JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 42.226.255.12

42.226.255.12 was found in our database!

This IP was reported 8 times. Confidence of Abuse is 4%: ?

ISP	China Unicom Henan province network
Usage Type	Fixed Line ISP
ASN	AS4837
Hostname(s)	hn.kd.ny.adsl
Domain Name	chinaunicom.cn
Country	🇨🇳 China
City	Zhengzhou, Henan

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 42.226.255.12

Whois 42.226.255.12

IP Abuse Reports for 42.226.255.12:

This IP address has been reported a total of 8 times from 4 distinct sources. 42.226.255.12 was first reported on April 19th 2024, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-28 20:04:47 (1 day ago)	(mod_security) mod_security (id:210831) triggered by 42.226.255.12 (hn.kd.ny.adsl): 1 in the last 30 ... show more (mod_security) mod_security (id:210831) triggered by 42.226.255.12 (hn.kd.ny.adsl): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 28 16:04:43.648511 2026] [security2:error] [pid 22126:tid 22126] [client 42.226.255.12:48513] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url\|user-Agent\|www\\\\.weblogs\\\\.com\|(?:jakart\|vi)a\|(google\|i{0,1}explorer{0,1}\\\\.exe\|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)\|\\\\bdatacha0s\\\\b\|; widows\|\\\\\\\\r\|a(?: href=\|d(?:sarobot\|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler\|\|csems.org\|F\|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "csems.org"] [uri "/index.html"] [unique_id "akF-WxRkk0AGD41RsJPcewAAABM"], referer: https://csems.org/index.html show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-26 04:00:58 (4 months ago)	(mod_security) mod_security (id:210831) triggered by 42.226.255.12 (hn.kd.ny.adsl): 1 in the last 30 ... show more (mod_security) mod_security (id:210831) triggered by 42.226.255.12 (hn.kd.ny.adsl): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 25 23:00:54.305199 2026] [security2:error] [pid 1688:tid 1688] [client 42.226.255.12:11782] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url\|user-Agent\|www\\\\.weblogs\\\\.com\|(?:jakart\|vi)a\|(google\|i{0,1}explorer{0,1}\\\\.exe\|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)\|\\\\bdatacha0s\\\\b\|; widows\|\\\\\\\\r\|a(?: href=\|d(?:sarobot\|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler\|\|geno-med.com\|F\|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "geno-med.com"] [uri "/"] [unique_id "aZ_FdkakzJbcPDRYc8pozAAAABA"], referer: http://geno-med.com/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-25 20:32:51 (4 months ago)	(mod_security) mod_security (id:210831) triggered by 42.226.255.12 (hn.kd.ny.adsl): 1 in the last 30 ... show more (mod_security) mod_security (id:210831) triggered by 42.226.255.12 (hn.kd.ny.adsl): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 25 15:32:43.621181 2026] [security2:error] [pid 2711:tid 2711] [client 42.226.255.12:12042] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url\|user-Agent\|www\\\\.weblogs\\\\.com\|(?:jakart\|vi)a\|(google\|i{0,1}explorer{0,1}\\\\.exe\|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)\|\\\\bdatacha0s\\\\b\|; widows\|\\\\\\\\r\|a(?: href=\|d(?:sarobot\|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler\|\|enespiral.net\|F\|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "enespiral.net"] [uri "/"] [unique_id "aZ9ca7x905Kgs63x2hTU9QAAABg"], referer: http://enespiral.net/ show less	Brute-Force Bad Web Bot Web App Attack
🇨🇭 cybsecaoccol	2024-04-21 02:33:32 (2 years ago)	unauthorized connection or malicious port scan attempted on tcp port 23 - sch	Port Scan Hacking
🇺🇸 MPL	2024-04-21 01:56:15 (2 years ago)	tcp/23 (2 or more attempts)	Port Scan
🇺🇸 MPL	2024-04-21 01:56:15 (2 years ago)	tcp/23	Port Scan
🇺🇸 MPL	2024-04-20 17:12:26 (2 years ago)	tcp/23 (3 or more attempts)	Port Scan
Anonymous	2024-04-19 06:41:07 (2 years ago)	Unauthorized connection attempt	Port Scan Hacking Exploited Host

Showing 1 to 8 of 8 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇳🇱 193.176.31.195

🇧🇷 205.210.31.222

🇺🇸 173.3.154.29

🇮🇩 103.187.165.26

🇳🇱 91.92.40.173

🇩🇪 88.99.134.189

🇺🇸 66.132.186.241

🇳🇱 45.148.10.141

🇨🇴 181.68.177.169

🇺🇸 173.56.101.68

🇸🇬 165.154.200.214

🇮🇩 103.186.31.66

🇮🇳 103.84.236.222

🇩🇪 69.5.169.50

🇳🇱 195.178.110.227

🇮🇳 154.221.35.72

🇺🇸 147.185.132.96

🇬🇧 89.37.172.155

🇪🇪 85.253.101.102

🇺🇸 73.74.35.196