139.180.154.2 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: United States

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
139.180.154.148	attackbots	(sshd) Failed SSH login from 139.180.154.148 (JP/Japan/139.180.154.148.vultr.com): 5 in the last 3600 secs	2020-10-02 03:57:50
139.180.154.148	attackspambots	Invalid user netflow from 139.180.154.148 port 58050	2020-10-01 20:10:45
139.180.154.148	attackspam	Lines containing failures of 139.180.154.148 Sep 30 22:09:46 rancher sshd[12525]: Invalid user kube from 139.180.154.148 port 37468 Sep 30 22:09:46 rancher sshd[12525]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.180.154.148 Sep 30 22:09:48 rancher sshd[12525]: Failed password for invalid user kube from 139.180.154.148 port 37468 ssh2 Sep 30 22:09:49 rancher sshd[12525]: Received disconnect from 139.180.154.148 port 37468:11: Bye Bye [preauth] Sep 30 22:09:49 rancher sshd[12525]: Disconnected from invalid user kube 139.180.154.148 port 37468 [preauth] Sep 30 22:19:55 rancher sshd[12760]: Invalid user production from 139.180.154.148 port 46210 Sep 30 22:19:55 rancher sshd[12760]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.180.154.148 Sep 30 22:19:57 rancher sshd[12760]: Failed password for invalid user production from 139.180.154.148 port 46210 ssh2 Sep 30 22:19:58 rancher ssh........ ------------------------------	2020-10-01 12:20:10
139.180.154.37	attack	139.180.154.37 - - [06/Aug/2020:06:20:30 +0100] "POST /wp-login.php HTTP/1.1" 200 2261 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 139.180.154.37 - - [06/Aug/2020:06:20:32 +0100] "POST /wp-login.php HTTP/1.1" 200 2234 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 139.180.154.37 - - [06/Aug/2020:06:20:33 +0100] "POST /xmlrpc.php HTTP/1.1" 403 219 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-08-06 17:46:25
139.180.154.37	attackspam	139.180.154.37 - - [05/Aug/2020:13:18:32 +0100] "POST /wp-login.php HTTP/1.1" 200 1905 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 139.180.154.37 - - [05/Aug/2020:13:18:35 +0100] "POST /wp-login.php HTTP/1.1" 200 1890 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 139.180.154.37 - - [05/Aug/2020:13:18:37 +0100] "POST /wp-login.php HTTP/1.1" 200 1887 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-08-05 22:18:29
139.180.154.12	attackbots	Port scan on 3 port(s): 888 5024 7000	2020-06-11 13:46:21

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 139.180.154.2
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 10377
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;139.180.154.2.			IN	A

;; AUTHORITY SECTION:
.			462	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022022601 1800 900 604800 86400

;; Query time: 73 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Feb 27 12:37:48 CST 2022
;; MSG SIZE  rcvd: 106

Host info

2.154.180.139.in-addr.arpa domain name pointer www.natanetwork.com.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
2.154.180.139.in-addr.arpa	name = www.natanetwork.com.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
210.139.197.54	attackspam	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/210.139.197.54/ JP - 1H : (119) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : JP NAME ASN : ASN2527 IP : 210.139.197.54 CIDR : 210.139.128.0/17 PREFIX COUNT : 53 UNIQUE IP COUNT : 3406848 WYKRYTE ATAKI Z ASN2527 : 1H - 1 3H - 1 6H - 2 12H - 7 24H - 7 INFO : Port Scan TELNET Detected and Blocked by ADMIN - data recovery	2019-09-27 01:28:25
136.37.18.230	attackbotsspam	Sep 26 14:35:03 fr01 sshd[8173]: Invalid user baba from 136.37.18.230 ...	2019-09-27 02:05:03
203.93.108.189	attack	Unauthorised access (Sep 26) SRC=203.93.108.189 LEN=52 TOS=0x08 PREC=0x20 TTL=99 ID=16045 DF TCP DPT=445 WINDOW=8192 SYN	2019-09-27 01:48:12
51.83.69.99	attackspambots	51.83.69.99 - - [26/Sep/2019:21:47:59 +0400] "POST /GponForm/diag_Form?style/ HTTP/1.1" 404 8805 "-" "curl/7.3.2" ...	2019-09-27 01:55:47
35.201.215.136	attackbots	/wp-login.php	2019-09-27 01:27:50
191.255.228.105	attackbots	Automatic report - Port Scan Attack	2019-09-27 02:05:34
46.161.60.231	attackbotsspam	B: zzZZzz blocked content access	2019-09-27 01:50:01
50.79.59.97	attack	Sep 26 04:55:54 php1 sshd\[27219\]: Invalid user fei from 50.79.59.97 Sep 26 04:55:54 php1 sshd\[27219\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=50.79.59.97 Sep 26 04:55:56 php1 sshd\[27219\]: Failed password for invalid user fei from 50.79.59.97 port 51210 ssh2 Sep 26 05:00:05 php1 sshd\[27606\]: Invalid user brightcorea from 50.79.59.97 Sep 26 05:00:05 php1 sshd\[27606\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=50.79.59.97	2019-09-27 02:04:20
111.231.202.61	attackbotsspam	Sep 26 05:35:08 eddieflores sshd\[30054\]: Invalid user vv from 111.231.202.61 Sep 26 05:35:08 eddieflores sshd\[30054\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.231.202.61 Sep 26 05:35:10 eddieflores sshd\[30054\]: Failed password for invalid user vv from 111.231.202.61 port 59614 ssh2 Sep 26 05:42:19 eddieflores sshd\[30709\]: Invalid user user from 111.231.202.61 Sep 26 05:42:19 eddieflores sshd\[30709\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.231.202.61	2019-09-27 02:07:39
104.236.142.89	attack	Sep 26 17:09:37 venus sshd\[27465\]: Invalid user dovecot from 104.236.142.89 port 56520 Sep 26 17:09:38 venus sshd\[27465\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.236.142.89 Sep 26 17:09:39 venus sshd\[27465\]: Failed password for invalid user dovecot from 104.236.142.89 port 56520 ssh2 ...	2019-09-27 01:35:57
212.152.35.78	attack	Sep 26 19:24:15 localhost sshd\[7675\]: Invalid user ts from 212.152.35.78 port 50670 Sep 26 19:24:15 localhost sshd\[7675\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=212.152.35.78 Sep 26 19:24:17 localhost sshd\[7675\]: Failed password for invalid user ts from 212.152.35.78 port 50670 ssh2	2019-09-27 01:51:07
185.211.245.198	attack	Sep 26 18:21:38 mail postfix/smtpd\[31744\]: warning: unknown\[185.211.245.198\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\ Sep 26 18:21:47 mail postfix/smtpd\[31744\]: warning: unknown\[185.211.245.198\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\ Sep 26 18:37:47 mail postfix/smtpd\[31738\]: warning: unknown\[185.211.245.198\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\ Sep 26 19:57:04 mail postfix/smtpd\[3819\]: warning: unknown\[185.211.245.198\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\	2019-09-27 01:58:08
203.186.57.191	attackspam	Sep 26 07:02:49 friendsofhawaii sshd\[18986\]: Invalid user ifrs from 203.186.57.191 Sep 26 07:02:49 friendsofhawaii sshd\[18986\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=203186057191.static.ctinets.com Sep 26 07:02:51 friendsofhawaii sshd\[18986\]: Failed password for invalid user ifrs from 203.186.57.191 port 36054 ssh2 Sep 26 07:07:23 friendsofhawaii sshd\[19400\]: Invalid user vps from 203.186.57.191 Sep 26 07:07:23 friendsofhawaii sshd\[19400\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=203186057191.static.ctinets.com	2019-09-27 01:37:07
114.112.58.134	attackbots	Sep 26 05:27:30 hpm sshd\[8842\]: Invalid user weblogic from 114.112.58.134 Sep 26 05:27:30 hpm sshd\[8842\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=114.112.58.134 Sep 26 05:27:32 hpm sshd\[8842\]: Failed password for invalid user weblogic from 114.112.58.134 port 39120 ssh2 Sep 26 05:33:50 hpm sshd\[9424\]: Invalid user mint from 114.112.58.134 Sep 26 05:33:50 hpm sshd\[9424\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=114.112.58.134	2019-09-27 02:03:44
52.38.254.173	attack	Again the same boring spam/phising e-mail from the amazon spam factory: Beleef "the ride" met bitcoin en verdien gegarandeerd €13.000 in 24 uur	2019-09-27 01:30:27

Recently Reported IPs

139.180.154.125	241.212.142.196	139.180.158.185	139.180.161.70
139.180.160.27	139.180.161.236	139.180.164.46	139.180.165.116
139.180.165.161	139.180.167.241	139.180.174.105	139.180.164.12
139.180.178.127	139.180.179.1	139.180.190.79	139.180.184.2
139.180.171.199	139.180.185.71	139.180.194.144	139.192.247.5