184.105.139.108

基本信息:

城市(city): Fremont

省份(region): California

国家(country): United States

运营商(isp): Hurricane Electric LLC

主机名(hostname): unknown

机构(organization): Hurricane Electric LLC

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	srv02 Mass scanning activity detected Target: 80(http) ..	2020-09-21 02:15:55
attackspambots	MultiHost/MultiPort Probe, Scan, Hack -	2020-09-20 18:16:38
attackbotsspam	27017/tcp 50075/tcp 4899/tcp... [2020-06-14/08-15]20pkt,10pt.(tcp),1pt.(udp)	2020-08-15 19:46:21
attackbots	" "	2020-08-02 15:01:42
attack	UDP 184.105.139.108:63169 -> port 123, len 40	2020-07-28 19:48:52
attack	srv02 Mass scanning activity detected Target: 873(rsync) ..	2020-07-19 16:53:52
attackspambots	MultiHost/MultiPort Probe, Scan, Hack -	2020-07-04 23:32:19
attackbotsspam	MultiHost/MultiPort Probe, Scan, Hack -	2020-04-23 03:30:41
attack	firewall-block, port(s): 123/udp	2020-03-13 18:31:32
attackbots	firewall-block, port(s): 8443/tcp	2020-02-21 05:26:54
attackbotsspam	[portscan] udp/123 [NTP] *(RWIN=-)(07030936)	2019-07-03 20:14:29

相同子网IP讨论:

IP	类型	评论内容	时间
184.105.139.105	attackproxy	Compromised IP	2024-05-09 23:09:39
184.105.139.109	attackproxy	Vulnerability Scanner	2024-04-30 12:59:43
184.105.139.70	attack	Vulnerability Scanner	2024-04-20 00:30:49
184.105.139.90	botsattackproxy	Ddos bot	2024-04-20 00:26:45
184.105.139.68	attack	Vulnerability Scanner	2024-04-10 01:16:38
184.105.139.69	proxy	VPN fraud	2023-05-15 19:23:33
184.105.139.120	proxy	VPN fraud	2023-05-10 13:17:43
184.105.139.103	proxy	VPN fraud	2023-03-20 14:02:25
184.105.139.99	proxy	VPN fraud	2023-03-20 13:57:09
184.105.139.74	proxy	VPN	2023-01-30 14:03:54
184.105.139.86	proxy	VPN	2023-01-19 13:51:12
184.105.139.124	attackproxy	VPN	2022-12-29 20:40:24
184.105.139.124	attack	VPN	2022-12-29 20:40:21
184.105.139.126	proxy	Attack VPN	2022-12-09 13:59:02
184.105.139.70	attackbotsspam	TCP (SYN) 184.105.139.70:51140 -> port 5900, len 40	2020-10-14 04:24:47

WHOIS信息:

DIG信息:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 184.105.139.108
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 23871
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;184.105.139.108.		IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019040501 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.3#53(67.207.67.3)
;; WHEN: Sat Apr 06 11:49:52 +08 2019
;; MSG SIZE  rcvd: 119

HOST信息:

108.139.105.184.in-addr.arpa is an alias for 108.64-26.139.105.184.in-addr.arpa.
108.64-26.139.105.184.in-addr.arpa domain name pointer scan-02j.shadowserver.org.

NSLOOKUP信息:

Server:		67.207.67.3
Address:	67.207.67.3#53

Non-authoritative answer:
108.139.105.184.in-addr.arpa	canonical name = 108.64-26.139.105.184.in-addr.arpa.
108.64-26.139.105.184.in-addr.arpa	name = scan-02j.shadowserver.org.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
106.12.197.232	attackbotsspam	fail2ban -- 106.12.197.232 ...	2020-07-18 16:58:36
45.160.138.211	attack	failed_logins	2020-07-18 17:08:37
182.254.186.229	attackbots	$f2bV_matches	2020-07-18 17:18:46
61.160.96.90	attackbots	Jul 18 05:46:03 piServer sshd[16551]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.160.96.90 Jul 18 05:46:06 piServer sshd[16551]: Failed password for invalid user svaadmin from 61.160.96.90 port 31498 ssh2 Jul 18 05:51:37 piServer sshd[16934]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.160.96.90 ...	2020-07-18 17:27:47
40.114.171.75	attackspam	Port Scan	2020-07-18 17:11:28
222.186.31.83	attackbots	Jul 18 02:10:04 dignus sshd[14652]: Failed password for root from 222.186.31.83 port 52694 ssh2 Jul 18 02:10:07 dignus sshd[14652]: Failed password for root from 222.186.31.83 port 52694 ssh2 Jul 18 02:10:09 dignus sshd[14652]: Failed password for root from 222.186.31.83 port 52694 ssh2 Jul 18 02:10:13 dignus sshd[14682]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.31.83 user=root Jul 18 02:10:15 dignus sshd[14682]: Failed password for root from 222.186.31.83 port 20368 ssh2 ...	2020-07-18 17:30:03
51.161.12.231	attack	TCP (SYN) 51.161.12.231:32767 -> port 8545, len 44	2020-07-18 17:25:59
49.233.105.41	attack	Jul 18 06:26:03 plex-server sshd[3033410]: Invalid user wp from 49.233.105.41 port 42416 Jul 18 06:26:03 plex-server sshd[3033410]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.233.105.41 Jul 18 06:26:03 plex-server sshd[3033410]: Invalid user wp from 49.233.105.41 port 42416 Jul 18 06:26:05 plex-server sshd[3033410]: Failed password for invalid user wp from 49.233.105.41 port 42416 ssh2 Jul 18 06:30:51 plex-server sshd[3035244]: Invalid user wangxm from 49.233.105.41 port 37476 ...	2020-07-18 16:49:48
177.139.177.94	attackspam	Invalid user kn from 177.139.177.94 port 19719	2020-07-18 17:17:05
119.1.209.98	attack	Dovecot Invalid User Login Attempt.	2020-07-18 17:17:31
192.35.169.22	attackspam	TCP (SYN) 192.35.169.22:49179 -> port 25, len 44	2020-07-18 16:52:47
211.192.36.99	attackspambots	2020-07-18T05:50:23.691597amanda2.illicoweb.com sshd\[32891\]: Invalid user kubernetes from 211.192.36.99 port 33900 2020-07-18T05:50:23.693818amanda2.illicoweb.com sshd\[32891\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=211.192.36.99 2020-07-18T05:50:25.484800amanda2.illicoweb.com sshd\[32891\]: Failed password for invalid user kubernetes from 211.192.36.99 port 33900 ssh2 2020-07-18T05:52:11.822367amanda2.illicoweb.com sshd\[32936\]: Invalid user wjt from 211.192.36.99 port 45802 2020-07-18T05:52:11.824972amanda2.illicoweb.com sshd\[32936\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=211.192.36.99 ...	2020-07-18 16:55:34
157.230.230.152	attack	2020-07-18T04:19:51.556513shield sshd\[1518\]: Invalid user mysql from 157.230.230.152 port 50620 2020-07-18T04:19:51.565351shield sshd\[1518\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.230.230.152 2020-07-18T04:19:53.406460shield sshd\[1518\]: Failed password for invalid user mysql from 157.230.230.152 port 50620 ssh2 2020-07-18T04:23:50.946945shield sshd\[2323\]: Invalid user was from 157.230.230.152 port 37994 2020-07-18T04:23:50.955994shield sshd\[2323\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.230.230.152	2020-07-18 17:28:34
89.248.169.143	attackbotsspam	Jul 18 06:25:59 vps687878 sshd\[10537\]: Failed password for invalid user wke from 89.248.169.143 port 51226 ssh2 Jul 18 06:29:59 vps687878 sshd\[10883\]: Invalid user charles from 89.248.169.143 port 36666 Jul 18 06:29:59 vps687878 sshd\[10883\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=89.248.169.143 Jul 18 06:30:01 vps687878 sshd\[10883\]: Failed password for invalid user charles from 89.248.169.143 port 36666 ssh2 Jul 18 06:33:56 vps687878 sshd\[11242\]: Invalid user edwin from 89.248.169.143 port 50488 Jul 18 06:33:56 vps687878 sshd\[11242\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=89.248.169.143 ...	2020-07-18 17:10:11
87.98.154.134	attackbots	srv02 SSH BruteForce Attacks 22 ..	2020-07-18 17:05:26

最近上报的IP列表

107.170.238.245	149.129.99.116	74.82.47.62	37.49.225.236
84.91.128.47	41.208.222.165	125.47.98.159	178.47.214.65
154.216.245.67	199.231.223.251	160.124.157.112	158.222.6.189
91.104.148.214	85.105.24.134	103.130.197.158	37.79.46.94
46.25.44.29	90.88.58.182	95.179.153.103	122.238.128.100