213.158.239.215

Basic Info

City: unknown

Region: unknown

Country: Norway

Internet Service Provider: GlobalConnect AS

Hostname: unknown

Organization: unknown

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspam	Jul 7 15:21:07 eventyay sshd[9321]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=213.158.239.215 Jul 7 15:21:09 eventyay sshd[9321]: Failed password for invalid user projects from 213.158.239.215 port 55752 ssh2 Jul 7 15:24:24 eventyay sshd[9396]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=213.158.239.215 ...	2020-07-08 01:45:17
attack	Jun 23 21:38:45 rudra sshd[266698]: reveeclipse mapping checking getaddrinfo for m313-158-239-215.static.xdsl.no [213.158.239.215] failed - POSSIBLE BREAK-IN ATTEMPT! Jun 23 21:38:45 rudra sshd[266698]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=213.158.239.215 user=r.r Jun 23 21:38:47 rudra sshd[266698]: Failed password for r.r from 213.158.239.215 port 59288 ssh2 Jun 23 21:38:47 rudra sshd[266698]: Received disconnect from 213.158.239.215: 11: Bye Bye [preauth] Jun 23 21:53:31 rudra sshd[269549]: reveeclipse mapping checking getaddrinfo for m313-158-239-215.static.xdsl.no [213.158.239.215] failed - POSSIBLE BREAK-IN ATTEMPT! Jun 23 21:53:31 rudra sshd[269549]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=213.158.239.215 user=r.r Jun 23 21:53:33 rudra sshd[269549]: Failed password for r.r from 213.158.239.215 port 39480 ssh2 Jun 23 21:53:33 rudra sshd[269549]: Received disconnect ........ -------------------------------	2020-06-24 20:42:41

Type

Details

Datetime

attackspam

Jul  7 15:21:07 eventyay sshd[9321]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=213.158.239.215
Jul  7 15:21:09 eventyay sshd[9321]: Failed password for invalid user projects from 213.158.239.215 port 55752 ssh2
Jul  7 15:24:24 eventyay sshd[9396]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=213.158.239.215
...

2020-07-08 01:45:17

attack

Jun 23 21:38:45 rudra sshd[266698]: reveeclipse mapping checking getaddrinfo for m313-158-239-215.static.xdsl.no [213.158.239.215] failed - POSSIBLE BREAK-IN ATTEMPT!
Jun 23 21:38:45 rudra sshd[266698]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=213.158.239.215  user=r.r
Jun 23 21:38:47 rudra sshd[266698]: Failed password for r.r from 213.158.239.215 port 59288 ssh2
Jun 23 21:38:47 rudra sshd[266698]: Received disconnect from 213.158.239.215: 11: Bye Bye [preauth]
Jun 23 21:53:31 rudra sshd[269549]: reveeclipse mapping checking getaddrinfo for m313-158-239-215.static.xdsl.no [213.158.239.215] failed - POSSIBLE BREAK-IN ATTEMPT!
Jun 23 21:53:31 rudra sshd[269549]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=213.158.239.215  user=r.r
Jun 23 21:53:33 rudra sshd[269549]: Failed password for r.r from 213.158.239.215 port 39480 ssh2
Jun 23 21:53:33 rudra sshd[269549]: Received disconnect ........
-------------------------------

2020-06-24 20:42:41

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 213.158.239.215
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 41903
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;213.158.239.215.		IN	A

;; AUTHORITY SECTION:
.			343	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020062400 1800 900 604800 86400

;; Query time: 105 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Jun 24 20:42:34 CST 2020
;; MSG SIZE  rcvd: 119

Host info

215.239.158.213.in-addr.arpa domain name pointer c213-158-239-215.static.xdsl.no.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
215.239.158.213.in-addr.arpa	name = c213-158-239-215.static.xdsl.no.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
92.63.194.26	attackspambots	2019-08-10T06:22:38.5162601240 sshd\[31984\]: Invalid user admin from 92.63.194.26 port 38116 2019-08-10T06:22:38.5218451240 sshd\[31984\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=92.63.194.26 2019-08-10T06:22:40.4770891240 sshd\[31984\]: Failed password for invalid user admin from 92.63.194.26 port 38116 ssh2 ...	2019-08-10 12:36:47
79.106.44.2	attack	Automatic report - Port Scan Attack	2019-08-10 12:16:48
23.129.64.162	attackbotsspam	C1,WP GET /nelson/wp-login.php	2019-08-10 12:03:34
45.227.253.216	attackspam	Aug 10 06:02:26 relay postfix/smtpd\[18545\]: warning: unknown\[45.227.253.216\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Aug 10 06:02:34 relay postfix/smtpd\[16389\]: warning: unknown\[45.227.253.216\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Aug 10 06:04:34 relay postfix/smtpd\[16389\]: warning: unknown\[45.227.253.216\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Aug 10 06:04:42 relay postfix/smtpd\[18544\]: warning: unknown\[45.227.253.216\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Aug 10 06:06:11 relay postfix/smtpd\[16389\]: warning: unknown\[45.227.253.216\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2019-08-10 12:09:36
43.242.215.70	attack	Automated report - ssh fail2ban: Aug 10 05:17:41 authentication failure Aug 10 05:17:43 wrong password, user=mopps, port=3517, ssh2 Aug 10 05:44:17 authentication failure	2019-08-10 11:50:01
13.94.118.122	attackspam	Aug 10 07:07:20 server sshd\[27900\]: Invalid user ep from 13.94.118.122 port 52554 Aug 10 07:07:20 server sshd\[27900\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=13.94.118.122 Aug 10 07:07:22 server sshd\[27900\]: Failed password for invalid user ep from 13.94.118.122 port 52554 ssh2 Aug 10 07:11:32 server sshd\[14077\]: Invalid user tibero2 from 13.94.118.122 port 47272 Aug 10 07:11:32 server sshd\[14077\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=13.94.118.122	2019-08-10 12:25:22
139.59.66.163	attack	[munged]::443 139.59.66.163 - - [10/Aug/2019:04:42:52 +0200] "POST /[munged]: HTTP/1.1" 200 9078 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" [munged]::443 139.59.66.163 - - [10/Aug/2019:04:43:01 +0200] "POST /[munged]: HTTP/1.1" 200 9078 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" [munged]::443 139.59.66.163 - - [10/Aug/2019:04:43:10 +0200] "POST /[munged]: HTTP/1.1" 200 9078 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" [munged]::443 139.59.66.163 - - [10/Aug/2019:04:43:13 +0200] "POST /[munged]: HTTP/1.1" 200 9078 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" [munged]::443 139.59.66.163 - - [10/Aug/2019:04:43:18 +0200] "POST /[munged]: HTTP/1.1" 200 9078 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" [munged]::443 139.59.66.163 - - [10/Aug/2019:04:43:21 +0200] "POST /[munged]: HTTP/1.1" 200 9078 "-" "Mozilla/5.0 (X11; Ubun	2019-08-10 12:17:51
68.183.217.198	attack	www.ft-1848-basketball.de 68.183.217.198 \[10/Aug/2019:04:43:47 +0200\] "POST /wp-login.php HTTP/1.1" 200 2172 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" www.ft-1848-basketball.de 68.183.217.198 \[10/Aug/2019:04:43:48 +0200\] "POST /wp-login.php HTTP/1.1" 200 2132 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0"	2019-08-10 12:17:26
103.218.243.13	attackspambots	Aug 10 05:56:49 tuxlinux sshd[49337]: Invalid user merlin from 103.218.243.13 port 35834 Aug 10 05:56:49 tuxlinux sshd[49337]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.218.243.13 Aug 10 05:56:49 tuxlinux sshd[49337]: Invalid user merlin from 103.218.243.13 port 35834 Aug 10 05:56:49 tuxlinux sshd[49337]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.218.243.13 Aug 10 05:56:49 tuxlinux sshd[49337]: Invalid user merlin from 103.218.243.13 port 35834 Aug 10 05:56:49 tuxlinux sshd[49337]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.218.243.13 Aug 10 05:56:51 tuxlinux sshd[49337]: Failed password for invalid user merlin from 103.218.243.13 port 35834 ssh2 ...	2019-08-10 12:31:48
51.254.248.18	attack	Aug 10 00:01:43 vtv3 sshd\[30045\]: Invalid user ts from 51.254.248.18 port 60588 Aug 10 00:01:43 vtv3 sshd\[30045\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.254.248.18 Aug 10 00:01:45 vtv3 sshd\[30045\]: Failed password for invalid user ts from 51.254.248.18 port 60588 ssh2 Aug 10 00:05:31 vtv3 sshd\[31937\]: Invalid user user1 from 51.254.248.18 port 53540 Aug 10 00:05:31 vtv3 sshd\[31937\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.254.248.18 Aug 10 00:16:48 vtv3 sshd\[4801\]: Invalid user lijy from 51.254.248.18 port 60920 Aug 10 00:16:48 vtv3 sshd\[4801\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.254.248.18 Aug 10 00:16:49 vtv3 sshd\[4801\]: Failed password for invalid user lijy from 51.254.248.18 port 60920 ssh2 Aug 10 00:20:41 vtv3 sshd\[6708\]: Invalid user basil from 51.254.248.18 port 54036 Aug 10 00:20:41 vtv3 sshd\[6708\]: pam_unix\(sshd:aut	2019-08-10 12:10:10
165.22.21.221	attackbots	Aug 10 06:14:59 dedicated sshd[15507]: Failed password for invalid user jenny from 165.22.21.221 port 37620 ssh2 Aug 10 06:14:58 dedicated sshd[15507]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=165.22.21.221 Aug 10 06:14:58 dedicated sshd[15507]: Invalid user jenny from 165.22.21.221 port 37620 Aug 10 06:14:59 dedicated sshd[15507]: Failed password for invalid user jenny from 165.22.21.221 port 37620 ssh2 Aug 10 06:18:52 dedicated sshd[15951]: Invalid user abc1 from 165.22.21.221 port 59994	2019-08-10 12:20:33
149.202.88.21	attackbots	Aug 9 22:41:38 aat-srv002 sshd[27620]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=149.202.88.21 Aug 9 22:41:39 aat-srv002 sshd[27620]: Failed password for invalid user pi from 149.202.88.21 port 39404 ssh2 Aug 9 22:45:51 aat-srv002 sshd[27690]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=149.202.88.21 Aug 9 22:45:53 aat-srv002 sshd[27690]: Failed password for invalid user tk from 149.202.88.21 port 33378 ssh2 ...	2019-08-10 11:57:34
163.172.61.214	attack	Aug 10 05:54:56 localhost sshd\[32058\]: Invalid user cmcginn from 163.172.61.214 port 41992 Aug 10 05:54:56 localhost sshd\[32058\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=163.172.61.214 Aug 10 05:54:57 localhost sshd\[32058\]: Failed password for invalid user cmcginn from 163.172.61.214 port 41992 ssh2	2019-08-10 11:56:42
202.188.101.106	attack	Aug 10 00:18:21 plusreed sshd[15912]: Invalid user oracle from 202.188.101.106 ...	2019-08-10 12:30:53
59.152.196.154	attackspambots	Aug 10 03:58:39 localhost sshd\[11750\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=59.152.196.154 user=root Aug 10 03:58:41 localhost sshd\[11750\]: Failed password for root from 59.152.196.154 port 56735 ssh2 Aug 10 04:06:32 localhost sshd\[11957\]: Invalid user onie from 59.152.196.154 port 54842 Aug 10 04:06:32 localhost sshd\[11957\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=59.152.196.154 Aug 10 04:06:34 localhost sshd\[11957\]: Failed password for invalid user onie from 59.152.196.154 port 54842 ssh2 ...	2019-08-10 12:32:07

Recently Reported IPs

94.25.181.227	141.98.10.193	52.149.131.224	60.8.232.210
41.139.142.170	68.168.221.178	200.54.150.18	51.195.157.109
45.95.168.80	104.168.141.181	14.187.3.15	196.249.97.155
154.70.38.250	14.231.91.95	192.241.211.14	52.163.48.172
109.117.239.76	69.195.124.68	23.99.196.47	5.252.224.135