139.180.216.82

Basic Info

City: unknown

Region: unknown

Country: Singapore

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
139.180.216.224	attackbotsspam	xmlrpc attack	2020-07-18 19:43:14
139.180.216.224	attackspambots	Wordpress login scanning	2020-07-13 01:45:50
139.180.216.224	attackbotsspam	HTTP DDOS	2020-06-20 13:13:15
139.180.216.224	attackbots	10 attempts against mh-misc-ban on heat	2020-06-14 00:12:38
139.180.216.224	attackbots	Automatic report - XMLRPC Attack	2020-06-06 22:58:38
139.180.216.190	attack	[Wed Nov 06 13:27:53.600569 2019] [:error] [pid 682:tid 140114221315840] [client 139.180.216.190:39314] [client 139.180.216.190] ModSecurity: Access denied with code 403 (phase 1). Match of "within %{tx.allowed_http_versions}" against "REQUEST_PROTOCOL" required. [file "/etc/modsecurity/owasp-modsecurity-crs-3.2.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "972"] [id "920430"] [msg "HTTP protocol version is not allowed by policy"] [data "HTTP/1.0"] [severity "CRITICAL"] [ver "OWASP_CRS/3.2.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "OWASP_CRS"] [tag "OWASP_CRS/POLICY/PROTOCOL_NOT_ALLOWED"] [tag "WASCTC/WASC-21"] [tag "OWASP_TOP_10/A6"] [tag "PCI/6.5.10"] [hostname "103.27.207.197"] [uri "/"] [unique_id "XcJn6R0WPDkEpcCzdXYvVQAAAAI"] ...	2019-11-06 16:32:25

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 139.180.216.82
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 47633
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;139.180.216.82.			IN	A

;; AUTHORITY SECTION:
.			30	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2025031303 1800 900 604800 86400

;; Query time: 129 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Mar 14 06:50:45 CST 2025
;; MSG SIZE  rcvd: 107

Host info

82.216.180.139.in-addr.arpa domain name pointer 139.180.216.82.vultrusercontent.com.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
82.216.180.139.in-addr.arpa	name = 139.180.216.82.vultrusercontent.com.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
92.118.37.55	attackspam	Feb 22 19:29:29 debian-2gb-nbg1-2 kernel: \[4655374.325150\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=92.118.37.55 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=247 ID=13184 PROTO=TCP SPT=46993 DPT=48691 WINDOW=1024 RES=0x00 SYN URGP=0	2020-02-23 02:41:16
78.159.97.222	attackspam	[2020-02-22 13:56:31] NOTICE[1148] chan_sip.c: Registration from '' failed for '78.159.97.222:59466' - Wrong password [2020-02-22 13:56:31] SECURITY[1163] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2020-02-22T13:56:31.426-0500",Severity="Error",Service="SIP",EventVersion="2",AccountID="7777945",SessionID="0x7fd82c9bc688",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/78.159.97.222/59466",Challenge="368715a8",ReceivedChallenge="368715a8",ReceivedHash="856168b3a5aa59561a6731755e7de1b8" [2020-02-22 13:56:35] NOTICE[1148] chan_sip.c: Registration from '' failed for '78.159.97.222:54017' - Wrong password [2020-02-22 13:56:35] SECURITY[1163] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2020-02-22T13:56:35.895-0500",Severity="Error",Service="SIP",EventVersion="2",AccountID="7777945",SessionID="0x7fd82cb725a8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/78.159.97.222/54017 ...	2020-02-23 03:09:11
129.146.83.155	attackbots	Feb 22 19:48:01 mail sshd\[30810\]: Invalid user node from 129.146.83.155 Feb 22 19:48:13 mail sshd\[30837\]: Invalid user salah143 from 129.146.83.155 Feb 22 19:48:25 mail sshd\[30840\]: Invalid user Tobert21 from 129.146.83.155 Feb 22 19:48:38 mail sshd\[30842\]: Invalid user Vergie13 from 129.146.83.155 Feb 22 19:48:51 mail sshd\[30846\]: Invalid user Darwin123 from 129.146.83.155 ...	2020-02-23 03:10:00
124.205.151.122	attack	suspicious action Sat, 22 Feb 2020 13:48:36 -0300	2020-02-23 03:10:52
101.99.20.59	attackbotsspam	Feb 22 18:49:21 sd-53420 sshd\[6073\]: Invalid user telnet from 101.99.20.59 Feb 22 18:49:21 sd-53420 sshd\[6073\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=101.99.20.59 Feb 22 18:49:23 sd-53420 sshd\[6073\]: Failed password for invalid user telnet from 101.99.20.59 port 38666 ssh2 Feb 22 18:53:26 sd-53420 sshd\[6404\]: Invalid user linuxacademy from 101.99.20.59 Feb 22 18:53:26 sd-53420 sshd\[6404\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=101.99.20.59 ...	2020-02-23 02:41:45
14.203.165.66	attackspam	Feb 22 17:44:22 ks10 sshd[151927]: Failed password for root from 14.203.165.66 port 56327 ssh2 Feb 22 17:48:40 ks10 sshd[152508]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.203.165.66 ...	2020-02-23 03:08:09
49.88.112.116	attack	Feb 22 19:52:57 localhost sshd\[3154\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.88.112.116 user=root Feb 22 19:52:59 localhost sshd\[3154\]: Failed password for root from 49.88.112.116 port 11395 ssh2 Feb 22 19:53:01 localhost sshd\[3154\]: Failed password for root from 49.88.112.116 port 11395 ssh2	2020-02-23 02:56:20
111.230.23.22	attackbotsspam	PHP Info File Request - Possible PHP Version Scan	2020-02-23 03:15:30
167.99.181.198	attackbotsspam	Feb 22 19:07:12 debian-2gb-nbg1-2 kernel: \[4654037.973080\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=167.99.181.198 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=239 ID=64416 PROTO=TCP SPT=54738 DPT=6379 WINDOW=1024 RES=0x00 SYN URGP=0	2020-02-23 02:49:54
222.186.15.10	attackbots	Feb 22 19:27:14 lnxmail61 sshd[454]: Failed password for root from 222.186.15.10 port 43853 ssh2 Feb 22 19:27:16 lnxmail61 sshd[454]: Failed password for root from 222.186.15.10 port 43853 ssh2 Feb 22 19:27:18 lnxmail61 sshd[454]: Failed password for root from 222.186.15.10 port 43853 ssh2	2020-02-23 02:36:58
106.54.242.239	attack	Feb 22 19:39:31 server sshd\[32636\]: Invalid user licm from 106.54.242.239 Feb 22 19:39:31 server sshd\[32636\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.242.239 Feb 22 19:39:33 server sshd\[32636\]: Failed password for invalid user licm from 106.54.242.239 port 53130 ssh2 Feb 22 19:48:45 server sshd\[1781\]: Invalid user epmd from 106.54.242.239 Feb 22 19:48:45 server sshd\[1781\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.242.239 ...	2020-02-23 03:02:39
185.176.27.34	attackbotsspam	02/22/2020-13:36:35.221671 185.176.27.34 Protocol: 6 ET DROP Dshield Block Listed Source group 1	2020-02-23 03:01:18
213.32.65.111	attackbots	Feb 22 21:10:49 hosting sshd[15187]: Invalid user prueba from 213.32.65.111 port 54056 ...	2020-02-23 02:54:00
122.227.180.165	attackspambots	firewall-block, port(s): 1433/tcp	2020-02-23 02:48:32
217.211.149.4	attackspambots	suspicious action Sat, 22 Feb 2020 13:48:47 -0300	2020-02-23 03:00:58

Recently Reported IPs

244.149.162.130	60.25.255.65	95.59.20.103	162.70.113.13
48.206.17.16	249.22.109.40	206.241.51.194	66.124.54.140
203.229.11.65	229.237.33.66	246.14.4.145	45.224.47.39
36.221.144.77	3.101.47.95	177.234.228.210	186.204.210.68
217.156.54.19	69.249.110.60	121.253.13.139	86.7.122.205