JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 183.87.96.70

183.87.96.70 was found in our database!

This IP was reported 15 times. Confidence of Abuse is 25%: ?

25%

ISP	Huawei-Cloud-HK
Usage Type	Data Center/Web Hosting/Transit
ASN	AS136907
Domain Name	huawei.com
Country	🇭🇰 Hong Kong
City	Hong Kong

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 183.87.96.70

Whois 183.87.96.70

IP Abuse Reports for 183.87.96.70:

This IP address has been reported a total of 15 times from 4 distinct sources. 183.87.96.70 was first reported on April 25th 2026, and the most recent report was 11 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-27 10:31:26 (11 hours ago)	(mod_security) mod_security (id:210350) triggered by 183.87.96.70 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210350) triggered by 183.87.96.70 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 27 06:31:19.304775 2026] [security2:error] [pid 19473:tid 19473] [client 183.87.96.70:10182] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|mavikalem.org\|F\|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "mavikalem.org"] [uri "/en/2019/09/08/mavi-kalem-wins-juliette-gimon-courage-award"] [unique_id "aj-mdwioUE5JLGX9i9ZiygAAAAs"], referer: https://mavikalem.org/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 kosada.com	2026-06-26 21:26:09 (1 day ago)	Web bot: denial-of-service flood	DDoS Attack Bad Web Bot
🇺🇸 TPI-Abuse	2026-06-25 18:14:34 (2 days ago)	(mod_security) mod_security (id:210350) triggered by 183.87.96.70 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210350) triggered by 183.87.96.70 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 25 14:14:30.290992 2026] [security2:error] [pid 23493:tid 23493] [client 183.87.96.70:32169] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|laecovillage.org\|F\|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "laecovillage.org"] [uri "/tag/ecovillages/page/5"] [unique_id "aj1wBuEuI3tQFVLAgT4mzwAAAAQ"], referer: https://laecovillage.org/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 kosada.com	2026-06-25 09:23:11 (2 days ago)	Web bot: DDoS	DDoS Attack Bad Web Bot
🇺🇸 TPI-Abuse	2026-06-25 07:29:22 (2 days ago)	(mod_security) mod_security (id:210350) triggered by 183.87.96.70 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210350) triggered by 183.87.96.70 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 25 03:29:16.004833 2026] [security2:error] [pid 17027:tid 17027] [client 183.87.96.70:18896] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|thenursingsite.com\|F\|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "thenursingsite.com"] [uri "/2024/12/new-books-make-great-gifts-for-nurses"] [unique_id "ajzYzPRp6QgjBHK4SttZ_QAAABQ"], referer: https://thenursingsite.com/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-25 05:12:45 (2 days ago)	(mod_security) mod_security (id:210350) triggered by 183.87.96.70 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210350) triggered by 183.87.96.70 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 25 01:12:40.559637 2026] [security2:error] [pid 15727:tid 15727] [client 183.87.96.70:50856] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|arsenalfordemocracy.com\|F\|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "arsenalfordemocracy.com"] [uri "/tag/developing-nations"] [unique_id "ajy4yL33zS1pM2JqE0lVgAAAAAQ"], referer: https://arsenalfordemocracy.com/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-25 03:20:29 (2 days ago)	(mod_security) mod_security (id:210350) triggered by 183.87.96.70 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210350) triggered by 183.87.96.70 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 24 23:20:23.934179 2026] [security2:error] [pid 28229:tid 28229] [client 183.87.96.70:50747] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|marveldirectory.com\|F\|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "marveldirectory.com"] [uri "/individuals/c/colossus.htm"] [unique_id "ajyed_PGQFWHzJGDwxWWagAAAAM"], referer: https://marveldirectory.com/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-19 13:50:42 (1 week ago)	(mod_security) mod_security (id:210350) triggered by 183.87.96.70 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210350) triggered by 183.87.96.70 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 19 09:50:35.668776 2026] [security2:error] [pid 29299:tid 29299] [client 183.87.96.70:57539] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|portalvasco.com\|F\|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "portalvasco.com"] [uri "/blog/tag/liquido"] [unique_id "ajVJK9Ft2s5GyG49k5KhKQAAAA8"], referer: https://portalvasco.com/ show less	Brute-Force Bad Web Bot Web App Attack
🇦🇺 prologic	2026-06-12 21:51:08 (2 weeks ago)	Coordinated application-layer DDoS against git.mills.io (self-hosted Gitea), 2026-06-12 ~20:30-21:10 ... show more Coordinated application-layer DDoS against git.mills.io (self-hosted Gitea), 2026-06-12 ~20:30-21:10 UTC. Deliberately expensive multi-label Gitea issue-search queries (/issues?type=all&state=closed&sort=...&labels=<multiple IDs>, ~60-113s CPU each) flooded the backend via proxy/hosting networks. ~36,700 source IPs, ~1 request per IP, identical TLS fingerprint (TLS1.3 0x1301) and one spoofed Chrome UA = single automated tool. show less	DDoS Attack Web App Attack
🇨🇿 netmagnet	2026-06-07 09:14:33 (2 weeks ago)	Automated HTTP request flood (2029 requests in ~10 min) to lovecpokladu.cz using spam ?backlink= que ... show more Automated HTTP request flood (2029 requests in ~10 min) to lovecpokladu.cz using spam ?backlink= query params; bad web bot / web app attack from Huawei Cloud HK. show less	Web Spam Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-31 05:51:20 (3 weeks ago)	(mod_security) mod_security (id:210350) triggered by 183.87.96.70 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210350) triggered by 183.87.96.70 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun May 31 01:51:14.162814 2026] [security2:error] [pid 7835:tid 7835] [client 183.87.96.70:44151] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|styxwamworld.com\|F\|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "styxwamworld.com"] [uri "/"] [unique_id "ahvMUo3GRsU27XuBORHzFAAAABE"], referer: https://styxwamworld.com/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 kosada.com	2026-05-28 08:40:24 (4 weeks ago)	Web bot: DDoS	DDoS Attack Bad Web Bot
🇺🇸 TPI-Abuse	2026-05-19 21:02:41 (1 month ago)	(mod_security) mod_security (id:210350) triggered by 183.87.96.70 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210350) triggered by 183.87.96.70 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue May 19 17:02:33.652389 2026] [security2:error] [pid 6916:tid 6916] [client 183.87.96.70:60532] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|portalvasco.com\|F\|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "portalvasco.com"] [uri "/blog/2007/11/manual-del-laser-interceptor"] [unique_id "agzP6Zt1FloKpTOAoxkzaAAAABQ"], referer: https://portalvasco.com/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 kosada.com	2026-05-17 22:01:32 (1 month ago)	Web bot: DDoS	DDoS Attack Bad Web Bot
🇺🇸 TPI-Abuse	2026-04-25 03:40:04 (2 months ago)	(mod_security) mod_security (id:210350) triggered by 183.87.96.70 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210350) triggered by 183.87.96.70 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Apr 24 23:39:57.143417 2026] [security2:error] [pid 378397:tid 378397] [client 183.87.96.70:32061] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|www.criarteste.com\|F\|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "www.criarteste.com"] [uri "/"] [unique_id "aew3jZ28X8bHZ3tCbeLk2AAAABI"], referer: http://www.criarteste.com/ show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 15 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 216.25.89.71

🇳🇱 195.178.110.228

🇫🇮 147.185.133.155

🇾🇪 134.35.64.72

🇬🇷 83.235.16.111

🇸🇨 45.194.67.30

🇮🇩 36.64.131.68

🇨🇳 220.181.108.114

🇺🇸 216.73.163.97

🇺🇸 216.24.219.240

🇦🇲 195.250.79.2

🇧🇷 179.158.254.67

🇺🇸 98.201.49.26

🇧🇬 79.124.56.246

🇺🇸 45.156.129.81

🇭🇰 23.249.28.115

🇧🇷 2804:2c3c:c15e:2800:f9ba:cc13:2aea:dafc

🇺🇸 216.24.219.210

🇧🇷 205.210.31.169

🇵🇰 202.47.37.180