184.105.139.111

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): United States

运营商(isp): Hurricane Electric LLC

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	srv02 Mass scanning activity detected Target: 11211 ..	2020-06-29 21:49:52
attackbots	firewall-block, port(s): 5900/tcp	2020-04-26 01:41:25

相同子网IP讨论:

IP	类型	评论内容	时间
184.105.139.105	attackproxy	Compromised IP	2024-05-09 23:09:39
184.105.139.109	attackproxy	Vulnerability Scanner	2024-04-30 12:59:43
184.105.139.70	attack	Vulnerability Scanner	2024-04-20 00:30:49
184.105.139.90	botsattackproxy	Ddos bot	2024-04-20 00:26:45
184.105.139.68	attack	Vulnerability Scanner	2024-04-10 01:16:38
184.105.139.69	proxy	VPN fraud	2023-05-15 19:23:33
184.105.139.120	proxy	VPN fraud	2023-05-10 13:17:43
184.105.139.103	proxy	VPN fraud	2023-03-20 14:02:25
184.105.139.99	proxy	VPN fraud	2023-03-20 13:57:09
184.105.139.74	proxy	VPN	2023-01-30 14:03:54
184.105.139.86	proxy	VPN	2023-01-19 13:51:12
184.105.139.124	attackproxy	VPN	2022-12-29 20:40:24
184.105.139.124	attack	VPN	2022-12-29 20:40:21
184.105.139.126	proxy	Attack VPN	2022-12-09 13:59:02
184.105.139.70	attackbotsspam	TCP (SYN) 184.105.139.70:51140 -> port 5900, len 40	2020-10-14 04:24:47

WHOIS信息:

DIG信息:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 184.105.139.111
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 5798
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;184.105.139.111.		IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019051800 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Sat May 18 18:08:18 CST 2019
;; MSG SIZE  rcvd: 119

HOST信息:

111.139.105.184.in-addr.arpa is an alias for 111.64-26.139.105.184.in-addr.arpa.
111.64-26.139.105.184.in-addr.arpa domain name pointer scan-01l.shadowserver.org.

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
111.139.105.184.in-addr.arpa	canonical name = 111.64-26.139.105.184.in-addr.arpa.
111.64-26.139.105.184.in-addr.arpa	name = scan-01l.shadowserver.org.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
85.209.0.103	attackbots	Failed password for invalid user from 85.209.0.103 port 37826 ssh2	2020-10-05 05:35:06
179.124.18.142	attack	Oct 3 22:14:01 mail.srvfarm.net postfix/smtpd[656157]: warning: unknown[179.124.18.142]: SASL PLAIN authentication failed: Oct 3 22:14:02 mail.srvfarm.net postfix/smtpd[656157]: lost connection after AUTH from unknown[179.124.18.142] Oct 3 22:15:08 mail.srvfarm.net postfix/smtpd[660372]: warning: unknown[179.124.18.142]: SASL PLAIN authentication failed: Oct 3 22:15:09 mail.srvfarm.net postfix/smtpd[660372]: lost connection after AUTH from unknown[179.124.18.142] Oct 3 22:18:54 mail.srvfarm.net postfix/smtps/smtpd[658136]: warning: unknown[179.124.18.142]: SASL PLAIN authentication failed:	2020-10-05 05:29:05
92.204.164.42	attackspam	1601805098 - 10/04/2020 11:51:38 Host: 92.204.164.42/92.204.164.42 Port: 22 TCP Blocked	2020-10-05 05:46:31
77.252.137.108	attackspambots	Oct 3 22:24:23 mail.srvfarm.net postfix/smtps/smtpd[662244]: warning: unknown[77.252.137.108]: SASL PLAIN authentication failed: Oct 3 22:24:23 mail.srvfarm.net postfix/smtps/smtpd[662244]: lost connection after AUTH from unknown[77.252.137.108] Oct 3 22:25:26 mail.srvfarm.net postfix/smtpd[660367]: warning: unknown[77.252.137.108]: SASL PLAIN authentication failed: Oct 3 22:25:26 mail.srvfarm.net postfix/smtpd[660367]: lost connection after AUTH from unknown[77.252.137.108] Oct 3 22:27:56 mail.srvfarm.net postfix/smtps/smtpd[662242]: warning: unknown[77.252.137.108]: SASL PLAIN authentication failed:	2020-10-05 05:36:01
45.142.120.53	attackbots	Oct 4 22:25:11 nlmail01.srvfarm.net postfix/smtpd[519323]: warning: unknown[45.142.120.53]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 4 22:25:16 nlmail01.srvfarm.net postfix/smtpd[519344]: warning: unknown[45.142.120.53]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 4 22:25:18 nlmail01.srvfarm.net postfix/smtpd[519339]: warning: unknown[45.142.120.53]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 4 22:25:26 nlmail01.srvfarm.net postfix/smtpd[519323]: warning: unknown[45.142.120.53]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 4 22:25:30 nlmail01.srvfarm.net postfix/smtpd[519363]: warning: unknown[45.142.120.53]: SASL LOGIN authentication failed: UGFzc3dvcmQ6	2020-10-05 05:39:59
112.85.42.81	attack	2020-10-05T00:41:20.193871lavrinenko.info sshd[17727]: Failed password for root from 112.85.42.81 port 25672 ssh2 2020-10-05T00:41:25.150897lavrinenko.info sshd[17727]: Failed password for root from 112.85.42.81 port 25672 ssh2 2020-10-05T00:41:28.823163lavrinenko.info sshd[17727]: Failed password for root from 112.85.42.81 port 25672 ssh2 2020-10-05T00:41:33.428586lavrinenko.info sshd[17727]: Failed password for root from 112.85.42.81 port 25672 ssh2 2020-10-05T00:41:37.586281lavrinenko.info sshd[17727]: Failed password for root from 112.85.42.81 port 25672 ssh2 ...	2020-10-05 05:45:11
59.50.102.242	attackspambots	Port scan: Attack repeated for 24 hours	2020-10-05 05:45:27
193.35.48.18	attackbots	SMTP hacks	2020-10-05 05:26:32
13.76.251.11	attackspambots	Oct 3 22:23:55 mail.srvfarm.net postfix/smtpd[660372]: NOQUEUE: reject: RCPT from unknown[13.76.251.11]: 450 4.7.1 : Helo command rejected: Host not found; from=<> to= proto=ESMTP helo= Oct 3 22:25:42 mail.srvfarm.net postfix/smtpd[661686]: NOQUEUE: reject: RCPT from unknown[13.76.251.11]: 450 4.7.1 : Helo command rejected: Host not found; from=<> to= proto=ESMTP helo= Oct 3 22:27:57 mail.srvfarm.net postfix/smtpd[661686]: NOQUEUE: reject: RCPT from unknown[13.76.251.11]: 450 4.7.1 : Helo command rejected: Host not found; from=<> to= proto=ESMTP helo= Oct 3 22:29:15 mail.srvfarm.net postfix/smtpd[660369]: NOQUEUE: reject: RCPT from unknown[13.76.251.11]: 450 4.7.1 : Helo command rejected: Host not found; from=<> to= proto=ESMTP helo=	2020-10-05 05:23:41
193.35.51.23	attack	SMTP BF Hacks	2020-10-05 05:26:09
128.199.223.233	attackbotsspam	Invalid user fff from 128.199.223.233 port 48202	2020-10-05 05:48:38
13.76.251.4	attackspam	Oct 3 22:23:39 mail.srvfarm.net postfix/smtpd[660366]: NOQUEUE: reject: RCPT from unknown[13.76.251.4]: 450 4.7.1 : Helo command rejected: Host not found; from=<> to= proto=ESMTP helo= Oct 3 22:25:31 mail.srvfarm.net postfix/smtpd[661688]: NOQUEUE: reject: RCPT from unknown[13.76.251.4]: 450 4.7.1 : Helo command rejected: Host not found; from=<> to= proto=ESMTP helo= Oct 3 22:27:55 mail.srvfarm.net postfix/smtpd[660367]: NOQUEUE: reject: RCPT from unknown[13.76.251.4]: 450 4.7.1 : Helo command rejected: Host not found; from=<> to= proto=ESMTP helo= Oct 3 22:30:34 mail.srvfarm.net postfix/smtpd[660366]: NOQUEUE: reject: RCPT from unknown[13.76.251.4]: 450 4.7.1 : Helo command rejected: Host not found; from=<> to= proto=ESMTP helo= Oct 3 22:3	2020-10-05 05:24:12
159.89.125.16	attackbots	Oct 4 22:50:23 mail.srvfarm.net postfix/smtpd[1160735]: warning: unknown[159.89.125.16]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 4 22:50:23 mail.srvfarm.net postfix/smtpd[1160735]: lost connection after AUTH from unknown[159.89.125.16] Oct 4 22:53:44 mail.srvfarm.net postfix/smtpd[1166868]: warning: unknown[159.89.125.16]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 4 22:53:44 mail.srvfarm.net postfix/smtpd[1166868]: lost connection after AUTH from unknown[159.89.125.16] Oct 4 22:53:48 mail.srvfarm.net postfix/smtpd[1166869]: warning: unknown[159.89.125.16]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 4 22:53:48 mail.srvfarm.net postfix/smtpd[1161505]: warning: unknown[159.89.125.16]: SASL LOGIN authentication failed: UGFzc3dvcmQ6	2020-10-05 05:31:02
129.211.17.22	attack	SSH Brute-Force attacks	2020-10-05 05:32:25
85.13.91.231	attackbots	(smtpauth) Failed SMTP AUTH login from 85.13.91.231 (CZ/Czechia/host-85-13-91-231.lidos.cz): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: 2020-10-04 00:41:29 plain authenticator failed for host-85-13-91-231.lidos.cz [85.13.91.231]: 535 Incorrect authentication data (set_id=info@choobchin-co.ir)	2020-10-05 05:35:24

最近上报的IP列表

171.172.8.97	239.220.42.47	98.92.150.131	45.6.203.196
222.72.149.154	202.191.121.218	95.87.25.234	83.167.17.144
83.142.127.26	79.106.225.132	57.138.77.133	171.105.200.225
78.171.10.146	78.92.96.0	216.191.63.143	99.6.63.177
188.77.85.25	176.126.45.166	78.169.13.175	215.30.55.206