JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 147.124.198.201

147.124.198.201 was found in our database!

This IP was reported 7 times. Confidence of Abuse is 0%: ?

ISP	Tier.Net Technologies LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS397423
Domain Name	tier.net
Country	🇺🇸 United States of America
City	Leesburg, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 147.124.198.201

Whois 147.124.198.201

IP Abuse Reports for 147.124.198.201:

This IP address has been reported a total of 7 times from 4 distinct sources. 147.124.198.201 was first reported on May 30th 2025, and the most recent report was 2 months ago.

Old Reports: The most recent abuse report for this IP address is from 2 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇮🇹 Pengu	2026-03-18 00:43:29 (2 months ago)	Web application attack blocked by WAF — MSSP SOC	Web App Attack
🇺🇸 TPI-Abuse	2026-01-16 10:03:10 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 147.124.198.201 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210492) triggered by 147.124.198.201 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jan 16 05:03:03.453954 2026] [security2:error] [pid 7079:tid 7079] [client 147.124.198.201:40821] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.nbcnewsradio.com"] [uri "/.env.cpcontacts"] [unique_id "aWoM1-9rsK51Ghpt70F4rQAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-10-28 20:26:31 (7 months ago)	(mod_security) mod_security (id:210730) triggered by 147.124.198.201 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210730) triggered by 147.124.198.201 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Oct 28 16:26:24.135221 2025] [security2:error] [pid 10591:tid 10591] [client 147.124.198.201:57673] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|ftp.nbcnewsradio.com\|F\|2"] [data ".axd"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "ftp.nbcnewsradio.com"] [uri "/elmah.axd"] [unique_id "aQEm8BGukTif7zntpnJYIAAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-07-19 11:00:19 (10 months ago)	Backdrop CMS module - malicious activity detected	Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-07-01 06:12:15 (11 months ago)	(mod_security) mod_security (id:218420) triggered by 147.124.198.201 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:218420) triggered by 147.124.198.201 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 01 02:12:06.033586 2025] [security2:error] [pid 15241:tid 15301] [client 147.124.198.201:59287] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i)php://(std(in\|out\|err)\|(in\|out)put\|fd\|memory\|temp\|filter)" at ARGS_NAMES:\\xadd allow_url_include=1 \\xadd auto_prepend_file=php://input. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/21_PHP_PHPGen.conf"] [line "22"] [id "218420"] [rev "2"] [msg "COMODO WAF: PHP Injection Attack: I/O Stream Found\|\|www.kettlehill.net\|F\|2"] [data "Matched Data: php://input found within ARGS_NAMES:\\x5cxadd allow_url_include=1 \\x5cxadd auto_prepend_file=php://input: \\xadd allow_url_include=1 \\xadd auto_prepend_file=php://input"] [severity "CRITICAL"] [tag "CWAF"] [tag "PHPGen"] [hostname "www.kettlehill.net"] [uri "/cgi-bin/php.exe"] [unique_id "aGN8NnYF3eGjRiRZ58ZPCgAAAFc"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-06-11 21:50:02 (11 months ago)	\| PHP CGI-bin vulnerability attempt.	Hacking SQL Injection Web App Attack
🇺🇸 TPI-Abuse	2025-05-30 19:48:35 (1 year ago)	(mod_security) mod_security (id:210730) triggered by 147.124.198.201 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210730) triggered by 147.124.198.201 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri May 30 15:48:29.055557 2025] [security2:error] [pid 595794:tid 595794] [client 147.124.198.201:60191] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|nbcnewsradio.com\|F\|2"] [data ".key"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "nbcnewsradio.com"] [uri "/server.key"] [unique_id "aDoLjQOCh3F-Q11hm1WPrgAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 7 of 7 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇻🇳 180.93.33.92

🇯🇵 121.1.248.95

🇳🇱 45.148.10.147

🇳🇱 5.255.123.222

🇺🇸 2602:80d:1008::6b

🇬🇧 185.216.145.189

🇺🇸 172.253.214.24

🇺🇸 162.216.149.139

🇹🇷 95.0.171.24

🇷🇴 92.118.39.236

🇷🇺 79.104.0.82

🇮🇳 4.186.40.232

🇫🇷 91.231.89.235

🇨🇳 39.154.25.116

🇻🇳 27.74.248.52

🇺🇸 20.55.29.194

🇨🇳 218.17.185.223

🇳🇱 195.178.110.131

🇸🇪 171.25.158.74

🇺🇸 165.154.254.11