45.252.245.239

Basic Info

City: unknown

Region: unknown

Country: Vietnam

Internet Service Provider: The Authority of Central Post

Hostname: unknown

Organization: Central Post and Telecommunication (CPT)

Usage Type: Government

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspam	Honeypot attack, port: 445, PTR: PTR record not found	2020-04-23 00:31:34
attackbotsspam	Port 1433 Scan	2020-01-24 06:28:15
attackbots	Unauthorized connection attempt from IP address 45.252.245.239 on Port 445(SMB)	2020-01-16 19:23:41
attackspam	SMB Server BruteForce Attack	2019-09-13 03:55:52

Comments on same subnet:

IP	Type	Details	Datetime
45.252.245.242	attack	May 14 14:27:47 ns381471 sshd[8882]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.252.245.242 May 14 14:27:49 ns381471 sshd[8882]: Failed password for invalid user supervisor from 45.252.245.242 port 44110 ssh2	2020-05-14 21:44:43
45.252.245.252	attackspambots	1582865799 - 02/28/2020 05:56:39 Host: 45.252.245.252/45.252.245.252 Port: 445 TCP Blocked	2020-02-28 13:41:05
45.252.245.237	attackbotsspam	1580360316 - 01/30/2020 05:58:36 Host: 45.252.245.237/45.252.245.237 Port: 445 TCP Blocked	2020-01-30 19:32:13
45.252.245.238	attackspambots	Unauthorized connection attempt from IP address 45.252.245.238 on Port 445(SMB)	2020-01-24 06:41:08
45.252.245.234	attackbotsspam	1577025911 - 12/22/2019 15:45:11 Host: 45.252.245.234/45.252.245.234 Port: 445 TCP Blocked	2019-12-23 06:05:12
45.252.245.240	attackspam	Unauthorised access (Jul 6) SRC=45.252.245.240 LEN=52 TTL=116 ID=9648 DF TCP DPT=445 WINDOW=8192 SYN	2019-07-06 16:05:43
45.252.245.248	attack	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-07-03 18:49:58,368 INFO [shellcode_manager] (45.252.245.248) no match, writing hexdump (bb7dbdaf028665e9e7835b1a95f65a7a :13628) - SMB (Unknown)	2019-07-05 17:27:29

Whois info:

Dig info:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 45.252.245.239
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 6439
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;45.252.245.239.			IN	A

;; AUTHORITY SECTION:
.			630	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019061300 1800 900 604800 86400

;; Query time: 0 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Thu Jun 13 17:47:16 CST 2019
;; MSG SIZE  rcvd: 118

Host info

Host 239.245.252.45.in-addr.arpa not found: 2(SERVFAIL)

Nslookup info:

;; Got SERVFAIL reply from 67.207.67.2, trying next server
Server:		67.207.67.3
Address:	67.207.67.3#53

** server can't find 239.245.252.45.in-addr.arpa: SERVFAIL

Related IP info:

Related comments:

IP	Type	Details	Datetime
157.51.234.151	attackspam	Automatic report - Port Scan	2019-12-25 19:09:51
179.52.247.34	attackbots	2019-12-25T07:23:51.3211071240 sshd\[16087\]: Invalid user pi from 179.52.247.34 port 41126 2019-12-25T07:23:51.3724421240 sshd\[16089\]: Invalid user pi from 179.52.247.34 port 24692 2019-12-25T07:23:51.4763021240 sshd\[16087\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=179.52.247.34 2019-12-25T07:23:51.5265131240 sshd\[16089\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=179.52.247.34 ...	2019-12-25 18:53:46
95.251.166.83	attackbots	Wordpress login scanning	2019-12-25 19:13:05
23.129.64.190	attackspam	proto=tcp . spt=34978 . dpt=25 . (Found on talos Dec 25) (216)	2019-12-25 19:24:18
36.90.40.99	attackspam	Unauthorized connection attempt detected from IP address 36.90.40.99 to port 8291	2019-12-25 18:55:43
14.187.119.239	attack	Dec 25 00:22:59 mailman postfix/smtpd[4137]: warning: unknown[14.187.119.239]: SASL PLAIN authentication failed: authentication failure	2019-12-25 19:17:29
182.86.224.252	attack	Scanning	2019-12-25 19:11:38
82.117.244.85	attackbotsspam	email spam	2019-12-25 19:29:52
84.236.185.247	attackbots	email spam	2019-12-25 19:33:00
119.113.186.72	attack	[portscan] tcp/21 [FTP] [scan/connect: 12 time(s)] *(RWIN=65535)(12251243)	2019-12-25 19:17:46
45.82.153.142	attack	Dec 25 11:05:09 srv01 postfix/smtpd\[10631\]: warning: unknown\[45.82.153.142\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Dec 25 11:05:25 srv01 postfix/smtpd\[28457\]: warning: unknown\[45.82.153.142\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Dec 25 11:11:31 srv01 postfix/smtpd\[16432\]: warning: unknown\[45.82.153.142\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Dec 25 11:11:49 srv01 postfix/smtpd\[10631\]: warning: unknown\[45.82.153.142\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Dec 25 11:19:14 srv01 postfix/smtpd\[1236\]: warning: unknown\[45.82.153.142\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2019-12-25 18:56:23
185.250.62.242	attackspam	Automatic report - Port Scan Attack	2019-12-25 19:34:47
14.212.15.63	attack	Scanning	2019-12-25 19:09:24
120.92.153.47	attackbots	Unauthorized connection attempt from IP address 120.92.153.47 on Port 25(SMTP)	2019-12-25 19:02:31
65.31.127.80	attack	$f2bV_matches	2019-12-25 19:11:56

Recently Reported IPs

36.189.211.39	45.35.198.43	72.84.154.140	32.202.93.36
79.156.59.128	89.40.201.204	209.176.105.34	168.227.124.31
196.50.89.44	202.22.244.89	79.118.149.25	179.187.197.233
152.200.1.180	110.23.178.135	216.145.62.207	176.27.120.162
129.139.162.124	59.50.161.197	220.24.249.81	31.229.64.164