213.230.114.203

Basic Info

City: unknown

Region: unknown

Country: Uzbekistan

Internet Service Provider: unknown

Hostname: unknown

Organization: Uzbektelekom Joint Stock Company

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
213.230.114.7	attack	Jun 27 14:22:18 smtp postfix/smtpd[31494]: NOQUEUE: reject: RCPT from unknown[213.230.114.7]: 554 5.7.1 Service unavailable; Client host [213.230.114.7] blocked using cbl.abuseat.org; Blocked - see http://www.abuseat.org/lookup.cgi?ip=213.230.114.7; from= to= proto=ESMTP helo=<[213.230.114.7]> ...	2020-06-27 20:41:31
213.230.114.60	attackspam	Nov 8 07:08:39 mxgate1 postfix/postscreen[2829]: CONNECT from [213.230.114.60]:12491 to [176.31.12.44]:25 Nov 8 07:08:39 mxgate1 postfix/dnsblog[2835]: addr 213.230.114.60 listed by domain cbl.abuseat.org as 127.0.0.2 Nov 8 07:08:39 mxgate1 postfix/dnsblog[2831]: addr 213.230.114.60 listed by domain zen.spamhaus.org as 127.0.0.11 Nov 8 07:08:39 mxgate1 postfix/dnsblog[2831]: addr 213.230.114.60 listed by domain zen.spamhaus.org as 127.0.0.4 Nov 8 07:08:39 mxgate1 postfix/dnsblog[2832]: addr 213.230.114.60 listed by domain b.barracudacentral.org as 127.0.0.2 Nov 8 07:08:39 mxgate1 postfix/postscreen[2829]: PREGREET 23 after 0.16 from [213.230.114.60]:12491: EHLO [213.230.114.60] Nov 8 07:08:39 mxgate1 postfix/postscreen[2829]: DNSBL rank 4 for [213.230.114.60]:12491 Nov x@x Nov 8 07:08:40 mxgate1 postfix/postscreen[2829]: HANGUP after 0.59 from [213.230.114.60]:12491 in tests after SMTP handshake Nov 8 07:08:40 mxgate1 postfix/postscreen[2829]: DISCONNECT [213......... -------------------------------	2019-11-08 19:36:01
213.230.114.145	attackbotsspam	2019-07-04 05:53:42 H=(145.64.uzpak.uz) [213.230.114.145]:25482 I=[10.100.18.23]:25 F=: Host/domain is listed in RBL cbl.abuseat.org (Blocked - see hxxp://www.abuseat.org/lookup.cgi?ip=213.230.114.145) 2019-07-04 05:53:42 unexpected disconnection while reading SMTP command from (145.64.uzpak.uz) [213.230.114.145]:25482 I=[10.100.18.23]:25 (error: Connection reset by peer) 2019-07-04 07:45:57 H=(145.64.uzpak.uz) [213.230.114.145]:52974 I=[10.100.18.23]:25 F=: Host/domain is listed in RBL cbl.abuseat.org (Blocked - see hxxp://www.abuseat.org/lookup.cgi?ip=213.230.114.145) ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=213.230.114.145	2019-07-04 19:50:45

Type

Details

Datetime

213.230.114.7

attack

Jun 27 14:22:18 smtp postfix/smtpd[31494]: NOQUEUE: reject: RCPT from unknown[213.230.114.7]: 554 5.7.1 Service unavailable; Client host [213.230.114.7] blocked using cbl.abuseat.org; Blocked - see http://www.abuseat.org/lookup.cgi?ip=213.230.114.7; from= to= proto=ESMTP helo=<[213.230.114.7]>
...

2020-06-27 20:41:31

213.230.114.60

attackspam

Nov  8 07:08:39 mxgate1 postfix/postscreen[2829]: CONNECT from [213.230.114.60]:12491 to [176.31.12.44]:25
Nov  8 07:08:39 mxgate1 postfix/dnsblog[2835]: addr 213.230.114.60 listed by domain cbl.abuseat.org as 127.0.0.2
Nov  8 07:08:39 mxgate1 postfix/dnsblog[2831]: addr 213.230.114.60 listed by domain zen.spamhaus.org as 127.0.0.11
Nov  8 07:08:39 mxgate1 postfix/dnsblog[2831]: addr 213.230.114.60 listed by domain zen.spamhaus.org as 127.0.0.4
Nov  8 07:08:39 mxgate1 postfix/dnsblog[2832]: addr 213.230.114.60 listed by domain b.barracudacentral.org as 127.0.0.2
Nov  8 07:08:39 mxgate1 postfix/postscreen[2829]: PREGREET 23 after 0.16 from [213.230.114.60]:12491: EHLO [213.230.114.60]

Nov  8 07:08:39 mxgate1 postfix/postscreen[2829]: DNSBL rank 4 for [213.230.114.60]:12491
Nov x@x
Nov  8 07:08:40 mxgate1 postfix/postscreen[2829]: HANGUP after 0.59 from [213.230.114.60]:12491 in tests after SMTP handshake
Nov  8 07:08:40 mxgate1 postfix/postscreen[2829]: DISCONNECT [213.........
-------------------------------

2019-11-08 19:36:01

213.230.114.145

attackbotsspam

2019-07-04 05:53:42 H=(145.64.uzpak.uz) [213.230.114.145]:25482 I=[10.100.18.23]:25 F=: Host/domain is listed in RBL cbl.abuseat.org (Blocked - see hxxp://www.abuseat.org/lookup.cgi?ip=213.230.114.145)
2019-07-04 05:53:42 unexpected disconnection while reading SMTP command from (145.64.uzpak.uz) [213.230.114.145]:25482 I=[10.100.18.23]:25 (error: Connection reset by peer)
2019-07-04 07:45:57 H=(145.64.uzpak.uz) [213.230.114.145]:52974 I=[10.100.18.23]:25 F=: Host/domain is listed in RBL cbl.abuseat.org (Blocked - see hxxp://www.abuseat.org/lookup.cgi?ip=213.230.114.145)


........
-----------------------------------------------
https://www.blocklist.de/en/view.html?ip=213.230.114.145

2019-07-04 19:50:45

Whois info:

Dig info:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 213.230.114.203
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 46504
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;213.230.114.203.		IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019042301 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.3#53(67.207.67.3)
;; WHEN: Tue Apr 23 21:21:12 +08 2019
;; MSG SIZE  rcvd: 119

Host info

203.114.230.213.in-addr.arpa domain name pointer 203.64.uzpak.uz.

Nslookup info:

Server:		67.207.67.3
Address:	67.207.67.3#53

Non-authoritative answer:
203.114.230.213.in-addr.arpa	name = 203.64.uzpak.uz.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
37.98.196.42	attack	Sep 13 16:08:39 vm1 sshd[12740]: Failed password for root from 37.98.196.42 port 52922 ssh2 ...	2020-09-13 23:18:14
62.210.130.218	attack	Sep 13 15:12:55 game-panel sshd[13413]: Failed password for root from 62.210.130.218 port 48966 ssh2 Sep 13 15:16:30 game-panel sshd[13562]: Failed password for root from 62.210.130.218 port 38646 ssh2	2020-09-13 23:30:06
170.244.233.3	attackbotsspam	Automatic report - Port Scan Attack	2020-09-13 23:43:41
178.76.246.201	attackbots	[SatSep1218:55:27.3459412020][:error][pid28434:tid47701840639744][client178.76.246.201:54812][client178.76.246.201]ModSecurity:Accessdeniedwithcode403$phase2$.Patternmatch"connector\\\\\\\\.minimal\\\\\\\\.php"atREQUEST_URI.[file"/usr/local/apache.ea3/conf/modsec_rules/99_asl_jitp.conf"][line"321"][id"393781"][rev"1"][msg"Atomicorp.comWAFRules-VirtualJustInTimePatch:WordPressFileManagerPluginattackblocked"][hostname"cser.ch"][uri"/wp-content/plugins/wp-file-manager/lib/php/connector.minimal.php"][unique_id"X1z9f9F-s5AkeysgAdCUgQAAAMQ"]\,referer:http://cser.ch/wp-content/plugins/wp-file-manager/lib/php/connector.minimal.php[SatSep1218:55:29.6396152020][:error][pid11873:tid47701932660480][client178.76.246.201:55070][client178.76.246.201]ModSecurity:Accessdeniedwithcode403$phase2$.Patternmatch"connector\\\\\\\\.minimal\\\\\\\\.php"atREQUEST_URI.[file"/usr/local/apache.ea3/conf/modsec_rules/99_asl_jitp.conf"][line"321"][id"393781"][rev"1"][msg"Atomicorp.comWAFRules-VirtualJustInTi	2020-09-13 23:43:15
52.149.160.100	attackbotsspam	Port Scan: TCP/443	2020-09-13 23:23:50
122.155.11.89	attackspambots	$f2bV_matches	2020-09-13 23:44:48
173.242.115.171	attackbots	2020-09-13 16:15:42 wonderland sshd[18168]: Disconnected from invalid user root 173.242.115.171 port 37140 [preauth]	2020-09-13 23:39:14
123.232.82.40	attack	port scan and connect, tcp 1433 (ms-sql-s)	2020-09-13 23:23:20
218.29.54.108	attack	218.29.54.108 (CN/China/-), 6 distributed sshd attacks on account [root] in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_DISTATTACK; Logs: Sep 13 11:09:27 jbs1 sshd[19318]: Failed password for root from 218.29.54.108 port 36426 ssh2 Sep 13 11:10:09 jbs1 sshd[19645]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.55.180.7 user=root Sep 13 11:10:11 jbs1 sshd[19645]: Failed password for root from 45.55.180.7 port 33262 ssh2 Sep 13 11:09:25 jbs1 sshd[19318]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.29.54.108 user=root Sep 13 11:11:36 jbs1 sshd[20011]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=189.125.102.208 user=root Sep 13 11:11:00 jbs1 sshd[19833]: Failed password for root from 91.134.167.236 port 16681 ssh2 IP Addresses Blocked:	2020-09-13 23:25:35
191.217.170.33	attackbotsspam	Cowrie Honeypot: 3 unauthorised SSH/Telnet login attempts between 2020-09-13T14:25:25Z and 2020-09-13T14:34:13Z	2020-09-13 23:38:53
104.244.78.136	attack	frenzy	2020-09-13 23:31:39
5.188.86.216	attackbots	Cowrie Honeypot: Unauthorised SSH/Telnet login attempt with user "root" at 2020-09-13T10:11:33Z	2020-09-13 23:40:07
144.255.16.81	attackbots	Sep 13 09:59:20 game-panel sshd[31078]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=144.255.16.81 Sep 13 09:59:21 game-panel sshd[31080]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=144.255.16.81 Sep 13 09:59:22 game-panel sshd[31080]: Failed password for invalid user pi from 144.255.16.81 port 40856 ssh2	2020-09-13 23:34:28
166.170.220.2	attack	Brute forcing email accounts	2020-09-13 23:16:52
27.7.170.50	attackbots	Port probing on unauthorized port 23	2020-09-13 23:50:41

Recently Reported IPs

89.221.199.232	156.246.62.180	145.39.127.66	89.148.238.203
77.247.108.11	159.138.35.59	39.194.38.19	182.186.57.221
85.179.9.151	37.59.8.29	219.253.80.237	182.144.108.39
2600:3c03::f03c:91ff:fed4:b0cb	211.5.213.108	171.218.146.15	120.2.85.161
141.130.2.58	119.28.204.16	115.63.29.197	157.7.188.95