5.239.2.11 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Iran (Islamic Republic of)

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
5.239.241.115	attack	20/7/26@00:14:45: FAIL: Alarm-Network address from=5.239.241.115 ...	2020-07-26 17:59:41
5.239.241.237	attackbotsspam	06/24/2020-23:51:04.432530 5.239.241.237 Protocol: 6 ET SCAN Suspicious inbound to MSSQL port 1433	2020-06-25 17:04:18
5.239.244.252	attackspam	May 11 22:33:28 haigwepa sshd[11441]: Failed password for games from 5.239.244.252 port 50454 ssh2 May 11 22:37:22 haigwepa sshd[11672]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.239.244.252 ...	2020-05-12 04:48:00
5.239.244.252	attackbots	Apr 27 07:23:59 [host] sshd[4029]: Invalid user sk Apr 27 07:23:59 [host] sshd[4029]: pam_unix(sshd:a Apr 27 07:24:00 [host] sshd[4029]: Failed password	2020-04-27 13:33:09
5.239.244.252	attackspambots	SSH bruteforce	2020-04-24 15:10:08
5.239.244.252	attackspambots	Apr 19 09:46:20 l03 sshd[32750]: Invalid user admin from 5.239.244.252 port 50194 ...	2020-04-19 18:56:08
5.239.244.252	attackbotsspam	leo_www	2020-04-10 18:32:01
5.239.244.252	attack	Mar 30 05:56:41 mail sshd\[20937\]: Invalid user ffl from 5.239.244.252 Mar 30 05:56:41 mail sshd\[20937\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.239.244.252 Mar 30 05:56:43 mail sshd\[20937\]: Failed password for invalid user ffl from 5.239.244.252 port 40968 ssh2 ...	2020-03-30 12:27:40
5.239.244.252	attackbotsspam	Mar 25 00:25:11 vps691689 sshd[18007]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.239.244.252 Mar 25 00:25:13 vps691689 sshd[18007]: Failed password for invalid user prova from 5.239.244.252 port 52690 ssh2 Mar 25 00:30:09 vps691689 sshd[18153]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.239.244.252 ...	2020-03-25 07:37:09
5.239.244.252	attack	Mar 20 17:39:09 firewall sshd[18325]: Invalid user aj from 5.239.244.252 Mar 20 17:39:11 firewall sshd[18325]: Failed password for invalid user aj from 5.239.244.252 port 33506 ssh2 Mar 20 17:46:17 firewall sshd[18905]: Invalid user casidhe from 5.239.244.252 ...	2020-03-21 05:46:46
5.239.244.252	attack	Invalid user cloud from 5.239.244.252 port 36972	2020-03-07 20:37:51
5.239.238.43	attackbotsspam	Unauthorized connection attempt from IP address 5.239.238.43 on Port 445(SMB)	2020-02-18 05:34:34
5.239.255.226	attack	Unauthorized connection attempt detected from IP address 5.239.255.226 to port 80 [J]	2020-01-07 20:33:07
5.239.244.236	attackspam	Dec 31 07:29:03 * sshd[27377]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.239.244.236 Dec 31 07:29:05 * sshd[27377]: Failed password for invalid user operator from 5.239.244.236 port 43398 ssh2	2019-12-31 15:17:29
5.239.244.236	attack	Dec 30 13:26:32 localhost sshd[44979]: Failed password for root from 5.239.244.236 port 59468 ssh2 Dec 30 13:33:40 localhost sshd[45374]: Failed password for invalid user wwwrun from 5.239.244.236 port 43576 ssh2 Dec 30 13:36:37 localhost sshd[45569]: Failed password for root from 5.239.244.236 port 41448 ssh2	2019-12-30 21:32:15

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 5.239.2.11
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 44396
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;5.239.2.11.			IN	A

;; AUTHORITY SECTION:
.			30	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2025012102 1800 900 604800 86400

;; Query time: 14 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Jan 22 09:02:26 CST 2025
;; MSG SIZE  rcvd: 103

Host info

Host 11.2.239.5.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 11.2.239.5.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
191.53.220.196	attackbots	Try access to SMTP/POP/IMAP server.	2019-06-23 02:33:37
191.53.248.199	attackbotsspam	SMTP-sasl brute force ...	2019-06-23 02:49:58
187.109.167.118	attackbots	SMTP-sasl brute force ...	2019-06-23 02:56:15
207.148.115.74	attackspam	RDP Bruteforce	2019-06-23 03:01:01
45.125.65.96	attackbotsspam	Jun 22 17:42:23 postfix/smtpd: warning: unknown[45.125.65.96]: SASL LOGIN authentication failed	2019-06-23 02:31:00
77.247.109.30	attack	22.06.2019 14:41:28 Connection to port 19903 blocked by firewall	2019-06-23 02:37:31
1.169.195.63	attackbotsspam	5555/tcp [2019-06-22]1pkt	2019-06-23 02:31:17
221.231.31.209	attackbotsspam	Jun 22 16:40:13 mail sshd\[30863\]: Invalid user admin from 221.231.31.209 Jun 22 16:40:13 mail sshd\[30863\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=221.231.31.209 Jun 22 16:40:14 mail sshd\[30863\]: Failed password for invalid user admin from 221.231.31.209 port 36749 ssh2 Jun 22 16:40:16 mail sshd\[30863\]: Failed password for invalid user admin from 221.231.31.209 port 36749 ssh2 Jun 22 16:40:19 mail sshd\[30863\]: Failed password for invalid user admin from 221.231.31.209 port 36749 ssh2	2019-06-23 03:18:12
131.100.76.220	attackbots	SMTP-sasl brute force ...	2019-06-23 02:44:46
80.82.77.139	attackbotsspam	22.06.2019 17:44:57 Connection to port 13 blocked by firewall	2019-06-23 02:29:58
218.92.0.167	attackspam	Jun 22 18:44:41 amit sshd\[21502\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.167 user=root Jun 22 18:44:44 amit sshd\[21502\]: Failed password for root from 218.92.0.167 port 6584 ssh2 Jun 22 18:44:46 amit sshd\[21502\]: Failed password for root from 218.92.0.167 port 6584 ssh2 ...	2019-06-23 02:37:55
20.189.72.227	attack	Jun 22 10:40:26 localhost kernel: [12458619.554121] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:84:83:95:84:78:ac:57:aa:c1:08:00 SRC=20.189.72.227 DST=[mungedIP2] LEN=68 TOS=0x00 PREC=0x00 TTL=244 ID=30820 PROTO=UDP SPT=30247 DPT=111 LEN=48 Jun 22 10:40:26 localhost kernel: [12458619.554146] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:84:83:95:84:78:ac:57:aa:c1:08:00 SRC=20.189.72.227 DST=[mungedIP2] LEN=68 TOS=0x00 PREC=0x00 TTL=244 ID=30820 PROTO=UDP SPT=30247 DPT=111 LEN=48 Jun 22 10:40:26 localhost kernel: [12458619.560535] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:84:83:95:84:78:ac:57:aa:c1:08:00 SRC=20.189.72.227 DST=[mungedIP2] LEN=68 TOS=0x00 PREC=0x00 TTL=244 ID=32184 PROTO=UDP SPT=30247 DPT=111 LEN=48 Jun 22 10:40:26 localhost kernel: [12458619.560549] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:84:83:95:84:78:ac:57:aa:c1:08:00 SRC=20.189.72.227 DST=[mungedIP2] LEN=68 TOS=0x00 PREC=0x00 TTL=244 ID=32184 PROTO=UDP SPT=30247 DPT=111 LEN=48	2019-06-23 03:13:19
182.229.28.164	attack	MultiHost/MultiPort Probe, Scan, Hack -	2019-06-23 03:11:47
89.248.162.168	attackbots	22.06.2019 19:10:43 Connection to port 63388 blocked by firewall	2019-06-23 03:14:38
60.212.102.150	attackbotsspam	23/tcp [2019-06-22]1pkt	2019-06-23 02:29:38

Recently Reported IPs

68.191.250.5	87.70.69.192	48.97.114.195	175.106.251.144
149.28.127.171	174.234.231.40	26.170.39.226	214.155.212.248
100.180.125.111	153.72.179.110	173.168.111.122	64.136.229.31
29.54.163.69	42.164.147.245	200.242.240.140	83.250.67.42
204.162.85.80	94.246.36.102	89.225.216.112	124.153.130.44