JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 216.24.212.42

216.24.212.42 was found in our database!

This IP was reported 306 times. Confidence of Abuse is 71%: ?

71%

ISP	Rockion LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS62240
Domain Name	rockionllc.com
Country	🇺🇸 United States of America
City	Phoenix, Arizona

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 216.24.212.42

Whois 216.24.212.42

IP Abuse Reports for 216.24.212.42:

This IP address has been reported a total of 306 times from 118 distinct sources. 216.24.212.42 was first reported on July 21st 2022, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 LRob.fr	2026-06-08 15:15:19 (1 week ago)	Repeated 403 errors, blocked by Fail2ban in custom-403 jail	Bad Web Bot
🇺🇸 TPI-Abuse	2026-06-08 00:54:17 (1 week ago)	(mod_security) mod_security (id:210492) triggered by 216.24.212.42 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 216.24.212.42 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 07 20:54:13.832379 2026] [security2:error] [pid 1816:tid 1816] [client 216.24.212.42:37459] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "explorediablo.com"] [uri "/wp-content/uploads/wp-config.php"] [unique_id "aiYStakPiLZL9uT1rgy0IQAAAEg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-06 20:30:07 (1 week ago)	(mod_security) mod_security (id:210492) triggered by 216.24.212.42 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 216.24.212.42 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 06 16:30:00.384885 2026] [security2:error] [pid 23395:tid 23453] [client 216.24.212.42:37603] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "executiveaccounting.net"] [uri "/wp-includes/js/wp-config.php"] [unique_id "aiSDSNQTy-BsNQxcQr9SHAAAAdE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇦 URAN Publishing Service	2026-06-06 14:17:45 (1 week ago)	216.24.212.42 - - [06/Jun/2026:17:17:41 +0300] "GET /wp-admin/chosen.php HTTP/1.1" 404 707 "-" "Mozi ... show more 216.24.212.42 - - [06/Jun/2026:17:17:41 +0300] "GET /wp-admin/chosen.php HTTP/1.1" 404 707 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 216.24.212.42 - - [06/Jun/2026:17:17:44 +0300] "GET /wp-content/plugins/bypass.php HTTP/1.1" 404 707 "-" "Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.121 Safari/537.36" ... show less	Web App Attack
🇷🇺 sms.ru	2026-06-06 11:07:40 (1 week ago)	/vendor/phpunit/phpunit/src/Util/PHP/ask.php	Web App Attack
🇫🇷 Octopuce	2026-06-05 22:18:04 (1 week ago)	Aggressive web search of vulnerable pages: /mah/function.php /wp-content/plugins/bypass.php /wp-incl ... show more Aggressive web search of vulnerable pages: /mah/function.php /wp-content/plugins/bypass.php /wp-includes/admin.php /wp-content/themes/tflow/up. ... show less	Web App Attack
🇺🇸 nyt	2026-06-03 18:23:10 (2 weeks ago)	Non-standard WP File, Accessing non-existent PHP function file, Accessing restricted WordPress inclu ... show more Non-standard WP File, Accessing non-existent PHP function file, Accessing restricted WordPress includes directory, Accessing non-existent system log file show less	Web App Attack
🇩🇪 pltcldvlpr	2026-06-02 19:30:35 (2 weeks ago)	CMS/framework probe: 216.24.212.42 - - [02/Jun/2026:21:30:34 +0200] "GET /wp-content/plugins/Nxploit ... show more CMS/framework probe: 216.24.212.42 - - [02/Jun/2026:21:30:34 +0200] "GET /wp-content/plugins/Nxploited/Nx.php HTTP/1.1" 404 564 "http://eric-beltermann.de/wp-content/plugins/Nxploited/Nx.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3" asn=62240 org="Clouvider Limited" country=US ... show less	Web App Attack
Anonymous	2026-06-02 15:20:20 (2 weeks ago)	216.24.212.42 - - [02/Jun/2026:17:20:19 +0200] "GET /wp-includes/config.php HTTP/1.1" 402 805 "-" "M ... show more 216.24.212.42 - - [02/Jun/2026:17:20:19 +0200] "GET /wp-includes/config.php HTTP/1.1" 402 805 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3" ... show less	Web App Attack
🇩🇪 Ba-Yu	2026-06-01 21:06:08 (2 weeks ago)	General hacking/exploits/scanning	Web Spam Hacking Brute-Force Exploited Host Web App Attack
🇩🇪 FeG Deutschland	2026-05-31 20:41:33 (2 weeks ago)	Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 124	Exploited Host Web App Attack
🇳🇱 Site.eu	2026-05-30 13:51:22 (2 weeks ago)	Excessive 404/403 errors	Brute-Force
🇧🇾 lns.bz	2026-05-30 10:02:04 (2 weeks ago)	Too many 404 requests [BY]	Web App Attack
🇫🇷 ELYAZ	2026-05-30 03:52:55 (2 weeks ago)	(y4) Failed scan -byebye- from 216.24.212.42 (US/United States/-): (CF_ENABLE)	Hacking
🇮🇹 A000Z	2026-05-29 21:07:22 (2 weeks ago)	Fail2Ban: 216.24.212.42 was banned for Aggressive Bad Bot detected by Nginx/Fail2Ban. UA: Go-http-cl ... show more Fail2Ban: 216.24.212.42 was banned for Aggressive Bad Bot detected by Nginx/Fail2Ban. UA: Go-http-client/2.0 show less	Bad Web Bot

Showing 1 to 15 of 306 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 20.169.49.86

🇸🇬 194.164.107.6

🇮🇩 118.99.114.224

🇮🇩 110.35.80.116

🇪🇸 93.93.115.224

🇫🇷 92.205.225.165

🇩🇪 89.36.76.140

🇩🇪 79.220.98.22

🇺🇸 65.49.1.113

🇧🇪 35.195.174.116

🇺🇸 2a00:1450:4864:20::632

🇺🇸 199.245.176.134

🇰🇷 115.178.75.243

🇰🇷 112.184.50.152

🇳🇱 45.148.10.147

🇺🇸 107.150.98.168

🇹🇭 202.29.224.230

🇧🇪 130.211.60.154

🇰🇷 121.132.27.238

🇹🇯 109.75.55.168