IOC Radar
IPMediumSignal 76/100

192.42.116.117

Location
NetherlandsNetherlands
Amsterdam, North Holland
ASN
AS215125
TOR Exit and More
First Seen
Feb 24, 2026
Last Seen
Jun 9, 2026
Feb 24
First Seen
119d ago
Jun 9
Last Seen
15d ago
19
Reports
source reports
76%
Confidence
medium
Found in 19 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
76%
Signal Score
76 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

37 techniques

Network Information

CountryNLNetherlands
RegionAmsterdam, North Holland
ASNAS215125
OrganizationTOR Exit and More

IP Category

Proxy
Proxy server
VPN
VPN exit node

Feed Intelligence Summary

19 reports76% confidence
19
Source reports
76%
Confidence score
Category tags
abuseactive scanactive scanninganonymity serviceanonymization network trafficanonymous_proxyaptattackattack infrastructurebad reputationbad web botblocklistbotnetbotnet activitybrute forcebrute force attackbrute-forcebrute_force_attackc2 communicationcommand & controlcommand and controlcommunication protocolcowriecredential accesscredential stuffingcredential_attackcredential_stuffingdata encryptiondata exfiltrationdata store exposureddosddos attackdionaeadistributed attacksencryptioneuropeexploitexploitation activityexploited hostfattfraud ordersftpftp brute forcehackinghttp scannerhttp scanninghttp/shttp_httpshttpsidentity & access exploitationindicatorindicators of compromiseindicators_of_compromiseinformation technologyinitial accessinitial_accessinjection activityit infrastructurekill-chain exploitationkill-chain reconnaissancelateral movementlow-riskmalicious softwaremalicious_ip_activitymalwarenetherlandsnetworknetwork probingnetwork protocolnetwork scanningnetwork securitynetwork_enumerationnetwork_reconnaissancenlopen proxyosintp0fpassword attacksphishingprocess injectionprotocol exploitationproxyproxy networkransomwarereconnaissanceremote accessremote servicesresearchedscams & fraudscannerscanning activitysecurity operationssensor-taggedsmtpsmtp attackersocradar honeypotsoftware developmentspamsql injectionsshssh attackt1001t1021.001t1021.002t1040t1046t1055t1059t1071t1071.001t1076t1077t1078t1090t1090.003t1105t1110t1110.001t1110.002t1110.003t1110.004t1133t1190t1486t1496t1499.002t1499.003t1563t1565t1583t1589.002t1590t1590.005t1592t1595t1595.001t1595.002t1595.003tannertargeting databasetelnettelnet threatthreat actorthreat intelligencethreat_actor_activitytortor networktor nodetpotunauthorized accessunknown threat actorvpnvpn ipvpn servicevulnerability scanvulnerability-exploitationweb app attackweb spamweb traffic

Activity Timeline

1 total obs
Jun 9Jun 9

Threat Activity Heatmap

· Peak: 2026-06-09
Less
More
Mon
Wed
Fri
Jun
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
·
·
24h
0
Dormant
7d
0
Dormant
30d
1
Minimal
3mo
1
Minimal
Threat ScoreHigh Risk
76
SIGNAL
Signal Score
76%
Confidence
19
Reports
First seenFeb 24, 2026
Last seenJun 9, 2026
GeolocationNL
CountryNetherlands
LocationAmsterdam, North Holland
ASNAS215125
OrgTOR Exit and More
Coords52.3676, 4.9041
ProxyVPN

VirusTotal

Not checked

WHOIS

description
tor search result.

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 3 months ago · Last seen 15 days ago
Appeared in 19 threat reports