213.142.148.38

Basic Info

City: unknown

Region: unknown

Country: Turkey

Internet Service Provider: Tamer Telekom Telekomunikasyon Bilgisayar Elektronik Yazilim Donanim Sanayi ve Ticaret Limited Sirketi

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	port scan and connect, tcp 1433 (ms-sql-s)	2020-05-15 02:25:15

Comments on same subnet:

IP	Type	Details	Datetime
213.142.148.37	attackspam	Unauthorized connection attempt detected from IP address 213.142.148.37 to port 445	2019-12-11 09:28:45
213.142.148.151	attackbots	SASL Brute Force	2019-11-24 16:21:35
213.142.148.149	attackbotsspam	SASL Brute Force	2019-11-24 13:23:37
213.142.148.141	attackbots	Nov 24 08:59:31 our-server-hostname postfix/smtpd[26165]: connect from unknown[213.142.148.141] Nov 24 08:59:32 our-server-hostname postfix/smtpd[25209]: connect from unknown[213.142.148.141] Nov x@x Nov x@x Nov 24 08:59:34 our-server-hostname postfix/smtpd[26165]: 6E842A40327: client=unknown[213.142.148.141] Nov x@x Nov x@x Nov 24 08:59:34 our-server-hostname postfix/smtpd[25209]: A8912A40329: client=unknown[213.142.148.141] Nov 24 08:59:35 our-server-hostname postfix/smtpd[30228]: 3B6A6A4032A: client=unknown[127.0.0.1], orig_client=unknown[213.142.148.141] Nov 24 08:59:35 our-server-hostname amavis[27153]: (27153-05) Passed CLEAN, [213.142.148.141] [213.142.148.141] , mail_id: ipOMe-s091WT, Hhostnames: -, size: 9864, queued_as: 3B6A6A4032A, 124 ms Nov x@x Nov x@x Nov 24 08:59:35 our-server-hostname postfix/smtpd[26165]: 7FD11A4001A: client=unknown[213.142.148.141] Nov 24 08:59:35 our-server-hostname postfix/smtpd[30228]: 84C00A4032C: client=unknown[127.0.0.1], or........ -------------------------------	2019-11-24 08:56:04

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 213.142.148.38
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 1832
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;213.142.148.38.			IN	A

;; AUTHORITY SECTION:
.			228	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020051401 1800 900 604800 86400

;; Query time: 57 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri May 15 02:25:11 CST 2020
;; MSG SIZE  rcvd: 118

Host info

Host 38.148.142.213.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 38.148.142.213.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
49.234.213.237	attack	May 29 10:45:46 ourumov-web sshd\[14942\]: Invalid user joseph from 49.234.213.237 port 44094 May 29 10:45:46 ourumov-web sshd\[14942\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.234.213.237 May 29 10:45:49 ourumov-web sshd\[14942\]: Failed password for invalid user joseph from 49.234.213.237 port 44094 ssh2 ...	2020-05-29 18:26:00
186.122.149.144	attack	Brute-force attempt banned	2020-05-29 18:51:19
109.175.166.38	attackspam	5x Failed Password	2020-05-29 18:52:54
46.172.204.201	attackspambots	Hits on port : 445	2020-05-29 18:31:34
94.199.198.137	attackbots	May 29 07:00:03 firewall sshd[29690]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=94.199.198.137 user=root May 29 07:00:06 firewall sshd[29690]: Failed password for root from 94.199.198.137 port 31466 ssh2 May 29 07:02:13 firewall sshd[29787]: Invalid user maureen from 94.199.198.137 ...	2020-05-29 18:34:03
68.183.153.161	attackbots	$f2bV_matches	2020-05-29 18:28:27
118.40.248.20	attackspam	May 29 18:14:45 web1 sshd[5593]: Invalid user ftp_id from 118.40.248.20 port 35113 May 29 18:14:45 web1 sshd[5593]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.40.248.20 May 29 18:14:45 web1 sshd[5593]: Invalid user ftp_id from 118.40.248.20 port 35113 May 29 18:14:47 web1 sshd[5593]: Failed password for invalid user ftp_id from 118.40.248.20 port 35113 ssh2 May 29 18:24:56 web1 sshd[8020]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.40.248.20 user=root May 29 18:24:58 web1 sshd[8020]: Failed password for root from 118.40.248.20 port 37981 ssh2 May 29 18:28:14 web1 sshd[8836]: Invalid user ganga from 118.40.248.20 port 60304 May 29 18:28:14 web1 sshd[8836]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.40.248.20 May 29 18:28:14 web1 sshd[8836]: Invalid user ganga from 118.40.248.20 port 60304 May 29 18:28:17 web1 sshd[8836]: Failed password for ...	2020-05-29 18:54:42
158.69.223.91	attackspambots	May 29 12:19:55 server sshd[6771]: Failed password for root from 158.69.223.91 port 59937 ssh2 May 29 12:22:48 server sshd[7039]: Failed password for root from 158.69.223.91 port 55850 ssh2 ...	2020-05-29 18:43:50
193.169.212.193	attack	SpamScore above: 10.0	2020-05-29 19:02:50
82.213.199.190	attackbotsspam	SSH/22 MH Probe, BF, Hack -	2020-05-29 18:26:30
190.12.66.27	attackspambots	Invalid user jerry from 190.12.66.27 port 52118	2020-05-29 18:55:54
114.35.253.2	attackspam	Telnet/23 MH Probe, Scan, BF, Hack -	2020-05-29 18:40:57
218.92.0.212	attack	May 29 10:44:31 localhost sshd[34917]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.212 user=root May 29 10:44:32 localhost sshd[34917]: Failed password for root from 218.92.0.212 port 62785 ssh2 May 29 10:44:36 localhost sshd[34917]: Failed password for root from 218.92.0.212 port 62785 ssh2 May 29 10:44:31 localhost sshd[34917]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.212 user=root May 29 10:44:32 localhost sshd[34917]: Failed password for root from 218.92.0.212 port 62785 ssh2 May 29 10:44:36 localhost sshd[34917]: Failed password for root from 218.92.0.212 port 62785 ssh2 May 29 10:44:31 localhost sshd[34917]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.212 user=root May 29 10:44:32 localhost sshd[34917]: Failed password for root from 218.92.0.212 port 62785 ssh2 May 29 10:44:36 localhost sshd[34917]: Failed password fo ...	2020-05-29 19:01:02
37.252.190.224	attackspam	May 29 12:59:57 hosting sshd[24329]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=37.252.190.224 user=root May 29 12:59:59 hosting sshd[24329]: Failed password for root from 37.252.190.224 port 45222 ssh2 ...	2020-05-29 18:57:14
193.169.212.209	attackbotsspam	SpamScore above: 10.0	2020-05-29 18:42:36

Recently Reported IPs

160.153.234.73	171.9.75.41	123.27.212.10	85.208.21.63
69.196.47.148	103.148.21.50	89.206.57.176	62.114.113.247
162.212.13.6	157.47.42.3	186.56.204.180	104.248.145.34
103.225.127.175	117.4.13.90	72.94.179.204	118.179.78.78
113.201.50.251	68.142.52.4	106.52.17.214	86.245.110.142