JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 213.199.42.41

213.199.42.41 was found in our database!

This IP was reported 32 times. Confidence of Abuse is 0%: ?

ISP	Contabo GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS51167
Hostname(s)	vmi2889154.contaboserver.net
Domain Name	contabo.com
Country	🇫🇷 France
City	Lauterbourg, Grand Est

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 213.199.42.41

Whois 213.199.42.41

IP Abuse Reports for 213.199.42.41:

This IP address has been reported a total of 32 times from 24 distinct sources. 213.199.42.41 was first reported on December 17th 2025, and the most recent report was 5 months ago.

Old Reports: The most recent abuse report for this IP address is from 5 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇬🇧 [email protected]	2025-12-29 00:58:13 (5 months ago)	...	Brute-Force SSH
Anonymous	2025-12-28 22:56:59 (5 months ago)	Reported from Nginx log analysis 18. Log: 213.199.42.41 - - [28/Dec/2025:xx:xx:xx 0100] "POST / HTT ... show more Reported from Nginx log analysis 18. Log: 213.199.42.41 - - [28/Dec/2025:xx:xx:xx 0100] "POST / HTTP/1.1" xxx xxx "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36 Assetnote/1.0.0" "-" "FR France Lauterbourg" "AS51167" "Contabo GmbH" show less	Port Scan Brute-Force SSH
🇩🇪 sdos.es	2025-12-28 16:11:26 (5 months ago)	"Remote Command Execution: Unix Command Injection - Matched Data: {'timeout found within ARGS:0: {\x ... show more "Remote Command Execution: Unix Command Injection - Matched Data: {'timeout found within ARGS:0: {\x0a \x22then\x22: \x22$1:__proto__:then\x22,\x0a \x22status\x22: \x22resolved_model\x22,\x0a \x22reason\x22: -1,\x0a \x22value\x22: \x22{\x5c\x22then\x5c\x22:\x5c\x22$B1337\x5c\x22}\x22,\x0a \x22_response\x22: {\x0a \x22_prefix\x22: \x22var res=process.mainModule.require('child_process').execSync('echo $((41*271))',{'timeout':5000}).toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'), {digest:`${res}`});\x22,\x0a \x22_chunks\x22: \x2..." show less	Web App Attack
🇦🇹 Pingger Shikkoken	2025-12-28 13:33:53 (5 months ago)	2025-12-28T13:33:53+00:00 iskariot kernel: AbuseIPDB-Blacklist-Dropped: IN=ens3 OUT=ServerBridge MAC ... show more 2025-12-28T13:33:53+00:00 iskariot kernel: AbuseIPDB-Blacklist-Dropped: IN=ens3 OUT=ServerBridge MAC=b6:ab:74:e6:2e:14:84:03:28:62:88:32:08:00 SRC=213.199.42.41 DST=10.1.1.2 LEN=60 TOS=0x00 PREC=0x00 TTL=52 ID=57650 DF PROTO=TCP SPT=48254 DPT=443 WINDOW=64240 RES=0x00 SYN URGP=0 2025-12-28T13:33:54+00:00 iskariot kernel: AbuseIPDB-Blacklist-Dropped: IN=ens3 OUT=ServerBridge MAC=b6:ab:74:e6:2e:14:84:03:28:62:88:32:08:00 SRC=213.199.42.41 DST=10.1.1.2 LEN=60 TOS=0x00 PREC=0x00 TTL=52 ID=57651 DF PROTO=TCP SPT=48254 DPT=443 WINDOW=64240 RES=0x00 SYN URGP=0 2025-12-28T13:33:55+00:00 iskariot kernel: AbuseIPDB-Blacklist-Dropped: IN=ens3 OUT=ServerBridge MAC=b6:ab:74:e6:2e:14:84:03:28:62:88:32:08:00 SRC=213.199.42.41 DST=10.1.1.2 LEN=60 TOS=0x00 PREC=0x00 TTL=52 ID=57652 DF PROTO=TCP SPT=48254 DPT=443 WINDOW=64240 RES=0x00 SYN URGP=0 ... show less	Hacking Bad Web Bot
🇯🇵 VXG-NET	2025-12-22 12:17:34 (6 months ago)	port=80, indicator_type=code-execution	Hacking
🇩🇪 ut-addicted.com	2025-12-22 10:43:26 (6 months ago)	\[Mon Dec 22 11:43:24.814579 2025\] \[:error\] \[pid 13052:tid 140546014123776\] \[client 213.199.42 ... show more \[Mon Dec 22 11:43:24.814579 2025\] \[:error\] \[pid 13052:tid 140546014123776\] \[client 213.199.42.41:41394\] \[client 213.199.42.41\] ModSecurity: Access denied with code 403 $phase 2$. Operator GE matched 5 at TX:anomaly_score. \[file "/usr/local/apache/modsecurity-owasp-latest/rules/REQUEST-949-BLOCKING-EVALUATION.conf"\] \[line "57"\] \[id "949110"\] \[msg "Inbound Anomaly Score Exceeded $Total Score: 18$"\] \[severity "CRITICAL"\] \[tag "application-multi"\] \[tag "language-multi"\] \[tag "platform-multi"\] \[tag "attack-generic"\] \[hostname "78.46.187.162"\] \[uri "/"\] \[unique_id "aUkgzN35SJXJ3wHzV8FfewAAAE4"\] show less	Brute-Force Web App Attack
🇫🇷 Sklurk	2025-12-22 10:05:11 (6 months ago)	Web App Attack	Web App Attack
Anonymous	2025-12-21 16:57:07 (6 months ago)	Reported from Nginx log analysis 18. Log: 213.199.42.41 - - [21/Dec/2025:xx:xx:xx 0100] "POST / HTT ... show more Reported from Nginx log analysis 18. Log: 213.199.42.41 - - [21/Dec/2025:xx:xx:xx 0100] "POST / HTTP/1.1" xxx xxx "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36 Assetnote/1.0.0" "-" "FR France Lauterbourg" "AS51167" "Contabo GmbH" show less	Port Scan Brute-Force SSH
Anonymous	2025-12-21 14:21:46 (6 months ago)	Http Port:80 (http_status:403) - Agent:Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 ... show more Http Port:80 (http_status:403) - Agent:Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36 Assetnote/1.0.0 show less	Web App Attack
🇳🇱 Selckie	2025-12-21 12:48:57 (6 months ago)	fail2ban: NGINX unusual impact	Web App Attack
🇺🇸 aks4226	2025-12-21 12:35:24 (6 months ago)	Attacking common web applications. (n01)	Web App Attack
🇺🇸 RogueAutomata	2025-12-21 09:36:04 (6 months ago)	Detected malicious request: POST / Detections triggered: Command injection Suspicious POST request ... show more Detected malicious request: POST / Detections triggered: Command injection Suspicious POST request Access via IP addr (v4) show less	Web App Attack
🇩🇪 Hugopvigo	2025-12-20 21:44:01 (6 months ago)	"2025-12-20 21:44:00+00:00 213.199.42.41 IP con score alto (82) detectada en el log."	Brute-Force SSH
🇮🇪 AutosOnShow	2025-12-20 19:09:04 (6 months ago)	blocked for webapp attack \| path requested: / \| seen at 2025-12-20 19:08:03.907 \|	Web App Attack
🇫🇷 Kurom	2025-12-20 17:19:50 (6 months ago)	Port scanning detected on company server. Targeted ports: [8080]	Port Scan Hacking

Showing 1 to 15 of 32 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇰🇷 118.33.113.91

🇳🇱 45.148.10.230

🇨🇳 221.226.17.34

🇺🇸 192.64.84.92

🇳🇱 185.242.226.11

🇺🇸 185.180.141.38

🇫🇷 185.177.72.53

🇧🇷 181.218.9.86

🇺🇸 166.130.176.136

🇲🇰 79.125.162.32

🇮🇳 49.34.109.151

🇸🇩 41.95.158.161

🇬🇧 35.203.211.5

🇷🇴 2.57.121.25

🇩🇪 212.132.105.121

🇨🇳 183.251.240.177

🇫🇷 46.105.132.55

🇸🇬 43.163.105.123

🇷🇴 193.46.255.86

🇳🇱 192.42.116.45