JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 202.67.45.42

202.67.45.42 was found in our database!

This IP was reported 9 times. Confidence of Abuse is 23%: ?

23%

ISP	PT Hutchison CP Telecommunications
Usage Type	Mobile ISP
ASN	AS4761
Domain Name	ipnet.net.id
Country	🇮🇩 Indonesia
City	Pekanbaru, Riau

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 202.67.45.42

Whois 202.67.45.42

IP Abuse Reports for 202.67.45.42:

This IP address has been reported a total of 9 times from 8 distinct sources. 202.67.45.42 was first reported on August 25th 2021, and the most recent report was 7 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-13 06:46:27 (7 hours ago)	(mod_security) mod_security (id:240335) triggered by 202.67.45.42 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:240335) triggered by 202.67.45.42 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 13 02:46:20.861871 2026] [security2:error] [pid 17771:tid 17771] [client 202.67.45.42:23125] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5965"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 202.67.45.42 (+1 hits since last alert)\|tracytappan.net\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "tracytappan.net"] [uri "/xmlrpc.php"] [unique_id "aiz8vPflerGvKpvGnNz7nAAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-13 02:42:15 (11 hours ago)	(mod_security) mod_security (id:240335) triggered by 202.67.45.42 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:240335) triggered by 202.67.45.42 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 12 22:42:09.342433 2026] [security2:error] [pid 12146:tid 12146] [client 202.67.45.42:45863] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 202.67.45.42 (+1 hits since last alert)\|healthmarkcounseling.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "healthmarkcounseling.com"] [uri "/xmlrpc.php"] [unique_id "aizDgbTjwAl-k3g4g_xqgQAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇮🇩 soc-yk	2026-06-10 13:06:15 (3 days ago)	Type: suspicious_network_activity Risk: 93 Events: 93 Evidence: - Persistent suspicious network act ... show more Type: suspicious_network_activity Risk: 93 Events: 93 Evidence: - Persistent suspicious network activity detected - Repeated hostile operational behavior observed - Multi-event operational persistence identified - Threat escalation behavior observed show less	Port Scan Hacking
🇯🇵 demonsword	2026-05-16 04:47:16 (4 weeks ago)	Detected by SentinelX honeypot: sent HTTP CONNECT request probing for an open proxy. Connection was ... show more Detected by SentinelX honeypot: sent HTTP CONNECT request probing for an open proxy. Connection was hijacked and held in a tarpit to slow down the scan. Probed target: isq.org.il:443:443 show less	Open Proxy Port Scan
Anonymous	2026-05-08 06:34:28 (1 month ago)	host-ipset-guard auto-report; server=ssd5.kdns.gr; rule=httpd-xmlrpc-post; count=13/9; duration=72h; ... show more host-ipset-guard auto-report; server=ssd5.kdns.gr; rule=httpd-xmlrpc-post; count=13/9; duration=72h; scope=ssd5.kdns.gr; country=ID; sites=popikouloufakou.com; samples=/xmlrpc.php show less	Hacking Web App Attack
🇩🇪 LRob.fr	2026-03-23 00:45:14 (2 months ago)	Repeated requests on blocked xmlrpc.php, blocked by fail2ban in custom-503-xmlrpc jail	Bad Web Bot Web App Attack
Anonymous	2024-09-24 13:43:51 (1 year ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH
🇦🇹 urnilxfgbez	2024-07-16 22:45:00 (1 year ago)	Last 24 Hours suspicious: (DPT=445\|DPT=3389\|DPT=22\|DPT=3306\|DPT=8080\|DPT=23\|DPT=5900\|DPT=1433)	Port Scan
🇫🇷 Daguerian	2021-08-25 23:19:29 (4 years ago)	1629947969 - 08/26/2021 05:19:29 Host: 202.67.45.42/202.67.45.42 Port: 445 TCP Blocked	Port Scan

Showing 1 to 9 of 9 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇰🇷 218.144.90.40

🇰🇷 211.104.137.55

🇭🇰 168.76.131.178

🇭🇰 152.32.188.207

🇨🇱 136.248.242.166

🇨🇳 120.48.11.36

🇺🇸 74.125.181.157

🇳🇱 72.56.86.124

🇩🇪 64.89.163.138

🇭🇰 35.241.107.9

🇬🇧 35.203.211.54

🇩🇪 5.231.28.193

🇧🇷 186.200.6.38

🇨🇳 171.114.225.44

🇨🇳 119.96.193.72

🇸🇬 119.28.101.155

🇹🇼 116.59.10.205

🇫🇷 92.103.134.183

🇺🇸 18.190.15.50

🇬🇧 213.166.84.50