JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 42.201.192.57

42.201.192.57 was found in our database!

This IP was reported 10 times. Confidence of Abuse is 19%: ?

19%

ISP	Huawei-Cloud-HK
Usage Type	Data Center/Web Hosting/Transit
ASN	AS136907
Domain Name	huawei.com
Country	🇭🇰 Hong Kong
City	Hong Kong

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 42.201.192.57

Whois 42.201.192.57

IP Abuse Reports for 42.201.192.57:

This IP address has been reported a total of 10 times from 3 distinct sources. 42.201.192.57 was first reported on April 27th 2026, and the most recent report was 2 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-17 17:43:38 (2 days ago)	(mod_security) mod_security (id:210350) triggered by 42.201.192.57 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210350) triggered by 42.201.192.57 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 17 13:43:33.179444 2026] [security2:error] [pid 32064:tid 32064] [client 42.201.192.57:40462] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|evolute.io\|F\|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "evolute.io"] [uri "/top-5-learnings-moving-software-to-containers"] [unique_id "ajLcxQXGGjp6Hng1TtOU8AAAAAs"], referer: http://evolute.io/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-17 03:56:44 (3 days ago)	(mod_security) mod_security (id:210350) triggered by 42.201.192.57 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210350) triggered by 42.201.192.57 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 16 23:56:37.521266 2026] [security2:error] [pid 11021:tid 11021] [client 42.201.192.57:10234] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|brbcar.com\|F\|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "brbcar.com"] [uri "/"] [unique_id "ajIa9XQN7qs4kApiH5cTbgAAABM"], referer: https://brbcar.com/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-16 05:35:04 (4 days ago)	(mod_security) mod_security (id:210350) triggered by 42.201.192.57 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210350) triggered by 42.201.192.57 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 16 01:35:00.790113 2026] [security2:error] [pid 21513:tid 21513] [client 42.201.192.57:10129] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|melsjukeboxes.com\|F\|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "melsjukeboxes.com"] [uri "/"] [unique_id "ajDghIuT2XAmXznMG8Dp5gAAACI"], referer: https://melsjukeboxes.com/ show less	Brute-Force Bad Web Bot Web App Attack
🇨🇿 netmagnet	2026-06-07 09:14:33 (1 week ago)	Automated HTTP request flood (2211 requests in ~10 min) to lovecpokladu.cz using spam ?backlink= que ... show more Automated HTTP request flood (2211 requests in ~10 min) to lovecpokladu.cz using spam ?backlink= query params; bad web bot / web app attack from Huawei Cloud HK. show less	Web Spam Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-03 17:34:49 (2 weeks ago)	(mod_security) mod_security (id:210350) triggered by 42.201.192.57 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210350) triggered by 42.201.192.57 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 03 13:34:45.789993 2026] [security2:error] [pid 19442:tid 19442] [client 42.201.192.57:37149] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|dogarttoday.com\|F\|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "dogarttoday.com"] [uri "/"] [unique_id "aiBltUdEc2A23fk3qPCAHAAAAAk"], referer: https://dogarttoday.com/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 kosada.com	2026-05-28 07:43:42 (3 weeks ago)	Web bot: DDoS	DDoS Attack Bad Web Bot
🇺🇸 TPI-Abuse	2026-05-27 21:31:30 (3 weeks ago)	(mod_security) mod_security (id:210350) triggered by 42.201.192.57 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210350) triggered by 42.201.192.57 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed May 27 17:31:26.323145 2026] [security2:error] [pid 13599:tid 13599] [client 42.201.192.57:40493] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|portalvasco.com\|F\|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "portalvasco.com"] [uri "/blog"] [unique_id "ahdirjAQu6NRTo4dH_bTUAAAAAE"], referer: https://portalvasco.com/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 kosada.com	2026-05-17 23:15:32 (1 month ago)	Web bot: DDoS	DDoS Attack Bad Web Bot
🇺🇸 TPI-Abuse	2026-05-08 14:31:23 (1 month ago)	(mod_security) mod_security (id:210350) triggered by 42.201.192.57 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210350) triggered by 42.201.192.57 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri May 08 10:31:19.185216 2026] [security2:error] [pid 24932:tid 24932] [client 42.201.192.57:43668] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|www.katharinanitzpon.com\|F\|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "www.katharinanitzpon.com"] [uri "/"] [unique_id "af3zt8wri7XvExAXGZK2GgAAAAc"], referer: http://www.katharinanitzpon.com/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-04-27 03:03:08 (1 month ago)	(mod_security) mod_security (id:210350) triggered by 42.201.192.57 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210350) triggered by 42.201.192.57 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Apr 26 23:03:04.044817 2026] [security2:error] [pid 6592:tid 6639] [client 42.201.192.57:38916] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|gafm.org\|F\|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "gafm.org"] [uri "/403.shtml"] [unique_id "ae7R6FUynkQo---K4DvacAAAAJQ"], referer: http://projectmanagercertified.net/ show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 10 of 10 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇳🇱 188.226.201.151

🇺🇸 104.28.203.58

🇲🇾 47.250.91.153

🇩🇪 8.211.35.24

🇳🇱 5.83.143.123

🇭🇰 2404:6800:4005:c01::128

🇨🇭 212.104.214.117

🇧🇷 177.155.133.175

🇳🇱 172.211.56.214

🇩🇪 167.94.145.25

🇺🇸 162.216.149.44

🇺🇸 70.36.101.122

🇺🇸 64.62.156.219

🇬🇧 35.203.210.179

🇻🇪 200.71.154.142

🇰🇿 199.189.254.84

🇳🇱 178.16.55.50

🇺🇸 162.216.150.204

🇺🇸 162.216.150.98

🇺🇸 162.216.149.53