JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 47.79.205.248

47.79.205.248 was found in our database!

This IP was reported 48 times. Confidence of Abuse is 44%: ?

44%

ISP	Alibaba Cloud LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS45102
Domain Name	alibaba-inc.com
Country	🇸🇬 Singapore
City	Singapore

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 47.79.205.248

Whois 47.79.205.248

IP Abuse Reports for 47.79.205.248:

This IP address has been reported a total of 48 times from 19 distinct sources. 47.79.205.248 was first reported on May 21st 2025, and the most recent report was 16 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 Sklurk	2026-06-13 07:06:01 (16 hours ago)	Web App Attack	Web App Attack
🇩🇪 4server	2026-06-12 14:00:23 (1 day ago)	[FriJun1216:00:20.0014642026][security2:error][pid3814062:tid3814103][client47.79.205.248:0]ModSecur ... show more [FriJun1216:00:20.0014642026][security2:error][pid3814062:tid3814103][client47.79.205.248:0]ModSecurity:Accessdeniedwithcode403\(phase2\).Stringmatchwithin\".asa/.asax/.ascx/.backup/.bak/.bat/.cdx/.cer/.cfg/.cmd/.com/.config/.conf/.cs/.csproj/.csr/.dat/.db/.dbf/.dll/.dos/.htr/.htw/.ida/.idc/.idq/.inc/.ini/.key/.licx/.lnk/.log/.mdb/.old/.pass/.pdb/.pol/.printer/.pwd/.rdb/.resources/.resx/.sql/.swp/.sys/.vb/.vbs/.vbproj/.vsdisco/.webinfo/.xsx/\"atTX:extension.[file\"/etc/apache2/conf.d/modsec_rules/00_asl_zz_strict.conf\"][line\"91\"][id\"390716\"][rev\"2\"][msg\"Atomicorp.comWAFRules:URLfileextensionisrestrictedbypolicy\"][data\".pdb\"][severity\"ERROR\"][hostname\"modularss.com\"][uri\"/recordati/authupdate/AuthenticatorService.pdb\"][unique_id\"aiwQ83ZYViKEqYrE76LRbAAAAEE\"]\,referer:https://www.google.com/ show less	Port Scan Brute-Force Web App Attack
Anonymous	2026-06-12 09:21:39 (1 day ago)	FortiWeb WAF: 78 attacks detected. Threat Score: 12200. Types: Client Management(39), GEO IP(39). Or ... show more FortiWeb WAF: 78 attacks detected. Threat Score: 12200. Types: Client Management(39), GEO IP(39). Origin: Singapore. show less	Web App Attack
Anonymous	2026-06-12 06:40:17 (1 day ago)	Malicious activity detected	Hacking Web App Attack
🇺🇸 TPI-Abuse	2026-06-12 06:24:33 (1 day ago)	(mod_security) mod_security (id:210730) triggered by 47.79.205.248 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210730) triggered by 47.79.205.248 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 12 02:24:29.566219 2026] [security2:error] [pid 21163:tid 24662] [client 47.79.205.248:22360] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|www.vancekelly.com\|F\|2"] [data ".vancekelly.com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.vancekelly.com"] [uri "/www.vancekelly.com"] [unique_id "aiumHW4cQwmC8CW0igIc5gAAAEM"], referer: https://www.google.com/ show less	Brute-Force Bad Web Bot Web App Attack
🇵🇱 sefinek.net	2026-06-12 05:24:12 (1 day ago)	Triggered Cloudflare WAF (firewallCustom) from SG. Action: MANAGED_CHALLENGE \| Protocol: HTTP/1.1 (G ... show more Triggered Cloudflare WAF (firewallCustom) from SG. Action: MANAGED_CHALLENGE \| Protocol: HTTP/1.1 (GET) \| Endpoint: /blocklist-generator/unbound \| UA: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Mobile Safari/537.36 • Generated by: github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
🇫🇷 Sklurk	2026-06-12 00:30:27 (1 day ago)	Web App Attack	Web App Attack
🇺🇸 TPI-Abuse	2026-06-11 13:19:22 (2 days ago)	(mod_security) mod_security (id:210730) triggered by 47.79.205.248 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210730) triggered by 47.79.205.248 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 11 09:19:17.495954 2026] [security2:error] [pid 23706:tid 23706] [client 47.79.205.248:21206] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|www.avaliantlife.com\|F\|2"] [data ".avaliantlife.com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.avaliantlife.com"] [uri "/2014/06/www.avaliantlife.com"] [unique_id "aiq11eEZyvcq9luJ7ktYgAAAABA"], referer: https://www.google.com/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-11 10:21:51 (2 days ago)	(mod_security) mod_security (id:210730) triggered by 47.79.205.248 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210730) triggered by 47.79.205.248 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 11 06:21:43.455957 2026] [security2:error] [pid 17633:tid 17633] [client 47.79.205.248:29482] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|www.nancyscafeandcatering.com\|F\|2"] [data ".com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.nancyscafeandcatering.com"] [uri "/wp-content/themes/eatery/hot-girl-sex.com"] [unique_id "aiqMN6gLBweXKSJjVQZSqwAAACQ"], referer: https://www.google.com/ show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 Sklurk	2026-04-30 03:51:32 (1 month ago)	Web App Attack	Web App Attack
🇺🇸 gui-ying233	2026-03-25 03:12:03 (2 months ago)	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/132.0.0.0 Sa ... show more Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/132.0.0.0 Safari/537.36 show less	Bad Web Bot
🇺🇸 ersei.net	2026-02-25 19:25:11 (3 months ago)	Nonstop scanning with no cooldown or respect for 429.	Bad Web Bot
🇺🇸 ersei.net	2026-01-15 19:25:23 (4 months ago)	Nonstop scanning with no cooldown or respect for 429.	Bad Web Bot
🇮🇹 VHosting	2026-01-08 11:36:24 (5 months ago)	Detected attack and reported by a human	DDoS Attack Brute-Force Bad Web Bot Exploited Host Web App Attack SSH
🇺🇸 ersei.net	2026-01-05 19:14:53 (5 months ago)	Nonstop scanning with no cooldown or respect for 429.	Bad Web Bot

Showing 1 to 15 of 48 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 2603:3:610a:de00::

🇰🇷 222.108.100.117

🇦🇺 103.192.80.254

🇫🇷 45.157.112.249

🇷🇺 31.173.67.141

🇨🇳 14.103.9.211

🇺🇸 8.229.168.110

🇲🇰 188.44.20.30

🇭🇰 69.165.75.162

🇨🇱 64.233.190.108

🇳🇱 45.148.10.151

🇸🇬 43.156.111.141

🇧🇪 35.210.61.208

🇬🇧 35.203.210.157

🇺🇸 34.168.150.58

🇳🇱 34.12.174.211

🇺🇸 23.146.243.219

🇹🇭 1.1.191.119

🇨🇳 223.88.58.21

🇧🇷 177.130.169.235