213.230.115.241

Basic Info

City: Tashkent

Region: Toshkent Shahri

Country: Uzbekistan

Internet Service Provider: Uzbektelekom Joint Stock Company

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspambots	Nov 8 07:04:59 mxgate1 postfix/postscreen[2829]: CONNECT from [213.230.115.241]:34232 to [176.31.12.44]:25 Nov 8 07:04:59 mxgate1 postfix/dnsblog[2834]: addr 213.230.115.241 listed by domain zen.spamhaus.org as 127.0.0.3 Nov 8 07:04:59 mxgate1 postfix/dnsblog[2834]: addr 213.230.115.241 listed by domain zen.spamhaus.org as 127.0.0.4 Nov 8 07:04:59 mxgate1 postfix/dnsblog[2834]: addr 213.230.115.241 listed by domain zen.spamhaus.org as 127.0.0.11 Nov 8 07:04:59 mxgate1 postfix/dnsblog[2830]: addr 213.230.115.241 listed by domain cbl.abuseat.org as 127.0.0.2 Nov 8 07:04:59 mxgate1 postfix/dnsblog[2831]: addr 213.230.115.241 listed by domain b.barracudacentral.org as 127.0.0.2 Nov 8 07:04:59 mxgate1 postfix/postscreen[2829]: PREGREET 24 after 0.15 from [213.230.115.241]:34232: EHLO [213.230.115.241] Nov 8 07:04:59 mxgate1 postfix/postscreen[2829]: DNSBL rank 4 for [213.230.115.241]:34232 Nov x@x Nov 8 07:05:00 mxgate1 postfix/postscreen[2829]: HANGUP after 0.5 fr........ -------------------------------	2019-11-08 19:30:27

Type

Details

Datetime

attackspambots

Nov  8 07:04:59 mxgate1 postfix/postscreen[2829]: CONNECT from [213.230.115.241]:34232 to [176.31.12.44]:25
Nov  8 07:04:59 mxgate1 postfix/dnsblog[2834]: addr 213.230.115.241 listed by domain zen.spamhaus.org as 127.0.0.3
Nov  8 07:04:59 mxgate1 postfix/dnsblog[2834]: addr 213.230.115.241 listed by domain zen.spamhaus.org as 127.0.0.4
Nov  8 07:04:59 mxgate1 postfix/dnsblog[2834]: addr 213.230.115.241 listed by domain zen.spamhaus.org as 127.0.0.11
Nov  8 07:04:59 mxgate1 postfix/dnsblog[2830]: addr 213.230.115.241 listed by domain cbl.abuseat.org as 127.0.0.2
Nov  8 07:04:59 mxgate1 postfix/dnsblog[2831]: addr 213.230.115.241 listed by domain b.barracudacentral.org as 127.0.0.2
Nov  8 07:04:59 mxgate1 postfix/postscreen[2829]: PREGREET 24 after 0.15 from [213.230.115.241]:34232: EHLO [213.230.115.241]

Nov  8 07:04:59 mxgate1 postfix/postscreen[2829]: DNSBL rank 4 for [213.230.115.241]:34232
Nov x@x
Nov  8 07:05:00 mxgate1 postfix/postscreen[2829]: HANGUP after 0.5 fr........
-------------------------------

2019-11-08 19:30:27

Comments on same subnet:

IP	Type	Details	Datetime
213.230.115.204	spam	11118187	2020-09-28 14:05:44
213.230.115.204	spam	11118187	2020-09-28 14:05:39
213.230.115.204	attack	Unauthorized connection attempt detected from IP address 213.230.115.204 to port 5900	2020-05-31 03:22:47
213.230.115.207	attack	Automatic report - Port Scan Attack	2020-02-15 03:29:01
213.230.115.62	attack	Sat, 20 Jul 2019 21:54:34 +0000 likely compromised host or open proxy. ddos rate spidering	2019-07-21 12:55:18
213.230.115.112	attack	IP: 213.230.115.112 ASN: AS8193 Uzbektelekom Joint Stock Company Port: Simple Mail Transfer 25 Found in one or more Blacklists Date: 24/06/2019 12:00:43 PM UTC	2019-06-25 02:04:15

Whois info:

Dig info:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 213.230.115.241
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 44692
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;213.230.115.241.		IN	A

;; AUTHORITY SECTION:
.			10800	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019110800 1800 900 604800 86400

;; Query time: 1 msec
;; SERVER: 100.100.2.136#53(100.100.2.136)
;; WHEN: Fri Nov 08 19:35:06 CST 2019
;; MSG SIZE  rcvd: 119

Host info

241.115.230.213.in-addr.arpa domain name pointer 241.64.uzpak.uz.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
241.115.230.213.in-addr.arpa	name = 241.64.uzpak.uz.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
132.232.30.87	attackspam	Nov 4 10:16:06 server2 sshd[19757]: Invalid user ftp from 132.232.30.87 Nov 4 10:16:06 server2 sshd[19757]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=132.232.30.87 Nov 4 10:16:08 server2 sshd[19757]: Failed password for invalid user ftp from 132.232.30.87 port 60846 ssh2 Nov 4 10:16:08 server2 sshd[19757]: Received disconnect from 132.232.30.87: 11: Bye Bye [preauth] Nov 4 10:31:28 server2 sshd[20822]: Invalid user txxxxxxx from 132.232.30.87 Nov 4 10:31:28 server2 sshd[20822]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=132.232.30.87 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=132.232.30.87	2019-11-05 06:02:55
46.21.58.78	attackbotsspam	Honeypot attack, port: 5555, PTR: cpe-646397.ip.primehome.com.	2019-11-05 05:43:32
121.40.206.74	attackbots	port scan and connect, tcp 8080 (http-proxy)	2019-11-05 05:49:46
219.77.188.105	attackspambots	SSH Bruteforce attack	2019-11-05 05:57:03
94.191.28.110	attack	2019-11-01T07:27:54.042737ns547587 sshd\[25022\]: Invalid user plano from 94.191.28.110 port 34888 2019-11-01T07:27:54.049356ns547587 sshd\[25022\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=94.191.28.110 2019-11-01T07:27:56.100762ns547587 sshd\[25022\]: Failed password for invalid user plano from 94.191.28.110 port 34888 ssh2 2019-11-01T07:33:11.687039ns547587 sshd\[1428\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=94.191.28.110 user=root 2019-11-01T07:54:55.668719ns547587 sshd\[5725\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=94.191.28.110 user=root 2019-11-01T07:54:57.253774ns547587 sshd\[5725\]: Failed password for root from 94.191.28.110 port 45474 ssh2 2019-11-01T08:00:36.844641ns547587 sshd\[15322\]: Invalid user gozone from 94.191.28.110 port 55116 2019-11-01T08:00:36.848520ns547587 sshd\[15322\]: pam_unix\(sshd:auth\): authentica ...	2019-11-05 06:04:16
218.92.0.191	attack	Nov 4 15:58:23 dcd-gentoo sshd[10185]: User root from 218.92.0.191 not allowed because none of user's groups are listed in AllowGroups Nov 4 15:58:26 dcd-gentoo sshd[10185]: error: PAM: Authentication failure for illegal user root from 218.92.0.191 Nov 4 15:58:23 dcd-gentoo sshd[10185]: User root from 218.92.0.191 not allowed because none of user's groups are listed in AllowGroups Nov 4 15:58:26 dcd-gentoo sshd[10185]: error: PAM: Authentication failure for illegal user root from 218.92.0.191 Nov 4 15:58:23 dcd-gentoo sshd[10185]: User root from 218.92.0.191 not allowed because none of user's groups are listed in AllowGroups Nov 4 15:58:26 dcd-gentoo sshd[10185]: error: PAM: Authentication failure for illegal user root from 218.92.0.191 Nov 4 15:58:26 dcd-gentoo sshd[10185]: Failed keyboard-interactive/pam for invalid user root from 218.92.0.191 port 27460 ssh2 ...	2019-11-05 05:31:49
163.172.207.104	attackbotsspam	\[2019-11-04 16:11:32\] SECURITY\[2634\] res_security_log.c: SecurityEvent="FailedACL",EventTV="2019-11-04T16:11:32.338-0500",Severity="Error",Service="SIP",EventVersion="1",AccountID="900000000011972592277524",SessionID="0x7fdf2c003608",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/163.172.207.104/50063",ACLName="no_extension_match" \[2019-11-04 16:14:49\] SECURITY\[2634\] res_security_log.c: SecurityEvent="FailedACL",EventTV="2019-11-04T16:14:49.191-0500",Severity="Error",Service="SIP",EventVersion="1",AccountID="011972592277524",SessionID="0x7fdf2c3e3e58",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/163.172.207.104/63914",ACLName="no_extension_match" \[2019-11-04 16:16:40\] SECURITY\[2634\] res_security_log.c: SecurityEvent="FailedACL",EventTV="2019-11-04T16:16:40.517-0500",Severity="Error",Service="SIP",EventVersion="1",AccountID="011972595725636",SessionID="0x7fdf2c13bc28",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/163.172.207.104/52541",	2019-11-05 06:02:04
194.165.149.18	attackspambots	Honeypot attack, port: 445, PTR: PTR record not found	2019-11-05 05:31:07
46.90.94.197	attack	Port scan detected on ports: 8888[TCP], 8888[TCP], 8888[TCP]	2019-11-05 05:50:38
93.5.195.169	attackspambots	Nov 4 14:27:12 thevastnessof sshd[6094]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=93.5.195.169 ...	2019-11-05 05:48:41
91.134.227.180	attack	2019-11-04T16:56:49.690631abusebot-5.cloudsearch.cf sshd\[16810\]: Invalid user PA5sw0rd1 from 91.134.227.180 port 58420	2019-11-05 05:30:45
114.202.139.173	attackbotsspam	SSH brutforce	2019-11-05 05:56:18
190.98.96.105	attackbots	" "	2019-11-05 06:04:43
37.49.225.166	attack	Scanning random ports - tries to find possible vulnerable services	2019-11-05 06:00:03
114.246.11.178	attackbotsspam	Nov 5 01:26:35 lcl-usvr-02 sshd[29610]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=114.246.11.178 user=root Nov 5 01:26:37 lcl-usvr-02 sshd[29610]: Failed password for root from 114.246.11.178 port 36924 ssh2 Nov 5 01:31:33 lcl-usvr-02 sshd[30799]: Invalid user usuario from 114.246.11.178 port 45168 Nov 5 01:31:33 lcl-usvr-02 sshd[30799]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=114.246.11.178 Nov 5 01:31:33 lcl-usvr-02 sshd[30799]: Invalid user usuario from 114.246.11.178 port 45168 Nov 5 01:31:35 lcl-usvr-02 sshd[30799]: Failed password for invalid user usuario from 114.246.11.178 port 45168 ssh2 ...	2019-11-05 05:51:33

Recently Reported IPs

86.168.23.190	179.179.4.142	106.75.226.241	213.230.114.60
200.196.135.32	223.240.211.233	154.223.188.166	1.161.161.240
164.68.113.60	82.81.65.116	49.76.200.121	200.95.175.119
114.235.106.9	109.211.146.146	125.124.143.62	45.93.247.24
167.71.124.19	132.232.177.170	80.234.48.17	142.93.225.3