192.42.116.19 Threat Intelligence and Host Information

ipinfopage

General

This page contains threat intelligence information for the IPv4 address 192.42.116.19 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

🟠 Elevated — 70/100

Geographic Location

Host and Network Information

View other sources: Spamhaus VirusTotal Shodan AbuseIPDB
Country: Netherlands
Network: AS1101 surfnet bv
Noticed: 50 times
Countries Attacked: Canada, Czechia, Denmark, Estonia, France, Germany, Latvia, Lithuania, Norway, Poland, Romania, Turkey, Ukraine, United Kingdom, United Kingdom of Great Britain and Northern Ireland, United States of America
Open Ports: 443, 80
Tor Node: Yes
Associated Malware Samples: 16

MITRE ATT&CK TTPs

T1110 - Brute Force

Passive DNS

block2.mmms.eu

Attack Log References

Whois Information

NetRange: 192.42.113.0 - 192.42.132.255 CIDR: 192.42.132.0/24, 192.42.113.0/24, 192.42.128.0/22, 192.42.114.0/23, 192.42.120.0/21, 192.42.116.0/22 NetName: RIPE-ERX-192-42-113-0 NetHandle: NET-192-42-113-0-1 Parent: NET192 (NET-192-0-0-0-0) NetType: Early Registrations, Transferred to RIPE NCC OriginAS: Organization: RIPE Network Coordination Centre (RIPE) RegDate: 2005-02-28 Updated: 2005-02-28 Comment: These addresses have been further assigned to users in Comment: the RIPE NCC region. Contact information can be found in Ref: https://rdap.arin.net/registry/ip/192.42.113.0 OrgName: RIPE Network Coordination Centre OrgId: RIPE Address: P.O. Box 10096 City: Amsterdam StateProv: PostalCode: 1001EB Country: NL RegDate: Updated: 2013-07-29 Ref: https://rdap.arin.net/registry/entity/RIPE OrgAbuseHandle: ABUSE3850-ARIN OrgAbuseName: Abuse Contact OrgAbusePhone: +31205354444 OrgAbuseEmail: abuse@ripe.net OrgAbuseRef: https://rdap.arin.net/registry/entity/ABUSE3850-ARIN OrgTechHandle: RNO29-ARIN OrgTechName: RIPE NCC Operations OrgTechPhone: +31 20 535 4444 OrgTechEmail: hostmaster@ripe.net OrgTechRef: https://rdap.arin.net/registry/entity/RNO29-ARIN inetnum: 192.42.116.0 - 192.42.116.31 netname: TOR-EXIT-HVIV descr: https://www.hartvoorinternetvrijheid.nl/eng.html descr: Amsterdam country: NL org: ORG-HVI2-RIPE admin-c: HVI34-RIPE tech-c: HVI34-RIPE status: LEGACY mnt-by: AS1101-MNT created: 2017-11-02T13:21:00Z last-modified: 2017-11-02T13:21:00Z organisation: ORG-HVI2-RIPE org-name: Hart voor Internetvrijheid org-type: OTHER address: Haarlemmer Houttuinen 63-3 address: 1013 GM Amsterdam abuse-c: HVI34-RIPE mnt-ref: NOTSURFNET-MNT mnt-by: AS1101-MNT mnt-by: NOTSURFNET-MNT created: 2017-11-02T13:10:57Z last-modified: 2017-11-02T13:34:15Z role: Hart voor Internetvrijheid (Abuse) address: Haarlemmer Houttuinen 63-3 address: 1013 GM Amsterdam abuse-mailbox: abuse@hartvoorinternetvrijheid.nl nic-hdl: HVI34-RIPE mnt-by: AS1101-MNT mnt-by: NOTSURFNET-MNT created: 2017-11-02T13:14:14Z last-modified: 2017-11-02T13:33:13Z route: 192.42.116.0/22 descr: IP-EEND-IP origin: AS1101 mnt-by: AS1103-MNT created: 2007-12-19T21:20:53Z last-modified: 2007-12-19T21:20:53Z