JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 42.201.192.68

42.201.192.68 was found in our database!

This IP was reported 15 times. Confidence of Abuse is 25%: ?

25%

ISP	Huawei-Cloud-HK
Usage Type	Data Center/Web Hosting/Transit
ASN	AS136907
Domain Name	huawei.com
Country	🇭🇰 Hong Kong
City	Hong Kong

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 42.201.192.68

Whois 42.201.192.68

IP Abuse Reports for 42.201.192.68:

This IP address has been reported a total of 15 times from 4 distinct sources. 42.201.192.68 was first reported on April 28th 2026, and the most recent report was 14 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-26 09:48:46 (14 hours ago)	(mod_security) mod_security (id:210350) triggered by 42.201.192.68 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210350) triggered by 42.201.192.68 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 26 05:48:39.619012 2026] [security2:error] [pid 25496:tid 25496] [client 42.201.192.68:25638] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|mavikalem.org\|F\|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "mavikalem.org"] [uri "/2021/03/18/ekip-arkadasi-ariyoruz-pozisyon-raporlama-sorumlusu"] [unique_id "aj5K9wU1bjhhqXYIbgPzRQAAAAY"], referer: https://mavikalem.org/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 kosada.com	2026-06-25 22:45:34 (1 day ago)	Web bot: denial-of-service flood	DDoS Attack Bad Web Bot
🇺🇸 TPI-Abuse	2026-06-25 09:32:17 (1 day ago)	(mod_security) mod_security (id:210350) triggered by 42.201.192.68 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210350) triggered by 42.201.192.68 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 25 05:32:11.714733 2026] [security2:error] [pid 22361:tid 22361] [client 42.201.192.68:58851] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|home.agingworkforcenews.com\|F\|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "home.agingworkforcenews.com"] [uri "/labels/retirement planning.html"] [unique_id "ajz1mwcQhb9FM27Ocz_JEAAAACU"], referer: https://agingworkforcenews.com/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 kosada.com	2026-06-25 09:20:22 (1 day ago)	Web bot: DDoS	DDoS Attack Bad Web Bot
🇺🇸 TPI-Abuse	2026-06-25 06:29:35 (1 day ago)	(mod_security) mod_security (id:210350) triggered by 42.201.192.68 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210350) triggered by 42.201.192.68 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 25 02:29:27.446940 2026] [security2:error] [pid 13225:tid 13225] [client 42.201.192.68:23918] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|laecovillage.org\|F\|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "laecovillage.org"] [uri "/tag/gardening"] [unique_id "ajzKxxAJNl3CjPZdknDWYgAAAAw"], referer: https://laecovillage.org/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-25 03:21:30 (1 day ago)	(mod_security) mod_security (id:210350) triggered by 42.201.192.68 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210350) triggered by 42.201.192.68 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 24 23:21:24.192934 2026] [security2:error] [pid 23024:tid 23024] [client 42.201.192.68:38942] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|arsenalfordemocracy.com\|F\|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "arsenalfordemocracy.com"] [uri "/tag/idaho"] [unique_id "ajyetAe7hXFJsI7AgcttdgAAAAg"], referer: https://arsenalfordemocracy.com/ show less	Brute-Force Bad Web Bot Web App Attack
🇨🇿 netmagnet	2026-06-07 09:14:33 (2 weeks ago)	Automated HTTP request flood (2094 requests in ~10 min) to lovecpokladu.cz using spam ?backlink= que ... show more Automated HTTP request flood (2094 requests in ~10 min) to lovecpokladu.cz using spam ?backlink= query params; bad web bot / web app attack from Huawei Cloud HK. show less	Web Spam Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-02 10:50:37 (3 weeks ago)	(mod_security) mod_security (id:210350) triggered by 42.201.192.68 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210350) triggered by 42.201.192.68 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 02 06:50:32.523859 2026] [security2:error] [pid 4971:tid 4971] [client 42.201.192.68:10146] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|evolute.io\|F\|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "evolute.io"] [uri "/top-5-learnings-moving-software-to-containers"] [unique_id "ah61eAhzi82OpEmn3oGyUgAAAA8"], referer: http://evolute.io/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-01 14:36:33 (3 weeks ago)	(mod_security) mod_security (id:210350) triggered by 42.201.192.68 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210350) triggered by 42.201.192.68 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 01 10:36:26.551863 2026] [security2:error] [pid 14223:tid 14223] [client 42.201.192.68:57388] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|www.opennatura.com\|F\|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "www.opennatura.com"] [uri "/"] [unique_id "ah2Y6gRYbnkm29cfzB3p5wAAABc"], referer: http://www.opennatura.com/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 kosada.com	2026-05-28 08:21:41 (4 weeks ago)	Web bot: DDoS	DDoS Attack Bad Web Bot
🇩🇪 pltcldvlpr	2026-05-24 09:36:56 (1 month ago)	Honeypot triggered: 42.201.192.68 - - [24/May/2026:11:36:56 +0200] "GET /protocol/index HTTP/2.0" 44 ... show more Honeypot triggered: 42.201.192.68 - - [24/May/2026:11:36:56 +0200] "GET /protocol/index HTTP/2.0" 444 0 "https://stateparl.de/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.0.0 Safari/537.36 Edg/121.0.0.0" asn=136907 org="HUAWEI INTERNATIONAL PTE. LTD." country=HK ... show less	Bad Web Bot
🇺🇸 TPI-Abuse	2026-05-23 11:12:02 (1 month ago)	(mod_security) mod_security (id:210350) triggered by 42.201.192.68 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210350) triggered by 42.201.192.68 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat May 23 07:11:56.392741 2026] [security2:error] [pid 741:tid 741] [client 42.201.192.68:55476] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|james.ahlstrom.name\|F\|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "james.ahlstrom.name"] [uri "/quisk"] [unique_id "ahGLfMDeQ1gmiPRBVqPrmwAAAJA"], referer: http://james.ahlstrom.name/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 kosada.com	2026-05-17 23:17:33 (1 month ago)	Web bot: DDoS	DDoS Attack Bad Web Bot
🇺🇸 TPI-Abuse	2026-05-07 18:15:58 (1 month ago)	(mod_security) mod_security (id:210350) triggered by 42.201.192.68 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210350) triggered by 42.201.192.68 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu May 07 14:15:50.737559 2026] [security2:error] [pid 4159:tid 4159] [client 42.201.192.68:16754] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|www.termstech.com\|F\|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "www.termstech.com"] [uri "/"] [unique_id "afzW1mqtWlLAwdp-5kdTMwAAAAc"], referer: http://www.termstech.com/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-04-28 10:22:21 (1 month ago)	(mod_security) mod_security (id:210350) triggered by 42.201.192.68 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210350) triggered by 42.201.192.68 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Apr 28 06:22:17.640723 2026] [security2:error] [pid 12250:tid 12250] [client 42.201.192.68:49008] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|portalvasco.com\|F\|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "portalvasco.com"] [uri "/blog"] [unique_id "afCKWaMbpGvt1uxb6Ct4rgAAABQ"], referer: http://portalvasco.com/ show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 15 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 223.88.80.117

🇨🇴 186.81.124.17

🇺🇸 216.180.246.213

🇺🇸 216.25.89.157

🇲🇦 196.92.7.249

🇨🇱 186.64.112.27

🇺🇾 186.52.123.126

🇦🇷 186.12.228.15

🇬🇧 185.216.145.190

🇺🇸 172.190.89.127

🇺🇸 172.59.196.75

🇨🇳 171.36.7.38

🇮🇪 168.63.79.147

🇩🇪 167.94.146.75

🇨🇳 123.56.83.129

🇯🇴 94.249.11.110

🇰🇿 92.55.171.128

🇺🇸 91.230.168.129

🇳🇱 89.190.159.181

🇳🇱 89.21.67.163