JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 42.201.192.91

42.201.192.91 was found in our database!

This IP was reported 8 times. Confidence of Abuse is 18%: ?

18%

ISP	Huawei-Cloud-HK
Usage Type	Data Center/Web Hosting/Transit
ASN	AS136907
Domain Name	huawei.com
Country	🇭🇰 Hong Kong
City	Hong Kong

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 42.201.192.91

Whois 42.201.192.91

IP Abuse Reports for 42.201.192.91:

This IP address has been reported a total of 8 times from 3 distinct sources. 42.201.192.91 was first reported on April 4th 2026, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇨🇿 netmagnet	2026-06-07 09:14:33 (1 week ago)	Automated HTTP request flood (1756 requests in ~10 min) to lovecpokladu.cz using spam ?backlink= que ... show more Automated HTTP request flood (1756 requests in ~10 min) to lovecpokladu.cz using spam ?backlink= query params; bad web bot / web app attack from Huawei Cloud HK. show less	Web Spam Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-03 16:45:36 (1 week ago)	(mod_security) mod_security (id:210350) triggered by 42.201.192.91 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210350) triggered by 42.201.192.91 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 03 12:45:27.788752 2026] [security2:error] [pid 16518:tid 16518] [client 42.201.192.91:60599] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|clcmillvale.com\|F\|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "clcmillvale.com"] [uri "/our-community"] [unique_id "aiBaJ_tM47whD9C6xIlrEQAAAA0"], referer: https://clcmillvale.com/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 kosada.com	2026-05-28 11:57:17 (2 weeks ago)	Web bot: DDoS	DDoS Attack Bad Web Bot
🇺🇸 TPI-Abuse	2026-05-23 12:08:35 (3 weeks ago)	(mod_security) mod_security (id:210350) triggered by 42.201.192.91 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210350) triggered by 42.201.192.91 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat May 23 08:08:30.151044 2026] [security2:error] [pid 31504:tid 31524] [client 42.201.192.91:13517] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|www.oxfordlawschool.com\|F\|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "www.oxfordlawschool.com"] [uri "/"] [unique_id "ahGYvkl920EuzbKTukkF9wAAAJA"], referer: http://www.oxfordlawschool.com/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-21 10:08:54 (3 weeks ago)	(mod_security) mod_security (id:210350) triggered by 42.201.192.91 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210350) triggered by 42.201.192.91 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu May 21 06:08:49.289792 2026] [security2:error] [pid 30948:tid 30948] [client 42.201.192.91:16902] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|dogarttoday.com\|F\|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "dogarttoday.com"] [uri "/"] [unique_id "ag7ZsWZOLJW5jJCLUBsdLAAAAA4"], referer: https://dogarttoday.com/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 kosada.com	2026-05-17 22:18:13 (4 weeks ago)	Web bot: DDoS	DDoS Attack Bad Web Bot
🇺🇸 TPI-Abuse	2026-05-05 09:01:33 (1 month ago)	(mod_security) mod_security (id:210350) triggered by 42.201.192.91 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210350) triggered by 42.201.192.91 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue May 05 05:01:28.282547 2026] [security2:error] [pid 19309:tid 19312] [client 42.201.192.91:15425] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|la.productions\|F\|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "la.productions"] [uri "/index.phtml"] [unique_id "afmx6E4uYc4KT-gM-CxYrQAAAAE"], referer: http://la.productions/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-04-04 23:49:10 (2 months ago)	(mod_security) mod_security (id:210350) triggered by 42.201.192.91 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210350) triggered by 42.201.192.91 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Apr 04 19:49:03.733492 2026] [security2:error] [pid 29009:tid 29009] [client 42.201.192.91:33996] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|www.spacebooger.com\|F\|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "www.spacebooger.com"] [uri "/2016/11/25/friday-night-fights-power-punch-round-2/"] [unique_id "adGjb8mOKZBChXOohkzoawAAAAE"], referer: http://slaymonstrobot.blogspot.com/2016/11/friday-night-fights-boomerang-vs.html show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 8 of 8 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇵🇱 185.198.37.37

🇺🇸 184.174.24.225

🇿🇦 105.186.111.212

🇺🇸 52.238.213.109

🇺🇸 47.251.12.114

🇳🇱 45.148.10.21

🇺🇸 20.46.235.164

🇳🇱 204.76.203.80

🇨🇭 185.211.94.76

🇩🇰 181.214.32.194

🇵🇹 181.214.6.224

🇺🇸 179.61.245.246

🇮🇳 125.19.162.70

🇩🇪 69.5.169.220

🇺🇸 64.23.174.153

🇸🇬 47.79.200.39

🇮🇳 43.229.91.50

🇺🇸 40.124.120.52

🇬🇧 35.203.211.102

🇰🇷 222.108.100.117