JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 124.70.140.201

124.70.140.201 was found in our database!

This IP was reported 77 times. Confidence of Abuse is 89%: ?

89%

ISP	Huawei Public Cloud Service (Huawei Software Technologies Ltd.Co)
Usage Type	Data Center/Web Hosting/Transit
ASN	AS55990
Hostname(s)	ecs-124-70-140-201.compute.hwclouds-dns.com
Domain Name	huawei.com
Country	🇨🇳 China
City	Shanghai, Shanghai

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 124.70.140.201

Whois 124.70.140.201

IP Abuse Reports for 124.70.140.201:

This IP address has been reported a total of 77 times from 21 distinct sources. 124.70.140.201 was first reported on April 16th 2026, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-05-24 05:08:21 (1 week ago)	(mod_security) mod_security (id:211190) triggered by 124.70.140.201 (ecs-124-70-140-201.compute.hwcl ... show more (mod_security) mod_security (id:211190) triggered by 124.70.140.201 (ecs-124-70-140-201.compute.hwclouds-dns.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun May 24 01:08:14.554930 2026] [security2:error] [pid 10487:tid 10487] [client 124.70.140.201:40526] ModSecurity: Access denied with code 403 (phase 2). Match of "contains cpanel" against "REQUEST_URI" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "55"] [id "211190"] [rev "9"] [msg "COMODO WAF: Remote File Access Attempt\|\|ssl-grp.com\|F\|2"] [data "Matched Data: /etc/ found within REQUEST_URI: /index.php?s=index/\\x5cthink\\x5capp/invokefunction&function=call_user_func_array&vars%5B0%5D=think\\x5c__include_file&vars%5B1%5D%5B%5D=/etc/passwd"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ssl-grp.com"] [uri "/index.php"] [unique_id "ahKHvh0WyyIdUaB_U2tcPQAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-24 04:36:38 (1 week ago)	(mod_security) mod_security (id:211190) triggered by 124.70.140.201 (ecs-124-70-140-201.compute.hwcl ... show more (mod_security) mod_security (id:211190) triggered by 124.70.140.201 (ecs-124-70-140-201.compute.hwclouds-dns.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun May 24 00:36:29.145915 2026] [security2:error] [pid 31693:tid 31693] [client 124.70.140.201:39616] ModSecurity: Access denied with code 403 (phase 2). Match of "contains cpanel" against "REQUEST_URI" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "55"] [id "211190"] [rev "9"] [msg "COMODO WAF: Remote File Access Attempt\|\|ssion.com\|F\|2"] [data "Matched Data: /etc/ found within REQUEST_URI: /index.php?s=index/\\x5cthink\\x5capp/invokefunction&function=call_user_func_array&vars%5B0%5D=think\\x5c__include_file&vars%5B1%5D%5B%5D=/etc/passwd"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ssion.com"] [uri "/index.php"] [unique_id "ahKATb2sHiBG90iiwfEXkAAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇲🇽 octageeks.com	2026-05-24 04:18:16 (1 week ago)	Wordpress malicious attack:[octainjection]	Web App Attack
🇺🇸 TPI-Abuse	2026-05-23 18:48:20 (1 week ago)	(mod_security) mod_security (id:211190) triggered by 124.70.140.201 (ecs-124-70-140-201.compute.hwcl ... show more (mod_security) mod_security (id:211190) triggered by 124.70.140.201 (ecs-124-70-140-201.compute.hwclouds-dns.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat May 23 14:48:14.668586 2026] [security2:error] [pid 10998:tid 10998] [client 124.70.140.201:58554] ModSecurity: Access denied with code 403 (phase 2). Match of "contains cpanel" against "REQUEST_URI" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "55"] [id "211190"] [rev "9"] [msg "COMODO WAF: Remote File Access Attempt\|\|creareformis.com\|F\|2"] [data "Matched Data: /etc/ found within REQUEST_URI: /index.php?s=index/\\x5cthink\\x5capp/invokefunction&function=call_user_func_array&vars%5B0%5D=think\\x5c__include_file&vars%5B1%5D%5B%5D=/etc/passwd"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "creareformis.com"] [uri "/index.php"] [unique_id "ahH2boCPD_9oVWGrlwtQ5QAAACk"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 dynamix	2026-05-22 17:38:16 (1 week ago)	Multiple WAF Violations	Web App Attack
🇺🇸 TPI-Abuse	2026-05-22 13:19:41 (1 week ago)	(mod_security) mod_security (id:211190) triggered by 124.70.140.201 (ecs-124-70-140-201.compute.hwcl ... show more (mod_security) mod_security (id:211190) triggered by 124.70.140.201 (ecs-124-70-140-201.compute.hwclouds-dns.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri May 22 09:19:37.799563 2026] [security2:error] [pid 6127:tid 6201] [client 124.70.140.201:51364] ModSecurity: Access denied with code 403 (phase 2). Match of "contains cpanel" against "REQUEST_URI" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "55"] [id "211190"] [rev "9"] [msg "COMODO WAF: Remote File Access Attempt\|\|leadingedgesupply.com\|F\|2"] [data "Matched Data: /etc/ found within REQUEST_URI: /index.php?s=index/\\x5cthink\\x5capp/invokefunction&function=call_user_func_array&vars%5B0%5D=think\\x5c__include_file&vars%5B1%5D%5B%5D=/etc/passwd"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "leadingedgesupply.com"] [uri "/index.php"] [unique_id "ahBX6WsviOqJw6GKTchA0QAAAMk"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 Site.eu	2026-05-22 10:52:57 (1 week ago)	Excessive multi-domain requests	Brute-Force
🇺🇸 TPI-Abuse	2026-05-22 08:19:49 (1 week ago)	(mod_security) mod_security (id:211190) triggered by 124.70.140.201 (ecs-124-70-140-201.compute.hwcl ... show more (mod_security) mod_security (id:211190) triggered by 124.70.140.201 (ecs-124-70-140-201.compute.hwclouds-dns.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri May 22 04:19:44.862855 2026] [security2:error] [pid 2695:tid 2695] [client 124.70.140.201:33762] ModSecurity: Access denied with code 403 (phase 2). Match of "contains cpanel" against "REQUEST_URI" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "55"] [id "211190"] [rev "9"] [msg "COMODO WAF: Remote File Access Attempt\|\|bonefrog.com\|F\|2"] [data "Matched Data: /etc/ found within REQUEST_URI: /index.php?s=index/\\x5cthink\\x5capp/invokefunction&function=call_user_func_array&vars%5B0%5D=think\\x5c__include_file&vars%5B1%5D%5B%5D=/etc/passwd"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "bonefrog.com"] [uri "/index.php"] [unique_id "ahARoDOKHjPq3XEW4ODwXQAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 raymarron.com	2026-05-21 19:38:53 (1 week ago)	38x probes for various vulnerabilities.	Web App Attack
🇺🇸 TPI-Abuse	2026-05-20 17:56:53 (2 weeks ago)	(mod_security) mod_security (id:211190) triggered by 124.70.140.201 (ecs-124-70-140-201.compute.hwcl ... show more (mod_security) mod_security (id:211190) triggered by 124.70.140.201 (ecs-124-70-140-201.compute.hwclouds-dns.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed May 20 13:56:46.931152 2026] [security2:error] [pid 21198:tid 21198] [client 124.70.140.201:51928] ModSecurity: Access denied with code 403 (phase 2). Match of "contains cpanel" against "REQUEST_URI" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "55"] [id "211190"] [rev "9"] [msg "COMODO WAF: Remote File Access Attempt\|\|stbms.com\|F\|2"] [data "Matched Data: /etc/ found within REQUEST_URI: /index.php?s=index/\\x5cthink\\x5capp/invokefunction&function=call_user_func_array&vars%5B0%5D=think\\x5c__include_file&vars%5B1%5D%5B%5D=/etc/passwd"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "stbms.com"] [uri "/index.php"] [unique_id "ag313kjW4bg0zDVJji1vrgAAABc"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 updown.io	2026-05-20 15:24:01 (2 weeks ago)	{"level":"info","ts":1779290546.220575,"logger":"http.log.access.log1","msg":"handled request","requ ... show more {"level":"info","ts":1779290546.220575,"logger":"http.log.access.log1","msg":"handled request","request":{"remote_ip":"124.70.140.201","remote_port":"36332","client_ip":"124.70.140.201","proto":"HTTP/1.1","method":"GET","host":"status.edsm.net","uri":"/","headers":{"Accept":["/"]}},"bytes_read":0,"user_id":"","duration":0.000070865,"size":0,"status":308,"resp_headers":{"Server":["Caddy"],"Connection":["close"],"Location":["https://status.edsm.net/"],"Content-Type":[]}} {"level":"info","ts":1779290548.4445477,"logger":"http.log.access.log1","msg":"handled request","request":{"remote_ip":"124.70.140.201","remote_port":"36532","client_ip":"124.70.140.201","proto":"HTTP/1.1","method":"GET","host":"status.eduxim.com","uri":"/","headers":{"Accept":["/"]}},"bytes_read":0,"user_id":"","duration":0.000069162,"size":0,"status":308,"resp_headers":{"Server":["Caddy"],"Connection":["close"],"Location":["https://status.eduxim.com/"],"Content-Type":[]}} {"level":"info","ts":1779290549.0318391,"lo ... show less	DDoS Attack Web App Attack
🇺🇸 TPI-Abuse	2026-05-20 12:11:26 (2 weeks ago)	(mod_security) mod_security (id:211190) triggered by 124.70.140.201 (ecs-124-70-140-201.compute.hwcl ... show more (mod_security) mod_security (id:211190) triggered by 124.70.140.201 (ecs-124-70-140-201.compute.hwclouds-dns.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed May 20 08:11:22.066667 2026] [security2:error] [pid 12330:tid 12330] [client 124.70.140.201:60448] ModSecurity: Access denied with code 403 (phase 2). Match of "contains cpanel" against "REQUEST_URI" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "55"] [id "211190"] [rev "9"] [msg "COMODO WAF: Remote File Access Attempt\|\|leighcunningham.com\|F\|2"] [data "Matched Data: /etc/ found within REQUEST_URI: /index.php?s=index/\\x5cthink\\x5capp/invokefunction&function=call_user_func_array&vars%5B0%5D=think\\x5c__include_file&vars%5B1%5D%5B%5D=/etc/passwd"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "leighcunningham.com"] [uri "/index.php"] [unique_id "ag2k6htEPQRGJsqGalvImQAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 dynamix	2026-05-20 03:07:57 (2 weeks ago)	Multiple WAF Violations	Web App Attack
🇺🇸 TPI-Abuse	2026-05-19 03:19:09 (2 weeks ago)	(mod_security) mod_security (id:211190) triggered by 124.70.140.201 (ecs-124-70-140-201.compute.hwcl ... show more (mod_security) mod_security (id:211190) triggered by 124.70.140.201 (ecs-124-70-140-201.compute.hwclouds-dns.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon May 18 23:19:01.179037 2026] [security2:error] [pid 14607:tid 14607] [client 124.70.140.201:51448] ModSecurity: Access denied with code 403 (phase 2). Match of "contains cpanel" against "REQUEST_URI" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "55"] [id "211190"] [rev "9"] [msg "COMODO WAF: Remote File Access Attempt\|\|thewritekellys.com\|F\|2"] [data "Matched Data: /etc/ found within REQUEST_URI: /index.php?s=index/\\x5cthink\\x5capp/invokefunction&function=call_user_func_array&vars%5B0%5D=think\\x5c__include_file&vars%5B1%5D%5B%5D=/etc/passwd"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "thewritekellys.com"] [uri "/index.php"] [unique_id "agvWpcddJxeZS0xmTYcldwAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 Site.eu	2026-05-19 03:14:21 (2 weeks ago)	Excessive multi-domain requests	Brute-Force

Showing 16 to 30 of 77 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇰🇪 197.248.207.139

🇰🇷 203.142.160.143

🇻🇳 113.181.82.133

🇨🇳 112.86.225.209

🇬🇧 92.207.4.157

🇹🇼 198.235.24.10

🇨🇴 179.63.191.100

🇿🇦 102.253.67.24

🇺🇸 75.102.23.159

🇮🇩 69.5.23.222

🇳🇱 45.148.10.183

🇺🇸 43.166.137.151

🇻🇳 14.191.120.202

🇻🇳 14.191.38.177

🇨🇳 14.103.121.146

🇷🇴 2.57.121.112

🇺🇸 200.10.44.98

🇨🇦 173.183.163.248

🇨🇳 113.207.85.156

🇺🇸 34.133.249.237