JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 192.42.116.111

192.42.116.111 was found in our database!

This IP was reported 373 times. Confidence of Abuse is 100%: ?

100%

This address is a Tor exit node. Neither the owner nor the provider are directly behind the offending action.

ISP	TOR EXIT AND MORE
Usage Type	Data Center/Web Hosting/Transit
ASN	AS215125
Domain Name	cyberology.nl
Country	🇳🇱 Netherlands
City	Lelystad, Flevoland

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 192.42.116.111

Whois 192.42.116.111

IP Abuse Reports for 192.42.116.111:

This IP address has been reported a total of 373 times from 185 distinct sources. 192.42.116.111 was first reported on March 12th 2026, and the most recent report was 6 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 nationaleventpros.com	2026-06-21 13:19:25 (6 hours ago)	WordPress login attempt	Brute-Force
🇫🇷 evvsk	2026-06-21 02:06:52 (17 hours ago)	9090/tcp	Port Scan
Anonymous	2026-06-20 23:00:54 (20 hours ago)	192.42.116.111 - - [20/Jun/2026:20:00:53 -0300] "GET /?parent_id=0&post_id=46&name=%F0%9F%92%BC+Tran ... show more 192.42.116.111 - - [20/Jun/2026:20:00:53 -0300] "GET /?parent_id=0&post_id=46&name=%F0%9F%92%BC+Transfer+236%2C538+%24.+GET+%3E%3E+graph.org%2FBALANCE-3682444-USD-04-21-2%3Fhs%3Dfb613f93cbf8d8b19bd3853597a24c8c%26+%F0%9F%92%BC&email=ibfzd6skhmkoaw%40web-library.net&comment=16cd72 HTTP/2.0" 200 320108 "https://www.guiadovarejo.com.br?parent_id=0&post_id=46&name=%F0%9F%92%BC+Transfer+236%2C538+%24.+GET+%3E%3E+graph.org%2FBALANCE-3682444-USD-04-21-2%3Fhs%3Dfb613f93cbf8d8b19bd3853597a24c8c%26+%F0%9F%92%BC&email=ibfzd6skhmkoaw%40web-library.net&comment=16cd72" "Mozilla/5.0 (Linux; Android 5.1.1; Redmi 3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Mobile Safari/537.36" ... show less	Port Scan Hacking SQL Injection Brute-Force Bad Web Bot Exploited Host
🇨🇭 SOC [GOLINE SA]	2026-06-20 18:46:54 (1 day ago)	IDS Alert: ET TOR Known Tor Relay/Router (Not Exit) Node Traffic group 54 === ATTACK === Signature: ... show more IDS Alert: ET TOR Known Tor Relay/Router (Not Exit) Node Traffic group 54 === ATTACK === Signature: ET TOR Known Tor Relay/Router (Not Exit) Node Traffic group 54 \| SID: 2522053 \| Severity: 2 \| Category: Misc Attack === SOURCE === IP: 192.42.116.111 (IPv4) \| Port: 40620 \| Country: The Netherlands \| ISP: RIPE-ERX-192-42-113-0 \| rDNS: None === TARGET === Host: nextcloud.goline.ch \| IP: 185.54.81.37 \| Port: 80 \| Protocol: TCP \| App: N/A === RESPONSE === Time: 2026-06-20 18:46:54 \| Action: Blocked show less	IoT Targeted Hacking
🇯🇵 demonsword	2026-06-20 15:10:58 (1 day ago)	Detected by SentinelX honeypot: sent HTTP CONNECT request probing for an open proxy. Connection was ... show more Detected by SentinelX honeypot: sent HTTP CONNECT request probing for an open proxy. Connection was hijacked and held in a tarpit to slow down the scan. Probed target: dpc8dvxsgy3qp.cloudfront.net:80 show less	Open Proxy Port Scan
🇩🇪 NewGastroline	2026-06-20 13:24:11 (1 day ago)	Malicious request blocked by CrowdSec on gastro-prod1.boreus.de	Bad Web Bot Web App Attack
🇬🇧 Oakley	2026-06-20 05:43:35 (1 day ago)	(antiscrape_rule) Web application abuse detected 192.42.116.111 (-): 5 in the last 900 secs	Hacking
🇩🇪 tentwentyfour	2026-06-20 04:14:32 (1 day ago)	Blocked for brute-forcing WordPress log-in	Brute-Force Web App Attack
Anonymous	2026-06-20 02:34:21 (1 day ago)	Attac	Brute-Force
🇺🇸 pixiekat	2026-06-20 00:09:55 (1 day ago)	[Sat Jun 20 00:09:53.867250 2026] [authz_core:error] [pid 217922:tid 217953] [client 192.42.116.111: ... show more [Sat Jun 20 00:09:53.867250 2026] [authz_core:error] [pid 217922:tid 217953] [client 192.42.116.111:18672] AH01630: client denied by server configuration: /var/www/html/aws.env [Sat Jun 20 00:09:54.079086 2026] [authz_core:error] [pid 217922:tid 217964] [client 192.42.116.111:18672] AH01630: client denied by server configuration: /var/www/html/.env [Sat Jun 20 00:09:54.309719 2026] [authz_core:error] [pid 217922:tid 217955] [client 192.42.116.111:18672] AH01630: client denied by server configuration: /var/www/html/.env.production [Sat Jun 20 00:09:54.501787 2026] [authz_core:error] [pid 217922:tid 217968] [client 192.42.116.111:18672] AH01630: client denied by server configuration: /var/www/html/.env.local [Sat Jun 20 00:09:54.724110 2026] [authz_core:error] [pid 217922:tid 217972] [client 192.42.116.111:18672] AH01630: client denied by server configuration: /var/www/html/.env.development ... show less	Brute-Force
🇩🇪 big-cloud.nl	2026-06-19 23:59:31 (1 day ago)	Try to access /xmlrpc.php	Web App Attack
🇵🇱 sefinek.net	2026-06-19 10:59:57 (2 days ago)	Triggered Cloudflare WAF (firewallCustom) from T1. Action: BLOCK \| Protocol: HTTP/1.1 (GET) \| Endpoi ... show more Triggered Cloudflare WAF (firewallCustom) from T1. Action: BLOCK \| Protocol: HTTP/1.1 (GET) \| Endpoint: / \| UA: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/146.0.0.0 YaBrowser/26.1.0.0 Yowser/2.5 Safari/537.36 • Generated by: github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
🇯🇵 demonsword	2026-06-19 10:47:28 (2 days ago)	Detected by SentinelX honeypot: sent HTTP CONNECT request probing for an open proxy. Connection was ... show more Detected by SentinelX honeypot: sent HTTP CONNECT request probing for an open proxy. Connection was hijacked and held in a tarpit to slow down the scan. Probed target: d3ivqzdymldr3c.cloudfront.net:80 show less	Open Proxy Port Scan
🇺🇸 ShadowWhisperer	2026-06-18 21:05:15 (2 days ago)	intrusion - software (Docker daemon takeover) [container, docker, rce]	Brute-Force SSH
🇩🇪 anycast_ac	2026-06-18 14:32:51 (3 days ago)	[DDoS Attacker] This IP was attacking website hydrogen.su and sent 830 requests on port 443	DDoS Attack Web App Attack

Showing 1 to 15 of 373 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 211.149.216.91

🇺🇸 108.240.67.141

🇺🇸 71.229.43.123

🇫🇷 2a09:bac5:34b6:28a0::40c:1f

🇰🇷 220.77.214.59

🇷🇺 194.226.166.131

🇦🇫 180.94.75.146

🇻🇳 180.93.52.137

🇺🇸 137.184.229.143

🇮🇶 65.20.149.239

🇫🇷 62.210.122.54

🇹🇼 60.199.224.55

🇨🇳 8.148.232.140

🇩🇪 2003:d8:77ff:4d93:ca0e:14ff:fef6:343b

🇨🇳 223.198.162.249

🇰🇷 222.99.52.202

🇨🇴 186.147.162.215

🇺🇸 66.132.172.237

🇳🇱 46.151.178.13

🇨🇳 14.103.115.117