JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 47.79.207.80

47.79.207.80 was found in our database!

This IP was reported 51 times. Confidence of Abuse is 31%: ?

31%

ISP	Alibaba Cloud LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS45102
Domain Name	alibaba-inc.com
Country	🇸🇬 Singapore
City	Singapore

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 47.79.207.80

Whois 47.79.207.80

IP Abuse Reports for 47.79.207.80:

This IP address has been reported a total of 51 times from 19 distinct sources. 47.79.207.80 was first reported on April 16th 2025, and the most recent report was 2 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 Sklurk	2026-06-12 16:27:20 (2 hours ago)	Web App Attack	Web App Attack
🇺🇸 TPI-Abuse	2026-06-12 07:14:44 (11 hours ago)	(mod_security) mod_security (id:210730) triggered by 47.79.207.80 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210730) triggered by 47.79.207.80 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 12 03:14:38.173386 2026] [security2:error] [pid 25703:tid 25703] [client 47.79.207.80:39962] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|www.69strains.com\|F\|2"] [data ".cannapages.com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.69strains.com"] [uri "/www.cannapages.com"] [unique_id "aiux3sSbNCVQBmJ1E1OE7QAAAAw"], referer: https://www.google.com/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-11 20:06:15 (22 hours ago)	(mod_security) mod_security (id:210730) triggered by 47.79.207.80 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210730) triggered by 47.79.207.80 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 11 16:06:10.820284 2026] [security2:error] [pid 10065:tid 10085] [client 47.79.207.80:7402] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|www.linfoulk.org\|F\|2"] [data ".rkingmusic.com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.linfoulk.org"] [uri "/home/hornandpiano/www.rkingmusic.com"] [unique_id "aisVMo2NcMUqpHyr2K7bcAAAAFI"], referer: https://www.google.com/ show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-11 18:16:02 (1 day ago)	Malicious activity detected	Hacking Web App Attack
Anonymous	2026-06-11 09:35:38 (1 day ago)	FortiWeb WAF: 49 attacks detected. Threat Score: 5000. Types: GEO IP(25), Client Management(24). Ori ... show more FortiWeb WAF: 49 attacks detected. Threat Score: 5000. Types: GEO IP(25), Client Management(24). Origin: Singapore. show less	Web App Attack
🇺🇸 TPI-Abuse	2026-06-11 02:27:25 (1 day ago)	(mod_security) mod_security (id:210730) triggered by 47.79.207.80 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210730) triggered by 47.79.207.80 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 10 22:27:19.755565 2026] [security2:error] [pid 3390:tid 3390] [client 47.79.207.80:41490] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|artfranz.com\|F\|2"] [data ".willowriver3.com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "artfranz.com"] [uri "/webdesign/http/:www.willowriver3.com"] [unique_id "aiodB7q4cl22m31ecI4WggAAAAo"], referer: https://www.google.com/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-10 20:27:04 (1 day ago)	(mod_security) mod_security (id:210730) triggered by 47.79.207.80 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210730) triggered by 47.79.207.80 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 10 16:27:01.258517 2026] [security2:error] [pid 28949:tid 28949] [client 47.79.207.80:58886] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "4"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|www.chrisbilder.com\|F\|2"] [data ".dat"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.chrisbilder.com"] [uri "/regression/chapters/SO2.DAT"] [unique_id "ainIleYvBJpVzFDpN8awDgAAAAg"], referer: https://www.google.com/ show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 Sklurk	2026-04-19 01:41:49 (1 month ago)	Web App Attack	Web App Attack
🇺🇸 ersei.net	2026-01-15 21:27:55 (4 months ago)	Nonstop scanning with no cooldown or respect for 429.	Bad Web Bot
🇫🇷 Sklurk	2026-01-15 15:09:50 (4 months ago)	Web App Attack	Web App Attack
🇦🇺 MAGIC	2026-01-13 00:04:54 (4 months ago)	VM1 Bad user agents ignoring web crawling rules. Draing bandwidth	DDoS Attack Bad Web Bot
🇮🇹 VHosting	2026-01-08 11:36:27 (5 months ago)	Detected attack and reported by a human	DDoS Attack Brute-Force Bad Web Bot Exploited Host Web App Attack SSH
🇺🇸 kosada.com	2026-01-06 06:04:45 (5 months ago)	Web bot: DDoS	DDoS Attack Bad Web Bot
🇺🇸 kosada.com	2025-12-27 12:18:33 (5 months ago)	Web bot: DDoS	DDoS Attack Bad Web Bot
🇺🇸 ersei.net	2025-12-14 01:26:18 (5 months ago)	Nonstop scanning with no cooldown or respect for 429.	Bad Web Bot

Showing 1 to 15 of 51 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇧🇷 205.210.31.250

🇺🇸 216.25.89.86

🇹🇷 213.142.156.145

🇳🇱 176.65.139.254

🇨🇳 112.32.139.125

🇮🇳 103.176.160.146

🇵🇰 103.74.21.104

🇮🇳 103.38.219.22

🇳🇱 45.148.10.152

🇵🇪 38.250.148.127

🇺🇸 34.16.56.112

🇰🇷 14.206.12.13

🇺🇦 188.115.159.116

🇮🇱 95.35.29.192

🇳🇱 43.250.54.196

🇻🇳 14.191.173.208

🇵🇱 194.180.49.219

🇩🇴 190.103.180.115

🇦🇪 165.154.12.108

🇺🇸 130.131.220.154