JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 42.201.192.31

42.201.192.31 was found in our database!

This IP was reported 10 times. Confidence of Abuse is 19%: ?

19%

ISP	Huawei-Cloud-HK
Usage Type	Data Center/Web Hosting/Transit
ASN	AS136907
Domain Name	huawei.com
Country	🇭🇰 Hong Kong
City	Hong Kong

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 42.201.192.31

Whois 42.201.192.31

IP Abuse Reports for 42.201.192.31:

This IP address has been reported a total of 10 times from 3 distinct sources. 42.201.192.31 was first reported on March 21st 2026, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-15 23:48:45 (1 day ago)	(mod_security) mod_security (id:210350) triggered by 42.201.192.31 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210350) triggered by 42.201.192.31 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 15 19:48:38.962524 2026] [security2:error] [pid 1144:tid 1144] [client 42.201.192.31:42306] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|thenursingsite.com\|F\|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "thenursingsite.com"] [uri "/resources/become-a-nurse/how_do_i_become_a_nurse_part_2.pdf"] [unique_id "ajCPVtuX0gbg2dQqJ9wAzgAAAAk"], referer: https://thenursingsite.com/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-15 09:31:04 (2 days ago)	(mod_security) mod_security (id:210350) triggered by 42.201.192.31 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210350) triggered by 42.201.192.31 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 15 05:30:57.930767 2026] [security2:error] [pid 6573:tid 6573] [client 42.201.192.31:15536] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|frenchla.com\|F\|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "frenchla.com"] [uri "/2023/01/french-colloquial-expressions-poser-un-lapin"] [unique_id "ai_GUTp7Pu_4F-niWuAxUwAAAEE"], referer: https://frenchla.com/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-11 02:47:47 (6 days ago)	(mod_security) mod_security (id:210350) triggered by 42.201.192.31 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210350) triggered by 42.201.192.31 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 10 22:47:42.752914 2026] [security2:error] [pid 23174:tid 23174] [client 42.201.192.31:60698] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|aaattanasio.com\|F\|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "aaattanasio.com"] [uri "/"] [unique_id "aiohzs5_mOkQ0GPCVpkLAAAAAAQ"], referer: http://aaattanasio.com/ show less	Brute-Force Bad Web Bot Web App Attack
🇨🇿 netmagnet	2026-06-07 09:14:33 (1 week ago)	Automated HTTP request flood (1575 requests in ~10 min) to lovecpokladu.cz using spam ?backlink= que ... show more Automated HTTP request flood (1575 requests in ~10 min) to lovecpokladu.cz using spam ?backlink= query params; bad web bot / web app attack from Huawei Cloud HK. show less	Web Spam Bad Web Bot Web App Attack
🇺🇸 kosada.com	2026-05-28 10:24:13 (2 weeks ago)	Web bot: DDoS	DDoS Attack Bad Web Bot
🇺🇸 TPI-Abuse	2026-05-24 11:32:08 (3 weeks ago)	(mod_security) mod_security (id:210350) triggered by 42.201.192.31 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210350) triggered by 42.201.192.31 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun May 24 07:32:02.628477 2026] [security2:error] [pid 16633:tid 16633] [client 42.201.192.31:43914] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|www.laboquimia.es\|F\|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "www.laboquimia.es"] [uri "/catalogo/frasco-laboratorio-protect-gls-80-cuello-ancho-rosca-gls-80-9"] [unique_id "ahLhstMzZtvpVTMNQnsAxgAAABg"], referer: https://www.laboquimia.es/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-22 23:44:31 (3 weeks ago)	(mod_security) mod_security (id:210350) triggered by 42.201.192.31 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210350) triggered by 42.201.192.31 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri May 22 19:44:23.408142 2026] [security2:error] [pid 29248:tid 29248] [client 42.201.192.31:36912] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|eileensharaga.com\|F\|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "eileensharaga.com"] [uri "/"] [unique_id "ahDqV2tEFoOyMa3U5Mvh4wAAAAc"], referer: https://eileensharaga.net/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 kosada.com	2026-05-17 22:39:24 (4 weeks ago)	Web bot: DDoS	DDoS Attack Bad Web Bot
🇺🇸 TPI-Abuse	2026-03-26 20:28:04 (2 months ago)	(mod_security) mod_security (id:210350) triggered by 42.201.192.31 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210350) triggered by 42.201.192.31 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Mar 26 16:27:58.244097 2026] [security2:error] [pid 23006:tid 23006] [client 42.201.192.31:20493] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|www.jesuspuzzle.com\|F\|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "www.jesuspuzzle.com"] [uri "/ageofreason/AORComment05.htm"] [unique_id "acWWzuYqqlx8dF91TKur5AAAAAY"], referer: http://www.jesuspuzzle.com/ageofreason/index.htm show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-03-21 08:12:11 (2 months ago)	(mod_security) mod_security (id:210350) triggered by 42.201.192.31 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210350) triggered by 42.201.192.31 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Mar 21 04:12:06.076249 2026] [security2:error] [pid 12908:tid 12908] [client 42.201.192.31:15155] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|alexgitlin.com\|F\|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "alexgitlin.com"] [uri "/npp/hummingbird.htm"] [unique_id "ab5S1ifBHmXAIU_jdA5ZFgAAABQ"], referer: http://ezhevika.blogspot.com/2006/04/jody-grind-one-step-on-1969.html show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 10 of 10 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇱🇹 62.60.130.14

🇷🇺 178.255.126.150

🇳🇱 176.65.139.233

🇫🇷 172.71.232.87

🇺🇸 107.173.216.132

🇳🇱 91.92.40.13

🇱🇹 81.30.98.158

🇸🇬 47.236.59.68

🇺🇸 44.95.217.145

🇻🇳 42.118.137.109

🇧🇷 20.226.2.115

🇹🇭 202.29.225.206

🇱🇹 195.12.191.130

🇨🇳 121.229.156.118

🇸🇬 114.119.146.255

🇺🇸 104.238.10.29

🇺🇸 91.230.168.89

🇨🇦 85.217.149.70

🇱🇹 81.30.98.49

🇿🇲 45.215.236.34