145.239.2.180 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: France

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
145.239.29.12	spam	Exploit.RTF-ObfsStrm.Gen	2025-01-23 20:00:43
145.239.23.196	spamattack	PHISHING AND SPAM ATTACK FROM "Wealth Loophole - eqyeyrp@storages.moscow - " : SUBJECT "Citizens are already raking in millions of dollars from home using this "wealth loophole" " : RECEIVED "from storages.moscow (media1.worldbtcnews.com [145.239.23.196] " : DATE/TIMESENT "Wed, 17 Mar 2021 01:53:17 ": IP ADDRESS "inetnum: 145.239.23.192 - 145.239.23.207 OrgName: Information Technologies AltinSoft" :	2021-03-17 15:31:29
145.239.29.217	attackspam	wp-login.php	2020-10-06 02:01:23
145.239.29.217	attack	Attempt to hack Wordpress Login, XMLRPC or other login	2020-10-05 17:49:52
145.239.29.217	attackbotsspam	(PERMBLOCK) 145.239.29.217 (PL/Poland/ip-145-239-29.eu) has had more than 4 temp blocks in the last 86400 secs; Ports: *; Direction: inout; Trigger: LF_PERMBLOCK_COUNT; Logs:	2020-09-29 23:35:29
145.239.29.71	attack	(mod_security) mod_security (id:210492) triggered by 145.239.29.71 (FR/France/-): 5 in the last 3600 secs	2020-09-25 03:30:39
145.239.29.71	attack	(mod_security) mod_security (id:210492) triggered by 145.239.29.71 (FR/France/-): 5 in the last 3600 secs	2020-09-24 19:15:18
145.239.29.217	attackbotsspam	145.239.29.217 - - [21/Sep/2020:06:50:02 +0100] "POST /wp-login.php HTTP/1.1" 200 1861 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 145.239.29.217 - - [21/Sep/2020:06:50:02 +0100] "POST /wp-login.php HTTP/1.1" 200 1839 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 145.239.29.217 - - [21/Sep/2020:06:50:03 +0100] "POST /xmlrpc.php HTTP/1.1" 403 219 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-09-21 15:37:58
145.239.29.217	attackbots	145.239.29.217 - - [20/Sep/2020:21:50:22 +0100] "POST /wp-login.php HTTP/1.1" 200 2520 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 145.239.29.217 - - [20/Sep/2020:21:50:23 +0100] "POST /wp-login.php HTTP/1.1" 200 2572 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 145.239.29.217 - - [20/Sep/2020:21:50:23 +0100] "POST /xmlrpc.php HTTP/1.1" 403 219 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-09-21 07:31:58
145.239.211.242	attackbots	"XSS Attack Detected via libinjection - Matched Data: XSS data found within ARGS_NAMES:	2020-09-20 14:20:31
145.239.211.242	attackspambots	145.239.211.242 - - [19/Sep/2020:23:10:49 +0100] "POST /wp-login.php HTTP/1.1" 200 2191 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 145.239.211.242 - - [19/Sep/2020:23:10:50 +0100] "POST /wp-login.php HTTP/1.1" 200 2173 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 145.239.211.242 - - [19/Sep/2020:23:10:50 +0100] "POST /xmlrpc.php HTTP/1.1" 403 219 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-09-20 06:20:08
145.239.29.217	attack	145.239.29.217 - - [14/Sep/2020:08:51:41 +0200] "GET /wp-login.php HTTP/1.1" 200 8558 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 145.239.29.217 - - [14/Sep/2020:08:51:44 +0200] "POST /wp-login.php HTTP/1.1" 200 8809 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 145.239.29.217 - - [14/Sep/2020:08:51:44 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-09-14 23:59:46
145.239.29.217	attackspam	145.239.29.217 - - [14/Sep/2020:08:51:41 +0200] "GET /wp-login.php HTTP/1.1" 200 8558 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 145.239.29.217 - - [14/Sep/2020:08:51:44 +0200] "POST /wp-login.php HTTP/1.1" 200 8809 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 145.239.29.217 - - [14/Sep/2020:08:51:44 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-09-14 15:45:13
145.239.29.217	attack	145.239.29.217 - - [13/Sep/2020:18:59:28 +0100] "POST /wp-login.php HTTP/1.1" 200 2401 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 145.239.29.217 - - [13/Sep/2020:18:59:29 +0100] "POST /wp-login.php HTTP/1.1" 200 2415 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 145.239.29.217 - - [13/Sep/2020:18:59:29 +0100] "POST /xmlrpc.php HTTP/1.1" 403 219 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-09-14 07:38:29
145.239.29.217	attackspam	GET /wp-login.php HTTP/1.1	2020-09-14 00:21:04

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 145.239.2.180
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 59444
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;145.239.2.180.			IN	A

;; AUTHORITY SECTION:
.			387	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022021702 1800 900 604800 86400

;; Query time: 71 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Feb 18 12:34:10 CST 2022
;; MSG SIZE  rcvd: 106

Host info

180.2.239.145.in-addr.arpa domain name pointer ns3082114.ip-145-239-2.eu.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
180.2.239.145.in-addr.arpa	name = ns3082114.ip-145-239-2.eu.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
122.168.127.202	attackspam	Unauthorized connection attempt from IP address 122.168.127.202 on Port 445(SMB)	2019-07-09 10:41:08
194.213.62.233	attack	Unauthorized connection attempt from IP address 194.213.62.233 on Port 445(SMB)	2019-07-09 10:33:49
209.13.183.65	attack	Unauthorized connection attempt from IP address 209.13.183.65 on Port 445(SMB)	2019-07-09 10:19:43
142.93.225.110	attackspam	Jul 8 09:48:49 scivo sshd[6225]: Invalid user guest from 142.93.225.110 Jul 8 09:48:49 scivo sshd[6225]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.225.110 Jul 8 09:48:51 scivo sshd[6225]: Failed password for invalid user guest from 142.93.225.110 port 50416 ssh2 Jul 8 09:48:51 scivo sshd[6225]: Received disconnect from 142.93.225.110: 11: Bye Bye [preauth] Jul 8 09:50:45 scivo sshd[6340]: Invalid user linux from 142.93.225.110 Jul 8 09:50:45 scivo sshd[6340]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.225.110 Jul 8 09:50:47 scivo sshd[6340]: Failed password for invalid user linux from 142.93.225.110 port 41184 ssh2 Jul 8 09:50:47 scivo sshd[6340]: Received disconnect from 142.93.225.110: 11: Bye Bye [preauth] Jul 8 09:52:24 scivo sshd[6456]: Invalid user zc from 142.93.225.110 Jul 8 09:52:24 scivo sshd[6456]: pam_unix(sshd:auth): authentication failure; l........ -------------------------------	2019-07-09 10:28:33
112.72.97.194	attack	Unauthorized connection attempt from IP address 112.72.97.194 on Port 445(SMB)	2019-07-09 10:31:10
128.199.133.249	attackbots	Jul 9 03:52:45 amit sshd\[30847\]: Invalid user test from 128.199.133.249 Jul 9 03:52:45 amit sshd\[30847\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.133.249 Jul 9 03:52:47 amit sshd\[30847\]: Failed password for invalid user test from 128.199.133.249 port 45783 ssh2 ...	2019-07-09 10:13:38
163.172.111.6	attack	fail2ban honeypot	2019-07-09 10:49:10
180.252.151.219	attackbotsspam	Unauthorized connection attempt from IP address 180.252.151.219 on Port 445(SMB)	2019-07-09 10:42:14
180.253.230.98	attack	Unauthorized connection attempt from IP address 180.253.230.98 on Port 445(SMB)	2019-07-09 10:12:43
131.72.102.16	attack	$f2bV_matches	2019-07-09 10:38:34
222.186.59.13	attackspam	Unauthorised access (Jul 9) SRC=222.186.59.13 LEN=40 TTL=236 ID=34533 TCP DPT=139 WINDOW=1024 SYN Unauthorised access (Jul 8) SRC=222.186.59.13 LEN=40 TTL=235 ID=34664 TCP DPT=139 WINDOW=1024 SYN	2019-07-09 10:49:59
14.165.91.183	attackspam	Unauthorized connection attempt from IP address 14.165.91.183 on Port 445(SMB)	2019-07-09 10:46:33
42.200.150.157	attack	Unauthorized connection attempt from IP address 42.200.150.157 on Port 445(SMB)	2019-07-09 10:21:05
187.160.239.74	attackbotsspam	Unauthorized connection attempt from IP address 187.160.239.74 on Port 445(SMB)	2019-07-09 10:22:23
190.111.31.205	attackbots	firewall-block, port(s): 445/tcp	2019-07-09 10:08:17

Recently Reported IPs

145.239.202.2	145.239.20.12	145.239.211.190	145.239.212.174
145.239.222.143	145.239.224.55	145.239.223.97	145.239.228.217
145.239.228.216	145.239.228.219	145.239.232.49	145.239.228.221
145.239.233.69	145.239.228.218	145.239.235.233	145.239.236.1
145.239.239.213	145.239.244.112	145.239.24.107	145.239.245.5