JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 42.101.40.242

42.101.40.242 was found in our database!

This IP was reported 177 times. Confidence of Abuse is 4%: ?

ISP	CHINANET HEILONGJIANG PROVINCE NETWORK
Usage Type	Data Center/Web Hosting/Transit
ASN	AS137698
Domain Name	chinatelecom.cn
Country	🇨🇳 China
City	Harbin, Heilongjiang

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 42.101.40.242

Whois 42.101.40.242

IP Abuse Reports for 42.101.40.242:

This IP address has been reported a total of 177 times from 75 distinct sources. 42.101.40.242 was first reported on January 3rd 2023, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇳🇱 SysAdmin Dylan	2026-06-26 02:25:10 (1 day ago)	Port Scan detected from 42.101.40.242 (CN/China/-). 11 hits in the last 240 seconds	Brute-Force
🇳🇱 SysAdmin Dylan	2026-06-19 02:43:24 (1 week ago)	Port Scan detected from 42.101.40.242 (CN/China/-). 11 hits in the last 140 seconds	Brute-Force
🇳🇱 SysAdmin Dylan	2026-06-12 03:05:43 (2 weeks ago)	Port Scan detected from 42.101.40.242 (CN/China/-). 11 hits in the last 262 seconds	Brute-Force
🇳🇱 SysAdmin Dylan	2026-05-29 02:35:38 (4 weeks ago)	Port Scan detected from 42.101.40.242 (CN/China/-). 11 hits in the last 0 seconds	Brute-Force
🇹🇷 rtbh.com.tr	2026-03-29 20:12:19 (2 months ago)	list.rtbh.com.tr report: tcp/0	Brute-Force
🇹🇷 rtbh.com.tr	2026-03-28 20:12:18 (2 months ago)	list.rtbh.com.tr report: tcp/0	Brute-Force
🇮🇱 spd.co.il	2026-03-25 05:01:55 (3 months ago)	Web application attack detected	Hacking Web App Attack
🇸🇪 KIDOS	2026-03-23 09:34:42 (3 months ago)	Apache monitor: ssrf_log_spoofing	Brute-Force SSH
🇷🇺 Mga Admin	2026-03-23 09:34:26 (3 months ago)	42.101.40.242 - - [23/Mar/2026:16:34:25 +0700] "GET /dns-query?dns=afcBAAABAAAAAAAAIGMzZDAwNjY4MjY5O ... show more 42.101.40.242 - - [23/Mar/2026:16:34:25 +0700] "GET /dns-query?dns=afcBAAABAAAAAAAAIGMzZDAwNjY4MjY5ODExZjFiNjQ1ZmExNjNlYzViMmNhDG9wZW5yZXNvbHZlcgZkbnNsYWICY24AABAAAQ HTTP/1.1" 404 196 "-" "python-httpx/0.27.0" 42.101.40.242 - - [23/Mar/2026:16:34:25 +0700] "POST /dns-query HTTP/1.1" 404 196 "-" "python-httpx/0.27.0" ... show less	Web App Attack
🇳🇱 soverin	2026-03-23 06:23:26 (3 months ago)	Network scan on port 443	Email Spam
🇮🇹 Rosh	2026-03-23 06:11:52 (3 months ago)	[03/23/26 07:11:52] Unauthorized request HTTP/2.0 404 on port 443	Hacking Web App Attack
🇬🇧 www.elivecd.org	2026-03-23 05:37:15 (3 months ago)	2026/03/23 05:37:15 [error] 2465641#2465641: 56101 FastCGI sent in stderr: "; PHP message: BOT WARN ... show more 2026/03/23 05:37:15 [error] 2465641#2465641: 56101 FastCGI sent in stderr: "; PHP message: BOT WARNING: visitor used the honeypot: 42.101.40.242, url was '78.141.243.157' and abuseipdb '56', function: ELP_site_live" while reading response header from upstream, client: 42.101.40.242, server: www.elivecd.org, request: "GET /dns-query?dns=D8cBAAABAAAAAAAAIGExNWFmZTYwMjY3NzExZjE4Y2MzZmExNjNlYzViMmNhDG9wZW5yZXNvbHZlcgZkbnNsYWICY24AABAAAQ HTTP/2.0", upstream: "fastcgi://unix:/run/php/php8.2-fpm-elivewp.sock:", host: "78.141.243.157" ... show less	Web Spam Email Spam
🇩🇪 kkeyser	2026-03-23 05:02:54 (3 months ago)	GET /dns-query?dns=nMsBAAABAAAAAAAAIGQ1Y2I3MWNhMjY3MjExZjE5ZDBmZmExNjNlYzViMmNhDG9wZW5yZXNvbHZlcgZkb ... show more GET /dns-query?dns=nMsBAAABAAAAAAAAIGQ1Y2I3MWNhMjY3MjExZjE5ZDBmZmExNjNlYzViMmNhDG9wZW5yZXNvbHZlcgZkbnNsYWICY24AABAAAQ HTTP/2.0 show less	Web App Attack
🇺🇸 www.winos.me	2026-03-23 04:26:56 (3 months ago)	stream fail	Web App Attack
🇫🇷 Security_Whaller	2026-03-23 03:35:28 (3 months ago)	Malicious activity detected on Honeypot.	Brute-Force Hacking Web App Attack

Showing 1 to 15 of 177 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇧🇷 205.210.31.195

🇹🇼 198.235.24.79

🇺🇸 162.217.100.206

🇻🇳 157.10.45.192

🇳🇱 45.148.10.151

🇺🇸 205.210.31.40

🇧🇪 198.235.24.180

🇹🇼 198.235.24.65

🇷🇴 193.32.162.84

🇺🇸 172.67.165.206

🇧🇪 198.235.24.172

🇧🇪 198.235.24.145

🇺🇸 193.3.53.4

🇺🇸 172.214.209.153

🇺🇸 170.249.206.186

🇺🇸 162.216.150.50

🇮🇩 103.169.186.173

🇫🇷 91.231.89.147

🇮🇪 52.211.143.234

🇩🇪 45.135.194.83