AbuseIPDB » 192.42.116.215

192.42.116.215 was found in our database!

This IP was reported 3,767 times. Confidence of Abuse is 100%: ?

100%

This address is a Tor exit node. Neither the owner nor the provider are directly behind the offending action.

ISP	Nothing to hide
Usage Type	University/College/School
ASN	AS1101
Hostname(s)	18.tor-exit.nothingtohide.nl
Domain Name	nothingtohide.nl
Country	Netherlands
City	Nieuwegein, Utrecht

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated biweekly.

Report 192.42.116.215

Whois 192.42.116.215

IP Abuse Reports for 192.42.116.215:

This IP address has been reported a total of 3,767 times from 600 distinct sources. 192.42.116.215 was first reported on December 19th 2022, and the most recent report was 11 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp in UTC	Comment	Categories
Anonymous	2025-06-01 20:34:44 (1 week ago)		Web Spam
aranguren.org	2025-06-01 10:06:03 (1 week ago)	[Sun Jun 01 19:13:37.665531 2025] [ssl:error] [pid 466391:tid 466427] [client 192.42.116.215:30833] ... show more[Sun Jun 01 19:13:37.665531 2025] [ssl:error] [pid 466391:tid 466427] [client 192.42.116.215:30833] AH02031: Hostname private.aranguren.org provided via SNI, but no hostname provided in HTTP request [Sun Jun 01 20:05:02.914020 2025] [ssl:error] [pid 490870:tid 490912] [client 192.42.116.215:49351] AH02031: Hostname plex.aranguren.org provided via SNI, but no hostname provided in HTTP request [Sun Jun 01 20:06:02.790639 2025] [ssl:error] [pid 490870:tid 490930] [client 192.42.116.215:51980] AH02031: Hostname stikked.aranguren.org provided via SNI, but no hostname provided in HTTP request ... show less	Brute-Force Web App Attack
vereinshosting	2025-06-01 09:20:28 (1 week ago)	Invalid user user from 192.42.116.215 port 51897	Brute-Force SSH
aranguren.org	2025-06-01 01:05:27 (1 week ago)	[Sun Jun 01 10:09:41.331875 2025] [ssl:error] [pid 229224:tid 229276] [client 192.42.116.215:11380] ... show more[Sun Jun 01 10:09:41.331875 2025] [ssl:error] [pid 229224:tid 229276] [client 192.42.116.215:11380] AH02031: Hostname private.aranguren.org provided via SNI, but no hostname provided in HTTP request [Sun Jun 01 10:10:31.672852 2025] [ssl:error] [pid 229224:tid 229281] [client 192.42.116.215:20206] AH02031: Hostname stikked.aranguren.org provided via SNI, but no hostname provided in HTTP request [Sun Jun 01 11:05:26.858261 2025] [ssl:error] [pid 244268:tid 244307] [client 192.42.116.215:16464] AH02031: Hostname bitcoin.aranguren.org provided via SNI, but no hostname provided in HTTP request ... show less	Brute-Force Web App Attack
Pingger Shikkoken	2025-06-01 00:52:25 (1 week ago)	2025-06-01T00:52:25+00:00 iskariot kernel: AbuseIPDB-Blacklist-Dropped: IN=ens3 OUT=ServerBridge MAC ... show more2025-06-01T00:52:25+00:00 iskariot kernel: AbuseIPDB-Blacklist-Dropped: IN=ens3 OUT=ServerBridge MAC=b6:ab:74:e6:2e:14:84:03:28:62:58:1a:08:00 SRC=192.42.116.215 DST=10.1.1.11 LEN=60 TOS=0x00 PREC=0x00 TTL=56 ID=18742 PROTO=TCP SPT=60696 DPT=8443 WINDOW=65535 RES=0x00 SYN URGP=0 2025-06-01T00:52:25+00:00 iskariot kernel: AbuseIPDB-Blacklist-Dropped: IN=ens3 OUT=ServerBridge MAC=b6:ab:74:e6:2e:14:84:03:28:62:58:1a:08:00 SRC=192.42.116.215 DST=10.1.1.11 LEN=60 TOS=0x00 PREC=0x00 TTL=56 ID=63828 PROTO=TCP SPT=64044 DPT=8443 WINDOW=65535 RES=0x00 SYN URGP=0 2025-06-01T00:52:26+00:00 iskariot kernel: AbuseIPDB-Blacklist-Dropped: IN=ens3 OUT=ServerBridge MAC=b6:ab:74:e6:2e:14:84:03:28:62:58:1a:08:00 SRC=192.42.116.215 DST=10.1.1.11 LEN=60 TOS=0x00 PREC=0x00 TTL=56 ID=30090 PROTO=TCP SPT=60696 DPT=8443 WINDOW=65535 RES=0x00 SYN URGP=0 ... show less	Hacking Bad Web Bot
ThreatBook.io	2025-06-01 00:50:25 (1 week ago)	ThreatBook Intelligence: Zombie,Scanner more details on https://threatbook.io/ip/192.42.116.215	Web App Attack
mkaraki	2025-05-31 19:20:11 (2 weeks ago)	1748719209 # Service_probe # SIGNATURE_SEND # source_ip:192.42.116.215 # dst_port:443 ...	Port Scan
Site.eu	2025-05-31 17:55:49 (2 weeks ago)	Excessive multi-domain requests	Brute-Force
mailox	2025-05-31 11:15:47 (2 weeks ago)	Unauthorized SSH connection on tarpit ...	SSH
aranguren.org	2025-05-31 09:09:00 (2 weeks ago)	[Sat May 31 18:52:31.070828 2025] [ssl:error] [pid 4007225:tid 4007285] [client 192.42.116.215:55738 ... show more[Sat May 31 18:52:31.070828 2025] [ssl:error] [pid 4007225:tid 4007285] [client 192.42.116.215:55738] AH02031: Hostname plex.aranguren.org provided via SNI, but no hostname provided in HTTP request [Sat May 31 19:07:15.930542 2025] [ssl:error] [pid 4027674:tid 4027708] [client 192.42.116.215:48890] AH02031: Hostname plex.aranguren.org provided via SNI, but no hostname provided in HTTP request [Sat May 31 19:08:59.661698 2025] [ssl:error] [pid 4027674:tid 4027708] [client 192.42.116.215:51461] AH02031: Hostname stikked.aranguren.org provided via SNI, but no hostname provided in HTTP request ... show less	Brute-Force Web App Attack
adnscom.net	2025-05-31 08:41:46 (2 weeks ago)	IPS trigger: Brute force SSH scanning/attack	Brute-Force SSH
Jim Keir	2025-05-31 08:27:46 (2 weeks ago)	2025-05-31 08:27:45 192.42.116.215 File scanning, blocking 192.42.116.215 for 5 minutes	Web App Attack
Pingger Shikkoken	2025-05-31 04:56:50 (2 weeks ago)	2025-05-31T04:56:50+00:00 iskariot kernel: AbuseIPDB-Blacklist-Dropped: IN=ens3 OUT=ServerBridge MAC ... show more2025-05-31T04:56:50+00:00 iskariot kernel: AbuseIPDB-Blacklist-Dropped: IN=ens3 OUT=ServerBridge MAC=b6:ab:74:e6:2e:14:84:03:28:62:58:1a:08:00 SRC=192.42.116.215 DST=10.1.1.11 LEN=60 TOS=0x00 PREC=0x00 TTL=56 ID=10158 PROTO=TCP SPT=25768 DPT=8443 WINDOW=65535 RES=0x00 SYN URGP=0 2025-05-31T04:56:51+00:00 iskariot kernel: AbuseIPDB-Blacklist-Dropped: IN=ens3 OUT=ServerBridge MAC=b6:ab:74:e6:2e:14:84:03:28:62:58:1a:08:00 SRC=192.42.116.215 DST=10.1.1.11 LEN=60 TOS=0x00 PREC=0x00 TTL=56 ID=40333 PROTO=TCP SPT=25768 DPT=8443 WINDOW=65535 RES=0x00 SYN URGP=0 2025-05-31T04:56:55+00:00 iskariot kernel: AbuseIPDB-Blacklist-Dropped: IN=ens3 OUT=ServerBridge MAC=b6:ab:74:e6:2e:14:84:03:28:62:58:1a:08:00 SRC=192.42.116.215 DST=10.1.1.11 LEN=60 TOS=0x00 PREC=0x00 TTL=56 ID=28880 PROTO=TCP SPT=62754 DPT=8443 WINDOW=65535 RES=0x00 SYN URGP=0 ... show less	Hacking Bad Web Bot
ThreatBook.io	2025-05-31 00:54:14 (2 weeks ago)	ThreatBook Intelligence: Zombie,Scanner more details on https://threatbook.io/ip/192.42.116.215<br / ... show moreThreatBook Intelligence: Zombie,Scanner more details on https://threatbook.io/ip/192.42.116.215 2025-05-30 00:13:53 / 2025-05-30 00:13:50 /robots.txt 2025-05-30 00:13:48 /favicon.ico show less	Web App Attack
Study Bitcoin 🤗	2025-05-31 00:38:27 (2 weeks ago)	2 port probes: tcp/8006, tcp/8007 (apache jserv) [srv129]	Port Scan

Showing 106 to 120 of 3767 reports

Is this your IP? You may request to takedown any associated reports. We will attempt to verify your ownership. Request Takedown 🚩

Recently Reported IPs:

62.240.36.62

85.30.235.177

85.8.130.38

183.108.0.232

45.116.77.25

45.163.202.114

165.154.182.72

172.71.82.126

162.157.117.92

103.72.147.99

13.74.159.12

50.6.195.35

147.185.133.69

159.223.134.42

47.128.99.45

116.212.153.6

47.81.8.111

104.236.231.151

185.246.128.133

123.180.182.215