2.139.185.217 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Spain

Internet Service Provider: Telefonica de Espana Sau

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	firewall-block, port(s): 445/tcp	2020-09-21 01:24:53
attack	firewall-block, port(s): 445/tcp	2020-09-20 17:23:44

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 2.139.185.217
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 25367
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;2.139.185.217.			IN	A

;; AUTHORITY SECTION:
.			558	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020092000 1800 900 604800 86400

;; Query time: 56 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Sep 20 17:23:34 CST 2020
;; MSG SIZE  rcvd: 117

Host info

217.185.139.2.in-addr.arpa domain name pointer 217.red-2-139-185.staticip.rima-tde.net.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
217.185.139.2.in-addr.arpa	name = 217.red-2-139-185.staticip.rima-tde.net.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
54.38.177.68	attackbots	54.38.177.68 - - [25/Jun/2020:14:22:17 +0200] "GET /wp-login.php HTTP/1.1" 200 6310 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 54.38.177.68 - - [25/Jun/2020:14:22:19 +0200] "POST /wp-login.php HTTP/1.1" 200 6561 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 54.38.177.68 - - [25/Jun/2020:14:22:20 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-06-26 02:57:36
51.210.107.217	attack	Bruteforce detected by fail2ban	2020-06-26 02:21:38
164.132.196.98	attackspam	Jun 25 15:23:16 havingfunrightnow sshd[22456]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=164.132.196.98 Jun 25 15:23:18 havingfunrightnow sshd[22456]: Failed password for invalid user boat from 164.132.196.98 port 37392 ssh2 Jun 25 15:40:05 havingfunrightnow sshd[22949]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=164.132.196.98 ...	2020-06-26 02:28:04
94.102.51.95	attack	06/25/2020-14:16:07.540920 94.102.51.95 Protocol: 6 ET SCAN NMAP -sS window 1024	2020-06-26 02:25:26
193.27.229.72	attack	Brute forcing RDP port 3389	2020-06-26 02:41:50
142.93.68.181	attackbots	Jun 25 18:54:10 debian-2gb-nbg1-2 kernel: \[15362710.967008\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=142.93.68.181 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=244 ID=32515 PROTO=TCP SPT=41237 DPT=23384 WINDOW=1024 RES=0x00 SYN URGP=0	2020-06-26 02:20:32
185.39.10.65	attack	Jun 25 20:33:23 debian-2gb-nbg1-2 kernel: \[15368663.310711\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=185.39.10.65 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=247 ID=926 PROTO=TCP SPT=43218 DPT=34642 WINDOW=1024 RES=0x00 SYN URGP=0	2020-06-26 02:47:20
52.151.73.46	attack	Jun 25 20:18:07 serwer sshd\[19122\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.151.73.46 user=root Jun 25 20:18:07 serwer sshd\[19124\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.151.73.46 user=root Jun 25 20:18:09 serwer sshd\[19122\]: Failed password for root from 52.151.73.46 port 16454 ssh2 Jun 25 20:18:09 serwer sshd\[19124\]: Failed password for root from 52.151.73.46 port 16532 ssh2 ...	2020-06-26 02:28:46
120.79.17.144	attackbotsspam	120.79.17.144 - - [25/Jun/2020:14:56:29 +0200] "GET /wp-login.php HTTP/1.1" 200 6398 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 120.79.17.144 - - [25/Jun/2020:14:56:35 +0200] "POST /wp-login.php HTTP/1.1" 200 6649 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 120.79.17.144 - - [25/Jun/2020:14:56:37 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-06-26 02:52:22
123.31.27.102	attackspam	Jun 25 20:40:03 mout sshd[14151]: Invalid user vncuser from 123.31.27.102 port 42776	2020-06-26 02:47:06
152.136.150.115	attackbots	Unauthorized SSH login attempts	2020-06-26 02:52:06
103.220.47.34	attackspambots	2020-06-25T18:34:59.583668shield sshd\[8022\]: Invalid user updates from 103.220.47.34 port 50540 2020-06-25T18:34:59.592445shield sshd\[8022\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.220.47.34 2020-06-25T18:35:02.177603shield sshd\[8022\]: Failed password for invalid user updates from 103.220.47.34 port 50540 ssh2 2020-06-25T18:37:03.313175shield sshd\[8222\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.220.47.34 user=root 2020-06-25T18:37:04.920007shield sshd\[8222\]: Failed password for root from 103.220.47.34 port 45372 ssh2	2020-06-26 02:40:18
193.27.229.71	attackspam	Brute forcing RDP port 3389	2020-06-26 02:59:39
165.22.69.147	attackbots	20 attempts against mh-ssh on echoip	2020-06-26 02:23:09
104.244.79.168	attackbots	Jun 25 18:55:08 mail sshd[25014]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.244.79.168 Jun 25 18:55:10 mail sshd[25014]: Failed password for invalid user elasticsearch from 104.244.79.168 port 56428 ssh2 ...	2020-06-26 02:50:29

Recently Reported IPs

180.218.122.191	111.231.195.159	165.232.64.90	119.45.208.139
141.98.80.189	217.113.18.69	31.2.7.100	173.201.196.143
192.2.220.73	139.162.146.148	93.159.81.106	162.241.87.39
49.235.7.60	142.93.57.255	156.218.249.8	103.9.157.178
181.22.5.230	64.40.8.238	46.101.103.181	45.146.166.58