JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 47.79.207.45

47.79.207.45 was found in our database!

This IP was reported 44 times. Confidence of Abuse is 38%: ?

38%

ISP	Alibaba Cloud LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS45102
Domain Name	alibaba-inc.com
Country	🇸🇬 Singapore
City	Singapore

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 47.79.207.45

Whois 47.79.207.45

IP Abuse Reports for 47.79.207.45:

This IP address has been reported a total of 44 times from 17 distinct sources. 47.79.207.45 was first reported on May 27th 2025, and the most recent report was 8 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 Sklurk	2026-06-14 05:19:04 (8 hours ago)	Web App Attack	Web App Attack
🇺🇸 TPI-Abuse	2026-06-14 04:25:36 (9 hours ago)	(mod_security) mod_security (id:210730) triggered by 47.79.207.45 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210730) triggered by 47.79.207.45 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 14 00:25:31.168195 2026] [security2:error] [pid 12866:tid 12866] [client 47.79.207.45:40094] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|www.aaattanasio.com\|F\|2"] [data ".aaattanasio.com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.aaattanasio.com"] [uri "/book/new-worlds-6/www.aaattanasio.com"] [unique_id "ai4tO3Igxz41DruL0-aNEgAAAGU"], referer: https://www.google.com/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-13 20:15:18 (17 hours ago)	(mod_security) mod_security (id:210730) triggered by 47.79.207.45 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210730) triggered by 47.79.207.45 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 13 16:15:10.060825 2026] [security2:error] [pid 4340:tid 4340] [client 47.79.207.45:62072] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|www.williamfitzsimmons.com\|F\|2"] [data ".rollingstone.com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.williamfitzsimmons.com"] [uri "/www.rollingstone.com"] [unique_id "ai26Ts8oCfkPOlOHeJAfXwAAABo"], referer: https://www.google.com/ show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-13 18:22:01 (19 hours ago)	Malicious activity detected	Hacking Web App Attack
Anonymous	2026-06-13 09:23:34 (1 day ago)	FortiWeb WAF: 54 attacks detected. Threat Score: 17200. Types: Client Management(27), GEO IP(27). Or ... show more FortiWeb WAF: 54 attacks detected. Threat Score: 17200. Types: Client Management(27), GEO IP(27). Origin: Singapore. show less	Web App Attack
🇫🇷 Sklurk	2026-06-13 05:13:04 (1 day ago)	Web App Attack	Web App Attack
🇺🇸 TPI-Abuse	2026-06-13 05:09:29 (1 day ago)	(mod_security) mod_security (id:210730) triggered by 47.79.207.45 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210730) triggered by 47.79.207.45 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 13 01:09:23.918082 2026] [security2:error] [pid 26536:tid 26536] [client 47.79.207.45:20736] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|www.register-yacht-bvi.com\|F\|2"] [data ".register-yacht-bvi.com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.register-yacht-bvi.com"] [uri "/no/www.register-yacht-bvi.com"] [unique_id "aizmA0UBxuVR92OGJdUOpgAAAB4"], referer: https://www.google.com/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-12 07:22:16 (2 days ago)	(mod_security) mod_security (id:210730) triggered by 47.79.207.45 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210730) triggered by 47.79.207.45 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 12 03:22:09.920916 2026] [security2:error] [pid 396:tid 437] [client 47.79.207.45:21726] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|thebiglies.net\|F\|2"] [data ".com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "thebiglies.net"] [uri "/ariel95.com"] [unique_id "aiuzoeq9j1cNTXOR428__gAAABQ"], referer: https://www.google.com/ show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 4server	2026-06-12 05:18:09 (2 days ago)	[FriJun1207:18:06.1337952026][security2:error][pid3150485:tid3150626][client47.79.207.45:0]ModSecuri ... show more [FriJun1207:18:06.1337952026][security2:error][pid3150485:tid3150626][client47.79.207.45:0]ModSecurity:Accessdeniedwithcode403\(phase2\).Stringmatchwithin\".asa/.asax/.ascx/.backup/.bak/.bat/.cdx/.cer/.cfg/.cmd/.com/.config/.conf/.cs/.csproj/.csr/.dat/.db/.dbf/.dll/.dos/.htr/.htw/.ida/.idc/.idq/.inc/.ini/.key/.licx/.lnk/.log/.mdb/.old/.pass/.pdb/.pol/.printer/.pwd/.rdb/.resources/.resx/.sql/.swp/.sys/.vb/.vbs/.vbproj/.vsdisco/.webinfo/.xsx/\"atTX:extension.[file\"/etc/apache2/conf.d/modsec_rules/00_asl_zz_strict.conf\"][line\"91\"][id\"390716\"][rev\"2\"][msg\"Atomicorp.comWAFRules:URLfileextensionisrestrictedbypolicy\"][data\".dll\"][severity\"ERROR\"][hostname\"modularss.com\"][uri\"/recordati/authupdate/AppHelpers.dll\"][unique_id\"aiuWjhdhzCrpDnYt5eY7UAAAARc\"]\,referer:https://www.google.com/ show less	Port Scan Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-06-12 01:23:50 (2 days ago)	(mod_security) mod_security (id:210730) triggered by 47.79.207.45 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210730) triggered by 47.79.207.45 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 11 21:23:46.033792 2026] [security2:error] [pid 18242:tid 18242] [client 47.79.207.45:59920] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|www.avaliantlife.com\|F\|2"] [data ".avaliantlife.com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.avaliantlife.com"] [uri "/2014/04/www.avaliantlife.com"] [unique_id "aitfoo0zDc_5emk2P-sfSgAAAAA"], referer: https://www.google.com/ show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-11 09:29:30 (3 days ago)	FortiWeb WAF: 67 attacks detected. Threat Score: 6800. Types: GEO IP(34), Client Management(33). Ori ... show more FortiWeb WAF: 67 attacks detected. Threat Score: 6800. Types: GEO IP(34), Client Management(33). Origin: Singapore. show less	Web App Attack
Anonymous	2026-06-10 18:17:17 (3 days ago)	Malicious activity detected	Hacking Web App Attack
🇺🇸 ersei.net	2026-01-29 19:15:00 (4 months ago)	Web app exploiting	Web App Attack
🇺🇸 ersei.net	2026-01-15 19:39:10 (4 months ago)	Nonstop scanning with no cooldown or respect for 429.	Bad Web Bot
🇮🇹 VHosting	2026-01-08 11:36:27 (5 months ago)	Detected attack and reported by a human	DDoS Attack Brute-Force Bad Web Bot Exploited Host Web App Attack SSH

Showing 1 to 15 of 44 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 211.149.131.113

🇲🇽 201.108.85.176

🇸🇬 152.32.217.179

🇵🇭 138.84.77.207

🇺🇸 104.28.152.153

🇮🇳 103.181.109.94

🇮🇶 93.180.222.231

🇷🇺 46.243.227.221

🇳🇱 45.148.10.141

🇺🇸 23.101.116.84

🇦🇷 200.115.58.188

🇰🇷 175.119.225.68

🇩🇪 172.70.248.92

🇺🇸 157.230.227.145

🇸🇦 129.208.149.44

🇵🇹 81.193.35.140

🇸🇦 79.139.74.66

🇨🇳 58.222.244.226

🇫🇷 57.128.47.9

🇲🇽 45.189.62.24