2.139.4.54 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Spain

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
2.139.48.197	attack	2019-10-21 x@x 2019-10-21 12:52:27 unexpected disconnection while reading SMTP command from 197.red-2-139-48.dynamicip.rima-tde.net [2.139.48.197]:25889 I=[10.100.18.22]:25 (error: Connection reset by peer) 2019-10-21 x@x ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=2.139.48.197	2019-10-21 22:02:34

Type

Details

Datetime

2.139.48.197

attack

2019-10-21 x@x
2019-10-21 12:52:27 unexpected disconnection while reading SMTP command from 197.red-2-139-48.dynamicip.rima-tde.net [2.139.48.197]:25889 I=[10.100.18.22]:25 (error: Connection reset by peer)
2019-10-21 x@x


........
-----------------------------------------------
https://www.blocklist.de/en/view.html?ip=2.139.48.197

2019-10-21 22:02:34

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 2.139.4.54
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 36731
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;2.139.4.54.			IN	A

;; AUTHORITY SECTION:
.			324	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022020700 1800 900 604800 86400

;; Query time: 13 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Feb 07 18:33:36 CST 2022
;; MSG SIZE  rcvd: 103

Host info

54.4.139.2.in-addr.arpa domain name pointer 54.red-2-139-4.dynamicip.rima-tde.net.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
54.4.139.2.in-addr.arpa	name = 54.red-2-139-4.dynamicip.rima-tde.net.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
190.61.80.231	attackspambots	Nov 28 13:02:53 tux postfix/smtpd[378]: warning: hostname host-190-61-80-231.ufinet.com.hn does not resolve to address 190.61.80.231: Name or service not known Nov 28 13:02:53 tux postfix/smtpd[378]: connect from unknown[190.61.80.231] Nov x@x Nov x@x Nov 28 13:02:55 tux postfix/smtpd[378]: lost connection after RCPT from unknown[190.61.80.231] Nov 28 13:02:55 tux postfix/smtpd[378]: disconnect from unknown[190.61.80.231] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=190.61.80.231	2019-11-30 00:53:24
128.28.144.231	attack	Failed RDP login	2019-11-30 00:42:27
115.58.171.138	attack	port scan/probe/communication attempt	2019-11-30 00:57:15
122.180.251.9	attackbots	Failed RDP login	2019-11-30 00:43:18
78.189.168.84	attackspam	Failed RDP login	2019-11-30 00:47:36
113.110.214.76	attackspam	port scan/probe/communication attempt	2019-11-30 01:13:29
14.182.41.49	attack	Failed RDP login	2019-11-30 00:52:00
109.87.240.216	attack	Failed RDP login	2019-11-30 00:44:35
139.59.84.111	attack	Nov 29 16:11:52 lnxded64 sshd[13721]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.84.111	2019-11-30 01:24:16
185.208.211.53	attack	Nov 29 16:12:33 andromeda postfix/smtpd\[52775\]: warning: unknown\[185.208.211.53\]: SASL login authentication failed: authentication failure Nov 29 16:12:34 andromeda postfix/smtpd\[52778\]: warning: unknown\[185.208.211.53\]: SASL login authentication failed: authentication failure Nov 29 16:12:35 andromeda postfix/smtpd\[52775\]: warning: unknown\[185.208.211.53\]: SASL login authentication failed: authentication failure Nov 29 16:12:36 andromeda postfix/smtpd\[53417\]: warning: unknown\[185.208.211.53\]: SASL login authentication failed: authentication failure Nov 29 16:12:37 andromeda postfix/smtpd\[52778\]: warning: unknown\[185.208.211.53\]: SASL login authentication failed: authentication failure	2019-11-30 00:58:06
89.239.96.118	attack	Automatic report - Banned IP Access	2019-11-30 00:53:49
220.121.97.43	attackbots	proto=tcp . spt=48821 . dpt=3389 . src=220.121.97.43 . dst=xx.xx.4.1 . (Listed on zen-spamhaus plus rbldns-ru) (573)	2019-11-30 01:16:52
202.28.64.1	attackspambots	Nov 29 13:08:01 ws12vmsma01 sshd[30589]: Invalid user apache from 202.28.64.1 Nov 29 13:08:03 ws12vmsma01 sshd[30589]: Failed password for invalid user apache from 202.28.64.1 port 45448 ssh2 Nov 29 13:11:40 ws12vmsma01 sshd[31069]: Invalid user morio from 202.28.64.1 ...	2019-11-30 01:20:06
8.33.33.137	attack	1575044895 - 11/29/2019 17:28:15 Host: 8.33.33.137/8.33.33.137 Port: 22 TCP Blocked	2019-11-30 01:17:58
194.5.95.227	attack	Exploit Attempt	2019-11-30 00:59:19

Recently Reported IPs

201.46.101.197	27.73.210.227	81.223.175.202	202.9.121.5
43.129.35.244	178.141.123.202	177.249.169.94	183.13.22.242
115.56.108.32	171.234.11.31	177.93.149.180	179.185.73.194
200.109.8.125	42.245.196.178	187.178.89.58	121.13.252.58
177.249.169.194	36.66.124.193	101.80.16.208	81.200.243.220