145.239.253.3 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: France

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
145.239.253.188	attack	Automatic report - Port Scan Attack	2020-08-19 05:02:01
145.239.253.29	attackbotsspam	145.239.253.29 - - [26/Nov/2019:15:39:29 +0100] "GET /wp-login.php HTTP/1.1" 200 1256 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 145.239.253.29 - - [26/Nov/2019:15:39:29 +0100] "POST /wp-login.php HTTP/1.1" 200 1651 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 145.239.253.29 - - [26/Nov/2019:15:39:30 +0100] "GET /wp-login.php HTTP/1.1" 200 1256 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 145.239.253.29 - - [26/Nov/2019:15:39:30 +0100] "POST /wp-login.php HTTP/1.1" 200 1629 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 145.239.253.29 - - [26/Nov/2019:15:39:30 +0100] "GET /wp-login.php HTTP/1.1" 200 1256 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 145.239.253.29 - - [26/Nov/2019:15:39:31 +0100] "POST /wp-login.php HTTP/1.1" 200 1626 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2019-11-27 04:25:58
145.239.253.73	attackspam	WEB Masscan Scanner Activity	2019-11-20 08:50:46
145.239.253.29	attackbotsspam	pfaffenroth-photographie.de 145.239.253.29 \[19/Nov/2019:07:26:59 +0100\] "POST /wp-login.php HTTP/1.1" 200 8452 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" pfaffenroth-photographie.de 145.239.253.29 \[19/Nov/2019:07:27:00 +0100\] "POST /wp-login.php HTTP/1.1" 200 8452 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" pfaffenroth-photographie.de 145.239.253.29 \[19/Nov/2019:07:27:01 +0100\] "POST /wp-login.php HTTP/1.1" 200 8452 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0"	2019-11-19 16:20:50
145.239.253.73	attackbotsspam	145.239.253.73 was recorded 5 times by 2 hosts attempting to connect to the following ports: 80. Incident counter (4h, 24h, all-time): 5, 9, 48	2019-11-12 04:12:18
145.239.253.73	attackspam	WEB server attack.	2019-11-10 22:24:17
145.239.253.73	attackspambots	145.239.253.73 was recorded 5 times by 3 hosts attempting to connect to the following ports: 80. Incident counter (4h, 24h, all-time): 5, 18, 38	2019-11-09 04:04:58

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 145.239.253.3
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 52496
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;145.239.253.3.			IN	A

;; AUTHORITY SECTION:
.			599	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022022700 1800 900 604800 86400

;; Query time: 14 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Feb 27 14:18:06 CST 2022
;; MSG SIZE  rcvd: 106

Host info

3.253.239.145.in-addr.arpa domain name pointer uk20.fastdirectadminserver.com.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
3.253.239.145.in-addr.arpa	name = uk20.fastdirectadminserver.com.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
41.67.59.14	attackspambots	Honeypot attack, port: 445, PTR: PTR record not found	2019-08-26 19:29:55
104.42.250.222	attackspam	Aug 26 13:29:56 tux-35-217 sshd\[28351\]: Invalid user jeremy from 104.42.250.222 port 58982 Aug 26 13:29:56 tux-35-217 sshd\[28351\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.42.250.222 Aug 26 13:29:58 tux-35-217 sshd\[28351\]: Failed password for invalid user jeremy from 104.42.250.222 port 58982 ssh2 Aug 26 13:36:44 tux-35-217 sshd\[28366\]: Invalid user clock from 104.42.250.222 port 51916 Aug 26 13:36:44 tux-35-217 sshd\[28366\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.42.250.222 ...	2019-08-26 20:12:30
51.81.18.72	attackspambots	SSHAttack	2019-08-26 19:27:39
178.128.37.180	attackbots	Aug 26 13:37:09 vps647732 sshd[18597]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.128.37.180 Aug 26 13:37:10 vps647732 sshd[18597]: Failed password for invalid user admin from 178.128.37.180 port 52452 ssh2 ...	2019-08-26 19:50:49
117.146.251.138	attackspam	Portscan or hack attempt detected by psad/fwsnort	2019-08-26 20:14:27
216.245.197.254	attack	Honeypot attack, port: 81, PTR: 254-197-245-216.static.reverse.lstn.net.	2019-08-26 20:04:59
220.132.75.167	attackspambots	Aug 26 05:49:42 legacy sshd[27319]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=220.132.75.167 Aug 26 05:49:44 legacy sshd[27319]: Failed password for invalid user mia from 220.132.75.167 port 50412 ssh2 Aug 26 05:55:04 legacy sshd[27460]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=220.132.75.167 ...	2019-08-26 19:46:06
159.89.162.118	attack	Aug 26 09:37:10 minden010 sshd[2117]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.89.162.118 Aug 26 09:37:12 minden010 sshd[2117]: Failed password for invalid user mariadb from 159.89.162.118 port 53944 ssh2 Aug 26 09:41:47 minden010 sshd[4076]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.89.162.118 ...	2019-08-26 19:55:06
103.1.40.189	attack	Automatic report - Banned IP Access	2019-08-26 19:25:37
103.3.226.228	attackspam	Aug 26 06:55:09 [host] sshd[20304]: Invalid user redis2 from 103.3.226.228 Aug 26 06:55:09 [host] sshd[20304]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.3.226.228 Aug 26 06:55:11 [host] sshd[20304]: Failed password for invalid user redis2 from 103.3.226.228 port 51844 ssh2	2019-08-26 20:17:53
140.143.17.156	attackbotsspam	Aug 26 07:42:10 localhost sshd\[23894\]: Invalid user sninenet from 140.143.17.156 Aug 26 07:42:10 localhost sshd\[23894\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.143.17.156 Aug 26 07:42:12 localhost sshd\[23894\]: Failed password for invalid user sninenet from 140.143.17.156 port 49840 ssh2 Aug 26 07:47:38 localhost sshd\[24393\]: Invalid user melisenda from 140.143.17.156 Aug 26 07:47:38 localhost sshd\[24393\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.143.17.156 ...	2019-08-26 20:17:37
46.101.187.76	attackspam	Lines containing failures of 46.101.187.76 Aug 26 05:07:17 nxxxxxxx sshd[12541]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=46.101.187.76 user=r.r Aug 26 05:07:19 nxxxxxxx sshd[12541]: Failed password for r.r from 46.101.187.76 port 53328 ssh2 Aug 26 05:07:19 nxxxxxxx sshd[12541]: Received disconnect from 46.101.187.76 port 53328:11: Bye Bye [preauth] Aug 26 05:07:19 nxxxxxxx sshd[12541]: Disconnected from authenticating user r.r 46.101.187.76 port 53328 [preauth] Aug 26 05:20:42 nxxxxxxx sshd[14574]: Invalid user water from 46.101.187.76 port 55594 Aug 26 05:20:42 nxxxxxxx sshd[14574]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=46.101.187.76 Aug 26 05:20:44 nxxxxxxx sshd[14574]: Failed password for invalid user water from 46.101.187.76 port 55594 ssh2 Aug 26 05:20:44 nxxxxxxx sshd[14574]: Received disconnect from 46.101.187.76 port 55594:11: Bye Bye [preauth] Aug 26 05:20:44 nxxxx........ ------------------------------	2019-08-26 19:51:47
61.7.190.253	attackspam	Lines containing failures of 61.7.190.253 Aug 26 05:18:30 shared09 sshd[26564]: Invalid user admin from 61.7.190.253 port 37664 Aug 26 05:18:30 shared09 sshd[26564]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.7.190.253 Aug 26 05:18:32 shared09 sshd[26564]: Failed password for invalid user admin from 61.7.190.253 port 37664 ssh2 Aug 26 05:18:32 shared09 sshd[26564]: Connection closed by invalid user admin 61.7.190.253 port 37664 [preauth] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=61.7.190.253	2019-08-26 19:38:52
106.13.74.162	attack	Aug 26 10:59:14 DAAP sshd[25898]: Invalid user natasha from 106.13.74.162 port 33972 Aug 26 10:59:14 DAAP sshd[25898]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.74.162 Aug 26 10:59:14 DAAP sshd[25898]: Invalid user natasha from 106.13.74.162 port 33972 Aug 26 10:59:16 DAAP sshd[25898]: Failed password for invalid user natasha from 106.13.74.162 port 33972 ssh2 ...	2019-08-26 19:17:40
167.99.14.153	attackbotsspam	WordPress login Brute force / Web App Attack on client site.	2019-08-26 19:24:28

Recently Reported IPs

145.239.3.215	145.239.255.55	145.239.3.73	145.239.35.3
145.239.31.58	145.239.35.10	145.239.41.96	145.239.49.15
219.197.56.155	145.239.54.209	145.239.58.140	145.239.4.160
145.239.58.152	145.239.75.192	145.239.7.171	145.239.7.138
145.239.66.201	145.239.54.217	145.239.7.12	145.239.62.157