflare WAF (firewallCustom) from SG. Action taken: BLOCK Protocol: HTTP/1.1 (GET metho ... show more Triggered Cloudflare WAF (firewallCustom) from SG. Action taken: BLOCK Protocol: HTTP/1.1 (GET method) Endpoint: /lajme/royal-casino/ UA: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Mobile Safari/537.36 This report was generated by: https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
🇺🇸 gui-ying233	2026-03-21 00:08:31 (2 months ago)	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/132.0.0.0 Sa ... show more Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/132.0.0.0 Safari/537.36 show less	Bad Web Bot
🇺🇸 ersei.net	2026-01-29 21:33:57 (4 months ago)	Web app exploiting	Web App Attack
🇫🇷 Sklurk	2026-01-20 09:23:05 (4 months ago)	Web App Attack	Web App Attack
🇺🇸 ersei.net	2026-01-15 18:00:13 (4 months ago)	Nonstop scanning with no cooldown or respect for 429.	Bad Web Bot
🇫🇷 Sklurk	2026-01-15 15:09:47 (4 months ago)	Web App Attack	Web App Attack
🇺🇸 kosada.com	2026-01-13 08:06:42 (4 months ago)	Web bot: DDoS	DDoS Attack Bad Web Bot

Showing 1 to 15 of 37 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇦 209.50.176.101

🇵🇰 202.47.50.31

🇮🇳 122.185.101.50

🇺🇸 71.6.233.254

🇨🇦 68.144.206.207

🇸🇬 47.84.100.190

🇧🇪 34.38.143.207

🇨🇦 209.50.176.0

🇺🇸 204.48.16.40

🇩🇪 192.109.200.215

🇺🇸 172.245.43.228

🇺🇸 146.88.241.37

🇨🇳 115.52.149.236

🇲🇩 109.185.2.184

🇧🇩 103.251.247.198

🇰🇷 103.13.222.220

🇧🇬 79.124.60.146

🇺🇸 66.132.186.141

🇺🇸 66.132.172.191

🇺🇸 47.251.91.152