JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 42.187.135.42

42.187.135.42 was found in our database!

This IP was reported 129 times. Confidence of Abuse is 19%: ?

19%

ISP	Tencent cloud computing (Beijing) Co., Ltd.
Usage Type	Data Center/Web Hosting/Transit
ASN	AS45090
Domain Name	tencentcloud.com
Country	🇨🇳 China
City	Tianjin, Tianjin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 42.187.135.42

Whois 42.187.135.42

IP Abuse Reports for 42.187.135.42:

This IP address has been reported a total of 129 times from 10 distinct sources. 42.187.135.42 was first reported on October 1st 2025, and the most recent report was 6 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-13 15:13:30 (6 days ago)	(mod_security) mod_security (id:210730) triggered by 42.187.135.42 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210730) triggered by 42.187.135.42 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 13 11:13:23.819997 2026] [security2:error] [pid 1838:tid 1838] [client 42.187.135.42:8252] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|www.scoutinsignia.com\|F\|2"] [data ".log"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.scoutinsignia.com"] [uri "/train_files/WS_FTP.LOG"] [unique_id "ai1zkwzc7Fz62DswbLH8ZQAAABM"] show less	Brute-Force Bad Web Bot Web App Attack
🇧🇷 ICS Labs	2026-05-23 13:58:53 (3 weeks ago)	ICS Labs identified 42.187.135.42 as a malicious indicator from threat intelligence.	DDoS Attack Hacking Exploited Host
🇨🇳 ThreatBook.io	2026-05-08 01:21:10 (1 month ago)	ThreatBook Intelligence: Zombie,IDC more details on https://threatbook.io/ip/42.187.135.42 2026-05-0 ... show more ThreatBook Intelligence: Zombie,IDC more details on https://threatbook.io/ip/42.187.135.42 2026-05-07 11:30:34 /dfdfd show less	Web App Attack
🇫🇷 bigorre.org	2026-04-29 10:04:54 (1 month ago)	Unidentified crawling: not a self-announced bot in user-agent	Bad Web Bot
🇺🇸 TPI-Abuse	2026-04-21 17:37:34 (1 month ago)	(mod_security) mod_security (id:210730) triggered by 42.187.135.42 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210730) triggered by 42.187.135.42 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Apr 21 13:37:30.565172 2026] [security2:error] [pid 20595:tid 20595] [client 42.187.135.42:62680] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|www.raintechgutters.com\|F\|2"] [data ".raintechgutters.com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.raintechgutters.com"] [uri "/commercial-gutter-installation-orlando-fl/www.raintechgutters.com"] [unique_id "aee12gdN7g1hASJj_wnfIAAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-04-21 07:14:02 (1 month ago)	(mod_security) mod_security (id:210730) triggered by 42.187.135.42 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210730) triggered by 42.187.135.42 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Apr 21 03:13:56.096921 2026] [security2:error] [pid 1333400:tid 1333400] [client 42.187.135.42:18871] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|www.scoutinsignia.com\|F\|2"] [data ".log"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.scoutinsignia.com"] [uri "/train_files/WS_FTP.LOG"] [unique_id "aecjtB5Ce0Ucqin1ydbOPwAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 bigorre.org	2026-03-24 10:15:53 (2 months ago)	Unidentified crawling: not a self-announced bot in user-agent	Bad Web Bot
🇫🇷 bigorre.org	2026-03-14 13:51:51 (3 months ago)	Unidentified crawling: not a self-announced bot in user-agent	Bad Web Bot
🇫🇷 bigorre.org	2026-03-13 11:44:23 (3 months ago)	Unidentified crawling: not a self-announced bot in user-agent	Bad Web Bot
🇫🇷 bigorre.org	2026-03-12 11:08:42 (3 months ago)	Unidentified crawling: not a self-announced bot in user-agent	Bad Web Bot
🇫🇷 bigorre.org	2026-03-11 09:53:18 (3 months ago)	Unidentified crawling: not a self-announced bot in user-agent	Bad Web Bot
🇫🇷 bigorre.org	2026-03-10 04:49:00 (3 months ago)	Unidentified crawling: not a self-announced bot in user-agent	Bad Web Bot
🇫🇷 bigorre.org	2026-03-09 03:26:19 (3 months ago)	Unidentified crawling: not a self-announced bot in user-agent	Bad Web Bot
🇺🇸 TPI-Abuse	2026-03-07 21:00:57 (3 months ago)	(mod_security) mod_security (id:210730) triggered by 42.187.135.42 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210730) triggered by 42.187.135.42 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Mar 07 16:00:53.521589 2026] [security2:error] [pid 27796:tid 27796] [client 42.187.135.42:3883] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|www.lertap5.com\|F\|2"] [data ".assess.com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.lertap5.com"] [uri "/HTMLHelp/Lrtp59HTML/www.assess.com"] [unique_id "aaySBXew69tKCl9l3BrwJgAAABo"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 bigorre.org	2026-03-07 09:48:22 (3 months ago)	Unidentified crawling: not a self-announced bot in user-agent	Bad Web Bot

Showing 1 to 15 of 129 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇫🇷 185.177.72.38

🇱🇹 185.169.4.15

🇺🇸 135.119.96.214

🇷🇴 2.57.122.98

🇭🇰 152.32.254.89

🇮🇩 103.186.1.141

🇺🇸 32.192.189.220

🇰🇷 14.55.31.113

🇻🇳 171.231.191.85

🇬🇧 89.240.149.72

🇺🇸 44.201.101.19

🇻🇳 14.232.37.145

🇺🇸 3.228.12.243

🇺🇸 2607:f8b0:4004:c0b::122

🇮🇳 140.245.231.239

🇱🇹 81.30.98.144

🇱🇹 62.60.130.31

🇨🇦 20.104.203.253

🇨🇳 218.13.26.42

🇫🇮 216.58.207.110