JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 47.79.206.60

47.79.206.60 was found in our database!

This IP was reported 49 times. Confidence of Abuse is 52%: ?

52%

ISP	Alibaba Cloud LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS45102
Domain Name	alibaba-inc.com
Country	🇸🇬 Singapore
City	Singapore

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 47.79.206.60

Whois 47.79.206.60

IP Abuse Reports for 47.79.206.60:

This IP address has been reported a total of 49 times from 20 distinct sources. 47.79.206.60 was first reported on May 10th 2025, and the most recent report was 49 minutes ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-11 13:14:14 (49 minutes ago)	(mod_security) mod_security (id:210730) triggered by 47.79.206.60 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210730) triggered by 47.79.206.60 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 11 09:14:11.314202 2026] [security2:error] [pid 32704:tid 32704] [client 47.79.206.60:15450] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|www.69strains.com\|F\|2"] [data ".cannapages.com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.69strains.com"] [uri "/www.cannapages.com"] [unique_id "aiq0ozjiXuI1GzwGog3x5wAAAA4"], referer: https://www.google.com/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-11 12:08:56 (1 hour ago)	(mod_security) mod_security (id:210730) triggered by 47.79.206.60 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210730) triggered by 47.79.206.60 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 11 08:08:52.660774 2026] [security2:error] [pid 10311:tid 10423] [client 47.79.206.60:48782] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|marinkovich.info\|F\|2"] [data ".com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "marinkovich.info"] [uri "/wwjnd.com"] [unique_id "aiqlVGFzva38OS08eYyZjQAAAQA"], referer: https://www.google.com/ show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-11 09:30:36 (4 hours ago)	FortiWeb WAF: 63 attacks detected. Threat Score: 6400. Types: GEO IP(32), Client Management(31). Ori ... show more FortiWeb WAF: 63 attacks detected. Threat Score: 6400. Types: GEO IP(32), Client Management(31). Origin: Singapore. show less	Web App Attack
🇫🇷 Sklurk	2026-06-11 03:16:14 (10 hours ago)	Web App Attack	Web App Attack
🇨🇦 1gz	2026-06-11 00:04:24 (13 hours ago)	Triggered Cloudflare WAF (firewallCustom) from SG. Action taken: BLOCK Protocol: HTTP/1.1 (GET metho ... show more Triggered Cloudflare WAF (firewallCustom) from SG. Action taken: BLOCK Protocol: HTTP/1.1 (GET method) Endpoint: /showbiz/fotolajm-keshtu-dukej-luana-vjollca-17-vjec/572687 UA: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/132.0.0.0 Mobile Safari/537.36 This report was generated by: https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
🇺🇸 TPI-Abuse	2026-06-10 22:22:56 (15 hours ago)	(mod_security) mod_security (id:210730) triggered by 47.79.206.60 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210730) triggered by 47.79.206.60 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 10 18:22:48.775023 2026] [security2:error] [pid 18768:tid 18768] [client 47.79.206.60:37548] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|chicagowca.com\|F\|2"] [data ".artadvice.com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "chicagowca.com"] [uri "/www.artadvice.com"] [unique_id "ainjuEhne51SItT-Bpw4tAAAAAg"], referer: https://www.google.com/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-10 19:00:40 (19 hours ago)	(mod_security) mod_security (id:210730) triggered by 47.79.206.60 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210730) triggered by 47.79.206.60 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 10 15:00:35.013988 2026] [security2:error] [pid 14603:tid 14603] [client 47.79.206.60:9614] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|dokuzadabirdeniz.com\|F\|2"] [data ".arkitera.com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "dokuzadabirdeniz.com"] [uri "/www.arkitera.com"] [unique_id "aim0U93OJQDnU2osOPEt0wAAACI"], referer: https://www.google.com/ show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-10 18:24:17 (19 hours ago)	Malicious activity detected	Hacking Web App Attack
🇺🇸 TPI-Abuse	2026-06-10 18:00:44 (20 hours ago)	(mod_security) mod_security (id:210730) triggered by 47.79.206.60 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210730) triggered by 47.79.206.60 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 10 14:00:38.031521 2026] [security2:error] [pid 12279:tid 12279] [client 47.79.206.60:58148] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|thinkingepic.com\|F\|2"] [data ".com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "thinkingepic.com"] [uri "/layoverinamsterdam.com"] [unique_id "aimmRinQUyDUkXYMXROw5AAAAAM"], referer: https://www.google.com/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 canine.tools	2026-06-10 16:12:21 (21 hours ago)	[fail2ban Auto Report] {"time":"2026-06-10T12:12:20.738429275-04:00","level":"INFO","source":{"funct ... show more [fail2ban Auto Report] {"time":"2026-06-10T12:12:20.738429275-04:00","level":"INFO","source":{"function":"github.com/TecharoHQ/anubis/lib.(*Server).checkRules","file":"/Users/cadey/Code/TecharoHQ/botstopper/upstream/anubis/lib/anubis.go","line":309},"msg":"explicit deny","subsystem":"anubis","host":"tent.canine.tools","method":"GET","path":"/release.php","user_agent":"Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/132.0.0.0 Mobile Safari/537.36","accept_language":"","priority":"","x-forwarded-for":"47.79.206.60","x-real-ip":"47.79.206.60","host":"tent.canine.tools","check_result":{"name":"bot/alibaba-cloud","rule":"DENY","weight":0}} ... show less	Bad Web Bot
🇫🇷 Sklurk	2026-06-08 01:46:53 (3 days ago)	Web App Attack	Web App Attack
🇦🇺 MAGIC	2026-06-03 01:32:20 (1 week ago)	VM1 Bad user agents ignoring web crawling rules. Draing bandwidth	DDoS Attack Bad Web Bot
🇺🇸 ersei.net	2026-05-11 01:24:58 (1 month ago)	Web app exploiting	Web App Attack
🇫🇷 Sklurk	2026-04-21 01:23:27 (1 month ago)	Web App Attack	Web App Attack
🇩🇪 stinpriza	2026-04-08 13:18:23 (2 months ago)	Web App Attack	Web App Attack

Showing 1 to 15 of 49 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇮🇳 20.235.157.149

🇩🇪 213.209.159.228

🇦🇫 125.213.203.74

🇨🇳 113.57.5.139

🇨🇳 106.13.165.101

🇳🇱 45.148.10.147

🇳🇱 45.148.10.141

🇬🇧 35.203.210.230

🇨🇳 222.176.201.8

🇨🇳 180.76.172.156

🇫🇮 178.20.210.208

🇵🇰 139.135.43.34

🇩🇪 139.19.117.131

🇸🇬 119.8.182.17

🇳🇱 45.134.225.36

🇺🇸 143.42.164.204

🇭🇰 103.49.62.60

🇳🇱 89.21.67.178

🇫🇮 185.172.128.41

🇮🇹 185.144.120.166