139.28.218.145

Basic Info

City: unknown

Region: unknown

Country: Romania

Internet Service Provider: M247 Europe SRL

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbotsspam	Postfix DNSBL listed. Trying to send SPAM.	2019-06-23 09:55:06

Comments on same subnet:

IP	Type	Details	Datetime
139.28.218.34	attack	22/tcp 27017/tcp 5900/tcp... [2020-05-05/07-05]41pkt,14pt.(tcp),3pt.(udp)	2020-07-06 01:59:22
139.28.218.34	attack	" "	2020-06-07 23:09:09
139.28.218.34	attack	TCP (SYN) 139.28.218.34:57239 -> port 11211, len 44	2020-05-24 18:34:57
139.28.218.77	attack	Brute force attack against VPN service	2020-04-18 14:09:10
139.28.218.34	attack	Honeypot hit.	2020-04-17 06:58:59
139.28.218.34	attackbotsspam	Honeypot hit.	2020-02-18 23:28:51
139.28.218.34	attackbotsspam	MultiHost/MultiPort Probe, Scan, Hack -	2020-02-13 18:29:58
139.28.218.34	attackbotsspam	" "	2020-02-04 17:02:15
139.28.218.34	attack	Portscan or hack attempt detected by psad/fwsnort	2020-01-11 08:28:43
139.28.218.34	attackspambots	MultiHost/MultiPort Probe, Scan, Hack -	2019-12-15 05:38:57
139.28.218.28	attackbots	TCP Port Scanning	2019-11-18 21:04:33
139.28.218.34	attack	Scanning random ports - tries to find possible vulnerable services	2019-11-03 07:56:18
139.28.218.34	attackbotsspam	VN - 1H : (90) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : VN NAME ASN : ASN9009 IP : 139.28.218.34 CIDR : 139.28.218.0/24 PREFIX COUNT : 1708 UNIQUE IP COUNT : 749056 WYKRYTE ATAKI Z ASN9009 : 1H - 1 3H - 3 6H - 5 12H - 7 24H - 9 INFO : SYN Flood DDoS Attack Denial-of-Service Attack (DoS) Detected and Blocked by ADMIN - data recovery https://help-dysk.pl	2019-09-11 23:33:40
139.28.218.130	attackspambots	Postfix DNSBL listed. Trying to send SPAM.	2019-07-08 02:56:39
139.28.218.137	attackbotsspam	Postfix DNSBL listed. Trying to send SPAM.	2019-06-27 22:09:25

Whois info:

Dig info:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 139.28.218.145
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 54624
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;139.28.218.145.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019051402 1800 900 604800 86400

;; Query time: 3 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Wed May 15 09:43:39 CST 2019
;; MSG SIZE  rcvd: 118

Host info

145.218.28.139.in-addr.arpa domain name pointer field.ductinmedi.com.

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
145.218.28.139.in-addr.arpa	name = field.ductinmedi.com.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
170.130.187.14	attackbotsspam	1596563916 - 08/04/2020 19:58:36 Host: 170.130.187.14/170.130.187.14 Port: 161 UDP Blocked ...	2020-08-05 04:35:42
51.38.8.73	attackbots	10 attempts against mh-pma-try-ban on sky	2020-08-05 04:59:50
61.19.127.228	attackbots	Aug 4 22:03:44 sso sshd[16829]: Failed password for root from 61.19.127.228 port 41266 ssh2 ...	2020-08-05 04:32:55
222.186.169.192	attackbotsspam	Aug 4 22:50:08 piServer sshd[29175]: Failed password for root from 222.186.169.192 port 54436 ssh2 Aug 4 22:50:12 piServer sshd[29175]: Failed password for root from 222.186.169.192 port 54436 ssh2 Aug 4 22:50:16 piServer sshd[29175]: Failed password for root from 222.186.169.192 port 54436 ssh2 Aug 4 22:50:19 piServer sshd[29175]: Failed password for root from 222.186.169.192 port 54436 ssh2 ...	2020-08-05 04:56:34
110.8.67.146	attackspam	Automatic report BANNED IP	2020-08-05 04:31:12
181.53.251.199	attackspambots	2020-08-04T19:51:28.603090ns386461 sshd\[4646\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=181.53.251.199 user=root 2020-08-04T19:51:30.684986ns386461 sshd\[4646\]: Failed password for root from 181.53.251.199 port 36330 ssh2 2020-08-04T19:57:55.437339ns386461 sshd\[10440\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=181.53.251.199 user=root 2020-08-04T19:57:57.649246ns386461 sshd\[10440\]: Failed password for root from 181.53.251.199 port 43248 ssh2 2020-08-04T20:02:15.307473ns386461 sshd\[14155\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=181.53.251.199 user=root ...	2020-08-05 04:40:53
27.37.178.88	attackspambots	Aug 4 22:04:21 roki sshd[17924]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=27.37.178.88 user=root Aug 4 22:04:23 roki sshd[17924]: Failed password for root from 27.37.178.88 port 45048 ssh2 Aug 4 22:23:46 roki sshd[19353]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=27.37.178.88 user=root Aug 4 22:23:48 roki sshd[19353]: Failed password for root from 27.37.178.88 port 11018 ssh2 Aug 4 22:40:24 roki sshd[20550]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=27.37.178.88 user=root ...	2020-08-05 04:50:11
190.145.5.170	attackspam	$f2bV_matches	2020-08-05 04:49:17
222.186.173.154	attack	Failed password for invalid user from 222.186.173.154 port 38612 ssh2	2020-08-05 05:01:06
111.177.73.140	attack	08/04/2020-13:58:23.080452 111.177.73.140 Protocol: 6 ET SCAN Suspicious inbound to MSSQL port 1433	2020-08-05 04:46:49
222.186.30.167	attackspam	Aug 4 20:43:14 rush sshd[15669]: Failed password for root from 222.186.30.167 port 11620 ssh2 Aug 4 20:43:16 rush sshd[15669]: Failed password for root from 222.186.30.167 port 11620 ssh2 Aug 4 20:43:19 rush sshd[15669]: Failed password for root from 222.186.30.167 port 11620 ssh2 ...	2020-08-05 04:43:54
183.88.243.95	attackspambots	Aug 4 11:58:30 Host-KLAX-C dovecot: imap-login: Disconnected (auth failed, 1 attempts in 11 secs): user=, method=PLAIN, rip=183.88.243.95, lip=185.198.26.142, TLS, session= ...	2020-08-05 04:40:36
62.234.59.145	attackbotsspam	Aug 4 22:37:29 ns382633 sshd\[32165\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=62.234.59.145 user=root Aug 4 22:37:31 ns382633 sshd\[32165\]: Failed password for root from 62.234.59.145 port 60236 ssh2 Aug 4 22:40:34 ns382633 sshd\[549\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=62.234.59.145 user=root Aug 4 22:40:36 ns382633 sshd\[549\]: Failed password for root from 62.234.59.145 port 34160 ssh2 Aug 4 22:43:31 ns382633 sshd\[852\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=62.234.59.145 user=root	2020-08-05 04:59:26
173.205.13.236	attack	Aug 4 21:01:05 nextcloud sshd\[21893\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=173.205.13.236 user=root Aug 4 21:01:07 nextcloud sshd\[21893\]: Failed password for root from 173.205.13.236 port 55354 ssh2 Aug 4 21:05:26 nextcloud sshd\[28745\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=173.205.13.236 user=root	2020-08-05 04:53:14
49.233.26.110	attackbotsspam	Aug 4 19:58:17 mellenthin sshd[1017]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.233.26.110 user=root Aug 4 19:58:18 mellenthin sshd[1017]: Failed password for invalid user root from 49.233.26.110 port 39490 ssh2	2020-08-05 04:49:46

Recently Reported IPs

243.248.242.48	156.150.55.239	84.178.168.80	122.161.56.239
32.191.89.156	211.128.235.204	185.153.229.92	118.97.39.51
4.181.237.210	239.237.140.231	40.92.115.155	79.25.108.130
187.210.14.156	53.124.141.211	186.107.69.203	35.63.134.175
144.12.162.250	196.32.97.1	206.152.39.1	190.105.117.221