JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 47.79.206.202

47.79.206.202 was found in our database!

This IP was reported 49 times. Confidence of Abuse is 44%: ?

44%

ISP	Alibaba Cloud LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS45102
Domain Name	alibaba-inc.com
Country	🇸🇬 Singapore
City	Singapore

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 47.79.206.202

Whois 47.79.206.202

IP Abuse Reports for 47.79.206.202:

This IP address has been reported a total of 49 times from 14 distinct sources. 47.79.206.202 was first reported on May 8th 2025, and the most recent report was 8 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 kosada.com	2026-06-14 22:22:01 (8 hours ago)	Web bot: denial-of-service flood: Access denied with code 406 (phase 1)	DDoS Attack Bad Web Bot
🇺🇸 TPI-Abuse	2026-06-14 19:26:54 (11 hours ago)	(mod_security) mod_security (id:210730) triggered by 47.79.206.202 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210730) triggered by 47.79.206.202 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 14 15:26:50.477831 2026] [security2:error] [pid 19753:tid 19753] [client 47.79.206.202:8750] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|www.rogerheath.com\|F\|2"] [data ".rogerheath.com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.rogerheath.com"] [uri "/projects/switzerland/www.rogerheath.com"] [unique_id "ai8AemBGE80lkzirfWQXCwAAAAM"], referer: https://www.google.com/ show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-14 09:20:57 (21 hours ago)	FortiWeb WAF: 34 attacks detected. Threat Score: 16800. Types: Client Management(17), GEO IP(17). Or ... show more FortiWeb WAF: 34 attacks detected. Threat Score: 16800. Types: Client Management(17), GEO IP(17). Origin: Singapore. show less	Web App Attack
Anonymous	2026-06-14 06:20:02 (1 day ago)	Malicious activity detected	Hacking Web App Attack
🇨🇦 1gz	2026-06-14 01:28:26 (1 day ago)	Triggered Cloudflare WAF (firewallCustom) from SG. Action taken: BLOCK Protocol: HTTP/1.1 (GET metho ... show more Triggered Cloudflare WAF (firewallCustom) from SG. Action taken: BLOCK Protocol: HTTP/1.1 (GET method) Endpoint: /opinion/shqiptaret-e-egjiptit-dhe-veprimtaria- UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36 This report was generated by: https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
🇺🇸 TPI-Abuse	2026-06-13 23:04:13 (1 day ago)	(mod_security) mod_security (id:210730) triggered by 47.79.206.202 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210730) triggered by 47.79.206.202 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 13 19:04:09.641100 2026] [security2:error] [pid 26277:tid 26277] [client 47.79.206.202:33966] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|dokuzadabirdeniz.com\|F\|2"] [data ".theguardian.com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "dokuzadabirdeniz.com"] [uri "/www.theguardian.com"] [unique_id "ai3h6YvT07Jf-gJRoPq6EgAAABY"], referer: https://www.google.com/ show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 Sklurk	2026-06-13 17:27:44 (1 day ago)	Web App Attack	Web App Attack
🇺🇸 TPI-Abuse	2026-06-13 08:09:02 (1 day ago)	(mod_security) mod_security (id:210730) triggered by 47.79.206.202 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210730) triggered by 47.79.206.202 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 13 04:08:56.734658 2026] [security2:error] [pid 25405:tid 25405] [client 47.79.206.202:11868] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "4"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|www.neff.family.name\|F\|2"] [data ".desmos.com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.neff.family.name"] [uri "/unwiki/www.Desmos.com"] [unique_id "ai0QGD43SY-b7lVO50-IqAAAAAM"], referer: https://www.google.com/ show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 Sklurk	2026-06-12 17:16:09 (2 days ago)	Web App Attack	Web App Attack
Anonymous	2026-06-12 09:21:33 (2 days ago)	FortiWeb WAF: 80 attacks detected. Threat Score: 12400. Types: Client Management(40), GEO IP(40). Or ... show more FortiWeb WAF: 80 attacks detected. Threat Score: 12400. Types: Client Management(40), GEO IP(40). Origin: Singapore. show less	Web App Attack
Anonymous	2026-06-12 05:39:02 (3 days ago)	Malicious activity detected	Hacking Web App Attack
🇺🇸 TPI-Abuse	2026-06-10 19:12:19 (4 days ago)	(mod_security) mod_security (id:210730) triggered by 47.79.206.202 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210730) triggered by 47.79.206.202 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 10 15:12:15.233225 2026] [security2:error] [pid 1010:tid 1010] [client 47.79.206.202:25334] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|www.insidepublications.com\|F\|2"] [data ".insidepublications.com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.insidepublications.com"] [uri "/www.insidepublications.com"] [unique_id "aim3D7VGCQzvjLVkZkimlwAAAAs"], referer: https://www.google.com/ show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 Sklurk	2026-02-22 08:14:27 (3 months ago)	Web App Attack	Web App Attack
🇨🇦 1gz	2026-01-25 00:31:38 (4 months ago)	Triggered Cloudflare WAF (firewallCustom) from SG. Action taken: BLOCK Protocol: HTTP/1.1 (GET metho ... show more Triggered Cloudflare WAF (firewallCustom) from SG. Action taken: BLOCK Protocol: HTTP/1.1 (GET method) Endpoint: /kosove/170-persona-po-kerkojne-per-policet-ende-ska-rezultat/393689 UA: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Mobile Safari/537.36 This report was generated by: https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
🇦🇺 MAGIC	2026-01-22 01:16:10 (4 months ago)	VM1 Bad user agents ignoring web crawling rules. Draing bandwidth	DDoS Attack Bad Web Bot

Showing 1 to 15 of 49 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇰🇷 118.33.113.91

🇺🇸 104.152.52.215

🇮🇩 103.249.19.137

🇮🇳 103.106.232.28

🇳🇬 102.88.137.213

🇺🇸 91.230.168.32

🇨🇦 85.217.149.36

🇮🇩 69.5.23.222

🇪🇬 62.193.91.121

🇸🇬 45.78.235.96

🇧🇪 34.38.149.165

🇮🇩 202.155.157.145

🇦🇷 200.89.159.59

🇵🇦 200.46.177.242

🇩🇪 151.243.11.37

🇺🇸 138.113.23.170

🇮🇳 135.235.138.43

🇰🇷 110.14.190.221

🇺🇸 74.125.17.248

🇻🇳 42.116.119.34