AbuseIPDB » 192.42.116.216

192.42.116.216 was found in our database!

This IP was reported 364 times. Confidence of Abuse is 100%: ?

100%

This address is a Tor exit node. Neither the owner nor the provider are directly behind the offending action.

ISP	Not SURF Net
Usage Type	Data Center/Web Hosting/Transit
Hostname(s)	19.tor-exit.nothingtohide.nl
Domain Name	as1101.net
Country	Netherlands
City	Utrecht, Utrecht

IP info including ISP, Usage Type, and Location provided by IP2Location. Updated monthly.

Report 192.42.116.216

Whois 192.42.116.216

IP Abuse Reports for 192.42.116.216:

This IP address has been reported a total of 364 times from 97 distinct sources. 192.42.116.216 was first reported on December 18th 2022, and the most recent report was 5 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	Date	Comment	Categories
Anonymous	5 hours ago	www.fahrlehrerfortbildung-hessen.de 192.42.116.216 [26/Mar/2023:14:07:15 +0200] "POST /xmlrpc.php HT ... show morewww.fahrlehrerfortbildung-hessen.de 192.42.116.216 [26/Mar/2023:14:07:15 +0200] "POST /xmlrpc.php HTTP/1.1" 200 5555 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_11_6) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/11.1.2 Safari/605.1.15" www.fahrlehrerfortbildung-hessen.de 192.42.116.216 [26/Mar/2023:14:07:18 +0200] "POST /xmlrpc.php HTTP/1.1" 200 5555 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_11_6) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/11.1.2 Safari/605.1.15" show less	Web App Attack
nationaleventpros.com	8 hours ago	web form spam (Nilsimsa: UBAYxAAAFAKEJGDRkAEAAICAAJAKBAARACECSIJBAMA)	Open Proxy Web Spam
SpaceHost-Server	15 hours ago	192.42.116.216 - - [26/Mar/2023:04:36:14 +0200] "POST /xmlrpc.php HTTP/1.0" 200 730 "-" "Mozilla/5.0 ... show more192.42.116.216 - - [26/Mar/2023:04:36:14 +0200] "POST /xmlrpc.php HTTP/1.0" 200 730 "-" "Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9a1) Gecko/20070308 Minefield/3.0a1" 192.42.116.216 - - [26/Mar/2023:04:36:15 +0200] "POST /xmlrpc.php HTTP/1.0" 200 730 "-" "Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9a1) Gecko/20070308 Minefield/3.0a1" 192.42.116.216 - - [26/Mar/2023:04:36:15 +0200] "POST /xmlrpc.php HTTP/1.0" 200 730 "-" "Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9a1) Gecko/20070308 Minefield/3.0a1" show less	Hacking Web App Attack
SpaceHost-Server	19 hours ago	192.42.116.216 - - [25/Mar/2023:23:56:54 +0100] "POST /xmlrpc.php HTTP/1.0" 200 730 "-" "Mozilla/5.0 ... show more192.42.116.216 - - [25/Mar/2023:23:56:54 +0100] "POST /xmlrpc.php HTTP/1.0" 200 730 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/69.0.3497.100 Safari/537.36" 192.42.116.216 - - [25/Mar/2023:23:56:55 +0100] "POST /xmlrpc.php HTTP/1.0" 200 730 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/69.0.3497.100 Safari/537.36" 192.42.116.216 - - [25/Mar/2023:23:56:56 +0100] "POST /xmlrpc.php HTTP/1.0" 200 730 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/69.0.3497.100 Safari/537.36" show less	Hacking Web App Attack
MAGIC	25 Mar 2023	Distributed DDOS attempts for multiple sites	DDoS Attack Bad Web Bot
SPYRA ROCKS	25 Mar 2023	none	Web App Attack
psauxit	24 Mar 2023	Fail2Ban - NGINX bad requests 400-401-403-404-444, high level vulnerability scanning, commonly xmlrp ... show moreFail2Ban - NGINX bad requests 400-401-403-404-444, high level vulnerability scanning, commonly xmlrpc_attack, wp-login brute force, excessive crawling/scraping show less	Hacking Web App Attack
SpaceHost-Server	24 Mar 2023	192.42.116.216 - - [24/Mar/2023:17:55:59 +0100] "POST /xmlrpc.php HTTP/1.0" 200 764 "-" "Mozilla/5.0 ... show more192.42.116.216 - - [24/Mar/2023:17:55:59 +0100] "POST /xmlrpc.php HTTP/1.0" 200 764 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/77.0.3865.120 Safari/537.36" 192.42.116.216 - - [24/Mar/2023:17:56:00 +0100] "POST /xmlrpc.php HTTP/1.0" 200 764 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/77.0.3865.120 Safari/537.36" 192.42.116.216 - - [24/Mar/2023:17:56:02 +0100] "POST /xmlrpc.php HTTP/1.0" 200 764 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/77.0.3865.120 Safari/537.36" show less	Hacking Web App Attack
Hirte	24 Mar 2023	C2: Web Attack GET /wp-login.php	Web Spam Hacking Bad Web Bot Web App Attack
Rich Ke	24 Mar 2023		DDoS Attack
Rich Ke	24 Mar 2023		DDoS Attack
Rich Ke	24 Mar 2023		DDoS Attack
Rich Ke	24 Mar 2023		DDoS Attack
Rich Ke	24 Mar 2023		DDoS Attack
benjibabs	24 Mar 2023	Mar 24 10:33:19 web wordpress(itcrackteam.com)[1174125]: XML-RPC authentication failure for benjibab ... show moreMar 24 10:33:19 web wordpress(itcrackteam.com)[1174125]: XML-RPC authentication failure for benjibabs from 192.42.116.216 Mar 24 10:33:20 web wordpress(itcrackteam.com)[1169652]: XML-RPC authentication failure for benjibabs from 192.42.116.216 Mar 24 10:33:21 web wordpress(itcrackteam.com)[1168542]: XML-RPC authentication failure for benjibabs from 192.42.116.216 ... show less	Web App Attack

Is this your IP? You may request to takedown any associated reports. We will attempt to verify your ownership. Request Takedown 🚩