45.252.245.239

Basic Info

City: unknown

Region: unknown

Country: Vietnam

Internet Service Provider: The Authority of Central Post

Hostname: unknown

Organization: Central Post and Telecommunication (CPT)

Usage Type: Government

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspam	Honeypot attack, port: 445, PTR: PTR record not found	2020-04-23 00:31:34
attackbotsspam	Port 1433 Scan	2020-01-24 06:28:15
attackbots	Unauthorized connection attempt from IP address 45.252.245.239 on Port 445(SMB)	2020-01-16 19:23:41
attackspam	SMB Server BruteForce Attack	2019-09-13 03:55:52

Comments on same subnet:

IP	Type	Details	Datetime
45.252.245.242	attack	May 14 14:27:47 ns381471 sshd[8882]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.252.245.242 May 14 14:27:49 ns381471 sshd[8882]: Failed password for invalid user supervisor from 45.252.245.242 port 44110 ssh2	2020-05-14 21:44:43
45.252.245.252	attackspambots	1582865799 - 02/28/2020 05:56:39 Host: 45.252.245.252/45.252.245.252 Port: 445 TCP Blocked	2020-02-28 13:41:05
45.252.245.237	attackbotsspam	1580360316 - 01/30/2020 05:58:36 Host: 45.252.245.237/45.252.245.237 Port: 445 TCP Blocked	2020-01-30 19:32:13
45.252.245.238	attackspambots	Unauthorized connection attempt from IP address 45.252.245.238 on Port 445(SMB)	2020-01-24 06:41:08
45.252.245.234	attackbotsspam	1577025911 - 12/22/2019 15:45:11 Host: 45.252.245.234/45.252.245.234 Port: 445 TCP Blocked	2019-12-23 06:05:12
45.252.245.240	attackspam	Unauthorised access (Jul 6) SRC=45.252.245.240 LEN=52 TTL=116 ID=9648 DF TCP DPT=445 WINDOW=8192 SYN	2019-07-06 16:05:43
45.252.245.248	attack	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-07-03 18:49:58,368 INFO [shellcode_manager] (45.252.245.248) no match, writing hexdump (bb7dbdaf028665e9e7835b1a95f65a7a :13628) - SMB (Unknown)	2019-07-05 17:27:29

Whois info:

Dig info:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 45.252.245.239
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 6439
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;45.252.245.239.			IN	A

;; AUTHORITY SECTION:
.			630	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019061300 1800 900 604800 86400

;; Query time: 0 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Thu Jun 13 17:47:16 CST 2019
;; MSG SIZE  rcvd: 118

Host info

Host 239.245.252.45.in-addr.arpa not found: 2(SERVFAIL)

Nslookup info:

;; Got SERVFAIL reply from 67.207.67.2, trying next server
Server:		67.207.67.3
Address:	67.207.67.3#53

** server can't find 239.245.252.45.in-addr.arpa: SERVFAIL

Related IP info:

Related comments:

IP	Type	Details	Datetime
109.75.46.55	attackspam	port scan and connect, tcp 23 (telnet)	2020-02-19 06:43:37
115.159.185.71	attackbotsspam	Feb 19 01:22:45 server sshd\[20912\]: Invalid user user3 from 115.159.185.71 Feb 19 01:22:45 server sshd\[20912\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=115.159.185.71 Feb 19 01:22:47 server sshd\[20912\]: Failed password for invalid user user3 from 115.159.185.71 port 50044 ssh2 Feb 19 01:27:53 server sshd\[21753\]: Invalid user backup from 115.159.185.71 Feb 19 01:27:53 server sshd\[21753\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=115.159.185.71 ...	2020-02-19 06:28:43
162.144.126.209	attackbotsspam	Feb 18 23:24:00 markkoudstaal sshd[13850]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=162.144.126.209 Feb 18 23:24:02 markkoudstaal sshd[13850]: Failed password for invalid user dc from 162.144.126.209 port 50224 ssh2 Feb 18 23:25:00 markkoudstaal sshd[14046]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=162.144.126.209	2020-02-19 06:48:07
27.72.102.190	attack	Feb 18 18:59:41 firewall sshd[10646]: Invalid user robert from 27.72.102.190 Feb 18 18:59:43 firewall sshd[10646]: Failed password for invalid user robert from 27.72.102.190 port 57364 ssh2 Feb 18 19:01:55 firewall sshd[10751]: Invalid user robert from 27.72.102.190 ...	2020-02-19 07:00:22
112.85.42.173	attack	Feb 18 22:29:02 localhost sshd\[90938\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.173 user=root Feb 18 22:29:04 localhost sshd\[90938\]: Failed password for root from 112.85.42.173 port 8681 ssh2 Feb 18 22:29:07 localhost sshd\[90938\]: Failed password for root from 112.85.42.173 port 8681 ssh2 Feb 18 22:29:10 localhost sshd\[90938\]: Failed password for root from 112.85.42.173 port 8681 ssh2 Feb 18 22:29:14 localhost sshd\[90938\]: Failed password for root from 112.85.42.173 port 8681 ssh2 ...	2020-02-19 06:35:12
61.164.216.178	attackspambots	Honeypot attack, port: 445, PTR: 178.216.164.61.dial.wz.zj.dynamic.163data.com.cn.	2020-02-19 06:51:35
82.231.159.170	attack	Brute force attack against VPN service	2020-02-19 06:37:41
78.186.197.49	attackspambots	Unauthorized connection attempt from IP address 78.186.197.49 on Port 445(SMB)	2020-02-19 06:27:07
178.46.213.115	attackspam	MultiHost/MultiPort Probe, Scan, Hack -	2020-02-19 06:58:50
210.56.6.75	attack	Unauthorized connection attempt from IP address 210.56.6.75 on Port 445(SMB)	2020-02-19 06:36:16
123.243.25.76	attackspam	detected by Fail2Ban	2020-02-19 06:26:50
112.85.42.188	attack	02/18/2020-17:29:04.680700 112.85.42.188 Protocol: 6 ET SCAN Potential SSH Scan	2020-02-19 06:29:12
222.186.180.147	attackspam	Feb 18 23:34:40 host sshd\[20923\]: Unable to negotiate with 222.186.180.147 port 13042: no matching key exchange method found. Their offer: diffie-hellman-group1-sha1,diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha1 \[preauth\]	2020-02-19 06:35:56
109.208.105.51	attackspam	Feb 18 23:15:08 silence02 sshd[13445]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=109.208.105.51 Feb 18 23:15:10 silence02 sshd[13445]: Failed password for invalid user cpanelrrdtool from 109.208.105.51 port 45086 ssh2 Feb 18 23:18:23 silence02 sshd[14255]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=109.208.105.51	2020-02-19 06:33:16
115.176.192.127	attackbots	Unauthorized connection attempt from IP address 115.176.192.127 on Port 445(SMB)	2020-02-19 06:43:14

Recently Reported IPs

36.189.211.39	45.35.198.43	72.84.154.140	32.202.93.36
79.156.59.128	89.40.201.204	209.176.105.34	168.227.124.31
196.50.89.44	202.22.244.89	79.118.149.25	179.187.197.233
152.200.1.180	110.23.178.135	216.145.62.207	176.27.120.162
129.139.162.124	59.50.161.197	220.24.249.81	31.229.64.164