45.252.245.252

Basic Info

City: unknown

Region: unknown

Country: Viet Nam

Internet Service Provider: The Authority of Central Post

Hostname: unknown

Organization: unknown

Usage Type: Government

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspambots	1582865799 - 02/28/2020 05:56:39 Host: 45.252.245.252/45.252.245.252 Port: 445 TCP Blocked	2020-02-28 13:41:05

Comments on same subnet:

IP	Type	Details	Datetime
45.252.245.242	attack	May 14 14:27:47 ns381471 sshd[8882]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.252.245.242 May 14 14:27:49 ns381471 sshd[8882]: Failed password for invalid user supervisor from 45.252.245.242 port 44110 ssh2	2020-05-14 21:44:43
45.252.245.239	attackspam	Honeypot attack, port: 445, PTR: PTR record not found	2020-04-23 00:31:34
45.252.245.237	attackbotsspam	1580360316 - 01/30/2020 05:58:36 Host: 45.252.245.237/45.252.245.237 Port: 445 TCP Blocked	2020-01-30 19:32:13
45.252.245.238	attackspambots	Unauthorized connection attempt from IP address 45.252.245.238 on Port 445(SMB)	2020-01-24 06:41:08
45.252.245.239	attackbotsspam	Port 1433 Scan	2020-01-24 06:28:15
45.252.245.239	attackbots	Unauthorized connection attempt from IP address 45.252.245.239 on Port 445(SMB)	2020-01-16 19:23:41
45.252.245.234	attackbotsspam	1577025911 - 12/22/2019 15:45:11 Host: 45.252.245.234/45.252.245.234 Port: 445 TCP Blocked	2019-12-23 06:05:12
45.252.245.239	attackspam	SMB Server BruteForce Attack	2019-09-13 03:55:52
45.252.245.240	attackspam	Unauthorised access (Jul 6) SRC=45.252.245.240 LEN=52 TTL=116 ID=9648 DF TCP DPT=445 WINDOW=8192 SYN	2019-07-06 16:05:43
45.252.245.248	attack	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-07-03 18:49:58,368 INFO [shellcode_manager] (45.252.245.248) no match, writing hexdump (bb7dbdaf028665e9e7835b1a95f65a7a :13628) - SMB (Unknown)	2019-07-05 17:27:29

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 45.252.245.252
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 14806
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;45.252.245.252.			IN	A

;; AUTHORITY SECTION:
.			375	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020022800 1800 900 604800 86400

;; Query time: 144 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Feb 28 13:40:58 CST 2020
;; MSG SIZE  rcvd: 118

Host info

Host 252.245.252.45.in-addr.arpa not found: 2(SERVFAIL)

Nslookup info:

;; Got SERVFAIL reply from 183.60.83.19, trying next server
Server:		183.60.82.98
Address:	183.60.82.98#53

** server can't find 252.245.252.45.in-addr.arpa: SERVFAIL

Related IP info:

Related comments:

IP	Type	Details	Datetime
118.140.252.230	attackbots	Port 22 Scan, PTR: None	2020-06-22 04:07:50
185.220.101.247	attackspambots	goldgier-watches-purchase.com:80 185.220.101.247 - - [21/Jun/2020:14:09:20 +0200] "POST /xmlrpc.php HTTP/1.0" 301 525 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_11_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/68.0.3440.106 Safari/537.36" goldgier-watches-purchase.com 185.220.101.247 [21/Jun/2020:14:09:21 +0200] "POST /xmlrpc.php HTTP/1.0" 302 3435 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_11_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/68.0.3440.106 Safari/537.36"	2020-06-22 04:07:13
77.53.144.115	attackbots	Unauthorized connection attempt detected from IP address 77.53.144.115 to port 443	2020-06-22 03:50:37
180.76.53.88	attackspambots	$f2bV_matches	2020-06-22 03:32:03
69.51.16.248	attackspambots	Jun 21 20:34:41 odroid64 sshd\[30433\]: User root from 69.51.16.248 not allowed because not listed in AllowUsers Jun 21 20:34:41 odroid64 sshd\[30433\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=69.51.16.248 user=root ...	2020-06-22 04:04:19
167.172.216.29	attack	Jun 21 14:48:09 vlre-nyc-1 sshd\[22200\]: Invalid user redmine from 167.172.216.29 Jun 21 14:48:09 vlre-nyc-1 sshd\[22200\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.172.216.29 Jun 21 14:48:11 vlre-nyc-1 sshd\[22200\]: Failed password for invalid user redmine from 167.172.216.29 port 49554 ssh2 Jun 21 14:53:16 vlre-nyc-1 sshd\[22756\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.172.216.29 user=root Jun 21 14:53:18 vlre-nyc-1 sshd\[22756\]: Failed password for root from 167.172.216.29 port 55200 ssh2 ...	2020-06-22 03:39:47
193.228.91.11	attack	$f2bV_matches \| Triggered by Fail2Ban at Vostok web server	2020-06-22 03:33:22
106.124.140.36	attackspam	Too many connections or unauthorized access detected from Arctic banned ip	2020-06-22 03:46:28
193.56.28.103	attackbots	2020-06-19 08:59:03 no host name found for IP address 193.56.28.103 2020-06-19 09:00:43 no host name found for IP address 193.56.28.103 2020-06-19 09:02:32 no host name found for IP address 193.56.28.103 2020-06-19 09:04:28 no host name found for IP address 193.56.28.103 2020-06-19 09:06:28 no host name found for IP address 193.56.28.103 2020-06-19 09:08:34 no host name found for IP address 193.56.28.103 2020-06-19 09:10:43 no host name found for IP address 193.56.28.103 2020-06-19 09:12:54 no host name found for IP address 193.56.28.103 2020-06-19 09:15:05 no host name found for IP address 193.56.28.103 2020-06-19 09:17:17 no host name found for IP address 193.56.28.103 2020-06-19 09:19:31 no host name found for IP address 193.56.28.103 2020-06-19 09:21:44 no host name found for IP address 193.56.28.103 2020-06-19 09:23:56 no host name found for IP address 193.56.28.103 2020-06-19 09:26:09 no host name found for IP address 193.56.28.103 2020-06-19 09:28:20 no host name ........ ------------------------------	2020-06-22 03:44:23
80.82.77.245	attackspam	80.82.77.245 was recorded 6 times by 4 hosts attempting to connect to the following ports: 136,158. Incident counter (4h, 24h, all-time): 6, 37, 24314	2020-06-22 03:38:38
194.26.29.25	attackbots	Jun 21 21:26:01 debian-2gb-nbg1-2 kernel: \[15026240.497669\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=194.26.29.25 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=241 ID=9502 PROTO=TCP SPT=45609 DPT=606 WINDOW=1024 RES=0x00 SYN URGP=0	2020-06-22 03:47:25
178.116.86.211	attack	Port 22 Scan, PTR: None	2020-06-22 03:49:45
69.60.23.149	attackspam	Microsoft SQL Server User Authentication Brute Force Attempt , PTR: PTR record not found	2020-06-22 03:43:55
158.69.197.113	attackspambots	Port Scan detected from 158.69.197.113 (CA/Canada/Quebec/Montreal (Ville-Marie)/113.ip-158-69-197.net). 4 hits in the last 115 seconds	2020-06-22 03:54:14
92.63.197.61	attackbotsspam	RU_ITDELUXE-MNT_<177>1592766990 [1:2402000:5581] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2]: {TCP} 92.63.197.61:51680	2020-06-22 03:52:32

Recently Reported IPs

223.16.232.54	85.95.165.171	117.203.218.72	115.85.73.53
103.21.167.28	113.160.97.163	151.48.1.185	211.226.196.141
115.73.239.211	252.207.159.58	243.151.236.244	200.2.182.185
244.89.223.132	186.9.106.152	190.146.52.164	237.23.255.216
189.15.136.46	202.138.248.85	149.49.111.251	213.166.168.53