45.139.239.5 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Russian Federation

Internet Service Provider: Chernyshov Aleksandr Aleksandrovich

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Attempted Denial of Service PROTOCOL-DNS DNS query amplification attempt	2020-02-16 07:22:54

Comments on same subnet:

IP	Type	Details	Datetime
45.139.239.8	attackbotsspam	Feb 18 11:27:14 WHD8 postfix/smtpd\[77793\]: warning: unknown\[45.139.239.8\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Feb 18 11:27:33 WHD8 postfix/smtpd\[78255\]: warning: unknown\[45.139.239.8\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Feb 18 11:27:34 WHD8 postfix/smtpd\[78014\]: warning: unknown\[45.139.239.8\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Feb 18 11:27:53 WHD8 postfix/smtpd\[77793\]: warning: unknown\[45.139.239.8\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Feb 18 11:28:13 WHD8 postfix/smtpd\[78255\]: warning: unknown\[45.139.239.8\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Feb 18 11:28:16 WHD8 postfix/smtpd\[77793\]: warning: unknown\[45.139.239.8\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Feb 18 11:28:34 WHD8 postfix/smtpd\[78302\]: warning: unknown\[45.139.239.8\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Feb 18 11:28:35 WHD8 postfix/smtpd\[78255\]: warning: unknown\[45.139.239.8\]: SASL LOGIN authentication failed: UGFzc ...	2020-05-06 02:32:31
45.139.239.2	attackspambots	CloudCIX Reconnaissance Scan Detected, PTR: PTR record not found	2019-10-04 09:10:19

Type

Details

Datetime

45.139.239.8

attackbotsspam

Feb 18 11:27:14 WHD8 postfix/smtpd\[77793\]: warning: unknown\[45.139.239.8\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6
Feb 18 11:27:33 WHD8 postfix/smtpd\[78255\]: warning: unknown\[45.139.239.8\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6
Feb 18 11:27:34 WHD8 postfix/smtpd\[78014\]: warning: unknown\[45.139.239.8\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6
Feb 18 11:27:53 WHD8 postfix/smtpd\[77793\]: warning: unknown\[45.139.239.8\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6
Feb 18 11:28:13 WHD8 postfix/smtpd\[78255\]: warning: unknown\[45.139.239.8\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6
Feb 18 11:28:16 WHD8 postfix/smtpd\[77793\]: warning: unknown\[45.139.239.8\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6
Feb 18 11:28:34 WHD8 postfix/smtpd\[78302\]: warning: unknown\[45.139.239.8\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6
Feb 18 11:28:35 WHD8 postfix/smtpd\[78255\]: warning: unknown\[45.139.239.8\]: SASL LOGIN authentication failed: UGFzc
...

2020-05-06 02:32:31

45.139.239.2

attackspambots

CloudCIX Reconnaissance Scan Detected, PTR: PTR record not found

2019-10-04 09:10:19

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 45.139.239.5
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 44139
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;45.139.239.5.			IN	A

;; AUTHORITY SECTION:
.			431	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020021501 1800 900 604800 86400

;; Query time: 207 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Feb 16 07:22:51 CST 2020
;; MSG SIZE  rcvd: 116

Host info

Host 5.239.139.45.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 5.239.139.45.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
141.98.80.30	attackspam	Apr 13 00:57:49 srv01 postfix/smtpd\[16753\]: warning: unknown\[141.98.80.30\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Apr 13 00:58:07 srv01 postfix/smtpd\[16753\]: warning: unknown\[141.98.80.30\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Apr 13 00:58:33 srv01 postfix/smtpd\[16753\]: warning: unknown\[141.98.80.30\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Apr 13 00:58:33 srv01 postfix/smtpd\[17823\]: warning: unknown\[141.98.80.30\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Apr 13 00:58:37 srv01 postfix/smtpd\[17823\]: warning: unknown\[141.98.80.30\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Apr 13 00:58:37 srv01 postfix/smtpd\[16753\]: warning: unknown\[141.98.80.30\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2020-04-13 08:39:26
185.55.242.61	attackspam	20/4/13@00:00:00: FAIL: Alarm-Intrusion address from=185.55.242.61 ...	2020-04-13 12:03:02
190.121.25.248	attackspambots	DATE:2020-04-13 06:00:01, IP:190.121.25.248, PORT:ssh SSH brute force auth (docker-dc)	2020-04-13 12:01:00
122.51.50.210	attackbots	Ssh brute force	2020-04-13 08:37:56
111.229.216.155	attackbotsspam	Apr 13 01:59:56 MainVPS sshd[3375]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.229.216.155 user=root Apr 13 01:59:58 MainVPS sshd[3375]: Failed password for root from 111.229.216.155 port 48664 ssh2 Apr 13 02:04:56 MainVPS sshd[7587]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.229.216.155 user=root Apr 13 02:04:57 MainVPS sshd[7587]: Failed password for root from 111.229.216.155 port 45080 ssh2 Apr 13 02:09:56 MainVPS sshd[11944]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.229.216.155 user=root Apr 13 02:09:58 MainVPS sshd[11944]: Failed password for root from 111.229.216.155 port 41494 ssh2 ...	2020-04-13 08:24:36
106.52.116.101	attack	21 attempts against mh-ssh on cloud	2020-04-13 12:11:52
98.126.155.146	attackbots	1433/tcp [2020-04-12]1pkt	2020-04-13 08:45:15
101.124.70.81	attackbots	Apr 13 03:59:52 www_kotimaassa_fi sshd[20759]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=101.124.70.81 Apr 13 03:59:54 www_kotimaassa_fi sshd[20759]: Failed password for invalid user wwwroot from 101.124.70.81 port 53228 ssh2 ...	2020-04-13 12:10:30
106.13.37.213	attackbots	2020-04-12T17:28:30.3401311495-001 sshd[15881]: Failed password for invalid user ubnt from 106.13.37.213 port 50016 ssh2 2020-04-12T17:48:22.6102011495-001 sshd[16878]: Invalid user informix from 106.13.37.213 port 51402 2020-04-12T17:48:22.6187321495-001 sshd[16878]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.37.213 2020-04-12T17:48:22.6102011495-001 sshd[16878]: Invalid user informix from 106.13.37.213 port 51402 2020-04-12T17:48:24.8369381495-001 sshd[16878]: Failed password for invalid user informix from 106.13.37.213 port 51402 ssh2 2020-04-12T17:53:00.8523541495-001 sshd[17034]: Invalid user news from 106.13.37.213 port 52540 ...	2020-04-13 08:30:53
68.183.133.156	attackbots	Invalid user vsifax from 68.183.133.156 port 55920	2020-04-13 08:28:31
112.85.42.178	attackspambots	Apr 13 05:59:46 minden010 sshd[7049]: Failed password for root from 112.85.42.178 port 20208 ssh2 Apr 13 05:59:50 minden010 sshd[7049]: Failed password for root from 112.85.42.178 port 20208 ssh2 Apr 13 05:59:52 minden010 sshd[7049]: Failed password for root from 112.85.42.178 port 20208 ssh2 Apr 13 05:59:59 minden010 sshd[7049]: error: maximum authentication attempts exceeded for root from 112.85.42.178 port 20208 ssh2 [preauth] ...	2020-04-13 12:03:47
222.186.175.140	attackspambots	2020-04-12T20:20:34.085559xentho-1 sshd[237688]: Failed password for root from 222.186.175.140 port 30794 ssh2 2020-04-12T20:20:27.538217xentho-1 sshd[237688]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.140 user=root 2020-04-12T20:20:29.796260xentho-1 sshd[237688]: Failed password for root from 222.186.175.140 port 30794 ssh2 2020-04-12T20:20:34.085559xentho-1 sshd[237688]: Failed password for root from 222.186.175.140 port 30794 ssh2 2020-04-12T20:20:37.849279xentho-1 sshd[237688]: Failed password for root from 222.186.175.140 port 30794 ssh2 2020-04-12T20:20:27.538217xentho-1 sshd[237688]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.140 user=root 2020-04-12T20:20:29.796260xentho-1 sshd[237688]: Failed password for root from 222.186.175.140 port 30794 ssh2 2020-04-12T20:20:34.085559xentho-1 sshd[237688]: Failed password for root from 222.186.175.140 port 30794 ssh2 2020-0 ...	2020-04-13 08:26:37
45.133.99.7	attackbotsspam	Apr 13 06:09:35 relay postfix/smtpd\[17872\]: warning: unknown\[45.133.99.7\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Apr 13 06:09:53 relay postfix/smtpd\[30465\]: warning: unknown\[45.133.99.7\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Apr 13 06:10:11 relay postfix/smtpd\[17871\]: warning: unknown\[45.133.99.7\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Apr 13 06:10:31 relay postfix/smtpd\[17871\]: warning: unknown\[45.133.99.7\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Apr 13 06:12:13 relay postfix/smtpd\[17870\]: warning: unknown\[45.133.99.7\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2020-04-13 12:14:00
222.186.180.9	attack	Apr 13 04:11:34 sshgateway sshd\[5806\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.180.9 user=root Apr 13 04:11:36 sshgateway sshd\[5806\]: Failed password for root from 222.186.180.9 port 32184 ssh2 Apr 13 04:11:50 sshgateway sshd\[5806\]: error: maximum authentication attempts exceeded for root from 222.186.180.9 port 32184 ssh2 \[preauth\]	2020-04-13 12:15:12
92.63.194.70	attackbots	Trying ports that it shouldn't be.	2020-04-13 12:13:36

Recently Reported IPs

143.255.0.235	42.98.108.180	180.124.195.95	186.28.130.53
143.208.251.11	85.13.101.172	116.178.224.232	192.21.187.119
27.158.142.118	175.100.38.163	171.235.68.248	215.181.200.200
123.138.241.13	93.176.182.65	143.208.233.179	114.33.221.230
196.202.80.143	143.208.203.10	78.189.17.33	143.208.194.205