JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 42.201.192.90

42.201.192.90 was found in our database!

This IP was reported 8 times. Confidence of Abuse is 32%: ?

32%

ISP	Huawei-Cloud-HK
Usage Type	Data Center/Web Hosting/Transit
ASN	AS136907
Domain Name	huawei.com
Country	🇭🇰 Hong Kong
City	Hong Kong

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 42.201.192.90

Whois 42.201.192.90

IP Abuse Reports for 42.201.192.90:

This IP address has been reported a total of 8 times from 5 distinct sources. 42.201.192.90 was first reported on April 12th 2026, and the most recent report was 19 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇨🇿 netmagnet	2026-06-07 09:14:33 (19 hours ago)	Automated HTTP request flood (2028 requests in ~10 min) to lovecpokladu.cz using spam ?backlink= que ... show more Automated HTTP request flood (2028 requests in ~10 min) to lovecpokladu.cz using spam ?backlink= query params; bad web bot / web app attack from Huawei Cloud HK. show less	Web Spam Bad Web Bot Web App Attack
🇱🇹 Evag Touf	2026-06-05 23:49:27 (2 days ago)	(mod_security) mod_security triggered on hostname [redacted] 42.201.192.90 (HK/Hong Kong/-)	SQL Injection
🇺🇸 SiliSoftware	2026-06-04 11:25:58 (3 days ago)	/phpBB3/viewtopic.php?t=171	Web App Attack
🇺🇸 TPI-Abuse	2026-05-29 04:22:26 (1 week ago)	(mod_security) mod_security (id:210350) triggered by 42.201.192.90 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210350) triggered by 42.201.192.90 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri May 29 00:22:20.734998 2026] [security2:error] [pid 22292:tid 22292] [client 42.201.192.90:15501] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|dogarttoday.com\|F\|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "dogarttoday.com"] [uri "/uncategorized/democracy-is-a-warm-puppy"] [unique_id "ahkUfEagSRSDBnlrprSczAAAAAA"], referer: https://dogarttoday.com/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 kosada.com	2026-05-28 10:19:05 (1 week ago)	Web bot: DDoS	DDoS Attack Bad Web Bot
🇺🇸 kosada.com	2026-05-17 23:13:45 (3 weeks ago)	Web bot: DDoS	DDoS Attack Bad Web Bot
🇺🇸 TPI-Abuse	2026-04-17 07:34:29 (1 month ago)	(mod_security) mod_security (id:210350) triggered by 42.201.192.90 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210350) triggered by 42.201.192.90 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Apr 17 03:34:23.521099 2026] [security2:error] [pid 3817451:tid 3817451] [client 42.201.192.90:45734] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|www.ctrussell.us\|F\|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "www.ctrussell.us"] [uri "/w/wajsbuh_s_n"] [unique_id "aeHif4ajM_e_5ywP5NNqKAAAAAA"], referer: http://www.ctrussell.us/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-04-12 09:58:39 (1 month ago)	(mod_security) mod_security (id:210350) triggered by 42.201.192.90 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210350) triggered by 42.201.192.90 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Apr 12 05:58:32.721170 2026] [security2:error] [pid 3206922:tid 3207006] [client 42.201.192.90:49124] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|www.love-spells-magic.com\|F\|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "www.love-spells-magic.com"] [uri "/index.phtml"] [unique_id "adtsyI-HUkeidufSr99NhAAAABU"], referer: http://www.love-spells-magic.com/ show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 8 of 8 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇹🇼 198.235.24.87

🇬🇧 193.163.125.120

🇨🇳 116.53.43.5

🇷🇴 80.94.95.116

🇺🇸 74.125.75.88

🇺🇸 20.221.68.115

🇭🇰 220.246.47.169

🇬🇧 193.176.29.4

🇷🇺 151.252.84.225

🇺🇸 104.28.209.1

🇺🇸 52.188.231.113

🇷🇺 45.132.18.40

🇺🇸 20.124.84.235

🇮🇩 2a02:4780:6:1965:0:366d:3dbd:1

🇧🇪 198.235.24.178

🇬🇧 193.163.125.170

🇨🇳 58.209.82.184

🇫🇮 46.8.64.51

🇳🇱 45.148.10.147

🇭🇰 34.92.244.167