JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 43.242.241.47

43.242.241.47 was found in our database!

This IP was reported 28 times. Confidence of Abuse is 23%: ?

23%

ISP	OrbitNet LLC
Usage Type	Fixed Line ISP
ASN	AS17882
Domain Name	mcs.mn
Country	🇲🇳 Mongolia
City	Ulan Bator, Ulaanbaatar

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 43.242.241.47

Whois 43.242.241.47

IP Abuse Reports for 43.242.241.47:

This IP address has been reported a total of 28 times from 18 distinct sources. 43.242.241.47 was first reported on July 13th 2022, and the most recent report was 2 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇷🇴 Fn4ticHz	2026-06-08 04:46:17 (2 days ago)	DDoS blocked via ZeroGuard.ID	DDoS Attack Exploited Host
🇮🇹 VHosting	2026-05-27 10:52:10 (2 weeks ago)	Detected attack and reported by a human	Brute-Force Web App Attack SSH DDoS Attack Exploited Host Bad Web Bot
🇫🇷 MatStef132	2026-05-22 14:04:44 (2 weeks ago)	MatShield L7: blocked on mathost.eu (ua-quarantined)	Bad Web Bot
🇷🇴 Fn4ticHz	2026-05-09 14:13:55 (1 month ago)	Repeated DDoS targeted -- ZeroGuard X ManagedSRV	DDoS Attack Exploited Host
🇺🇸 Vano Ganzzz	2026-05-02 23:30:40 (1 month ago)	Triggered Cloudflare WAF (l7ddos) from MN. Action taken: BLOCK ASN: 17882 (Univision LLC) Protocol: ... show more Triggered Cloudflare WAF (l7ddos) from MN. Action taken: BLOCK ASN: 17882 (Univision LLC) Protocol: HTTP/2 (GET method) Endpoint: / Timestamp: 2026-05-02T23:30:40Z Ray ID: 9f5ad0ac1fddc175 UA: Mozilla/5.0 (X11; Linux x86_64; rv:105.0) Gecko/20100101 Firefox/105.0 show less	DDoS Attack Bad Web Bot
🇮🇹 VHosting	2026-04-26 08:29:53 (1 month ago)	Detected attack and reported by a human	Brute-Force Web App Attack SSH DDoS Attack Exploited Host Bad Web Bot
🇮🇹 VHosting	2026-04-10 05:17:26 (2 months ago)	Detected attack and reported by a human	Brute-Force Web App Attack SSH DDoS Attack Exploited Host Bad Web Bot
🇪🇸 el-brujo	2026-04-03 18:53:25 (2 months ago)	Cloudflare WAF: Request Path: / Request Query: Host: elhacker.net userAgent: Mozilla/5.0 (Windows N ... show more Cloudflare WAF: Request Path: / Request Query: Host: elhacker.net userAgent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Action: block Source: l7ddos ASN Description: UNIVISION-AS-AP UNIVISION LLC Country: MN Method: GET Timestamp: 2026-04-03T18:53:25Z ruleId: 6e3ccc23900c428e8ec0fb8a3a679c52. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/MHG-LAB/Cloudflare-WAF-to-AbuseIPDB). show less	Hacking SQL Injection Web App Attack
🇺🇸 COMPLEX	2026-03-06 17:05:07 (3 months ago)	Triggered Cloudflare WAF (l7ddos) from MN. Action taken: MANAGED_CHALLENGE ASN: undefined (undefined ... show more Triggered Cloudflare WAF (l7ddos) from MN. Action taken: MANAGED_CHALLENGE ASN: undefined (undefined) Protocol: HTTP/2 (GET method) Endpoint: / UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:146.0) Gecko/20100101 Firefox/146.0 show less	DDoS Attack Bad Web Bot
🇮🇳 Bharat Datacenter	2026-03-05 13:26:50 (3 months ago)	2: date=2026-03-05 time=18:54:58 eventtime=1772717098812593521 tz="+0530" logid="0720018432" type="u ... show more 2: date=2026-03-05 time=18:54:58 eventtime=1772717098812593521 tz="+0530" logid="0720018432" type="utm" subtype="anomaly" eventtype="anomaly" level="alert" vd="root" severity="critical" srcip=43.242.241.47 srccountry="Mongolia" dstip=157.10.99.34 dstcountry="India" srcintf="x2" srcintfrole="wan" sessionid=0 action="clear_session" proto=6 service="HTTPS" count=103596 attack="tcp_syn_flood" srcport=52661 dstport=443 attackid=100663396 policyid=1 policytype="DoS-policy" ref="http://www.fortinet.com/ids/VID100663396" msg="anomaly: tcp_syn_flood, 4741 > threshold 2000, repeats 103596 times since last log, pps 4788 of prior second" crscore=50 craction=4096 crlevel="critical" show less	Brute-Force
🇵🇱 cheatmaster.store	2026-02-25 23:11:38 (3 months ago)	Automated report: This IP address has been identified as an active public open proxy. Classification ... show more Automated report: This IP address has been identified as an active public open proxy. Classification: Open Proxy \| Spoofing \| VPN/Anonymizer \| Bad Web Bot. Country: Mongolia Threat level: High. This host is listed across multiple public proxy databases and poses a risk of abuse, credential stuffing, scraping, and spoofed traffic. Reported by automated threat intelligence pipeline. Do not whitelist without manual verification. show less	Web Spam Port Scan Web App Attack
🇨🇭 Modules	2026-01-10 01:23:52 (5 months ago)	Open proxy http://43.242.241.47:8080 (RT:6254ms,Loc:Mongolia,ASN:AS17882)	Open Proxy
🇺🇸 Vano Ganzzz	2025-12-28 04:04:32 (5 months ago)	Triggered Cloudflare WAF (firewallCustom) from MN. Action taken: BLOCK ASN: 17882 (UNIVISION-AS-AP U ... show more Triggered Cloudflare WAF (firewallCustom) from MN. Action taken: BLOCK ASN: 17882 (UNIVISION-AS-AP UNIVISION LLC) Protocol: HTTP/2 (GET method) Endpoint: / Timestamp: 2025-12-28T04:04:32Z Ray ID: 9b4e2c998b7f1531 UA: Mozilla/5.0 (Windows; U; Windows NT 6.0; en-US) AppleWebKit/532.0 (KHTML, like Gecko) Chrome/3.0.196.2 Safari/532.00kSUidpQJVXs show less	Bad Web Bot
🇬🇧 Silly Development	2025-12-25 21:03:46 (5 months ago)	Malicious activity detected from 17882 UNIVISION-AS-AP UNIVISION LLC towards host sillydev.co.uk (GE ... show more Malicious activity detected from 17882 UNIVISION-AS-AP UNIVISION LLC towards host sillydev.co.uk (GET HTTP/2) @ 2025-12-25T21:03:46Z (4 occurrences) show less	DDoS Attack Exploited Host
🇸🇬 Vano Ganzzz	2025-12-10 12:33:23 (6 months ago)	Triggered Cloudflare WAF (l7ddos) from MN. Action taken: BLOCK ASN: 17882 (UNIVISION-AS-AP UNIVISION ... show more Triggered Cloudflare WAF (l7ddos) from MN. Action taken: BLOCK ASN: 17882 (UNIVISION-AS-AP UNIVISION LLC) Protocol: HTTP/2 (GET method) Endpoint: / Timestamp: 2025-12-10T12:33:23Z Ray ID: 9abcc5387fa91552 UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 show less	DDoS Attack Bad Web Bot

Showing 1 to 15 of 28 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 222.176.200.71

🇪🇪 196.196.255.153

🇪🇸 185.50.45.81

🇨🇦 143.110.219.212

🇭🇰 47.76.63.164

🇧🇷 45.205.1.73

🇨🇳 27.9.150.9

🇧🇷 2804:14d:902c:8202:b1ce:286a:1a8e:b498

🇨🇳 223.199.167.156

🇭🇰 199.45.154.151

🇳🇱 185.184.195.134

🇨🇳 182.138.158.61

🇺🇸 162.216.150.215

🇮🇳 159.65.156.75

🇺🇸 147.185.132.183

🇨🇳 144.123.76.44

🇺🇸 107.173.179.162

🇩🇪 91.98.140.41

🇬🇧 90.203.185.86

🇨🇦 68.183.205.196