184.105.139.107

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): United States

运营商(isp): Hurricane Electric LLC

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbotsspam	" "	2020-08-05 22:14:25
attack	MultiHost/MultiPort Probe, Scan, Hack -	2020-07-04 23:35:36
attackbotsspam	scans once in preceeding hours on the ports (in chronological order) 11211 resulting in total of 8 scans from 184.105.0.0/16 block.	2020-04-25 22:30:54
attackspam	Scanning random ports - tries to find possible vulnerable services	2020-03-02 09:41:15
attackspambots	MultiHost/MultiPort Probe, Scan, Hack -	2020-02-15 03:39:03
attackbots	6379/tcp 5900/tcp 5555/tcp... [2019-06-30/08-28]33pkt,15pt.(tcp),1pt.(udp)	2019-08-30 03:19:45
attack	23/tcp 389/tcp 21/tcp... [2019-05-17/07-16]39pkt,13pt.(tcp),1pt.(udp)	2019-07-17 04:03:16
attackspambots	Honeypot hit.	2019-06-29 20:05:55

相同子网IP讨论:

IP	类型	评论内容	时间
184.105.139.105	attackproxy	Compromised IP	2024-05-09 23:09:39
184.105.139.109	attackproxy	Vulnerability Scanner	2024-04-30 12:59:43
184.105.139.70	attack	Vulnerability Scanner	2024-04-20 00:30:49
184.105.139.90	botsattackproxy	Ddos bot	2024-04-20 00:26:45
184.105.139.68	attack	Vulnerability Scanner	2024-04-10 01:16:38
184.105.139.69	proxy	VPN fraud	2023-05-15 19:23:33
184.105.139.120	proxy	VPN fraud	2023-05-10 13:17:43
184.105.139.103	proxy	VPN fraud	2023-03-20 14:02:25
184.105.139.99	proxy	VPN fraud	2023-03-20 13:57:09
184.105.139.74	proxy	VPN	2023-01-30 14:03:54
184.105.139.86	proxy	VPN	2023-01-19 13:51:12
184.105.139.124	attackproxy	VPN	2022-12-29 20:40:24
184.105.139.124	attack	VPN	2022-12-29 20:40:21
184.105.139.126	proxy	Attack VPN	2022-12-09 13:59:02
184.105.139.70	attackbotsspam	TCP (SYN) 184.105.139.70:51140 -> port 5900, len 40	2020-10-14 04:24:47

WHOIS信息:

DIG信息:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 184.105.139.107
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 56981
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;184.105.139.107.		IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019051600 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Thu May 16 15:37:51 CST 2019
;; MSG SIZE  rcvd: 119

HOST信息:

107.139.105.184.in-addr.arpa is an alias for 107.64-26.139.105.184.in-addr.arpa.
107.64-26.139.105.184.in-addr.arpa domain name pointer scan-01k.shadowserver.org.

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
107.139.105.184.in-addr.arpa	canonical name = 107.64-26.139.105.184.in-addr.arpa.
107.64-26.139.105.184.in-addr.arpa	name = scan-01k.shadowserver.org.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
187.188.206.106	attack	Apr 10 22:33:18 ns381471 sshd[11743]: Failed password for root from 187.188.206.106 port 32035 ssh2	2020-04-11 04:37:23
95.147.58.106	attackspambots	Invalid user pi from 95.147.58.106 port 43124	2020-04-11 04:17:00
179.98.109.188	attack	SSH invalid-user multiple login try	2020-04-11 04:21:30
46.105.50.223	attack	2020-04-10T19:50:45.632944shield sshd\[16791\]: Invalid user ping from 46.105.50.223 port 53994 2020-04-10T19:50:45.636930shield sshd\[16791\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=ip223.ip-46-105-50.eu 2020-04-10T19:50:47.292490shield sshd\[16791\]: Failed password for invalid user ping from 46.105.50.223 port 53994 ssh2 2020-04-10T19:54:32.413792shield sshd\[17529\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=ip223.ip-46-105-50.eu user=root 2020-04-10T19:54:34.234626shield sshd\[17529\]: Failed password for root from 46.105.50.223 port 34452 ssh2	2020-04-11 04:00:47
220.133.95.68	attackspam	Apr 10 19:00:26 meumeu sshd[11156]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=220.133.95.68 Apr 10 19:00:27 meumeu sshd[11156]: Failed password for invalid user nick from 220.133.95.68 port 54092 ssh2 Apr 10 19:04:39 meumeu sshd[11941]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=220.133.95.68 ...	2020-04-11 04:15:17
5.196.38.15	attackspam	Apr 10 22:07:08 host01 sshd[24803]: Failed password for root from 5.196.38.15 port 55385 ssh2 Apr 10 22:10:31 host01 sshd[25545]: Failed password for root from 5.196.38.15 port 53044 ssh2 ...	2020-04-11 04:25:52
162.210.70.52	attack	Phishing mail send: We recently experience service disruption with our home bank on international transactions ever since the Convid 19 situation started affecting bank operation hours. Please process payment to our below offshore Sweden bank account. Please confirm when payment will be expected and also share the transfer copy once processed for follow up. Received: from us2-ob1-1.mailhostbox.com (162.210.70.52) by AM5EUR03FT041.mail.protection.outlook.com (10.152.17.186) with Microsoft SMTP Server (version=TLS1_0, cipher=TLS_RSA_WITH_AES_256_CBC_SHA) id 15.20.2856.17 via Frontend Transport; Sat, 28 Mar 2020 14:21:49 +0000	2020-04-11 04:10:45
112.220.238.3	attack	Apr 10 10:54:00 firewall sshd[29345]: Invalid user henk from 112.220.238.3 Apr 10 10:54:02 firewall sshd[29345]: Failed password for invalid user henk from 112.220.238.3 port 42550 ssh2 Apr 10 11:02:43 firewall sshd[29598]: Invalid user squid from 112.220.238.3 ...	2020-04-11 04:29:52
51.75.18.212	attackspambots	SSH bruteforce	2020-04-11 04:20:51
115.249.92.88	attackspam	Apr 10 20:07:22 mail sshd[29189]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=115.249.92.88 user=root Apr 10 20:07:24 mail sshd[29189]: Failed password for root from 115.249.92.88 port 58516 ssh2 Apr 10 20:11:51 mail sshd[3668]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=115.249.92.88 user=root Apr 10 20:11:53 mail sshd[3668]: Failed password for root from 115.249.92.88 port 36368 ssh2 Apr 10 20:15:33 mail sshd[9505]: Invalid user johnsrud from 115.249.92.88 ...	2020-04-11 04:04:23
106.12.208.31	attackspam	$f2bV_matches	2020-04-11 04:02:29
113.125.159.5	attack	SSH brute force attempt	2020-04-11 04:04:43
217.194.223.135	attack	$f2bV_matches	2020-04-11 04:32:17
51.178.82.80	attackspambots	Apr 10 19:26:01 localhost sshd\[8708\]: Invalid user admin from 51.178.82.80 Apr 10 19:26:01 localhost sshd\[8708\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.178.82.80 Apr 10 19:26:03 localhost sshd\[8708\]: Failed password for invalid user admin from 51.178.82.80 port 40228 ssh2 Apr 10 19:29:47 localhost sshd\[8936\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.178.82.80 user=root Apr 10 19:29:49 localhost sshd\[8936\]: Failed password for root from 51.178.82.80 port 48446 ssh2 ...	2020-04-11 04:28:01
175.24.105.180	attackspam	Fail2Ban Ban Triggered	2020-04-11 04:19:35

最近上报的IP列表

185.143.221.186	169.243.192.234	77.108.119.154	176.88.201.210
113.197.54.162	185.68.145.2	117.6.87.17	46.166.162.53
201.163.176.203	195.128.158.1	83.221.0.35	196.219.61.99
167.206.202.139	64.222.199.18	110.232.75.242	40.193.14.188
118.123.173.18	117.252.0.162	57.88.137.157	115.78.9.126