JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 42.201.192.22

42.201.192.22 was found in our database!

This IP was reported 18 times. Confidence of Abuse is 29%: ?

29%

ISP	Huawei-Cloud-HK
Usage Type	Data Center/Web Hosting/Transit
ASN	AS136907
Domain Name	huawei.com
Country	🇭🇰 Hong Kong
City	Hong Kong

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 42.201.192.22

Whois 42.201.192.22

IP Abuse Reports for 42.201.192.22:

This IP address has been reported a total of 18 times from 5 distinct sources. 42.201.192.22 was first reported on March 23rd 2026, and the most recent report was 17 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-28 03:07:23 (17 hours ago)	(mod_security) mod_security (id:210350) triggered by 42.201.192.22 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210350) triggered by 42.201.192.22 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 27 23:07:17.432322 2026] [security2:error] [pid 28273:tid 28273] [client 42.201.192.22:27159] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|abcollie.com\|F\|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "abcollie.com"] [uri "/"] [unique_id "akCP5SkFcyQZxqXJnFO9nAAAAAA"], referer: https://abcollie.com/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 kosada.com	2026-06-25 22:39:00 (2 days ago)	Web bot: denial-of-service flood	DDoS Attack Bad Web Bot
🇺🇸 kosada.com	2026-06-25 09:21:09 (3 days ago)	Web bot: DDoS	DDoS Attack Bad Web Bot
🇺🇸 TPI-Abuse	2026-06-25 07:29:47 (3 days ago)	(mod_security) mod_security (id:210350) triggered by 42.201.192.22 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210350) triggered by 42.201.192.22 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 25 03:29:44.288221 2026] [security2:error] [pid 12002:tid 12002] [client 42.201.192.22:40476] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|thenursingsite.com\|F\|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "thenursingsite.com"] [uri "/tag/respect-experienced-nurses"] [unique_id "ajzY6EDCISDzTMH7JWg9kQAAAAc"], referer: https://thenursingsite.com/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-25 06:58:12 (3 days ago)	(mod_security) mod_security (id:210350) triggered by 42.201.192.22 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210350) triggered by 42.201.192.22 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 25 02:58:06.732816 2026] [security2:error] [pid 12667:tid 12667] [client 42.201.192.22:23842] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|arsenalfordemocracy.com\|F\|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "arsenalfordemocracy.com"] [uri "/tag/sahel/page/2"] [unique_id "ajzRfoL3dq_-QiLzI7gmpwAAABQ"], referer: https://arsenalfordemocracy.com/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-25 06:41:39 (3 days ago)	(mod_security) mod_security (id:210350) triggered by 42.201.192.22 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210350) triggered by 42.201.192.22 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 25 02:41:30.807923 2026] [security2:error] [pid 14236:tid 14236] [client 42.201.192.22:47107] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|mavikalem.org\|F\|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "mavikalem.org"] [uri "/"] [unique_id "ajzNmkwhTkf6Rok_8T1WvAAAAA4"], referer: https://mavikalem.org/ show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-19 08:02:58 (1 week ago)	42.201.192.22 - - [19/Jun/2026:10:02:09 +0200] "GET /205-kolczyki-alkohol?q=R%C4%99kodzie%C5%82o-Nie ... show more 42.201.192.22 - - [19/Jun/2026:10:02:09 +0200] "GET /205-kolczyki-alkohol?q=R%C4%99kodzie%C5%82o-Nie/Kolor-Z%C5%82oty HTTP/2.0" 444 0 "https://krafciarka.pl/" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.6478.127 Safari/537.36" 42.201.192.22 - - [19/Jun/2026:10:02:13 +0200] "GET /205-kolczyki-alkohol?q=R%C4%99kodzie%C5%82o-Nie/Kolor-Z%C5%82oty HTTP/2.0" 444 0 "https://krafciarka.pl/" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.6478.127 Safari/537.36" 42.201.192.22 - - [19/Jun/2026:10:02:21 +0200] "GET /205-kolczyki-alkohol?q=R%C4%99kodzie%C5%82o-Nie/Kolor-Z%C5%82oty HTTP/2.0" 444 0 "https://krafciarka.pl/" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.6478.127 Safari/537.36" 42.201.192.22 - - [19/Jun/2026:10:02:24 +0200] "GET /205-kolczyki-alkohol?q=R%C4%99kodzie%C5%82o-Nie/Kolor-Z%C5%82oty HTTP/2.0" 444 0 "https://krafc ... show less	Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-15 06:44:47 (1 week ago)	(mod_security) mod_security (id:210350) triggered by 42.201.192.22 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210350) triggered by 42.201.192.22 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 15 02:44:41.091715 2026] [security2:error] [pid 1283:tid 1353] [client 42.201.192.22:62215] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|www.vancekelly.com\|F\|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "www.vancekelly.com"] [uri "/index.phtml"] [unique_id "ai-fWdUaPUFwKls8F3SyfQAAABM"], referer: http://www.vancekelly.com/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-13 23:19:11 (2 weeks ago)	(mod_security) mod_security (id:210350) triggered by 42.201.192.22 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210350) triggered by 42.201.192.22 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 13 19:19:04.882842 2026] [security2:error] [pid 21416:tid 21416] [client 42.201.192.22:11768] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|airtechconsulting.com\|F\|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "airtechconsulting.com"] [uri "/"] [unique_id "ai3laMcQI2_urzrDlkSilwAAAAc"], referer: https://www.chromeheartsofficial.shop/ show less	Brute-Force Bad Web Bot Web App Attack
🇨🇿 netmagnet	2026-06-07 09:14:33 (3 weeks ago)	Automated HTTP request flood (2044 requests in ~10 min) to lovecpokladu.cz using spam ?backlink= que ... show more Automated HTTP request flood (2044 requests in ~10 min) to lovecpokladu.cz using spam ?backlink= query params; bad web bot / web app attack from Huawei Cloud HK. show less	Web Spam Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-28 12:46:45 (1 month ago)	(mod_security) mod_security (id:210350) triggered by 42.201.192.22 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210350) triggered by 42.201.192.22 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu May 28 08:46:40.180412 2026] [security2:error] [pid 7104:tid 7104] [client 42.201.192.22:10041] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|www.dogarttoday.com\|F\|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "www.dogarttoday.com"] [uri "/21st-century-dog-art/play-ball-with-nancy-schutts-dog-art/"] [unique_id "ahg5MEDlCqMi7gGwIMws7AAAAAI"], referer: https://dogarttoday.com/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 kosada.com	2026-05-28 10:35:17 (1 month ago)	Web bot: DDoS	DDoS Attack Bad Web Bot
🇩🇪 pltcldvlpr	2026-05-24 09:36:58 (1 month ago)	Honeypot triggered: 42.201.192.22 - - [24/May/2026:11:36:58 +0200] "GET /protocol/index HTTP/2.0" 44 ... show more Honeypot triggered: 42.201.192.22 - - [24/May/2026:11:36:58 +0200] "GET /protocol/index HTTP/2.0" 444 0 "https://stateparl.de/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.0.0 Safari/537.36 Edg/121.0.0.0" asn=136907 org="HUAWEI INTERNATIONAL PTE. LTD." country=HK ... show less	Bad Web Bot
🇺🇸 kosada.com	2026-05-17 23:29:15 (1 month ago)	Web bot: DDoS	DDoS Attack Bad Web Bot
🇺🇸 TPI-Abuse	2026-04-24 01:12:43 (2 months ago)	(mod_security) mod_security (id:210350) triggered by 42.201.192.22 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210350) triggered by 42.201.192.22 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Apr 23 21:12:36.735920 2026] [security2:error] [pid 20581:tid 20581] [client 42.201.192.22:49148] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|www.spacebooger.com\|F\|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "www.spacebooger.com"] [uri "/"] [unique_id "aerDhFdBAze6550cil18_AAAABI"], referer: http://spacebooger.com/ show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 18 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇹🇼 198.235.24.99

🇩🇪 185.216.214.42

🇹🇷 185.124.87.2

🇺🇸 172.191.239.155

🇺🇸 104.28.233.73

🇻🇳 103.9.204.209

🇫🇮 94.159.112.56

🇧🇷 43.164.196.114

🇬🇧 37.10.113.220

🇧🇪 34.14.122.221

🇪🇹 196.188.37.30

🇷🇺 104.128.140.214

🇺🇸 45.42.88.54

🇨🇳 14.103.117.75

🇧🇷 138.117.221.79

🇺🇸 74.125.80.28

🇧🇷 45.205.1.42

🇺🇸 20.169.107.208

🇷🇺 195.88.120.62

🇨🇳 120.235.10.116