184.105.139.117

基本信息:

城市(city): Fremont

省份(region): California

国家(country): United States

运营商(isp): Hurricane Electric LLC

主机名(hostname): unknown

机构(organization): Hurricane Electric LLC

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspambots	UDP port : 177	2020-08-30 19:14:59
attackbotsspam	srv02 Mass scanning activity detected Target: 1900 ..	2020-07-13 01:32:28
attackspam	MultiHost/MultiPort Probe, Scan, Hack -	2020-07-04 23:28:00
attackspambots	unauthorized connection attempt	2020-06-26 18:51:45
attackspam	UDP 184.105.139.117:48505 -> port 177, len 35	2020-06-24 18:50:30
attackbots	May 20 19:12:33 debian-2gb-nbg1-2 kernel: \[12253579.024060\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=184.105.139.117 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=243 ID=54321 PROTO=TCP SPT=42718 DPT=5555 WINDOW=65535 RES=0x00 SYN URGP=0	2020-05-21 02:03:46
attackbots	1589434738 - 05/14/2020 12:38:58 Host: scan-03k.shadowserver.org/184.105.139.117 Port: 19 UDP Blocked ...	2020-05-14 14:22:15
attackbots	11211/tcp 5555/tcp 9200/tcp... [2020-03-08/05-06]37pkt,8pt.(tcp),3pt.(udp)	2020-05-07 02:36:08
attackspam	Apr 16 12:03:31 debian-2gb-nbg1-2 kernel: \[9290392.849005\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=184.105.139.117 DST=195.201.40.59 LEN=125 TOS=0x00 PREC=0x00 TTL=52 ID=43083 DF PROTO=UDP SPT=19929 DPT=1900 LEN=105	2020-04-16 18:18:08
attackbotsspam	4786/tcp 548/tcp 50075/tcp... [2020-01-25/03-25]34pkt,7pt.(tcp),3pt.(udp)	2020-03-25 20:24:30
attackbots	4786/tcp 548/tcp 50075/tcp... [2020-01-23/03-23]33pkt,8pt.(tcp),3pt.(udp)	2020-03-23 17:35:55
attack	Mar 11 10:41:56 src: 184.105.139.117 signature match: "SCAN UPnP communication attempt" (sid: 100074) udp port: 1900	2020-03-12 01:16:04
attackbotsspam	1582954916 - 02/29/2020 12:41:56 Host: scan-03k.shadowserver.org/184.105.139.117 Port: 19 UDP Blocked ...	2020-02-29 18:22:01
attackbots	firewall-block, port(s): 19/udp	2020-01-16 16:59:23
attackbotsspam	Scanning random ports - tries to find possible vulnerable services	2019-11-27 17:59:42
attack	[portscan] tcp/3389 [MS RDP] *(RWIN=65535)(11171349)	2019-11-17 19:37:58
attackbotsspam	Port scan: Attack repeated for 24 hours	2019-10-29 23:47:53
attack	Honeypot hit.	2019-10-16 12:49:50
attackspambots	" "	2019-08-10 15:43:29

相同子网IP讨论:

IP	类型	评论内容	时间
184.105.139.105	attackproxy	Compromised IP	2024-05-09 23:09:39
184.105.139.109	attackproxy	Vulnerability Scanner	2024-04-30 12:59:43
184.105.139.70	attack	Vulnerability Scanner	2024-04-20 00:30:49
184.105.139.90	botsattackproxy	Ddos bot	2024-04-20 00:26:45
184.105.139.68	attack	Vulnerability Scanner	2024-04-10 01:16:38
184.105.139.69	proxy	VPN fraud	2023-05-15 19:23:33
184.105.139.120	proxy	VPN fraud	2023-05-10 13:17:43
184.105.139.103	proxy	VPN fraud	2023-03-20 14:02:25
184.105.139.99	proxy	VPN fraud	2023-03-20 13:57:09
184.105.139.74	proxy	VPN	2023-01-30 14:03:54
184.105.139.86	proxy	VPN	2023-01-19 13:51:12
184.105.139.124	attackproxy	VPN	2022-12-29 20:40:24
184.105.139.124	attack	VPN	2022-12-29 20:40:21
184.105.139.126	proxy	Attack VPN	2022-12-09 13:59:02
184.105.139.70	attackbotsspam	TCP (SYN) 184.105.139.70:51140 -> port 5900, len 40	2020-10-14 04:24:47

WHOIS信息:

DIG信息:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 184.105.139.117
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 21813
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;184.105.139.117.		IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019040500 1800 900 604800 86400

;; Query time: 4 msec
;; SERVER: 67.207.67.3#53(67.207.67.3)
;; WHEN: Sat Apr 06 00:28:46 +08 2019
;; MSG SIZE  rcvd: 119

HOST信息:

117.139.105.184.in-addr.arpa is an alias for 117.64-26.139.105.184.in-addr.arpa.
117.64-26.139.105.184.in-addr.arpa domain name pointer scan-03k.shadowserver.org.

NSLOOKUP信息:

Server:		67.207.67.3
Address:	67.207.67.3#53

Non-authoritative answer:
117.139.105.184.in-addr.arpa	canonical name = 117.64-26.139.105.184.in-addr.arpa.
117.64-26.139.105.184.in-addr.arpa	name = scan-03k.shadowserver.org.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
118.25.39.110	attackspam	(sshd) Failed SSH login from 118.25.39.110 (CN/China/-): 5 in the last 3600 secs	2020-04-11 22:07:32
117.50.63.228	attackspam	Apr 11 16:25:30 ift sshd\[35461\]: Invalid user rails from 117.50.63.228Apr 11 16:25:32 ift sshd\[35461\]: Failed password for invalid user rails from 117.50.63.228 port 55202 ssh2Apr 11 16:29:54 ift sshd\[35722\]: Failed password for root from 117.50.63.228 port 49214 ssh2Apr 11 16:33:54 ift sshd\[36141\]: Invalid user kopet from 117.50.63.228Apr 11 16:33:56 ift sshd\[36141\]: Failed password for invalid user kopet from 117.50.63.228 port 43212 ssh2 ...	2020-04-11 21:53:03
190.56.229.42	attackspam	Apr 11 14:31:52 vps647732 sshd[11556]: Failed password for root from 190.56.229.42 port 36688 ssh2 ...	2020-04-11 21:58:36
206.189.204.63	attackbots	Apr 11 09:18:44 ws12vmsma01 sshd[62049]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=206.189.204.63 Apr 11 09:18:44 ws12vmsma01 sshd[62049]: Invalid user mailman1 from 206.189.204.63 Apr 11 09:18:46 ws12vmsma01 sshd[62049]: Failed password for invalid user mailman1 from 206.189.204.63 port 52128 ssh2 ...	2020-04-11 21:56:41
58.213.90.34	attack	Apr 11 15:36:04 legacy sshd[17434]: Failed password for root from 58.213.90.34 port 50683 ssh2 Apr 11 15:40:43 legacy sshd[17594]: Failed password for root from 58.213.90.34 port 48030 ssh2 Apr 11 15:45:19 legacy sshd[17769]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.213.90.34 ...	2020-04-11 21:55:09
106.12.47.171	attack	Apr 11 14:02:34 ns382633 sshd\[31603\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.47.171 user=root Apr 11 14:02:36 ns382633 sshd\[31603\]: Failed password for root from 106.12.47.171 port 47212 ssh2 Apr 11 14:16:47 ns382633 sshd\[1909\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.47.171 user=root Apr 11 14:16:48 ns382633 sshd\[1909\]: Failed password for root from 106.12.47.171 port 45450 ssh2 Apr 11 14:18:59 ns382633 sshd\[2180\]: Invalid user postmaster from 106.12.47.171 port 42824 Apr 11 14:18:59 ns382633 sshd\[2180\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.47.171	2020-04-11 22:31:31
219.233.49.236	attackbotsspam	DATE:2020-04-11 14:19:04, IP:219.233.49.236, PORT:1433 MSSQL brute force auth on honeypot server (epe-honey1-hq)	2020-04-11 22:27:42
142.44.240.190	attackspam	Apr 11 15:42:38 ewelt sshd[9985]: Invalid user ping from 142.44.240.190 port 45522 Apr 11 15:42:39 ewelt sshd[9985]: Failed password for invalid user ping from 142.44.240.190 port 45522 ssh2 Apr 11 15:46:37 ewelt sshd[10183]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.44.240.190 user=root Apr 11 15:46:39 ewelt sshd[10183]: Failed password for root from 142.44.240.190 port 55294 ssh2 ...	2020-04-11 21:52:26
110.8.67.146	attack	Apr 11 15:33:19 plex sshd[8473]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=110.8.67.146 user=root Apr 11 15:33:22 plex sshd[8473]: Failed password for root from 110.8.67.146 port 40146 ssh2	2020-04-11 21:46:46
49.88.112.112	attackbots	Apr 11 16:29:35 cvbnet sshd[28668]: Failed password for root from 49.88.112.112 port 41615 ssh2 Apr 11 16:29:38 cvbnet sshd[28668]: Failed password for root from 49.88.112.112 port 41615 ssh2 ...	2020-04-11 22:30:46
112.133.236.60	attack	Repeated attempts against wp-login	2020-04-11 21:45:02
222.186.15.115	attackbots	Apr 11 16:12:41 MainVPS sshd[22448]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.15.115 user=root Apr 11 16:12:43 MainVPS sshd[22448]: Failed password for root from 222.186.15.115 port 34530 ssh2 Apr 11 16:12:46 MainVPS sshd[22448]: Failed password for root from 222.186.15.115 port 34530 ssh2 Apr 11 16:12:41 MainVPS sshd[22448]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.15.115 user=root Apr 11 16:12:43 MainVPS sshd[22448]: Failed password for root from 222.186.15.115 port 34530 ssh2 Apr 11 16:12:46 MainVPS sshd[22448]: Failed password for root from 222.186.15.115 port 34530 ssh2 Apr 11 16:12:41 MainVPS sshd[22448]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.15.115 user=root Apr 11 16:12:43 MainVPS sshd[22448]: Failed password for root from 222.186.15.115 port 34530 ssh2 Apr 11 16:12:46 MainVPS sshd[22448]: Failed password for root from 222.186.15.115	2020-04-11 22:17:35
218.92.0.171	attackspam	Apr 11 15:39:50 vmd48417 sshd[30313]: Failed password for root from 218.92.0.171 port 27203 ssh2	2020-04-11 21:43:29
122.53.157.26	attackspam	Apr 11 18:37:03 gw1 sshd[23384]: Failed password for root from 122.53.157.26 port 47612 ssh2 ...	2020-04-11 21:44:24
120.92.2.217	attack	Apr 11 16:45:47 lukav-desktop sshd\[19563\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.92.2.217 user=root Apr 11 16:45:49 lukav-desktop sshd\[19563\]: Failed password for root from 120.92.2.217 port 30888 ssh2 Apr 11 16:50:19 lukav-desktop sshd\[19721\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.92.2.217 user=root Apr 11 16:50:21 lukav-desktop sshd\[19721\]: Failed password for root from 120.92.2.217 port 6828 ssh2 Apr 11 16:52:15 lukav-desktop sshd\[19788\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.92.2.217 user=root	2020-04-11 22:04:28

最近上报的IP列表

106.13.60.187	120.92.20.197	193.112.69.117	60.48.104.79
107.173.143.130	212.129.36.27	152.104.31.35	106.75.17.46
201.242.170.210	194.230.215.179	188.131.224.179	106.223.167.161
106.12.73.236	84.236.67.33	1.22.91.179	94.249.106.241
119.183.52.18	179.185.168.86	78.39.101.33	5.135.230.129