JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 192.42.116.66

192.42.116.66 was found in our database!

This IP was reported 302 times. Confidence of Abuse is 100%: ?

100%

This address is a Tor exit node. Neither the owner nor the provider are directly behind the offending action.

ISP	TOR EXIT AND MORE
Usage Type	Commercial
ASN	AS215125
Domain Name	cyberology.nl
Country	🇳🇱 Netherlands
City	Amsterdam, North Holland

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 192.42.116.66

Whois 192.42.116.66

IP Abuse Reports for 192.42.116.66:

This IP address has been reported a total of 302 times from 155 distinct sources. 192.42.116.66 was first reported on April 18th 2026, and the most recent report was 2 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇯🇵 demonsword	2026-06-12 08:41:59 (2 hours ago)	Detected by SentinelX honeypot: sent HTTP CONNECT request probing for an open proxy. Connection was ... show more Detected by SentinelX honeypot: sent HTTP CONNECT request probing for an open proxy. Connection was hijacked and held in a tarpit to slow down the scan. Probed target: dpc8dvxsgy3qp.cloudfront.net:80 show less	Open Proxy Port Scan
🇫🇮 6kilowatti	2026-06-12 07:55:56 (2 hours ago)	192.42.116.66 - - [12/Jun/2026:10:55:55 +0300] "GET /hamradio-config HTTP/1.1" 404 41 "http://6kw.fi ... show more 192.42.116.66 - - [12/Jun/2026:10:55:55 +0300] "GET /hamradio-config HTTP/1.1" 404 41 "http://6kw.fi/hamradio-config" "Mozilla/5.0 (Linux; Android 9; Mi Note 3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Mobile Safari/537.36" ... show less	Web App Attack
🇩🇪 big-cloud.nl	2026-06-11 22:34:50 (12 hours ago)	Try to access /xmlrpc.php	Web App Attack
🇫🇷 SpaceHost-Server	2026-06-11 22:29:13 (12 hours ago)		Brute-Force Web App Attack
🇩🇪 licen777	2026-06-11 20:27:19 (14 hours ago)	Cowrie Honeypot: 5 unauthorised SSH/Telnet login attempts between 2026-06-11T20:27:18Z and 2026-06-1 ... show more Cowrie Honeypot: 5 unauthorised SSH/Telnet login attempts between 2026-06-11T20:27:18Z and 2026-06-11T20:27:19Z show less	Brute-Force SSH
🇮🇹 Inartis	2026-06-11 10:59:27 (23 hours ago)	192.42.116.66 - - [11/Jun/2026:12:59:26 +0200] "GET /xmlrpc.php HTTP/2.0" 403 282 "https://blog.aban ... show more 192.42.116.66 - - [11/Jun/2026:12:59:26 +0200] "GET /xmlrpc.php HTTP/2.0" 403 282 "https://blog.abano.it/xmlrpc.php" "com.tinyspeck.chatlyio/20.04.20 (iPhone; iOS 12.4; Scale/3.00)" ... show less	Brute-Force Bad Web Bot Web App Attack
🇷🇴 INTEQ	2026-06-11 08:14:40 (1 day ago)	Web attack from 192.42.116.66	Web App Attack
🇺🇸 nodepile	2026-06-11 07:19:25 (1 day ago)	Requests denied due to proxy/VPN risk (tenant=82 method=GET path=/headlights-projectors/mini-headlig ... show more Requests denied due to proxy/VPN risk (tenant=82 method=GET path=/headlights-projectors/mini-headlights.html ua='Mozilla/5.0 (iPhone; CPU iPhone OS 18_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/18.3 Mobile/15E148 Safari/604.1') show less	Open Proxy VPN IP
🇨🇿 ddw	2026-06-11 06:57:37 (1 day ago)	WordPress XMLRPC.PHP Access Attempt.	Hacking Web App Attack
🇯🇵 SentinalX by uzumaru	2026-06-11 06:43:56 (1 day ago)	Detected by SentinelX honeypot: sent HTTP CONNECT request probing for an open proxy. Connection was ... show more Detected by SentinelX honeypot: sent HTTP CONNECT request probing for an open proxy. Connection was hijacked and held in a tarpit to slow down the scan. Probed target: d3azdm1q0gvo54.cloudfront.net:80 show less	Open Proxy Port Scan
🇸🇮 administrator	2026-06-10 22:21:09 (1 day ago)	2026-06-09 00:07:53,981 fail2ban.actions [1104]: NOTICE [error-bots] Ban 192.42.116.66 2026- ... show more 2026-06-09 00:07:53,981 fail2ban.actions [1104]: NOTICE [error-bots] Ban 192.42.116.66 2026-06-10 00:13:04,527 fail2ban.actions [1080]: NOTICE [apache-botsearch] Ban 192.42.116.66 2026-06-09 00:07:53,981 fail2ban.actions [1104]: NOTICE [error-bots] Ban 192.42.116.66 2026-06-10 00:13:04,527 fail2ban.actions [1080]: NOTICE [apache-botsearch] Ban 192.42.116.66 ... show less	Bad Web Bot Web Spam Email Spam Blog Spam Port Scan Brute-Force Web App Attack
🇺🇸 psh-ack	2026-06-10 21:36:24 (1 day ago)	Failed login attempt root/root via OpenSSH 9.9. Session gained access, executed recon: uname, getpro ... show more Failed login attempt root/root via OpenSSH 9.9. Session gained access, executed recon: uname, getprop, echo for system enumeration. Dropped executable 'apcid' to /var/tmp/apcid, /bin/apcid, /sbin/apcid, /usr/bin/apcid via cat redirection, chmod +x, exec /var/tmp/apcid. Ran killall -9 .f targeting process termination. LC_ALL=C prefix on all cmds to bypass locale. Attack pattern: weak default creds, OS enum, multi-path malware placement for persistence, process cleanup. No secondary payloads/lateral movement observed. Apcid botnet variant targeting IoT/embedded devices. Brute-force on weak creds. show less	Brute-Force SSH
🇯🇵 Short-legs-Spider	2026-06-10 20:28:00 (1 day ago)	Received: from 124.83.237.89 (HELO 124.83.237.248) (EHLO mtagw2011.mail.snz.ynwp.yahoo.co.jp) (192 ... show more Received: from 124.83.237.89 (HELO 124.83.237.248) (EHLO mtagw2011.mail.snz.ynwp.yahoo.co.jp) (192.42.116.66) by mta2106.mail.snz.ynwp.yahoo.co.jp with SMTP; Thu, 11 Jun 2026 05:28:37 +0900 Received: from by 167.172.27.39; Wed, 10 Jun 2026 18:20:32 -0200 From: "=?ISO-2022-JP?B?GyRCJG0kLyQ3GyhC?=" <[email protected]> Reply-To: "=?ISO-2022-JP?B?GyRCJGYkKxsoQg==?=" <[email protected]> To: [email protected] Subject: =?ISO-2022-JP?B?GyRCR0hKPyRHJDkbKEIuLi4bJEIkTyRGISkkSiRzJDgkYyRDJD8kKyROISkbKEI=?= Date: Wed, 10 Jun 2026 16:22:32 -0400 X-Mailer: MIME-Version: 1.0 Content-Type: multipart/alternative; boundary="--648345729758739241" show less	Email Spam
Anonymous	2026-06-10 20:17:12 (1 day ago)	192.42.116.66 - - [11/Jun/2026:04:17:12 +0800] "GET /xmlrpc.php HTTP/1.1" 405 42 "https://www.outfie ... show more 192.42.116.66 - - [11/Jun/2026:04:17:12 +0800] "GET /xmlrpc.php HTTP/1.1" 405 42 "https://www.outfieldasia.com/xmlrpc.php" "Mozilla/5.0 (Linux; arm_64; Android 7.0; MEIZU M6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.132 YaBrowser/20.3.4.98.00 SA/1 Mobile Safari/537.36" ... show less	Bad Web Bot Web App Attack
🇩🇪 sverson	2026-06-10 17:18:23 (1 day ago)	Automated report / Mutliple unauthorized attempts to access web resources	Hacking Web App Attack

Showing 1 to 15 of 302 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇧🇷 201.77.124.248

🇺🇸 147.185.132.171

🇧🇷 45.205.1.240

🇹🇷 195.87.9.154

🇺🇸 162.216.149.130

🇺🇸 150.136.214.177

🇵🇭 136.158.41.183

🇨🇳 42.179.198.106

🇷🇴 2.57.122.177

🇧🇴 190.109.227.218

🇻🇳 116.98.104.138

🇺🇸 104.243.37.202

🇵🇰 103.31.100.144

🇬🇧 86.141.33.105

🇱🇹 81.30.98.44

🇫🇷 62.210.38.102

🇬🇧 35.203.211.14

🇹🇭 49.48.246.103

🇺🇦 45.151.238.128

🇳🇱 45.148.10.147