213.138.73.250

Basic Info

City: unknown

Region: unknown

Country: Russian Federation

Internet Service Provider: Zao Electro-Com Rostov-On-Don

Hostname: unknown

Organization: unknown

Usage Type: Commercial

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Nov 6 12:03:49 ms-srv sshd[46846]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=213.138.73.250 user=root Nov 6 12:03:51 ms-srv sshd[46846]: Failed password for invalid user root from 213.138.73.250 port 46533 ssh2	2020-03-09 01:00:40
attackspam	$f2bV_matches	2020-02-26 23:19:05
attackspambots	Feb 10 18:56:09 sd-53420 sshd\[2882\]: Invalid user wak from 213.138.73.250 Feb 10 18:56:09 sd-53420 sshd\[2882\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=213.138.73.250 Feb 10 18:56:11 sd-53420 sshd\[2882\]: Failed password for invalid user wak from 213.138.73.250 port 36365 ssh2 Feb 10 18:59:58 sd-53420 sshd\[3215\]: Invalid user yff from 213.138.73.250 Feb 10 18:59:58 sd-53420 sshd\[3215\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=213.138.73.250 ...	2020-02-11 02:22:41
attackbots	Unauthorized connection attempt detected from IP address 213.138.73.250 to port 2220 [J]	2020-01-15 06:55:31
attackspam	SSH authentication failure x 6 reported by Fail2Ban ...	2020-01-10 22:01:35
attackspam	Unauthorized connection attempt detected from IP address 213.138.73.250 to port 2220 [J]	2020-01-08 03:32:16
attack	Jan 2 21:14:21 server sshd\[20723\]: Invalid user service1 from 213.138.73.250 Jan 2 21:14:21 server sshd\[20723\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=213.138.73.250 Jan 2 21:14:22 server sshd\[20723\]: Failed password for invalid user service1 from 213.138.73.250 port 42546 ssh2 Jan 2 21:27:52 server sshd\[23851\]: Invalid user hbx from 213.138.73.250 Jan 2 21:27:52 server sshd\[23851\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=213.138.73.250 ...	2020-01-03 04:48:16
attackspam	Jan 1 15:54:06 www sshd\[868\]: Invalid user mathonnet from 213.138.73.250 port 35439 ...	2020-01-01 23:21:30
attackbots	Dec 28 04:13:21 firewall sshd[1662]: Invalid user aaaqqq from 213.138.73.250 Dec 28 04:13:23 firewall sshd[1662]: Failed password for invalid user aaaqqq from 213.138.73.250 port 42533 ssh2 Dec 28 04:16:47 firewall sshd[1717]: Invalid user noob123 from 213.138.73.250 ...	2019-12-28 15:28:55
attackbots	Nov 26 23:49:43 v22018086721571380 sshd[18944]: Failed password for invalid user basin from 213.138.73.250 port 53426 ssh2	2019-11-27 07:53:04
attackbots	Nov 25 07:31:31 rotator sshd\[22122\]: Address 213.138.73.250 maps to ip-213-138-73-250.spark-rostov.ru, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT!Nov 25 07:31:31 rotator sshd\[22122\]: Invalid user spoon from 213.138.73.250Nov 25 07:31:33 rotator sshd\[22122\]: Failed password for invalid user spoon from 213.138.73.250 port 51825 ssh2Nov 25 07:38:24 rotator sshd\[22931\]: Address 213.138.73.250 maps to ip-213-138-73-250.spark-rostov.ru, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT!Nov 25 07:38:24 rotator sshd\[22931\]: Invalid user 1q2w3e4r5t from 213.138.73.250Nov 25 07:38:26 rotator sshd\[22931\]: Failed password for invalid user 1q2w3e4r5t from 213.138.73.250 port 41161 ssh2 ...	2019-11-25 14:39:57
attackspam	Nov 15 06:58:27 thevastnessof sshd[11264]: Failed password for root from 213.138.73.250 port 39540 ssh2 ...	2019-11-15 15:57:35
attack	Nov 14 16:22:59 ws22vmsma01 sshd[31140]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=213.138.73.250 Nov 14 16:23:01 ws22vmsma01 sshd[31140]: Failed password for invalid user farthing from 213.138.73.250 port 50724 ssh2 ...	2019-11-15 05:10:59
attackbotsspam	Nov 11 00:52:00 TORMINT sshd\[28795\]: Invalid user lisa from 213.138.73.250 Nov 11 00:52:00 TORMINT sshd\[28795\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=213.138.73.250 Nov 11 00:52:03 TORMINT sshd\[28795\]: Failed password for invalid user lisa from 213.138.73.250 port 51380 ssh2 ...	2019-11-11 13:53:37
attackspam	Nov 5 19:34:09 srv3 sshd\[6734\]: Invalid user pi from 213.138.73.250 Nov 5 19:34:09 srv3 sshd\[6734\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=213.138.73.250 Nov 5 19:34:11 srv3 sshd\[6734\]: Failed password for invalid user pi from 213.138.73.250 port 33136 ssh2 Nov 5 19:46:27 srv3 sshd\[6931\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=213.138.73.250 user=root Nov 5 19:46:28 srv3 sshd\[6931\]: Failed password for root from 213.138.73.250 port 32835 ssh2 Nov 5 19:50:35 srv3 sshd\[7019\]: Invalid user ubuntu from 213.138.73.250 Nov 5 19:50:35 srv3 sshd\[7019\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=213.138.73.250 ...	2019-11-06 17:17:16
attackspambots	Oct 20 06:11:52 www sshd\[5724\]: Invalid user miket from 213.138.73.250 port 47926 ...	2019-10-20 17:16:20
attack	Oct 16 08:47:28 plusreed sshd[19307]: Invalid user corina from 213.138.73.250 ...	2019-10-16 23:22:55
attackbotsspam	Sep 27 07:51:54 vps647732 sshd[6359]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=213.138.73.250 Sep 27 07:51:57 vps647732 sshd[6359]: Failed password for invalid user admin from 213.138.73.250 port 47304 ssh2 ...	2019-09-27 14:13:29
attack	Sep 21 05:01:19 php1 sshd\[4476\]: Invalid user hdduser from 213.138.73.250 Sep 21 05:01:19 php1 sshd\[4476\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=213.138.73.250 Sep 21 05:01:21 php1 sshd\[4476\]: Failed password for invalid user hdduser from 213.138.73.250 port 42701 ssh2 Sep 21 05:06:01 php1 sshd\[5052\]: Invalid user MSI from 213.138.73.250 Sep 21 05:06:01 php1 sshd\[5052\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=213.138.73.250	2019-09-21 23:53:32
attackspam	Sep 17 16:24:36 bouncer sshd\[27866\]: Invalid user amandabackup from 213.138.73.250 port 39001 Sep 17 16:24:36 bouncer sshd\[27866\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=213.138.73.250 Sep 17 16:24:38 bouncer sshd\[27866\]: Failed password for invalid user amandabackup from 213.138.73.250 port 39001 ssh2 ...	2019-09-17 23:23:21
attackbots	Sep 14 17:47:20 web9 sshd\[22936\]: Invalid user gpadmin from 213.138.73.250 Sep 14 17:47:20 web9 sshd\[22936\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=213.138.73.250 Sep 14 17:47:22 web9 sshd\[22936\]: Failed password for invalid user gpadmin from 213.138.73.250 port 55705 ssh2 Sep 14 17:51:42 web9 sshd\[23894\]: Invalid user fang from 213.138.73.250 Sep 14 17:51:42 web9 sshd\[23894\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=213.138.73.250	2019-09-15 12:02:04
attackbots	Sep 11 10:40:15 web1 sshd\[18594\]: Invalid user steampass from 213.138.73.250 Sep 11 10:40:15 web1 sshd\[18594\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=213.138.73.250 Sep 11 10:40:17 web1 sshd\[18594\]: Failed password for invalid user steampass from 213.138.73.250 port 33858 ssh2 Sep 11 10:46:44 web1 sshd\[19176\]: Invalid user 1 from 213.138.73.250 Sep 11 10:46:44 web1 sshd\[19176\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=213.138.73.250	2019-09-12 11:22:13
attackspam	Sep 9 12:11:03 hcbb sshd\[7022\]: Invalid user alex from 213.138.73.250 Sep 9 12:11:03 hcbb sshd\[7022\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=213.138.73.250 Sep 9 12:11:06 hcbb sshd\[7022\]: Failed password for invalid user alex from 213.138.73.250 port 37240 ssh2 Sep 9 12:17:11 hcbb sshd\[7704\]: Invalid user upload from 213.138.73.250 Sep 9 12:17:11 hcbb sshd\[7704\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=213.138.73.250	2019-09-10 06:20:53
attackspam	Sep 6 08:09:00 vps691689 sshd[9338]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=213.138.73.250 Sep 6 08:09:02 vps691689 sshd[9338]: Failed password for invalid user ftptest from 213.138.73.250 port 38654 ssh2 ...	2019-09-06 14:22:59
attack	SSH/22 MH Probe, BF, Hack -	2019-09-04 07:47:35

Comments on same subnet:

IP	Type	Details	Datetime
213.138.73.82	attack	spam FO	2019-11-17 21:40:18

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 213.138.73.250
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 41671
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;213.138.73.250.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019090301 1800 900 604800 86400

;; Query time: 3 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Wed Sep 04 07:47:29 CST 2019
;; MSG SIZE  rcvd: 118

Host info

250.73.138.213.in-addr.arpa domain name pointer ip-213-138-73-250.spark-rostov.ru.

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
250.73.138.213.in-addr.arpa	name = ip-213-138-73-250.spark-rostov.ru.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
179.106.2.3	attackbotsspam	Unauthorized connection attempt from IP address 179.106.2.3 on Port 445(SMB)	2020-09-17 05:40:24
59.126.198.147	attackspam	port scan and connect, tcp 23 (telnet)	2020-09-17 06:06:45
61.177.172.142	attackbots	Sep 17 00:03:29 MainVPS sshd[11344]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.177.172.142 user=root Sep 17 00:03:31 MainVPS sshd[11344]: Failed password for root from 61.177.172.142 port 39990 ssh2 Sep 17 00:03:44 MainVPS sshd[11344]: error: maximum authentication attempts exceeded for root from 61.177.172.142 port 39990 ssh2 [preauth] Sep 17 00:03:29 MainVPS sshd[11344]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.177.172.142 user=root Sep 17 00:03:31 MainVPS sshd[11344]: Failed password for root from 61.177.172.142 port 39990 ssh2 Sep 17 00:03:44 MainVPS sshd[11344]: error: maximum authentication attempts exceeded for root from 61.177.172.142 port 39990 ssh2 [preauth] Sep 17 00:03:48 MainVPS sshd[11912]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.177.172.142 user=root Sep 17 00:03:50 MainVPS sshd[11912]: Failed password for root from 61.177.172.142 port 2484 ssh	2020-09-17 06:12:56
103.147.10.222	attackbotsspam	CMS (WordPress or Joomla) login attempt.	2020-09-17 06:09:18
119.236.161.59	attack	Unauthorized access to SSH at 16/Sep/2020:17:00:35 +0000.	2020-09-17 05:49:10
116.72.35.44	attack	Listed on zen-spamhaus also barracudaCentral and abuseat.org / proto=6 . srcport=49295 . dstport=8080 . (1120)	2020-09-17 05:50:57
88.136.99.40	attackspam	Cowrie Honeypot: 3 unauthorised SSH/Telnet login attempts between 2020-09-16T19:45:32Z and 2020-09-16T19:52:40Z	2020-09-17 05:42:09
202.137.155.203	attack	Dovecot Invalid User Login Attempt.	2020-09-17 05:50:09
141.98.9.23	attack	Auto Detect Rule! proto TCP (SYN), 141.98.9.23:65526->gjan.info:8080, len 40	2020-09-17 05:40:45
186.42.172.147	attackspambots	Unauthorized connection attempt from IP address 186.42.172.147 on Port 445(SMB)	2020-09-17 05:59:37
49.233.90.66	attackspambots	Sep 16 23:44:07 ns382633 sshd\[31784\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.233.90.66 user=root Sep 16 23:44:08 ns382633 sshd\[31784\]: Failed password for root from 49.233.90.66 port 56792 ssh2 Sep 16 23:52:04 ns382633 sshd\[855\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.233.90.66 user=root Sep 16 23:52:06 ns382633 sshd\[855\]: Failed password for root from 49.233.90.66 port 54802 ssh2 Sep 16 23:55:33 ns382633 sshd\[1711\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.233.90.66 user=root	2020-09-17 05:57:42
185.176.27.42	attackbotsspam	Port-scan: detected 102 distinct ports within a 24-hour window.	2020-09-17 06:14:55
162.247.74.27	attack	$lgm	2020-09-17 05:57:12
58.250.164.246	attack	Sep 16 20:50:24 vps647732 sshd[4632]: Failed password for root from 58.250.164.246 port 37165 ssh2 ...	2020-09-17 05:59:20
111.229.109.26	attackbots	22/tcp 22/tcp 22/tcp... [2020-07-29/09-16]11pkt,1pt.(tcp)	2020-09-17 06:01:31

Recently Reported IPs

150.223.9.220	188.29.165.220	157.61.80.89	177.83.246.130
85.180.11.223	187.188.33.210	183.13.12.188	185.53.88.65
117.92.165.246	187.188.191.43	118.152.149.127	43.246.39.198
179.253.237.64	193.169.252.83	191.53.52.149	54.218.197.39
186.232.15.163	114.33.148.203	125.133.62.10	177.69.245.93