JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 216.180.246.242

216.180.246.242 was found in our database!

This IP was reported 743 times. Confidence of Abuse is 0%: ?

ISP	NETWORK TRANSIT HOLDINGS LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS396982
Hostname(s)	crawler242.deepfield.net
Domain Name	networktransit.net
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Important Note: 216.180.246.242 is an IP address from within our whitelist belonging to the subnet 216.180.246.0/24, which we identify as: "Deepfield Genome".

Whitelisted netblocks are typically owned by trusted entities, such as Google or Microsoft who may use them for search engine spiders. However, these same entities sometimes also provide cloud servers and mail services which are easily abused. Pay special attention when trusting or distrusting these IPs.

Report 216.180.246.242

Whois 216.180.246.242

IP Abuse Reports for 216.180.246.242:

This IP address has been reported a total of 743 times from 241 distinct sources. 216.180.246.242 was first reported on December 27th 2025, and the most recent report was 13 minutes ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇵🇱 nfsec.pl	2026-06-27 16:10:38 (13 minutes ago)	216.180.246.242 - - [27/Jun/2026:16:10:31 +0000] "GET / HTTP/1.0" 403 406 "-" "-" 216.180.246.242 - ... show more 216.180.246.242 - - [27/Jun/2026:16:10:31 +0000] "GET / HTTP/1.0" 403 406 "-" "-" 216.180.246.242 - - [27/Jun/2026:16:10:32 +0000] "GET / HTTP/1.0" 403 406 "-" "-" 216.180.246.242 - - [27/Jun/2026:16:10:33 +0000] "GET / HTTP/1.0" 403 406 "-" "-" 216.180.246.242 - - [27/Jun/2026:16:10:36 +0000] "GET / HTTP/1.0" 403 406 "-" "-" 216.180.246.242 - - [27/Jun/2026:16:10:38 +0000] "GET / HTTP/1.0" 403 406 "-" "-" ... show less	Web App Attack Exploited Host
🇲🇳 Public CSIRT/CC of Mongolia	2026-06-26 21:50:44 (18 hours ago)	Honeypot hit: Empty payload (likely service probe); 29656 [3] TCP	Port Scan
🇩🇪 Justin F. \| AS204464	2026-06-26 14:17:39 (1 day ago)	Honeypot [nx-infrastructure]: Empty payload (likely service probe); 11005 [10] TCP Reported by: Just ... show more Honeypot [nx-infrastructure]: Empty payload (likely service probe); 11005 [10] TCP Reported by: Justin F. show less	Port Scan
🇺🇸 Starburst SysOp Team	2026-06-25 19:04:36 (1 day ago)	Request Missing a Host Header. Operator EQ matched 0 at REQUEST_HEADERS. (920280-iad5-2)	Hacking
🇩🇪 Justin F. \| AS204464	2026-06-25 14:27:20 (2 days ago)	Honeypot [nx-infrastructure]: Empty payload (likely service probe); 20000 [2] TCP Reported by: Justi ... show more Honeypot [nx-infrastructure]: Empty payload (likely service probe); 20000 [2] TCP Reported by: Justin F. show less	Port Scan
🇫🇷 bellovacorp	2026-06-25 00:01:31 (2 days ago)	[CrowdSec/Noliae] noliae-threat-intel	Hacking
🇩🇪 celestialcity	2026-06-24 14:39:36 (3 days ago)	Blocked by UFW on celestialcityeu [9002/tcp] \| SPT: 21595 \| TTL: 51 \| LEN: 44 \| TOS: 0x00 • Reported ... show more Blocked by UFW on celestialcityeu [9002/tcp] \| SPT: 21595 \| TTL: 51 \| LEN: 44 \| TOS: 0x00 • Reported by: github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇵🇱 mkey	2026-06-24 11:05:06 (3 days ago)	Source IP from blacklist is still actively scanning our network. (28 hits in last hour, last seen 20 ... show more Source IP from blacklist is still actively scanning our network. (28 hits in last hour, last seen 2026-06-24 12:59:36) show less	Port Scan
🇩🇪 Justin F. \| AS204464	2026-06-24 04:12:10 (3 days ago)	Honeypot [nx-infrastructure]: Empty payload (likely service probe); 5986 [6] TCP Reported by: Justin ... show more Honeypot [nx-infrastructure]: Empty payload (likely service probe); 5986 [6] TCP Reported by: Justin F. show less	Port Scan
🇫🇷 bellovacorp	2026-06-23 01:43:04 (4 days ago)	[CrowdSec/Noliae] noliae-threat-intel	Hacking
🇲🇳 Public CSIRT/CC of Mongolia	2026-06-22 22:13:30 (4 days ago)	Honeypot hit: Empty payload (likely service probe); 3001 [8] TCP	Port Scan
🇩🇪 Justin F. \| AS204464	2026-06-22 19:22:36 (4 days ago)	Honeypot [nx-infrastructure]: Empty payload (likely service probe); 1337 [4] TCP Reported by: Justin ... show more Honeypot [nx-infrastructure]: Empty payload (likely service probe); 1337 [4] TCP Reported by: Justin F. show less	Port Scan
🇺🇸 sandra361	2026-06-22 10:07:44 (5 days ago)	Port scan detected: 24 attempts across 1 ports (3002). \| Evidence: REAPER_TARPIT: IN=enp1s0 SRC=216. ... show more Port scan detected: 24 attempts across 1 ports (3002). \| Evidence: REAPER_TARPIT: IN=enp1s0 SRC=216.180.246.242 LEN=44 TOS=0x00 PREC=0x00 TTL=58 ID=3551 PROTO=TCP SPT=21390 DPT=3002 WINDOW=1025 RES=0x00 SYN URGP=0 show less	Port Scan
🇩🇪 Justin F. \| AS204464	2026-06-22 05:16:43 (5 days ago)	Honeypot [nx-infrastructure]: Empty payload (likely service probe); 13001 [8] TCP Reported by: Justi ... show more Honeypot [nx-infrastructure]: Empty payload (likely service probe); 13001 [8] TCP Reported by: Justin F. show less	Port Scan
🇫🇷 Thibault Millant	2026-06-22 01:23:25 (5 days ago)	216.180.246.242 - - [22/Jun/2026:01:23:03 +0000] "GET / HTTP/1.1" 400 248 "-" "Mozilla/5.0 (compatib ... show more 216.180.246.242 - - [22/Jun/2026:01:23:03 +0000] "GET / HTTP/1.1" 400 248 "-" "Mozilla/5.0 (compatible; GenomeCrawlerd/1.0; +https://www.nokia.com/genomecrawler)" 216.180.246.242 - - [22/Jun/2026:01:23:05 +0000] "GET /manage/account/login HTTP/1.1" 400 248 "-" "Mozilla/5.0 (compatible; GenomeCrawlerd/1.0; +https://www.nokia.com/genomecrawler)" 216.180.246.242 - - [22/Jun/2026:01:23:06 +0000] "GET /admin/index.html HTTP/1.1" 400 248 "-" "Mozilla/5.0 (compatible; GenomeCrawlerd/1.0; +https://www.nokia.com/genomecrawler)" 216.180.246.242 - - [22/Jun/2026:01:23:08 +0000] "GET /index.html HTTP/1.1" 400 248 "-" "Mozilla/5.0 (compatible; GenomeCrawlerd/1.0; +https://www.nokia.com/genomecrawler)" 216.180.246.242 - - [22/Jun/2026:01:23:09 +0000] "GET /+CSCOE+/logon.html HTTP/1.1" 400 248 "-" "Mozilla/5.0 (compatible; GenomeCrawlerd/1.0; +https://www.nokia.com/genomecrawler)" ... show less	Brute-Force Exploited Host SSH

Showing 1 to 15 of 743 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 162.216.149.170

🇩🇪 130.12.182.64

🇨🇳 124.117.195.156

🇮🇳 117.255.253.92

🇭🇰 45.142.154.116

🇸🇬 43.160.249.98

🇭🇰 43.155.21.198

🇮🇷 185.109.244.91

🇨🇳 182.121.65.32

🇺🇸 155.103.69.40

🇫🇮 147.185.133.194

🇺🇸 136.57.86.35

🇺🇸 135.148.171.117

🇸🇬 47.84.137.3

🇧🇮 197.157.195.64

🇷🇴 193.32.162.203

🇺🇾 186.54.119.48

🇦🇷 143.0.65.193

🇨🇳 117.149.196.213

🇧🇩 103.131.144.53