199.6.213.42 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: United States

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 199.6.213.42
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 50049
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;199.6.213.42.			IN	A

;; AUTHORITY SECTION:
.			598	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022090200 1800 900 604800 86400

;; Query time: 57 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Sep 02 17:34:01 CST 2022
;; MSG SIZE  rcvd: 105

Host info

42.213.6.199.in-addr.arpa domain name pointer host.slb.com.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
42.213.6.199.in-addr.arpa	name = host.slb.com.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
198.71.240.11	attack	fail2ban honeypot	2019-07-04 22:57:27
122.114.46.120	attack	Automated report - ssh fail2ban: Jul 4 16:23:50 authentication failure Jul 4 16:23:52 wrong password, user=default, port=37332, ssh2 Jul 4 16:26:56 authentication failure	2019-07-04 23:40:48
221.2.198.254	attackbotsspam	Many RDP login attempts detected by IDS script	2019-07-04 23:16:23
111.231.219.142	attack	Jul 4 15:14:49 lnxmail61 sshd[22859]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.231.219.142	2019-07-04 23:10:33
5.63.155.84	attackbots	xmlrpc attack	2019-07-04 22:53:09
117.232.67.154	attack	Unauthorised access (Jul 4) SRC=117.232.67.154 LEN=52 PREC=0x20 TTL=109 ID=2689 DF TCP DPT=445 WINDOW=8192 SYN	2019-07-04 23:19:35
46.165.230.5	attackspam	Automatic report - Web App Attack	2019-07-04 23:39:11
141.98.10.42	attackspambots	Rude login attack (11 tries in 1d)	2019-07-04 22:42:40
104.46.42.143	attackbotsspam	Malicious/Probing: /wp-includes/wlwmanifest.xml	2019-07-04 23:40:20
125.27.12.20	attack	pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=125.27.12.20 Failed password for invalid user yr from 125.27.12.20 port 42258 ssh2 Invalid user marcos from 125.27.12.20 port 38500 pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=125.27.12.20 Failed password for invalid user marcos from 125.27.12.20 port 38500 ssh2	2019-07-04 23:14:31
125.227.38.168	attackbotsspam	2019-07-04T16:08:54.814346cavecanem sshd[27662]: Invalid user smkim from 125.227.38.168 port 60342 2019-07-04T16:08:54.818365cavecanem sshd[27662]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=125.227.38.168 2019-07-04T16:08:54.814346cavecanem sshd[27662]: Invalid user smkim from 125.227.38.168 port 60342 2019-07-04T16:08:56.860114cavecanem sshd[27662]: Failed password for invalid user smkim from 125.227.38.168 port 60342 ssh2 2019-07-04T16:13:03.983009cavecanem sshd[28968]: Invalid user guy from 125.227.38.168 port 56628 2019-07-04T16:13:03.985339cavecanem sshd[28968]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=125.227.38.168 2019-07-04T16:13:03.983009cavecanem sshd[28968]: Invalid user guy from 125.227.38.168 port 56628 2019-07-04T16:13:06.543901cavecanem sshd[28968]: Failed password for invalid user guy from 125.227.38.168 port 56628 ssh2 2019-07-04T16:17:24.544595cavecanem sshd[30177]: Invalid u ...	2019-07-04 22:47:36
66.96.228.198	attack	[Thu Jul 04 20:14:16.142856 2019] [:error] [pid 497:tid 139845410223872] [client 66.96.228.198:38621] [client 66.96.228.198] ModSecurity: Access denied with code 403 (phase 2). Pattern match "^[\\\\d.:]+$" at REQUEST_HEADERS:Host. [file "/etc/modsecurity/owasp-modsecurity-crs-3.1.1/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "792"] [id "920350"] [msg "Host header is a numeric IP address"] [data "103.27.207.197:80"] [severity "WARNING"] [ver "OWASP_CRS/3.1.1"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/IP_HOST"] [tag "WASCTC/WASC-21"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "103.27.207.197"] [uri "/"] [unique_id "XR37qKTMPMkEeDp-x6LfSwAAAAc"] ...	2019-07-04 23:27:51
205.185.120.227	attack	Automatic report - Web App Attack	2019-07-04 23:29:57
129.211.121.113	attack	Jul 4 15:11:08 www sshd[20289]: refused connect from 129.211.121.113 (129.211.121.113) - 3 ssh attempts	2019-07-04 23:32:54
222.252.27.138	attackspam	WordPress login Brute force / Web App Attack on client site.	2019-07-04 23:11:10

Recently Reported IPs

14.139.173.163	139.127.236.151	189.203.34.85	172.70.55.5
103.119.141.23	140.213.9.9	2804:18:37:8a99:9576:705b:b051:d89a	223.155.37.35
154.83.192.114	165.232.185.110	233.155.209.254	198.239.197.53
172.84.160.36	43.252.248.202	17.223.239.230	123.57.35.89
110.87.132.224	147.161.192.98	195.251.116.131	81.192.245.93