JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 121.37.111.147

121.37.111.147 was found in our database!

This IP was reported 29 times. Confidence of Abuse is 60%: ?

60%

ISP	Huawei Public Cloud Service (Huawei Software Technologies Ltd.Co)
Usage Type	Data Center/Web Hosting/Transit
ASN	AS55990
Hostname(s)	ecs-121-37-111-147.compute.hwclouds-dns.com
Domain Name	huawei.com
Country	🇨🇳 China
City	Beijing, Beijing

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 121.37.111.147

Whois 121.37.111.147

IP Abuse Reports for 121.37.111.147:

This IP address has been reported a total of 29 times from 21 distinct sources. 121.37.111.147 was first reported on November 2nd 2022, and the most recent report was 4 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 ghostwarriors	2026-06-21 07:20:12 (4 hours ago)	Webpage scraping	Brute-Force Bad Web Bot Web App Attack
🇩🇪 ksol-hostmaster	2026-06-21 06:59:19 (5 hours ago)	2026/06/21 08:59:18 [error] 37014#318982: 2297647 access forbidden by rule, client: 121.37.111.147, ... show more 2026/06/21 08:59:18 [error] 37014#318982: 2297647 access forbidden by rule, client: 121.37.111.147, server: chat.crxforum.ksol.io, request: "GET /ip HTTP/1.1", host: "chat.crxforum.ksol.io" ... show less	Web Spam
🇦🇺 FireGuard Server	2026-06-21 05:30:10 (6 hours ago)	Blocked by OPNsense firewall; 6 hits, proto=tcp, ports=443	Port Scan Hacking
🇺🇸 TPI-Abuse	2026-06-11 23:11:33 (1 week ago)	(mod_security) mod_security (id:210381) triggered by 121.37.111.147 (ecs-121-37-111-147.compute.hwcl ... show more (mod_security) mod_security (id:210381) triggered by 121.37.111.147 (ecs-121-37-111-147.compute.hwclouds-dns.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 11 19:11:29.492092 2026] [security2:error] [pid 24370:tid 24385] [client 121.37.111.147:41558] ModSecurity: Access denied with code 403 (phase 2). Invalid URL Encoding: Non-hexadecimal digits used at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "82"] [id "210381"] [rev "6"] [msg "COMODO WAF: URL Encoding Abuse Attack Attempt\|\|www.mentzlaw.com\|F\|4"] [data "REQUEST_URI=/socialsecuritylawyerlouisiana/%url%"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "www.mentzlaw.com"] [uri "/socialsecuritylawyerlouisiana/%url%"] [unique_id "aitAodBIXDY7ckd85xR-SgAAAEw"] show less	Brute-Force Bad Web Bot Web App Attack
🇦🇺 MAGIC	2026-06-08 00:05:39 (1 week ago)	VM5 Bad user agents ignoring web crawling rules. Draing bandwidth	DDoS Attack Bad Web Bot
🇭🇳 unph	2026-06-07 22:38:04 (1 week ago)	Intento de acceso sospechoso bloqueado por AbuseIPDB Blocker Plugin	Brute-Force
🇨🇦 1gz	2026-06-04 00:41:59 (2 weeks ago)	Triggered Cloudflare WAF (firewallCustom) from CN. Action taken: BLOCK Protocol: HTTP/1.1 (GET metho ... show more Triggered Cloudflare WAF (firewallCustom) from CN. Action taken: BLOCK Protocol: HTTP/1.1 (GET method) Endpoint: /ip UA: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 This report was generated by: https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
🇦🇺 paulshipley.com.au	2026-05-28 21:04:24 (3 weeks ago)	talentaymerch.com.au:443 121.37.111.147 - - [29/May/2026:07:04:18 +1000] "GET /ip HTTP/1.1" 404 1063 ... show more talentaymerch.com.au:443 121.37.111.147 - - [29/May/2026:07:04:18 +1000] "GET /ip HTTP/1.1" 404 106345 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36" ... show less	Web App Attack
🇳🇿 lancernz	2026-05-28 06:04:57 (3 weeks ago)	Auto-detected: 56 hits on poolsidechristchurch.co.nz within 100 log lines. Blocked by Cowork server ... show more Auto-detected: 56 hits on poolsidechristchurch.co.nz within 100 log lines. Blocked by Cowork server monitoring. show less	Web App Attack
🇸🇬 mypatricks	2026-05-26 05:30:01 (3 weeks ago)	121.37.111.147 \| Port: 13781 \| DNS: ecs-121-37-111-147.compute.hwclouds-dns.com 2026-05-26T13:30:00+ ... show more 121.37.111.147 \| Port: 13781 \| DNS: ecs-121-37-111-147.compute.hwclouds-dns.com 2026-05-26T13:30:00+08:00 Asia/Shanghai \| HWCLOUDS-DNS Data Center/Web Hosting/Transit Spam list \| UA: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36 HTTP/1.1 443 GET \| URL: /%e5%af%92%e5%bf%83?d9202c2d9ffbdada=dadba0cba9dc90edbad9 \| Ref: - \| Country: CN/China/+08:00 IP City: Beijing macOS a01a62a12f552ea9-LAX/Los Angeles, CA, United States 1 hits/0 secs Browser 1 show less	Brute-Force Web App Attack Blog Spam Web Spam Exploited Host
🇸🇬 mypatricks	2026-05-24 09:16:56 (4 weeks ago)	121.37.111.147 \| Port: 13073 \| DNS: ecs-121-37-111-147.compute.hwclouds-dns.com 2026-05-24T17:16:55+ ... show more 121.37.111.147 \| Port: 13073 \| DNS: ecs-121-37-111-147.compute.hwclouds-dns.com 2026-05-24T17:16:55+08:00 Asia/Singapore \| HWCLOUDS-DNS Data Center/Web Hosting/Transit Spam list \| UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/146.0.0.0 Safari/537.36 HTTP/1.1 443 GET \| URL: /malaysia/johor/senai/kitkat-cake/?limit=75 \| Ref: - \| Country: CN/China/+08:00 Windows a00b3448db9b7db7-LAX/Los Angeles, CA, United States 1 hits/0 secs Browser 2 show less	Brute-Force Web App Attack Blog Spam Web Spam Exploited Host
🇫🇷 rellik	2026-05-22 13:20:00 (4 weeks ago)	Scanning Critical Directory, Potential Part of BotNet	Hacking DDoS Attack Web App Attack
🇦🇺 paulshipley.com.au	2026-05-21 16:56:18 (4 weeks ago)	winesbydesign.com.au:443 121.37.111.147 - - [22/May/2026:02:56:11 +1000] "GET /ip HTTP/1.1" 404 9998 ... show more winesbydesign.com.au:443 121.37.111.147 - - [22/May/2026:02:56:11 +1000] "GET /ip HTTP/1.1" 404 99987 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36" ... show less	Web App Attack
🇦🇺 paulshipley.com.au	2026-05-13 12:14:25 (1 month ago)	levellapromotions.com.au:443 121.37.111.147 - - [13/May/2026:22:14:22 +1000] "GET /ip HTTP/1.1" 404 ... show more levellapromotions.com.au:443 121.37.111.147 - - [13/May/2026:22:14:22 +1000] "GET /ip HTTP/1.1" 404 158826 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36" ... show less	Web App Attack
🇨🇳 ThreatBook.io	2026-05-12 00:33:39 (1 month ago)	ThreatBook Intelligence: Dynamic IP more details on http://threatbook.io/ip/121.37.111.147 2026-05-1 ... show more ThreatBook Intelligence: Dynamic IP more details on http://threatbook.io/ip/121.37.111.147 2026-05-11 18:16:31 /ip show less	Web App Attack

Showing 1 to 15 of 29 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 185.226.196.24

🇺🇸 13.89.125.24

🇺🇸 2602:80d:1007::ba

🇺🇸 172.234.221.84

🇯🇵 107.155.15.81

🇮🇳 68.233.116.124

🇮🇪 65.52.75.227

🇺🇸 52.203.65.83

🇨🇳 39.104.64.139

🇧🇦 31.223.130.45

🇺🇸 208.84.102.178

🇯🇵 203.25.124.13

🇳🇱 193.176.31.205

🇦🇷 186.122.177.140

🇲🇽 177.230.79.202

🇹🇼 128.14.237.120

🇨🇳 116.228.233.93

🇨🇳 113.251.88.56

🇱🇹 81.30.98.49

🇳🇱 81.19.216.107