145.239.2.3 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: France

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
145.239.29.12	spam	Exploit.RTF-ObfsStrm.Gen	2025-01-23 20:00:43
145.239.23.196	spamattack	PHISHING AND SPAM ATTACK FROM "Wealth Loophole - eqyeyrp@storages.moscow - " : SUBJECT "Citizens are already raking in millions of dollars from home using this "wealth loophole" " : RECEIVED "from storages.moscow (media1.worldbtcnews.com [145.239.23.196] " : DATE/TIMESENT "Wed, 17 Mar 2021 01:53:17 ": IP ADDRESS "inetnum: 145.239.23.192 - 145.239.23.207 OrgName: Information Technologies AltinSoft" :	2021-03-17 15:31:29
145.239.29.217	attackspam	wp-login.php	2020-10-06 02:01:23
145.239.29.217	attack	Attempt to hack Wordpress Login, XMLRPC or other login	2020-10-05 17:49:52
145.239.29.217	attackbotsspam	(PERMBLOCK) 145.239.29.217 (PL/Poland/ip-145-239-29.eu) has had more than 4 temp blocks in the last 86400 secs; Ports: *; Direction: inout; Trigger: LF_PERMBLOCK_COUNT; Logs:	2020-09-29 23:35:29
145.239.29.71	attack	(mod_security) mod_security (id:210492) triggered by 145.239.29.71 (FR/France/-): 5 in the last 3600 secs	2020-09-25 03:30:39
145.239.29.71	attack	(mod_security) mod_security (id:210492) triggered by 145.239.29.71 (FR/France/-): 5 in the last 3600 secs	2020-09-24 19:15:18
145.239.29.217	attackbotsspam	145.239.29.217 - - [21/Sep/2020:06:50:02 +0100] "POST /wp-login.php HTTP/1.1" 200 1861 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 145.239.29.217 - - [21/Sep/2020:06:50:02 +0100] "POST /wp-login.php HTTP/1.1" 200 1839 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 145.239.29.217 - - [21/Sep/2020:06:50:03 +0100] "POST /xmlrpc.php HTTP/1.1" 403 219 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-09-21 15:37:58
145.239.29.217	attackbots	145.239.29.217 - - [20/Sep/2020:21:50:22 +0100] "POST /wp-login.php HTTP/1.1" 200 2520 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 145.239.29.217 - - [20/Sep/2020:21:50:23 +0100] "POST /wp-login.php HTTP/1.1" 200 2572 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 145.239.29.217 - - [20/Sep/2020:21:50:23 +0100] "POST /xmlrpc.php HTTP/1.1" 403 219 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-09-21 07:31:58
145.239.211.242	attackbots	"XSS Attack Detected via libinjection - Matched Data: XSS data found within ARGS_NAMES:	2020-09-20 14:20:31
145.239.211.242	attackspambots	145.239.211.242 - - [19/Sep/2020:23:10:49 +0100] "POST /wp-login.php HTTP/1.1" 200 2191 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 145.239.211.242 - - [19/Sep/2020:23:10:50 +0100] "POST /wp-login.php HTTP/1.1" 200 2173 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 145.239.211.242 - - [19/Sep/2020:23:10:50 +0100] "POST /xmlrpc.php HTTP/1.1" 403 219 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-09-20 06:20:08
145.239.29.217	attack	145.239.29.217 - - [14/Sep/2020:08:51:41 +0200] "GET /wp-login.php HTTP/1.1" 200 8558 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 145.239.29.217 - - [14/Sep/2020:08:51:44 +0200] "POST /wp-login.php HTTP/1.1" 200 8809 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 145.239.29.217 - - [14/Sep/2020:08:51:44 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-09-14 23:59:46
145.239.29.217	attackspam	145.239.29.217 - - [14/Sep/2020:08:51:41 +0200] "GET /wp-login.php HTTP/1.1" 200 8558 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 145.239.29.217 - - [14/Sep/2020:08:51:44 +0200] "POST /wp-login.php HTTP/1.1" 200 8809 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 145.239.29.217 - - [14/Sep/2020:08:51:44 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-09-14 15:45:13
145.239.29.217	attack	145.239.29.217 - - [13/Sep/2020:18:59:28 +0100] "POST /wp-login.php HTTP/1.1" 200 2401 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 145.239.29.217 - - [13/Sep/2020:18:59:29 +0100] "POST /wp-login.php HTTP/1.1" 200 2415 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 145.239.29.217 - - [13/Sep/2020:18:59:29 +0100] "POST /xmlrpc.php HTTP/1.1" 403 219 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-09-14 07:38:29
145.239.29.217	attackspam	GET /wp-login.php HTTP/1.1	2020-09-14 00:21:04

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 145.239.2.3
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 23576
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;145.239.2.3.			IN	A

;; AUTHORITY SECTION:
.			596	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022022700 1800 900 604800 86400

;; Query time: 175 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Feb 27 14:17:59 CST 2022
;; MSG SIZE  rcvd: 104

Host info

3.2.239.145.in-addr.arpa domain name pointer lim4.dobar.hosting.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
3.2.239.145.in-addr.arpa	name = lim4.dobar.hosting.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
51.75.146.122	attack	Sep 21 19:46:23 ny01 sshd[22355]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.75.146.122 Sep 21 19:46:25 ny01 sshd[22355]: Failed password for invalid user duchon from 51.75.146.122 port 58502 ssh2 Sep 21 19:50:16 ny01 sshd[23055]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.75.146.122	2019-09-22 08:39:48
80.245.112.134	attack	Sep 22 03:05:01 server sshd\[19193\]: User root from 80.245.112.134 not allowed because listed in DenyUsers Sep 22 03:05:01 server sshd\[19193\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.245.112.134 user=root Sep 22 03:05:03 server sshd\[19193\]: Failed password for invalid user root from 80.245.112.134 port 60314 ssh2 Sep 22 03:09:46 server sshd\[10164\]: Invalid user test from 80.245.112.134 port 46134 Sep 22 03:09:46 server sshd\[10164\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.245.112.134	2019-09-22 08:13:23
51.83.15.30	attack	Sep 21 13:39:51 hcbb sshd\[13243\]: Invalid user yuri from 51.83.15.30 Sep 21 13:39:51 hcbb sshd\[13243\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.83.15.30 Sep 21 13:39:53 hcbb sshd\[13243\]: Failed password for invalid user yuri from 51.83.15.30 port 37270 ssh2 Sep 21 13:44:10 hcbb sshd\[13589\]: Invalid user ubuntu from 51.83.15.30 Sep 21 13:44:10 hcbb sshd\[13589\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.83.15.30	2019-09-22 08:26:52
181.45.207.101	attackspambots	Unauthorized connection attempt from IP address 181.45.207.101 on Port 445(SMB)	2019-09-22 08:36:42
188.166.30.203	attackspam	Sep 21 21:59:51 web8 sshd\[11561\]: Invalid user 1234 from 188.166.30.203 Sep 21 21:59:51 web8 sshd\[11561\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=188.166.30.203 Sep 21 21:59:53 web8 sshd\[11561\]: Failed password for invalid user 1234 from 188.166.30.203 port 33854 ssh2 Sep 21 22:03:53 web8 sshd\[13390\]: Invalid user maintain from 188.166.30.203 Sep 21 22:03:53 web8 sshd\[13390\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=188.166.30.203	2019-09-22 08:28:30
122.10.90.4	attackspam	Unauthorized connection attempt from IP address 122.10.90.4 on Port 445(SMB)	2019-09-22 08:18:49
140.246.32.143	attack	Sep 21 14:10:41 web9 sshd\[5550\]: Invalid user uk from 140.246.32.143 Sep 21 14:10:41 web9 sshd\[5550\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.246.32.143 Sep 21 14:10:44 web9 sshd\[5550\]: Failed password for invalid user uk from 140.246.32.143 port 40902 ssh2 Sep 21 14:13:54 web9 sshd\[6125\]: Invalid user hko from 140.246.32.143 Sep 21 14:13:54 web9 sshd\[6125\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.246.32.143	2019-09-22 08:18:23
58.56.251.170	attackbotsspam	Unauthorized connection attempt from IP address 58.56.251.170 on Port 445(SMB)	2019-09-22 08:16:53
99.242.104.24	attackbots	SSH-BruteForce	2019-09-22 08:42:36
139.170.149.161	attackbotsspam	Sep 21 23:48:29 hcbbdb sshd\[15917\]: Invalid user ip from 139.170.149.161 Sep 21 23:48:29 hcbbdb sshd\[15917\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.170.149.161 Sep 21 23:48:32 hcbbdb sshd\[15917\]: Failed password for invalid user ip from 139.170.149.161 port 54752 ssh2 Sep 21 23:53:33 hcbbdb sshd\[16533\]: Invalid user rv from 139.170.149.161 Sep 21 23:53:33 hcbbdb sshd\[16533\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.170.149.161	2019-09-22 08:14:23
51.83.77.224	attackbots	Sep 21 11:44:16 hanapaa sshd\[5734\]: Invalid user membership from 51.83.77.224 Sep 21 11:44:16 hanapaa sshd\[5734\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=224.ip-51-83-77.eu Sep 21 11:44:18 hanapaa sshd\[5734\]: Failed password for invalid user membership from 51.83.77.224 port 39534 ssh2 Sep 21 11:48:16 hanapaa sshd\[6043\]: Invalid user anna from 51.83.77.224 Sep 21 11:48:16 hanapaa sshd\[6043\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=224.ip-51-83-77.eu	2019-09-22 08:29:41
106.12.17.169	attackbots	Sep 22 01:38:13 ns41 sshd[1863]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.17.169	2019-09-22 08:04:32
61.69.254.46	attack	Sep 21 14:06:20 web1 sshd\[29885\]: Invalid user harris from 61.69.254.46 Sep 21 14:06:20 web1 sshd\[29885\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.69.254.46 Sep 21 14:06:21 web1 sshd\[29885\]: Failed password for invalid user harris from 61.69.254.46 port 47044 ssh2 Sep 21 14:11:36 web1 sshd\[30392\]: Invalid user vinci from 61.69.254.46 Sep 21 14:11:36 web1 sshd\[30392\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.69.254.46	2019-09-22 08:21:04
186.215.143.149	attack	186.215.143.149 - - [21/Sep/2019:23:31:50 +0200] "POST /wp-login.php HTTP/1.1" 200 4522 "http://mib-epas-consortium.com/wp-login.php" "Mozilla/5.0 (Windows NT 6.1; rv:60.0) Gecko/20100101 Firefox/60.0" 186.215.143.149 - - [21/Sep/2019:23:31:51 +0200] "POST /wp-login.php HTTP/1.1" 200 4522 "http://mib-epas-consortium.com/wp-login.php" "Mozilla/5.0 (Windows NT 6.1; rv:60.0) Gecko/20100101 Firefox/60.0" 186.215.143.149 - - [21/Sep/2019:23:31:52 +0200] "POST /wp-login.php HTTP/1.1" 200 4522 "http://mib-epas-consortium.com/wp-login.php" "Mozilla/5.0 (Windows NT 6.1; rv:60.0) Gecko/20100101 Firefox/60.0" 186.215.143.149 - - [21/Sep/2019:23:31:53 +0200] "POST /wp-login.php HTTP/1.1" 200 4522 "http://mib-epas-consortium.com/wp-login.php" "Mozilla/5.0 (Windows NT 6.1; rv:60.0) Gecko/20100101 Firefox/60.0" 186.215.143.149 - - [21/Sep/2019:23:31:54 +0200] "POST /wp-login.php HTTP/1.1" 200 4522 "http://mib-epas-consortium.com/wp-login.php" "Mozilla/5.0 (Windows NT 6.1; rv:60.0) Gecko/20100101 Firefox/60.0" 186.215.143.14	2019-09-22 08:43:46
206.214.2.71	attack	Chat Spam	2019-09-22 08:32:03

Recently Reported IPs

145.239.220.204	145.239.200.120	145.239.222.146	145.239.214.142
145.239.232.101	145.239.238.243	145.239.233.77	145.239.24.216
145.239.244.182	145.239.25.246	145.239.252.136	145.239.232.133
145.239.244.173	145.239.245.118	145.239.25.187	145.239.252.229
145.239.254.81	145.239.255.227	145.239.3.236	145.239.3.48