45.252.245.239

Basic Info

City: unknown

Region: unknown

Country: Vietnam

Internet Service Provider: The Authority of Central Post

Hostname: unknown

Organization: Central Post and Telecommunication (CPT)

Usage Type: Government

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspam	Honeypot attack, port: 445, PTR: PTR record not found	2020-04-23 00:31:34
attackbotsspam	Port 1433 Scan	2020-01-24 06:28:15
attackbots	Unauthorized connection attempt from IP address 45.252.245.239 on Port 445(SMB)	2020-01-16 19:23:41
attackspam	SMB Server BruteForce Attack	2019-09-13 03:55:52

Comments on same subnet:

IP	Type	Details	Datetime
45.252.245.242	attack	May 14 14:27:47 ns381471 sshd[8882]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.252.245.242 May 14 14:27:49 ns381471 sshd[8882]: Failed password for invalid user supervisor from 45.252.245.242 port 44110 ssh2	2020-05-14 21:44:43
45.252.245.252	attackspambots	1582865799 - 02/28/2020 05:56:39 Host: 45.252.245.252/45.252.245.252 Port: 445 TCP Blocked	2020-02-28 13:41:05
45.252.245.237	attackbotsspam	1580360316 - 01/30/2020 05:58:36 Host: 45.252.245.237/45.252.245.237 Port: 445 TCP Blocked	2020-01-30 19:32:13
45.252.245.238	attackspambots	Unauthorized connection attempt from IP address 45.252.245.238 on Port 445(SMB)	2020-01-24 06:41:08
45.252.245.234	attackbotsspam	1577025911 - 12/22/2019 15:45:11 Host: 45.252.245.234/45.252.245.234 Port: 445 TCP Blocked	2019-12-23 06:05:12
45.252.245.240	attackspam	Unauthorised access (Jul 6) SRC=45.252.245.240 LEN=52 TTL=116 ID=9648 DF TCP DPT=445 WINDOW=8192 SYN	2019-07-06 16:05:43
45.252.245.248	attack	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-07-03 18:49:58,368 INFO [shellcode_manager] (45.252.245.248) no match, writing hexdump (bb7dbdaf028665e9e7835b1a95f65a7a :13628) - SMB (Unknown)	2019-07-05 17:27:29

Whois info:

Dig info:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 45.252.245.239
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 6439
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;45.252.245.239.			IN	A

;; AUTHORITY SECTION:
.			630	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019061300 1800 900 604800 86400

;; Query time: 0 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Thu Jun 13 17:47:16 CST 2019
;; MSG SIZE  rcvd: 118

Host info

Host 239.245.252.45.in-addr.arpa not found: 2(SERVFAIL)

Nslookup info:

;; Got SERVFAIL reply from 67.207.67.2, trying next server
Server:		67.207.67.3
Address:	67.207.67.3#53

** server can't find 239.245.252.45.in-addr.arpa: SERVFAIL

Related IP info:

Related comments:

IP	Type	Details	Datetime
164.132.110.223	attackbots	Oct 26 07:00:23 www5 sshd\[31514\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=164.132.110.223 user=root Oct 26 07:00:25 www5 sshd\[31514\]: Failed password for root from 164.132.110.223 port 56958 ssh2 Oct 26 07:05:36 www5 sshd\[32691\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=164.132.110.223 user=root ...	2019-10-26 15:46:11
118.71.97.120	attackbots	1433/tcp [2019-10-26]1pkt	2019-10-26 16:13:00
103.219.112.61	attackbotsspam	Oct 26 03:48:50 unicornsoft sshd\[31273\]: User root from 103.219.112.61 not allowed because not listed in AllowUsers Oct 26 03:48:50 unicornsoft sshd\[31273\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.219.112.61 user=root Oct 26 03:48:51 unicornsoft sshd\[31273\]: Failed password for invalid user root from 103.219.112.61 port 57286 ssh2	2019-10-26 16:03:32
49.88.112.72	attack	2019-10-26T08:01:06.314462abusebot-7.cloudsearch.cf sshd\[23557\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.88.112.72 user=root	2019-10-26 16:06:45
45.252.249.148	attackbotsspam	Invalid user smtpuser from 45.252.249.148 port 58628	2019-10-26 15:50:03
82.200.149.100	attackspambots	445/tcp [2019-10-26]1pkt	2019-10-26 15:48:05
104.40.4.51	attackspambots	'Fail2Ban'	2019-10-26 16:22:34
46.185.116.180	attack	fell into ViewStateTrap:vaduz	2019-10-26 16:13:44
218.65.34.160	attack	Automatic report - Port Scan	2019-10-26 15:59:19
81.150.71.181	attackbots	88/tcp [2019-10-26]1pkt	2019-10-26 15:49:40
54.38.186.84	attackspam	2019-10-26T05:49:18.784263abusebot-6.cloudsearch.cf sshd\[16776\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=84.ip-54-38-186.eu user=root	2019-10-26 15:56:16
187.107.172.225	attackspam	23/tcp [2019-10-26]1pkt	2019-10-26 16:05:38
81.177.1.99	attackbotsspam	81/tcp [2019-10-26]1pkt	2019-10-26 15:51:13
79.73.61.16	attackbotsspam	23/tcp [2019-10-26]1pkt	2019-10-26 16:09:30
190.131.188.13	attackspam	Automatic report - Port Scan Attack	2019-10-26 16:09:50

Recently Reported IPs

36.189.211.39	45.35.198.43	72.84.154.140	32.202.93.36
79.156.59.128	89.40.201.204	209.176.105.34	168.227.124.31
196.50.89.44	202.22.244.89	79.118.149.25	179.187.197.233
152.200.1.180	110.23.178.135	216.145.62.207	176.27.120.162
129.139.162.124	59.50.161.197	220.24.249.81	31.229.64.164