JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 47.79.202.31

47.79.202.31 was found in our database!

This IP was reported 561 times. Confidence of Abuse is 55%: ?

55%

ISP	Alibaba Cloud LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS45102
Domain Name	alibaba-inc.com
Country	🇸🇬 Singapore
City	Singapore

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 47.79.202.31

Whois 47.79.202.31

IP Abuse Reports for 47.79.202.31:

This IP address has been reported a total of 561 times from 20 distinct sources. 47.79.202.31 was first reported on May 8th 2025, and the most recent report was 20 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 Sklurk	2026-06-13 22:28:45 (20 hours ago)	Web App Attack	Web App Attack
Anonymous	2026-06-13 09:26:56 (1 day ago)	FortiWeb WAF: 46 attacks detected. Threat Score: 14800. Types: Client Management(23), GEO IP(23). Or ... show more FortiWeb WAF: 46 attacks detected. Threat Score: 14800. Types: Client Management(23), GEO IP(23). Origin: Singapore. show less	Web App Attack
🇨🇦 1gz	2026-06-13 02:16:18 (1 day ago)	Triggered Cloudflare WAF (firewallCustom) from SG. Action taken: BLOCK Protocol: HTTP/1.1 (GET metho ... show more Triggered Cloudflare WAF (firewallCustom) from SG. Action taken: BLOCK Protocol: HTTP/1.1 (GET method) Endpoint: /lajme/sot-seance-ne-gjkko-per-kryebashkiakun-e-tiranes-erion-veliaj/783841 UA: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/132.0.0.0 Mobile Safari/537.36 This report was generated by: https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
🇺🇸 kosada.com	2026-06-12 23:00:15 (1 day ago)	Web bot: DDoS	DDoS Attack Bad Web Bot
🇫🇷 Sklurk	2026-06-12 22:21:45 (1 day ago)	Web App Attack	Web App Attack
🇺🇸 TPI-Abuse	2026-06-11 10:14:50 (3 days ago)	(mod_security) mod_security (id:210730) triggered by 47.79.202.31 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210730) triggered by 47.79.202.31 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 11 06:14:45.787321 2026] [security2:error] [pid 6767:tid 6767] [client 47.79.202.31:8990] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|williamfitzsimmons.com\|F\|2"] [data ".theparishaustin.com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "williamfitzsimmons.com"] [uri "/www.theparishaustin.com"] [unique_id "aiqKlasQ2nU6RXcILWCgSwAAABk"], referer: https://www.google.com/ show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-11 09:34:50 (3 days ago)	FortiWeb WAF: 51 attacks detected. Threat Score: 5200. Types: GEO IP(26), Client Management(25). Ori ... show more FortiWeb WAF: 51 attacks detected. Threat Score: 5200. Types: GEO IP(26), Client Management(25). Origin: Singapore. show less	Web App Attack
🇺🇸 TPI-Abuse	2026-06-10 21:03:24 (3 days ago)	(mod_security) mod_security (id:210730) triggered by 47.79.202.31 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210730) triggered by 47.79.202.31 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 10 17:03:20.283452 2026] [security2:error] [pid 8603:tid 8603] [client 47.79.202.31:43246] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|www.kithouse.org\|F\|2"] [data ".gordonvantine.com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.kithouse.org"] [uri "/www.gordonvantine.com"] [unique_id "ainRGLabWxg9I4JTre5LrAAAABs"], referer: https://www.google.com/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-10 17:00:25 (4 days ago)	(mod_security) mod_security (id:210730) triggered by 47.79.202.31 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210730) triggered by 47.79.202.31 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 10 13:00:18.930584 2026] [security2:error] [pid 19571:tid 19571] [client 47.79.202.31:18418] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|www.med-engineering.com\|F\|2"] [data ".com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.med-engineering.com"] [uri "/progynova.com"] [unique_id "aimYIoXRAJO9mbWcZ4pq_AAAAAQ"], referer: https://www.google.com/ show less	Brute-Force Bad Web Bot Web App Attack
🇦🇺 MAGIC	2026-06-08 02:07:48 (6 days ago)	VM1 Bad user agents ignoring web crawling rules. Draing bandwidth	DDoS Attack Bad Web Bot
🇺🇸 pduggusa	2026-05-25 01:45:35 (2 weeks ago)	Detected attacking dugganusa.com at 2026-05-25T01:45:35.858Z \| Attack: Proxy \| VirusTotal: 2 malware ... show more Detected attacking dugganusa.com at 2026-05-25T01:45:35.858Z \| Attack: Proxy \| VirusTotal: 2 malware detections \| Source: DugganUSA PreCog auto-block show less	Hacking Exploited Host
🇺🇸 pduggusa	2026-05-25 00:44:42 (2 weeks ago)	Detected attacking dugganusa.com at 2026-05-25T00:44:42.621Z \| Attack: Proxy \| VirusTotal: 2 malware ... show more Detected attacking dugganusa.com at 2026-05-25T00:44:42.621Z \| Attack: Proxy \| VirusTotal: 2 malware detections \| Source: DugganUSA PreCog auto-block show less	Hacking Exploited Host
🇺🇸 pduggusa	2026-05-24 03:37:08 (3 weeks ago)	Detected attacking dugganusa.com at 2026-05-24T03:37:08.024Z \| Attack: Proxy \| VirusTotal: 2 malware ... show more Detected attacking dugganusa.com at 2026-05-24T03:37:08.024Z \| Attack: Proxy \| VirusTotal: 2 malware detections \| Source: DugganUSA PreCog auto-block show less	Hacking Exploited Host
🇺🇸 pduggusa	2026-05-24 02:39:30 (3 weeks ago)	Detected attacking dugganusa.com at 2026-05-24T02:39:30.831Z \| Attack: Proxy \| VirusTotal: 2 malware ... show more Detected attacking dugganusa.com at 2026-05-24T02:39:30.831Z \| Attack: Proxy \| VirusTotal: 2 malware detections \| Source: DugganUSA PreCog auto-block show less	Hacking Exploited Host
🇺🇸 pduggusa	2026-05-24 01:40:57 (3 weeks ago)	Detected attacking dugganusa.com at 2026-05-24T01:40:57.703Z \| Attack: Proxy \| VirusTotal: 2 malware ... show more Detected attacking dugganusa.com at 2026-05-24T01:40:57.703Z \| Attack: Proxy \| VirusTotal: 2 malware detections \| Source: DugganUSA PreCog auto-block show less	Hacking Exploited Host

Showing 1 to 15 of 561 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇩🇪 209.50.184.230

🇧🇷 205.210.31.228

🇨🇳 180.76.55.21

🇬🇧 165.227.228.2

🇨🇳 124.193.81.23

🇮🇳 115.248.8.65

🇺🇬 102.218.89.110

🇺🇸 65.38.96.196

🇳🇱 45.153.34.43

🇳🇿 45.133.7.133

🇺🇸 34.69.88.168

🇺🇸 34.11.124.33

🇺🇸 2602:feda:f39b:12f8:ffec:ab5a:f7b5:dd68

🇨🇳 220.181.108.167

🇺🇸 216.180.246.210

🇨🇦 216.26.233.21

🇬🇧 193.163.125.188

🇲🇽 187.150.183.81

🇳🇱 185.242.226.106

🇨🇱 170.82.129.8