45.228.215.139

Basic Info

City: unknown

Region: unknown

Country: Brazil

Internet Service Provider: J. Mater Provedores e Servicos de Telecom Ltda

Hostname: unknown

Organization: unknown

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Unauthorized connection attempt detected from IP address 45.228.215.139 to port 26	2020-07-10 02:38:23

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 45.228.215.139
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 9538
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;45.228.215.139.			IN	A

;; AUTHORITY SECTION:
.			597	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020070902 1800 900 604800 86400

;; Query time: 91 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Jul 10 02:38:20 CST 2020
;; MSG SIZE  rcvd: 118

Host info

139.215.228.45.in-addr.arpa domain name pointer 45-228-215-139.dynamic.mdnetfibra.com.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
139.215.228.45.in-addr.arpa	name = 45-228-215-139.dynamic.mdnetfibra.com.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
46.98.34.48	attack	1591129501 - 06/02/2020 22:25:01 Host: 46.98.34.48/46.98.34.48 Port: 445 TCP Blocked	2020-06-03 07:17:16
89.40.143.240	attackbotsspam	Jun 3 01:28:30 debian kernel: [39475.581318] [UFW BLOCK] IN=eth0 OUT= MAC=52:54:00:be:e4:65:08:e8:4f:6e:48:0c:08:00 SRC=89.40.143.240 DST=89.252.131.35 LEN=40 TOS=0x00 PREC=0x00 TTL=241 ID=50435 PROTO=TCP SPT=57572 DPT=3470 WINDOW=1024 RES=0x00 SYN URGP=0	2020-06-03 06:46:10
50.70.229.239	attackbots	odoo8 ...	2020-06-03 06:56:08
87.56.50.203	attackspambots	Jun 2 23:59:51 buvik sshd[412]: Failed password for root from 87.56.50.203 port 51440 ssh2 Jun 3 00:06:01 buvik sshd[27282]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=87.56.50.203 user=root Jun 3 00:06:03 buvik sshd[27282]: Failed password for root from 87.56.50.203 port 51441 ssh2 ...	2020-06-03 06:49:59
200.58.83.144	attack	Jun 2 20:25:08 *** sshd[17426]: User root from 200.58.83.144 not allowed because not listed in AllowUsers	2020-06-03 07:09:45
183.136.225.45	attackspambots	Jun 3 01:20:11 debian kernel: [38977.105511] [UFW BLOCK] IN=eth0 OUT= MAC=52:54:00:be:e4:65:08:e8:4f:6e:48:0c:08:00 SRC=183.136.225.45 DST=89.252.131.35 LEN=44 TOS=0x00 PREC=0x00 TTL=110 ID=53623 PROTO=TCP SPT=10901 DPT=6379 WINDOW=29200 RES=0x00 SYN URGP=0	2020-06-03 06:47:02
104.244.76.189	attackspambots	(mod_security) mod_security (id:225170) triggered by 104.244.76.189 (LU/Luxembourg/tor-exit-node): 5 in the last 3600 secs	2020-06-03 06:45:37
82.208.99.54	attackspambots	Jun 2 16:40:39 r.ca sshd[6109]: Failed password for root from 82.208.99.54 port 34302 ssh2	2020-06-03 07:15:48
103.145.12.123	attackbots	Multiport scan 21 ports : 5060(x2) 5061 5062 5063 5064 5065 5066 5067 5068 5069 5070 5071 5072 5073 5074 5075 5076 5077 5078 5079 5080	2020-06-03 07:13:48
94.250.255.187	attackbotsspam	2020-06-02T20:26:51.843281mail.arvenenaske.de sshd[4346]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=94.250.255.187 user=r.r 2020-06-02T20:26:53.483480mail.arvenenaske.de sshd[4346]: Failed password for r.r from 94.250.255.187 port 39460 ssh2 2020-06-02T20:30:36.391478mail.arvenenaske.de sshd[4353]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=94.250.255.187 user=r.r 2020-06-02T20:30:38.588438mail.arvenenaske.de sshd[4353]: Failed password for r.r from 94.250.255.187 port 49158 ssh2 2020-06-02T20:34:22.255874mail.arvenenaske.de sshd[4357]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=94.250.255.187 user=r.r 2020-06-02T20:34:24.478072mail.arvenenaske.de sshd[4357]: Failed password for r.r from 94.250.255.187 port 58856 ssh2 2020-06-02T20:38:06.492120mail.arvenenaske.de sshd[4368]: pam_unix(sshd:auth): authentication failure; logname= uid=0 ........ ------------------------------	2020-06-03 06:50:54
106.13.228.62	attackspam	Jun 3 00:31:20 * sshd[2292]: Failed password for root from 106.13.228.62 port 34040 ssh2	2020-06-03 06:45:09
104.236.115.5	attackbotsspam	Lines containing failures of 104.236.115.5 May 31 23:07:10 nextcloud sshd[8562]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.236.115.5 user=r.r May 31 23:07:12 nextcloud sshd[8562]: Failed password for r.r from 104.236.115.5 port 53512 ssh2 May 31 23:07:12 nextcloud sshd[8562]: Received disconnect from 104.236.115.5 port 53512:11: Bye Bye [preauth] May 31 23:07:12 nextcloud sshd[8562]: Disconnected from authenticating user r.r 104.236.115.5 port 53512 [preauth] May 31 23:19:44 nextcloud sshd[9964]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.236.115.5 user=r.r May 31 23:19:46 nextcloud sshd[9964]: Failed password for r.r from 104.236.115.5 port 43879 ssh2 May 31 23:19:47 nextcloud sshd[9964]: Received disconnect from 104.236.115.5 port 43879:11: Bye Bye [preauth] May 31 23:19:47 nextcloud sshd[9964]: Disconnected from authenticating user r.r 104.236.115.5 port 43879 [preauth........ ------------------------------	2020-06-03 06:55:06
69.94.235.219	attackbots	5x Failed Password	2020-06-03 07:19:32
115.127.71.29	attack	Jun 2 22:40:09 vps sshd[9335]: Failed password for root from 115.127.71.29 port 33710 ssh2 Jun 2 22:44:47 vps sshd[9586]: Failed password for root from 115.127.71.29 port 58662 ssh2 ...	2020-06-03 07:21:40
103.200.23.81	attack	Jun 1 01:17:12 ns sshd[18761]: Connection from 103.200.23.81 port 53424 on 134.119.36.27 port 22 Jun 1 01:17:14 ns sshd[18761]: User r.r from 103.200.23.81 not allowed because not listed in AllowUsers Jun 1 01:17:14 ns sshd[18761]: Failed password for invalid user r.r from 103.200.23.81 port 53424 ssh2 Jun 1 01:17:14 ns sshd[18761]: Received disconnect from 103.200.23.81 port 53424:11: Bye Bye [preauth] Jun 1 01:17:14 ns sshd[18761]: Disconnected from 103.200.23.81 port 53424 [preauth] Jun 1 01:29:10 ns sshd[10202]: Connection from 103.200.23.81 port 59626 on 134.119.36.27 port 22 Jun 1 01:29:11 ns sshd[10202]: User r.r from 103.200.23.81 not allowed because not listed in AllowUsers Jun 1 01:29:11 ns sshd[10202]: Failed password for invalid user r.r from 103.200.23.81 port 59626 ssh2 Jun 1 01:29:11 ns sshd[10202]: Received disconnect from 103.200.23.81 port 59626:11: Bye Bye [preauth] Jun 1 01:29:11 ns sshd[10202]: Disconnected from 103.200.23.81 port 59626 [p........ -------------------------------	2020-06-03 06:58:43

Recently Reported IPs

118.97.159.51	71.210.213.192	180.76.105.8	5.152.145.150
1.226.84.103	216.70.64.121	211.247.42.51	185.57.110.65
88.86.103.175	206.188.193.14	156.244.174.153	104.95.50.248
212.114.242.11	139.99.122.158	123.123.2.231	192.185.21.109
0.106.34.19	79.133.219.226	36.75.215.12	107.180.0.86