JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 42.201.192.39

42.201.192.39 was found in our database!

This IP was reported 7 times. Confidence of Abuse is 20%: ?

20%

ISP	Huawei-Cloud-HK
Usage Type	Data Center/Web Hosting/Transit
ASN	AS136907
Domain Name	huawei.com
Country	🇭🇰 Hong Kong
City	Hong Kong

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 42.201.192.39

Whois 42.201.192.39

IP Abuse Reports for 42.201.192.39:

This IP address has been reported a total of 7 times from 4 distinct sources. 42.201.192.39 was first reported on March 31st 2026, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇨🇿 netmagnet	2026-06-07 09:14:33 (1 week ago)	Automated HTTP request flood (1603 requests in ~10 min) to lovecpokladu.cz using spam ?backlink= que ... show more Automated HTTP request flood (1603 requests in ~10 min) to lovecpokladu.cz using spam ?backlink= query params; bad web bot / web app attack from Huawei Cloud HK. show less	Web Spam Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-02 17:48:06 (2 weeks ago)	(mod_security) mod_security (id:210350) triggered by 42.201.192.39 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210350) triggered by 42.201.192.39 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 02 13:47:59.569383 2026] [security2:error] [pid 32075:tid 32075] [client 42.201.192.39:27057] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|www.glendaleheritage.org\|F\|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "www.glendaleheritage.org"] [uri "/memories/"] [unique_id "ah8XT8gSMuhhx5Ubo1QLVgAAAAU"], referer: https://glendaleheritage.org/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-29 03:05:09 (3 weeks ago)	(mod_security) mod_security (id:210350) triggered by 42.201.192.39 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210350) triggered by 42.201.192.39 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu May 28 23:05:03.268541 2026] [security2:error] [pid 25257:tid 25257] [client 42.201.192.39:55650] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|evolute.io\|F\|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "evolute.io"] [uri "/top-5-learnings-moving-software-to-containers"] [unique_id "ahkCXyavpDacbGvn_Qi3zgAAABo"], referer: http://evolute.io/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 kosada.com	2026-05-28 10:45:15 (3 weeks ago)	Web bot: DDoS	DDoS Attack Bad Web Bot
Anonymous	2026-05-24 01:20:09 (3 weeks ago)	Web App Attack, Hacking	Hacking Web App Attack
🇺🇸 kosada.com	2026-05-17 23:31:23 (1 month ago)	Web bot: DDoS	DDoS Attack Bad Web Bot
🇺🇸 TPI-Abuse	2026-03-31 02:10:44 (2 months ago)	(mod_security) mod_security (id:210350) triggered by 42.201.192.39 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210350) triggered by 42.201.192.39 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Mar 30 22:10:40.811066 2026] [security2:error] [pid 19764:tid 19764] [client 42.201.192.39:35516] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|www.TransCapitalSolutions.com\|F\|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "www.transcapitalsolutions.com"] [uri "/"] [unique_id "acstIOo28Pf8MfvLUg9JwQAAAAY"], referer: https://armed4battle.com/single-people-seeking-dating-relationships show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 7 of 7 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 209.85.222.194

🇺🇸 209.85.210.44

🇮🇳 139.59.6.237

🇨🇳 27.17.242.11

🇸🇬 23.111.14.192

🇨🇳 14.116.172.42

🇰🇿 2.135.146.53

🇭🇰 2404:6800:4005:c02::122

🇳🇱 213.177.179.91

🇺🇸 209.85.161.65

🇻🇳 160.191.245.48

🇺🇸 136.117.37.191

🇺🇸 50.46.141.125

🇧🇷 45.205.1.42

🇺🇸 35.193.33.167

🇺🇸 34.122.173.116

🇺🇸 209.85.219.68

🇺🇸 209.85.219.65

🇺🇸 35.253.140.92

🇺🇸 34.29.20.154