213.238.234.108

Basic Info

City: Kungälv

Region: Västra Götaland

Country: Sweden

Internet Service Provider: Ownit Broadband AB

Hostname: unknown

Organization: unknown

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspam	MultiHost/MultiPort Probe, Scan, Hack -	2020-02-18 05:24:41

Comments on same subnet:

IP	Type	Details	Datetime
213.238.234.94	attackspambots	MultiHost/MultiPort Probe, Scan, Hack -	2020-02-18 05:20:18

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 213.238.234.108
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 57043
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;213.238.234.108.		IN	A

;; AUTHORITY SECTION:
.			479	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020021701 1800 900 604800 86400

;; Query time: 109 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Feb 18 05:24:38 CST 2020
;; MSG SIZE  rcvd: 119

Host info

108.234.238.213.in-addr.arpa domain name pointer 213-238-234-108.customers.ownit.se.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
108.234.238.213.in-addr.arpa	name = 213-238-234-108.customers.ownit.se.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
138.197.5.224	attackbots	138.197.5.224 - - [28/Oct/2019:06:48:20 +0100] "GET /wp-login.php HTTP/1.1" 200 1122 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 138.197.5.224 - - [28/Oct/2019:06:48:20 +0100] "GET /wp-login.php HTTP/1.1" 200 1122 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 138.197.5.224 - - [28/Oct/2019:06:48:21 +0100] "POST /wp-login.php HTTP/1.1" 200 1486 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 138.197.5.224 - - [28/Oct/2019:06:48:21 +0100] "POST /wp-login.php HTTP/1.1" 200 1503 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 138.197.5.224 - - [28/Oct/2019:06:48:21 +0100] "GET /wp-login.php HTTP/1.1" 200 1122 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 138.197.5.224 - - [28/Oct/2019:06:48:21 +0100] "GET /wp-login.php HTTP/1.1" 200 1122 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2019-10-28 17:39:40
68.183.84.213	attackbotsspam	10/28/2019-04:48:57.586375 68.183.84.213 Protocol: 6 ET POLICY Cleartext WordPress Login	2019-10-28 17:33:02
104.238.73.216	attack	WordPress wp-login brute force :: 104.238.73.216 0.196 BYPASS [28/Oct/2019:03:49:27 0000] [censored_1] "POST /wp-login.php HTTP/1.1" 200 1472 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2019-10-28 17:14:16
139.155.71.154	attack	Oct 28 06:28:05 pl3server sshd[21773]: Invalid user ubnt from 139.155.71.154 Oct 28 06:28:05 pl3server sshd[21773]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.71.154 Oct 28 06:28:07 pl3server sshd[21773]: Failed password for invalid user ubnt from 139.155.71.154 port 43678 ssh2 Oct 28 06:28:07 pl3server sshd[21773]: Received disconnect from 139.155.71.154: 11: Bye Bye [preauth] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=139.155.71.154	2019-10-28 17:32:18
211.110.140.200	attackspam	Oct 28 10:11:06 srv206 sshd[14258]: Invalid user mysql from 211.110.140.200 Oct 28 10:11:06 srv206 sshd[14258]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=211.110.140.200 Oct 28 10:11:06 srv206 sshd[14258]: Invalid user mysql from 211.110.140.200 Oct 28 10:11:08 srv206 sshd[14258]: Failed password for invalid user mysql from 211.110.140.200 port 52050 ssh2 ...	2019-10-28 17:34:13
206.189.92.150	attackspambots	Oct 27 23:31:34 eola sshd[3733]: Invalid user maja from 206.189.92.150 port 56964 Oct 27 23:31:34 eola sshd[3733]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=206.189.92.150 Oct 27 23:31:36 eola sshd[3733]: Failed password for invalid user maja from 206.189.92.150 port 56964 ssh2 Oct 27 23:31:36 eola sshd[3733]: Received disconnect from 206.189.92.150 port 56964:11: Bye Bye [preauth] Oct 27 23:31:36 eola sshd[3733]: Disconnected from 206.189.92.150 port 56964 [preauth] Oct 27 23:43:23 eola sshd[4018]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=206.189.92.150 user=r.r Oct 27 23:43:25 eola sshd[4018]: Failed password for r.r from 206.189.92.150 port 50316 ssh2 Oct 27 23:43:25 eola sshd[4018]: Received disconnect from 206.189.92.150 port 50316:11: Bye Bye [preauth] Oct 27 23:43:25 eola sshd[4018]: Disconnected from 206.189.92.150 port 50316 [preauth] Oct 27 23:47:36 eola sshd[4144]: ........ -------------------------------	2019-10-28 17:30:33
106.12.17.107	attack	Oct 27 21:25:39 auw2 sshd\[4170\]: Invalid user ftp from 106.12.17.107 Oct 27 21:25:39 auw2 sshd\[4170\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.17.107 Oct 27 21:25:41 auw2 sshd\[4170\]: Failed password for invalid user ftp from 106.12.17.107 port 52692 ssh2 Oct 27 21:30:42 auw2 sshd\[4569\]: Invalid user kingofking from 106.12.17.107 Oct 27 21:30:42 auw2 sshd\[4569\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.17.107	2019-10-28 17:19:21
159.203.141.208	attackspambots	2019-10-27T23:58:08.697233ns525875 sshd\[3951\]: Invalid user upload from 159.203.141.208 port 43894 2019-10-27T23:58:08.703859ns525875 sshd\[3951\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.203.141.208 2019-10-27T23:58:10.851798ns525875 sshd\[3951\]: Failed password for invalid user upload from 159.203.141.208 port 43894 ssh2 2019-10-28T00:01:32.682304ns525875 sshd\[8325\]: Invalid user natasha from 159.203.141.208 port 54076 2019-10-28T00:01:32.685424ns525875 sshd\[8325\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.203.141.208 2019-10-28T00:01:34.837531ns525875 sshd\[8325\]: Failed password for invalid user natasha from 159.203.141.208 port 54076 ssh2 2019-10-28T00:04:57.818626ns525875 sshd\[12893\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.203.141.208 user=root 2019-10-28T00:05:00.446672ns525875 sshd\[12893\]: Failed passwor ...	2019-10-28 17:36:15
129.211.10.228	attackbotsspam	Invalid user Admin from 129.211.10.228 port 39546	2019-10-28 17:34:59
122.224.243.156	attack	Mail/25/465/587-993/995 Probe, Reject, BadAuth, Hack, SPAM -	2019-10-28 17:27:28
113.28.150.75	attackspambots	2019-10-18T08:21:45.494928ns525875 sshd\[29057\]: Invalid user 123 from 113.28.150.75 port 50561 2019-10-18T08:21:45.501636ns525875 sshd\[29057\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=113.28.150.75 2019-10-18T08:21:47.766516ns525875 sshd\[29057\]: Failed password for invalid user 123 from 113.28.150.75 port 50561 ssh2 2019-10-18T08:25:44.986705ns525875 sshd\[1490\]: Invalid user 123456 from 113.28.150.75 port 47265 2019-10-18T08:25:44.993503ns525875 sshd\[1490\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=113.28.150.75 2019-10-18T08:25:47.066012ns525875 sshd\[1490\]: Failed password for invalid user 123456 from 113.28.150.75 port 47265 ssh2 2019-10-18T08:29:38.810769ns525875 sshd\[6395\]: Invalid user dawn from 113.28.150.75 port 53313 2019-10-18T08:29:38.817031ns525875 sshd\[6395\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=113.28.150.7 ...	2019-10-28 17:07:16
167.99.77.94	attackspam	2019-10-15T07:08:00.475273ns525875 sshd\[10979\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.99.77.94 user=root 2019-10-15T07:08:02.953194ns525875 sshd\[10979\]: Failed password for root from 167.99.77.94 port 45862 ssh2 2019-10-15T07:12:14.589622ns525875 sshd\[16230\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.99.77.94 user=root 2019-10-15T07:12:16.936840ns525875 sshd\[16230\]: Failed password for root from 167.99.77.94 port 56352 ssh2 2019-10-15T07:16:38.178204ns525875 sshd\[21606\]: Invalid user com from 167.99.77.94 port 38612 2019-10-15T07:16:38.186379ns525875 sshd\[21606\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.99.77.94 2019-10-15T07:16:40.107613ns525875 sshd\[21606\]: Failed password for invalid user com from 167.99.77.94 port 38612 ssh2 2019-10-15T07:21:01.844266ns525875 sshd\[26937\]: Invalid user Qwerty!@ from 167. ...	2019-10-28 17:41:40
132.232.125.152	attackbots	Oct 28 00:48:42 firewall sshd[10564]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=132.232.125.152 Oct 28 00:48:42 firewall sshd[10564]: Invalid user ubnt from 132.232.125.152 Oct 28 00:48:43 firewall sshd[10564]: Failed password for invalid user ubnt from 132.232.125.152 port 44088 ssh2 ...	2019-10-28 17:37:36
200.111.137.132	attackbots	2019-10-28T09:05:58.571752abusebot.cloudsearch.cf sshd\[18897\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.111.137.132 user=root	2019-10-28 17:17:39
69.30.232.22	attack	[portscan] Port scan	2019-10-28 17:21:53

Recently Reported IPs

195.96.81.254	185.76.10.106	61.3.70.111	213.238.216.166
131.0.31.126	191.163.108.82	172.245.68.246	214.80.195.82
178.245.253.10	113.117.109.41	21.125.125.158	31.173.83.192
43.229.90.104	5.239.238.43	213.238.198.93	169.57.207.244
45.238.204.28	31.173.86.98	66.181.161.78	36.85.3.149