2.139.174.205 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Spain

Internet Service Provider: Telefonica de Espana Sau

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspam	2020-07-23T10:33:47.011024shield sshd\[10750\]: Invalid user stc from 2.139.174.205 port 53007 2020-07-23T10:33:47.019853shield sshd\[10750\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=205.red-2-139-174.staticip.rima-tde.net 2020-07-23T10:33:48.682281shield sshd\[10750\]: Failed password for invalid user stc from 2.139.174.205 port 53007 ssh2 2020-07-23T10:35:42.228881shield sshd\[10959\]: Invalid user mailman from 2.139.174.205 port 34730 2020-07-23T10:35:42.237257shield sshd\[10959\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=205.red-2-139-174.staticip.rima-tde.net	2020-07-23 18:41:36
attackbots	Jul 19 16:57:48 vm1 sshd[15250]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=2.139.174.205 Jul 19 16:57:50 vm1 sshd[15250]: Failed password for invalid user radicale from 2.139.174.205 port 39494 ssh2 ...	2020-07-19 23:26:06
attackspam	2020-06-25T06:33:18.606214galaxy.wi.uni-potsdam.de sshd[25659]: Invalid user lu from 2.139.174.205 port 55704 2020-06-25T06:33:18.608072galaxy.wi.uni-potsdam.de sshd[25659]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=205.red-2-139-174.staticip.rima-tde.net 2020-06-25T06:33:18.606214galaxy.wi.uni-potsdam.de sshd[25659]: Invalid user lu from 2.139.174.205 port 55704 2020-06-25T06:33:20.617995galaxy.wi.uni-potsdam.de sshd[25659]: Failed password for invalid user lu from 2.139.174.205 port 55704 ssh2 2020-06-25T06:34:59.656449galaxy.wi.uni-potsdam.de sshd[25867]: Invalid user benoit from 2.139.174.205 port 36155 2020-06-25T06:34:59.658442galaxy.wi.uni-potsdam.de sshd[25867]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=205.red-2-139-174.staticip.rima-tde.net 2020-06-25T06:34:59.656449galaxy.wi.uni-potsdam.de sshd[25867]: Invalid user benoit from 2.139.174.205 port 36155 2020-06-25T06:35:00.870243galaxy. ...	2020-06-25 16:41:51
attackbotsspam	2020-06-24T09:50:30.624840xentho-1 sshd[631956]: Invalid user mali from 2.139.174.205 port 33589 2020-06-24T09:50:31.724284xentho-1 sshd[631956]: Failed password for invalid user mali from 2.139.174.205 port 33589 ssh2 2020-06-24T09:52:36.543017xentho-1 sshd[632010]: Invalid user mono from 2.139.174.205 port 44864 2020-06-24T09:52:36.551473xentho-1 sshd[632010]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=2.139.174.205 2020-06-24T09:52:36.543017xentho-1 sshd[632010]: Invalid user mono from 2.139.174.205 port 44864 2020-06-24T09:52:37.942693xentho-1 sshd[632010]: Failed password for invalid user mono from 2.139.174.205 port 44864 ssh2 2020-06-24T09:54:48.238307xentho-1 sshd[632058]: Invalid user kye from 2.139.174.205 port 56144 2020-06-24T09:54:48.244155xentho-1 sshd[632058]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=2.139.174.205 2020-06-24T09:54:48.238307xentho-1 sshd[632058]: Invalid user kye f ...	2020-06-24 21:55:04
attack	Jun 22 08:20:06 rush sshd[763]: Failed password for root from 2.139.174.205 port 37206 ssh2 Jun 22 08:21:35 rush sshd[797]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=2.139.174.205 Jun 22 08:21:38 rush sshd[797]: Failed password for invalid user ramses from 2.139.174.205 port 44832 ssh2 ...	2020-06-22 16:46:01
attack	Jun 20 05:54:38 mout sshd[23038]: Invalid user edo from 2.139.174.205 port 41740	2020-06-20 13:31:52
attack	bruteforce detected	2020-05-29 03:10:25
attackspam	May 4 14:18:07 ip-172-31-62-245 sshd\[7488\]: Invalid user sasha from 2.139.174.205\ May 4 14:18:10 ip-172-31-62-245 sshd\[7488\]: Failed password for invalid user sasha from 2.139.174.205 port 58241 ssh2\ May 4 14:18:38 ip-172-31-62-245 sshd\[7490\]: Invalid user opi from 2.139.174.205\ May 4 14:18:41 ip-172-31-62-245 sshd\[7490\]: Failed password for invalid user opi from 2.139.174.205 port 60313 ssh2\ May 4 14:19:03 ip-172-31-62-245 sshd\[7492\]: Invalid user admin from 2.139.174.205\	2020-05-04 22:25:30
attack	Brute force attempt	2020-04-27 08:28:16
attack	(sshd) Failed SSH login from 2.139.174.205 (ES/Spain/205.red-2-139-174.staticip.rima-tde.net): 5 in the last 3600 secs	2020-04-20 17:10:41
attackspam	Apr 16 08:21:42 mail sshd[27127]: Invalid user middle from 2.139.174.205 Apr 16 08:21:42 mail sshd[27127]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=2.139.174.205 Apr 16 08:21:42 mail sshd[27127]: Invalid user middle from 2.139.174.205 Apr 16 08:21:45 mail sshd[27127]: Failed password for invalid user middle from 2.139.174.205 port 43068 ssh2 Apr 16 08:30:32 mail sshd[8264]: Invalid user bao from 2.139.174.205 ...	2020-04-16 17:06:34
attackbots	$f2bV_matches	2020-04-07 21:05:45
attack	Invalid user aigauss from 2.139.174.205 port 45637	2020-04-02 16:28:04
attackbots	Invalid user flw from 2.139.174.205 port 59640	2020-03-26 07:18:02
attack	Feb 21 02:16:19 plusreed sshd[1136]: Invalid user cpanelrrdtool from 2.139.174.205 ...	2020-02-21 15:58:10

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 2.139.174.205
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 63765
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;2.139.174.205.			IN	A

;; AUTHORITY SECTION:
.			504	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020022100 1800 900 604800 86400

;; Query time: 101 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Feb 21 15:58:03 CST 2020
;; MSG SIZE  rcvd: 117

Host info

205.174.139.2.in-addr.arpa domain name pointer 205.red-2-139-174.staticip.rima-tde.net.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
205.174.139.2.in-addr.arpa	name = 205.red-2-139-174.staticip.rima-tde.net.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
150.107.92.100	attack	Honeypot attack, port: 445, PTR: PTR record not found	2019-07-06 04:09:12
110.232.80.10	attack	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-07-05 16:14:40,752 INFO [shellcode_manager] (110.232.80.10) no match, writing hexdump (cfe9a82d005db1c5365251e437825b7f :2101845) - MS17010 (EternalBlue)	2019-07-06 03:59:07
200.207.63.165	attack	Jul 5 14:53:18 server6 sshd[26308]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=200-207-63-165.dsl.telesp.net.br Jul 5 14:53:20 server6 sshd[26308]: Failed password for invalid user audrey from 200.207.63.165 port 40796 ssh2 Jul 5 14:53:20 server6 sshd[26308]: Received disconnect from 200.207.63.165: 11: Bye Bye [preauth] Jul 5 18:07:22 server6 sshd[31679]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=200-207-63-165.dsl.telesp.net.br Jul 5 18:07:25 server6 sshd[31679]: Failed password for invalid user web1 from 200.207.63.165 port 52717 ssh2 Jul 5 18:07:25 server6 sshd[31679]: Received disconnect from 200.207.63.165: 11: Bye Bye [preauth] Jul 5 18:10:04 server6 sshd[1834]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=200-207-63-165.dsl.telesp.net.br Jul 5 18:10:06 server6 sshd[1834]: Failed password for invalid user admin from 200.207........ -------------------------------	2019-07-06 04:10:55
113.141.64.69	attack	Honeypot attack, port: 445, PTR: PTR record not found	2019-07-06 04:03:45
82.127.196.213	attack	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-07-05 16:17:41,968 INFO [shellcode_manager] (82.127.196.213) no match, writing hexdump (f5234ffc34503ec6d1497c35536a3f49 :2134394) - MS17010 (EternalBlue)	2019-07-06 03:46:38
140.143.206.137	attackbotsspam	Unauthorized SSH login attempts	2019-07-06 03:40:14
62.211.49.12	attackspam	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-07-05 16:17:43,435 INFO [shellcode_manager] (62.211.49.12) no match, writing hexdump (84c8e37a493c2c92e4147d4ef1f3ee6c :2434759) - MS17010 (EternalBlue)	2019-07-06 03:37:44
103.196.52.136	attackbots	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-07-05 16:17:35,978 INFO [shellcode_manager] (103.196.52.136) no match, writing hexdump (43c806a8cf977606b387b52219be2bed :2235109) - MS17010 (EternalBlue)	2019-07-06 03:49:16
117.48.205.14	attackspam	Jul 5 20:09:00 vps65 sshd\[12741\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.48.205.14 user=root Jul 5 20:09:01 vps65 sshd\[12741\]: Failed password for root from 117.48.205.14 port 40366 ssh2 ...	2019-07-06 03:40:28
175.21.233.165	attack	Honeypot attack, port: 23, PTR: 165.233.21.175.adsl-pool.jlccptt.net.cn.	2019-07-06 04:11:26
177.132.246.154	attackspambots	Honeypot attack, port: 23, PTR: 177.132.246.154.dynamic.adsl.gvt.net.br.	2019-07-06 04:19:26
198.108.67.34	attackspambots	" "	2019-07-06 04:00:48
210.7.12.245	attack	19/7/5@14:08:27: FAIL: Alarm-Intrusion address from=210.7.12.245 ...	2019-07-06 03:54:56
123.140.114.252	attackspam	SSH Bruteforce Attack	2019-07-06 04:18:23
165.231.133.72	attackspam	Automatic report - Web App Attack	2019-07-06 03:51:47

Recently Reported IPs

122.117.175.142	193.56.28.100	18.221.6.250	83.23.152.186
77.89.214.134	59.52.100.40	35.222.157.207	116.218.131.209
4.164.121.227	106.156.102.126	36.82.120.167	203.114.244.10
79.119.46.203	192.241.212.239	95.42.35.44	54.225.121.25
123.19.228.82	113.53.19.179	49.146.38.243	154.238.110.89