184.105.139.117

基本信息:

城市(city): Fremont

省份(region): California

国家(country): United States

运营商(isp): Hurricane Electric LLC

主机名(hostname): unknown

机构(organization): Hurricane Electric LLC

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspambots	UDP port : 177	2020-08-30 19:14:59
attackbotsspam	srv02 Mass scanning activity detected Target: 1900 ..	2020-07-13 01:32:28
attackspam	MultiHost/MultiPort Probe, Scan, Hack -	2020-07-04 23:28:00
attackspambots	unauthorized connection attempt	2020-06-26 18:51:45
attackspam	UDP 184.105.139.117:48505 -> port 177, len 35	2020-06-24 18:50:30
attackbots	May 20 19:12:33 debian-2gb-nbg1-2 kernel: \[12253579.024060\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=184.105.139.117 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=243 ID=54321 PROTO=TCP SPT=42718 DPT=5555 WINDOW=65535 RES=0x00 SYN URGP=0	2020-05-21 02:03:46
attackbots	1589434738 - 05/14/2020 12:38:58 Host: scan-03k.shadowserver.org/184.105.139.117 Port: 19 UDP Blocked ...	2020-05-14 14:22:15
attackbots	11211/tcp 5555/tcp 9200/tcp... [2020-03-08/05-06]37pkt,8pt.(tcp),3pt.(udp)	2020-05-07 02:36:08
attackspam	Apr 16 12:03:31 debian-2gb-nbg1-2 kernel: \[9290392.849005\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=184.105.139.117 DST=195.201.40.59 LEN=125 TOS=0x00 PREC=0x00 TTL=52 ID=43083 DF PROTO=UDP SPT=19929 DPT=1900 LEN=105	2020-04-16 18:18:08
attackbotsspam	4786/tcp 548/tcp 50075/tcp... [2020-01-25/03-25]34pkt,7pt.(tcp),3pt.(udp)	2020-03-25 20:24:30
attackbots	4786/tcp 548/tcp 50075/tcp... [2020-01-23/03-23]33pkt,8pt.(tcp),3pt.(udp)	2020-03-23 17:35:55
attack	Mar 11 10:41:56 src: 184.105.139.117 signature match: "SCAN UPnP communication attempt" (sid: 100074) udp port: 1900	2020-03-12 01:16:04
attackbotsspam	1582954916 - 02/29/2020 12:41:56 Host: scan-03k.shadowserver.org/184.105.139.117 Port: 19 UDP Blocked ...	2020-02-29 18:22:01
attackbots	firewall-block, port(s): 19/udp	2020-01-16 16:59:23
attackbotsspam	Scanning random ports - tries to find possible vulnerable services	2019-11-27 17:59:42
attack	[portscan] tcp/3389 [MS RDP] *(RWIN=65535)(11171349)	2019-11-17 19:37:58
attackbotsspam	Port scan: Attack repeated for 24 hours	2019-10-29 23:47:53
attack	Honeypot hit.	2019-10-16 12:49:50
attackspambots	" "	2019-08-10 15:43:29

相同子网IP讨论:

IP	类型	评论内容	时间
184.105.139.105	attackproxy	Compromised IP	2024-05-09 23:09:39
184.105.139.109	attackproxy	Vulnerability Scanner	2024-04-30 12:59:43
184.105.139.70	attack	Vulnerability Scanner	2024-04-20 00:30:49
184.105.139.90	botsattackproxy	Ddos bot	2024-04-20 00:26:45
184.105.139.68	attack	Vulnerability Scanner	2024-04-10 01:16:38
184.105.139.69	proxy	VPN fraud	2023-05-15 19:23:33
184.105.139.120	proxy	VPN fraud	2023-05-10 13:17:43
184.105.139.103	proxy	VPN fraud	2023-03-20 14:02:25
184.105.139.99	proxy	VPN fraud	2023-03-20 13:57:09
184.105.139.74	proxy	VPN	2023-01-30 14:03:54
184.105.139.86	proxy	VPN	2023-01-19 13:51:12
184.105.139.124	attackproxy	VPN	2022-12-29 20:40:24
184.105.139.124	attack	VPN	2022-12-29 20:40:21
184.105.139.126	proxy	Attack VPN	2022-12-09 13:59:02
184.105.139.70	attackbotsspam	TCP (SYN) 184.105.139.70:51140 -> port 5900, len 40	2020-10-14 04:24:47

WHOIS信息:

DIG信息:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 184.105.139.117
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 21813
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;184.105.139.117.		IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019040500 1800 900 604800 86400

;; Query time: 4 msec
;; SERVER: 67.207.67.3#53(67.207.67.3)
;; WHEN: Sat Apr 06 00:28:46 +08 2019
;; MSG SIZE  rcvd: 119

HOST信息:

117.139.105.184.in-addr.arpa is an alias for 117.64-26.139.105.184.in-addr.arpa.
117.64-26.139.105.184.in-addr.arpa domain name pointer scan-03k.shadowserver.org.

NSLOOKUP信息:

Server:		67.207.67.3
Address:	67.207.67.3#53

Non-authoritative answer:
117.139.105.184.in-addr.arpa	canonical name = 117.64-26.139.105.184.in-addr.arpa.
117.64-26.139.105.184.in-addr.arpa	name = scan-03k.shadowserver.org.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
148.72.31.120	attack	[munged]::443 148.72.31.120 - - [06/Oct/2019:05:44:57 +0200] "POST /[munged]: HTTP/1.1" 200 6859 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" [munged]::443 148.72.31.120 - - [06/Oct/2019:05:44:58 +0200] "POST /[munged]: HTTP/1.1" 200 6832 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2019-10-06 18:47:52
157.230.215.106	attackspam	Oct 6 12:33:39 icinga sshd[13697]: Failed password for root from 157.230.215.106 port 40734 ssh2 ...	2019-10-06 19:04:19
173.239.139.38	attackspam	Oct 5 20:14:23 sachi sshd\[26831\]: Invalid user 123Qweasd from 173.239.139.38 Oct 5 20:14:23 sachi sshd\[26831\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=173.239.139.38 Oct 5 20:14:25 sachi sshd\[26831\]: Failed password for invalid user 123Qweasd from 173.239.139.38 port 55916 ssh2 Oct 5 20:18:44 sachi sshd\[27264\]: Invalid user Xenia2017 from 173.239.139.38 Oct 5 20:18:44 sachi sshd\[27264\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=173.239.139.38	2019-10-06 19:07:07
182.61.170.251	attackbotsspam	Unauthorized SSH login attempts	2019-10-06 19:06:17
35.192.117.31	attackbotsspam	SSH/22 MH Probe, BF, Hack -	2019-10-06 19:01:54
96.73.98.33	attackspam	Oct 6 12:46:51 lnxweb62 sshd[26605]: Failed password for root from 96.73.98.33 port 8924 ssh2 Oct 6 12:46:51 lnxweb62 sshd[26605]: Failed password for root from 96.73.98.33 port 8924 ssh2	2019-10-06 18:59:57
186.122.149.85	attack	Oct 6 05:55:32 s64-1 sshd[7429]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=186.122.149.85 Oct 6 05:55:34 s64-1 sshd[7429]: Failed password for invalid user Louisiana2017 from 186.122.149.85 port 50280 ssh2 Oct 6 06:00:38 s64-1 sshd[7473]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=186.122.149.85 ...	2019-10-06 18:44:59
118.24.121.240	attackspam	Oct 6 13:07:40 hosting sshd[11834]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.24.121.240 user=root Oct 6 13:07:42 hosting sshd[11834]: Failed password for root from 118.24.121.240 port 27451 ssh2 ...	2019-10-06 18:49:14
80.211.153.198	attackbots	Oct 6 10:51:05 lcl-usvr-02 sshd[4495]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.211.153.198 user=root Oct 6 10:51:07 lcl-usvr-02 sshd[4495]: Failed password for root from 80.211.153.198 port 38316 ssh2 Oct 6 10:54:54 lcl-usvr-02 sshd[5321]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.211.153.198 user=root Oct 6 10:54:57 lcl-usvr-02 sshd[5321]: Failed password for root from 80.211.153.198 port 49308 ssh2 Oct 6 10:58:51 lcl-usvr-02 sshd[6207]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.211.153.198 user=root Oct 6 10:58:53 lcl-usvr-02 sshd[6207]: Failed password for root from 80.211.153.198 port 60274 ssh2 ...	2019-10-06 18:50:42
51.68.47.45	attackspambots	2019-10-06T11:50:54.054945 sshd[23797]: Invalid user P@$$W0RD2016 from 51.68.47.45 port 41916 2019-10-06T11:50:54.064261 sshd[23797]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.68.47.45 2019-10-06T11:50:54.054945 sshd[23797]: Invalid user P@$$W0RD2016 from 51.68.47.45 port 41916 2019-10-06T11:50:55.533100 sshd[23797]: Failed password for invalid user P@$$W0RD2016 from 51.68.47.45 port 41916 ssh2 2019-10-06T11:54:44.301816 sshd[23842]: Invalid user P@$$word@123 from 51.68.47.45 port 54006 ...	2019-10-06 18:38:02
94.231.218.179	attackspambots	B: Magento admin pass test (wrong country)	2019-10-06 18:35:59
23.129.64.213	attackspam	Oct 6 12:31:23 vpn01 sshd[16439]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=23.129.64.213 Oct 6 12:31:25 vpn01 sshd[16439]: Failed password for invalid user aeon from 23.129.64.213 port 42765 ssh2 ...	2019-10-06 18:39:13
222.186.175.217	attackspam	Oct 6 06:40:26 xentho sshd[7430]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.217 user=root Oct 6 06:40:28 xentho sshd[7430]: Failed password for root from 222.186.175.217 port 58492 ssh2 Oct 6 06:40:33 xentho sshd[7430]: Failed password for root from 222.186.175.217 port 58492 ssh2 Oct 6 06:40:26 xentho sshd[7430]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.217 user=root Oct 6 06:40:28 xentho sshd[7430]: Failed password for root from 222.186.175.217 port 58492 ssh2 Oct 6 06:40:33 xentho sshd[7430]: Failed password for root from 222.186.175.217 port 58492 ssh2 Oct 6 06:40:26 xentho sshd[7430]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.217 user=root Oct 6 06:40:28 xentho sshd[7430]: Failed password for root from 222.186.175.217 port 58492 ssh2 Oct 6 06:40:33 xentho sshd[7430]: Failed password for root from ...	2019-10-06 18:41:24
129.213.202.242	attackspam	Oct 6 09:37:24 vps01 sshd[21199]: Failed password for root from 129.213.202.242 port 47071 ssh2	2019-10-06 18:34:28
198.100.146.98	attackspambots	Oct 6 11:58:27 lnxweb62 sshd[29498]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=198.100.146.98	2019-10-06 18:54:39

最近上报的IP列表

106.13.60.187	120.92.20.197	193.112.69.117	60.48.104.79
107.173.143.130	212.129.36.27	152.104.31.35	106.75.17.46
201.242.170.210	194.230.215.179	188.131.224.179	106.223.167.161
106.12.73.236	84.236.67.33	1.22.91.179	94.249.106.241
119.183.52.18	179.185.168.86	78.39.101.33	5.135.230.129