JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 42.201.192.48

42.201.192.48 was found in our database!

This IP was reported 17 times. Confidence of Abuse is 31%: ?

31%

ISP	Huawei-Cloud-HK
Usage Type	Data Center/Web Hosting/Transit
ASN	AS136907
Domain Name	huawei.com
Country	🇭🇰 Hong Kong
City	Hong Kong

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 42.201.192.48

Whois 42.201.192.48

IP Abuse Reports for 42.201.192.48:

This IP address has been reported a total of 17 times from 5 distinct sources. 42.201.192.48 was first reported on April 18th 2026, and the most recent report was 2 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 kosada.com	2026-06-25 22:45:36 (2 days ago)	Web bot: denial-of-service flood	DDoS Attack Bad Web Bot
🇨🇭 backslash	2026-06-25 16:51:00 (2 days ago)	block ruleset CC531825F9395F9A07FB06C1247C46770A2690F8	Bad Web Bot
🇺🇸 kosada.com	2026-06-25 09:19:40 (2 days ago)	Web bot: DDoS	DDoS Attack Bad Web Bot
🇺🇸 TPI-Abuse	2026-06-25 07:20:14 (3 days ago)	(mod_security) mod_security (id:210350) triggered by 42.201.192.48 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210350) triggered by 42.201.192.48 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 25 03:20:08.860780 2026] [security2:error] [pid 1715:tid 1715] [client 42.201.192.48:53939] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|arsenalfordemocracy.com\|F\|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "arsenalfordemocracy.com"] [uri "/privacy-policy"] [unique_id "ajzWqCB0uWf0-az398-1fQAAAAc"], referer: https://arsenalfordemocracy.com/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-25 06:39:39 (3 days ago)	(mod_security) mod_security (id:210350) triggered by 42.201.192.48 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210350) triggered by 42.201.192.48 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 25 02:39:34.685626 2026] [security2:error] [pid 4907:tid 4907] [client 42.201.192.48:57294] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|abcollie.com\|F\|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "abcollie.com"] [uri "/"] [unique_id "ajzNJtUTgbP0NAVlROWSiQAAAAE"], referer: https://abcollie.com/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-25 05:35:25 (3 days ago)	(mod_security) mod_security (id:210350) triggered by 42.201.192.48 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210350) triggered by 42.201.192.48 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 25 01:35:20.020898 2026] [security2:error] [pid 9470:tid 9470] [client 42.201.192.48:52145] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|agingworkforcenews.com\|F\|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "agingworkforcenews.com"] [uri "/2006/08/united-kingdom-trades-union-congress.html"] [unique_id "ajy-GFcdA9yN6uTcQEDWIgAAAAU"], referer: https://agingworkforcenews.com/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-25 03:20:30 (3 days ago)	(mod_security) mod_security (id:210350) triggered by 42.201.192.48 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210350) triggered by 42.201.192.48 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 24 23:20:23.328369 2026] [security2:error] [pid 1892:tid 1892] [client 42.201.192.48:47377] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|mavikalem.org\|F\|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "mavikalem.org"] [uri "/category/arapca"] [unique_id "ajyed9MBuP5ww8YeN9o_yAAAAAQ"], referer: https://mavikalem.org/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-18 23:58:20 (1 week ago)	(mod_security) mod_security (id:210350) triggered by 42.201.192.48 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210350) triggered by 42.201.192.48 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 18 19:58:13.230782 2026] [security2:error] [pid 1746:tid 1746] [client 42.201.192.48:13804] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|www.airtechconsulting.com\|F\|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "www.airtechconsulting.com"] [uri "/"] [unique_id "ajSGFV5_QEbV8KvB4nWMNwAAAAg"], referer: https://www.chromeheartsofficial.shop/ show less	Brute-Force Bad Web Bot Web App Attack
🇦🇺 prologic	2026-06-12 20:56:39 (2 weeks ago)	Coordinated application-layer DDoS against git.mills.io (self-hosted Gitea), 2026-06-12 ~20:30-21:10 ... show more Coordinated application-layer DDoS against git.mills.io (self-hosted Gitea), 2026-06-12 ~20:30-21:10 UTC. Deliberately expensive multi-label Gitea issue-search queries (/issues?type=all&state=closed&sort=...&labels=<multiple IDs>, ~60-113s CPU each) flooded the backend via proxy/hosting networks. ~36,700 source IPs, ~1 request per IP, identical TLS fingerprint (TLS1.3 0x1301) and one spoofed Chrome UA = single automated tool. show less	DDoS Attack Web App Attack
🇺🇸 TPI-Abuse	2026-06-11 10:05:17 (2 weeks ago)	(mod_security) mod_security (id:210350) triggered by 42.201.192.48 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210350) triggered by 42.201.192.48 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 11 06:05:12.402754 2026] [security2:error] [pid 14704:tid 14704] [client 42.201.192.48:57319] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|www.deanfountain.com\|F\|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "www.deanfountain.com"] [uri "/"] [unique_id "aiqIWOHRfHhF3SF2y2E92QAAAAY"], referer: http://www.deanfountain.com/ show less	Brute-Force Bad Web Bot Web App Attack
🇨🇿 netmagnet	2026-06-07 09:14:33 (2 weeks ago)	Automated HTTP request flood (2006 requests in ~10 min) to lovecpokladu.cz using spam ?backlink= que ... show more Automated HTTP request flood (2006 requests in ~10 min) to lovecpokladu.cz using spam ?backlink= query params; bad web bot / web app attack from Huawei Cloud HK. show less	Web Spam Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-31 23:41:52 (3 weeks ago)	(mod_security) mod_security (id:210350) triggered by 42.201.192.48 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210350) triggered by 42.201.192.48 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun May 31 19:41:47.609066 2026] [security2:error] [pid 14643:tid 14643] [client 42.201.192.48:25242] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|www.dogarttoday.com\|F\|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "www.dogarttoday.com"] [uri "/tag/hokusai/"] [unique_id "ahzHO0xeMeGSMPYnxfL4SwAAAAM"], referer: https://dogarttoday.com/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-29 07:55:34 (4 weeks ago)	(mod_security) mod_security (id:210350) triggered by 42.201.192.48 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210350) triggered by 42.201.192.48 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri May 29 03:55:28.301379 2026] [security2:error] [pid 29248:tid 29248] [client 42.201.192.48:43952] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|evolute.io\|F\|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "evolute.io"] [uri "/top-5-learnings-moving-software-to-containers"] [unique_id "ahlGcKj5DlTgh4bzuBhzDgAAABw"], referer: http://evolute.io/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 kosada.com	2026-05-28 09:31:02 (4 weeks ago)	Web bot: DDoS	DDoS Attack Bad Web Bot
🇺🇸 kosada.com	2026-05-17 23:35:35 (1 month ago)	Web bot: DDoS	DDoS Attack Bad Web Bot

Showing 1 to 15 of 17 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇳🇱 176.65.136.31

🇸🇬 47.84.102.38

🇺🇸 44.233.249.242

🇨🇦 4.239.243.30

🇺🇸 173.236.141.65

🇭🇰 103.52.153.215

🇫🇷 51.38.226.110

🇳🇱 45.148.10.240

🇧🇪 44.11.12.204

🇺🇸 20.168.5.222

🇨🇳 218.13.26.42

🇸🇬 208.109.13.31

🇮🇩 163.7.4.169

🇺🇸 162.216.149.231

🇺🇸 153.75.91.100

🇫🇮 147.185.133.146

🇱🇻 81.30.98.44

🇮🇳 45.118.34.201

🇳🇱 45.11.106.181

🇻🇳 27.79.2.107