JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 47.79.207.111

47.79.207.111 was found in our database!

This IP was reported 72 times. Confidence of Abuse is 63%: ?

63%

ISP	Alibaba Cloud LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS45102
Domain Name	alibaba-inc.com
Country	🇸🇬 Singapore
City	Singapore

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 47.79.207.111

Whois 47.79.207.111

IP Abuse Reports for 47.79.207.111:

This IP address has been reported a total of 72 times from 29 distinct sources. 47.79.207.111 was first reported on May 10th 2025, and the most recent report was 7 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 gui-ying233	2026-06-24 00:18:46 (7 hours ago)	Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/132.0.0.0 Mobile Sa ... show more Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/132.0.0.0 Mobile Safari/537.36 show less	Bad Web Bot
Anonymous	2026-06-17 09:32:22 (6 days ago)	FortiWeb WAF: 20 attacks detected. Threat Score: 10800. Types: Client Management(10), GEO IP(10). Or ... show more FortiWeb WAF: 20 attacks detected. Threat Score: 10800. Types: Client Management(10), GEO IP(10). Origin: Singapore. show less	Web App Attack
🇩🇰 ScamAware	2026-06-17 09:15:24 (6 days ago)	Detected by Cloudflare Security Events via WordPress automation. Detection: bad_bot_scanner (Bad bot ... show more Detected by Cloudflare Security Events via WordPress automation. Detection: bad_bot_scanner (Bad bot / scanner behavior). Hits from same IP in last 60 minutes: 1. Unique request paths counted internally: 1. Cloudflare action: managed_challenge. Cloudflare source: botFight. show less	Bad Web Bot
🇺🇸 ChamberofCommerce.com	2026-06-16 09:17:57 (1 week ago)	Unauthorized Scraping Attempt - More then 225 Pages Requested in a 24 hour period - Total Requested ... show more Unauthorized Scraping Attempt - More then 225 Pages Requested in a 24 hour period - Total Requested Before Block:227 show less	Bad Web Bot
🇺🇸 TPI-Abuse	2026-06-15 13:27:46 (1 week ago)	(mod_security) mod_security (id:210730) triggered by 47.79.207.111 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210730) triggered by 47.79.207.111 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 15 09:27:38.962976 2026] [security2:error] [pid 6323:tid 6323] [client 47.79.207.111:10676] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "4"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|www.hayrun.com\|F\|2"] [data ".hayrun.com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.hayrun.com"] [uri "/blog/img_0690/www.hayrun.com"] [unique_id "ai_9yvlZmNOsM8NhQ05kFQAAACo"], referer: https://www.google.com/ show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-15 09:26:28 (1 week ago)	FortiWeb WAF: 42 attacks detected. Threat Score: 13800. Types: Client Management(21), GEO IP(21). Or ... show more FortiWeb WAF: 42 attacks detected. Threat Score: 13800. Types: Client Management(21), GEO IP(21). Origin: Singapore. show less	Web App Attack
Anonymous	2026-06-14 15:46:17 (1 week ago)	Malicious activity detected	Hacking Web App Attack
🇺🇸 TPI-Abuse	2026-06-14 10:28:47 (1 week ago)	(mod_security) mod_security (id:210730) triggered by 47.79.207.111 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210730) triggered by 47.79.207.111 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 14 06:28:39.525482 2026] [security2:error] [pid 5691:tid 5691] [client 47.79.207.111:6594] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|389thbg.com\|F\|2"] [data ".weebly.com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "389thbg.com"] [uri "/www.weebly.com"] [unique_id "ai6CVxJFKTQQtDjr3ZD99AAAABA"], referer: https://www.google.com/ show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 Sklurk	2026-06-14 00:11:17 (1 week ago)	Web App Attack	Web App Attack
🇫🇮 6kilowatti	2026-06-13 16:20:34 (1 week ago)	47.79.207.111 - - [13/Jun/2026:19:20:33 +0300] "GET /super-secret-ansa HTTP/1.1" 404 60 "https://www ... show more 47.79.207.111 - - [13/Jun/2026:19:20:33 +0300] "GET /super-secret-ansa HTTP/1.1" 404 60 "https://www.google.com/" "Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/132.0.0.0 Mobile Safari/537.36" ... show less	Web App Attack
Anonymous	2026-06-13 09:24:05 (1 week ago)	FortiWeb WAF: 48 attacks detected. Threat Score: 17000. Types: Client Management(24), GEO IP(24). Or ... show more FortiWeb WAF: 48 attacks detected. Threat Score: 17000. Types: Client Management(24), GEO IP(24). Origin: Singapore. show less	Web App Attack
🇺🇸 TPI-Abuse	2026-06-13 04:32:58 (1 week ago)	(mod_security) mod_security (id:210730) triggered by 47.79.207.111 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210730) triggered by 47.79.207.111 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 13 00:32:50.483660 2026] [security2:error] [pid 22760:tid 22760] [client 47.79.207.111:3326] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|dokuzadabirdeniz.com\|F\|2"] [data ".reuters.com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "dokuzadabirdeniz.com"] [uri "/www.reuters.com"] [unique_id "aizdcgTSq9PUFX36RMo9fQAAAAA"], referer: https://www.google.com/ show less	Brute-Force Bad Web Bot Web App Attack
🇨🇦 1gz	2026-06-13 00:22:20 (1 week ago)	Triggered Cloudflare WAF (firewallCustom) from SG. Action taken: BLOCK Protocol: HTTP/1.1 (GET metho ... show more Triggered Cloudflare WAF (firewallCustom) from SG. Action taken: BLOCK Protocol: HTTP/1.1 (GET method) Endpoint: /lajme/fshati-thirre UA: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/132.0.0.0 Mobile Safari/537.36 This report was generated by: https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
🇫🇷 Sklurk	2026-06-12 18:01:40 (1 week ago)	Web App Attack	Web App Attack
🇺🇸 TPI-Abuse	2026-06-12 11:30:24 (1 week ago)	(mod_security) mod_security (id:210730) triggered by 47.79.207.111 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210730) triggered by 47.79.207.111 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 12 07:30:07.334915 2026] [security2:error] [pid 6857:tid 6857] [client 47.79.207.111:36666] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|www.avaliantlife.com\|F\|2"] [data ".avaliantlife.com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.avaliantlife.com"] [uri "/about/www.avaliantlife.com"] [unique_id "aivtv8CBzHZJFtJshyCBSwAAAAo"], referer: https://www.google.com/ show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 72 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇧🇾 81.30.98.142

🇮🇹 78.211.83.110

🇺🇸 34.222.188.102

🇪🇨 201.182.79.7

🇺🇸 195.184.76.150

🇺🇾 186.55.132.33

🇵🇪 154.201.0.66

🇺🇸 104.21.82.73

🇵🇰 103.191.123.131

🇻🇳 103.63.108.25

🇮🇹 94.163.31.193

🇺🇸 13.90.206.6

🇨🇳 222.174.184.86

🇬🇧 195.96.139.242

🇺🇾 167.61.9.150

🇺🇸 107.175.156.160

🇮🇳 92.4.76.12

🇫🇷 91.196.152.122

🇺🇸 72.241.54.202

🇺🇸 65.49.1.95