184.105.139.68

基本信息:

城市(city): Fremont

省份(region): California

国家(country): United States

运营商(isp): Hurricane Electric LLC

主机名(hostname): unknown

机构(organization): Hurricane Electric LLC

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Vulnerability Scanner	2024-04-10 01:16:38
attackspam	UDP port : 123	2020-08-21 20:04:15
attackspambots	Unauthorized connection attempt detected from IP address 184.105.139.68 to port 6379 [T]	2020-08-16 01:36:51
attack	Unauthorized connection attempt detected from IP address 184.105.139.68 to port 7547	2020-07-22 00:48:41
attackspambots	srv02 Mass scanning activity detected Target: 123(ntp) ..	2020-07-21 12:41:35
attackspam	Unauthorized connection attempt detected from IP address 184.105.139.68 to port 9200	2020-05-24 20:01:41
attackspam	Unauthorized connection attempt detected from IP address 184.105.139.68 to port 873	2020-05-09 02:44:59
attackbots	Icarus honeypot on github	2020-04-29 14:29:35
attackbots	Unauthorized connection attempt detected from IP address 184.105.139.68 to port 5555	2020-04-19 16:15:15
attackspambots	Unauthorized connection attempt detected from IP address 184.105.139.68 to port 2323	2020-04-08 18:52:40
attack	Unauthorized connection attempt detected from IP address 184.105.139.68 to port 5555	2020-03-17 19:48:26
attackspam	Unauthorized connection attempt detected from IP address 184.105.139.68	2020-03-12 09:03:11
attackspambots	Unauthorized connection attempt detected from IP address 184.105.139.68 to port 3389 [J]	2020-03-03 00:00:25
attack	scan r	2020-02-21 05:23:53
attackspambots	20/2/19@08:35:43: FAIL: Alarm-Intrusion address from=184.105.139.68 ...	2020-02-20 00:46:56
attack	Unauthorized connection attempt detected from IP address 184.105.139.68 to port 4786	2020-01-09 04:31:43
attackbotsspam	Unauthorized connection attempt detected from IP address 184.105.139.68 to port 2323	2020-01-04 02:34:09
attack	Unauthorized connection attempt detected from IP address 184.105.139.68 to port 3389	2019-12-29 18:49:08
attack	Unauthorized connection attempt detected from IP address 184.105.139.68 to port 6379	2019-12-29 03:46:12
attackbots	scan z	2019-11-06 16:42:29
attack	Honeypot hit: [2019-11-03 08:29:03 +0300] Connected from 184.105.139.68 to (HoneypotIP):21	2019-11-03 14:14:15
attackbotsspam	Connection by 184.105.139.68 on port: 4786 got caught by honeypot at 11/1/2019 5:36:17 PM	2019-11-02 03:29:05
attackspam	3389BruteforceFW21	2019-10-16 00:12:07
attack	MultiHost/MultiPort Probe, Scan, Hack -	2019-10-15 02:37:13
attackbotsspam	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-07-20 05:22:03,782 INFO [shellcode_manager] (184.105.139.68) no match, writing hexdump (c6b576cbe7d4c6ec0321981735c0531b :128) - IIS Vulnerability	2019-07-21 20:29:55
attack	21/tcp 11211/tcp 3389/tcp... [2019-05-19/07-20]22pkt,13pt.(tcp),1pt.(udp)	2019-07-20 20:18:20
attack	11211/tcp 7547/tcp 445/tcp... [2019-05-01/06-30]33pkt,17pt.(tcp),1pt.(udp)	2019-07-01 20:29:28
attack	From CCTV User Interface Log ...::ffff:184.105.139.68 - - [22/Jun/2019:20:18:43 +0000] "-" 400 179 ...	2019-06-23 10:37:49
attackspam	1561182121 - 06/22/2019 12:42:01 Host: scan-02.shadowserver.org/184.105.139.68 Port: 21 TCP Blocked ...	2019-06-22 18:55:43

相同子网IP讨论:

IP	类型	评论内容	时间
184.105.139.105	attackproxy	Compromised IP	2024-05-09 23:09:39
184.105.139.109	attackproxy	Vulnerability Scanner	2024-04-30 12:59:43
184.105.139.70	attack	Vulnerability Scanner	2024-04-20 00:30:49
184.105.139.90	botsattackproxy	Ddos bot	2024-04-20 00:26:45
184.105.139.69	proxy	VPN fraud	2023-05-15 19:23:33
184.105.139.120	proxy	VPN fraud	2023-05-10 13:17:43
184.105.139.103	proxy	VPN fraud	2023-03-20 14:02:25
184.105.139.99	proxy	VPN fraud	2023-03-20 13:57:09
184.105.139.74	proxy	VPN	2023-01-30 14:03:54
184.105.139.86	proxy	VPN	2023-01-19 13:51:12
184.105.139.124	attackproxy	VPN	2022-12-29 20:40:24
184.105.139.124	attack	VPN	2022-12-29 20:40:21
184.105.139.126	proxy	Attack VPN	2022-12-09 13:59:02
184.105.139.70	attackbotsspam	TCP (SYN) 184.105.139.70:51140 -> port 5900, len 40	2020-10-14 04:24:47
184.105.139.70	attackspam	TCP (SYN) 184.105.139.70:51140 -> port 5900, len 40	2020-10-13 19:51:22

WHOIS信息:

DIG信息:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 184.105.139.68
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 2398
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;184.105.139.68.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019040500 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.3#53(67.207.67.3)
;; WHEN: Fri Apr 05 18:15:02 +08 2019
;; MSG SIZE  rcvd: 118

HOST信息:

68.139.105.184.in-addr.arpa is an alias for 68.64-26.139.105.184.in-addr.arpa.
68.64-26.139.105.184.in-addr.arpa domain name pointer scan-02.shadowserver.org.

NSLOOKUP信息:

Server:		67.207.67.3
Address:	67.207.67.3#53

Non-authoritative answer:
68.139.105.184.in-addr.arpa	canonical name = 68.64-26.139.105.184.in-addr.arpa.
68.64-26.139.105.184.in-addr.arpa	name = scan-02.shadowserver.org.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
51.75.248.251	attackspam	10/14/2019-16:12:58.535070 51.75.248.251 Protocol: 6 ET SCAN Potential SSH Scan	2019-10-15 04:14:29
118.24.2.218	attack	Oct 14 13:31:05 root sshd[17736]: Failed password for root from 118.24.2.218 port 43942 ssh2 Oct 14 13:36:12 root sshd[17819]: Failed password for root from 118.24.2.218 port 52278 ssh2 ...	2019-10-15 03:54:34
116.193.240.173	attackspam	Input Traffic from this IP, but critial abuseconfidencescore	2019-10-15 04:20:43
1.162.147.250	attackspam	Telnet Server BruteForce Attack	2019-10-15 04:29:52
59.173.193.23	attack	" "	2019-10-15 04:23:03
185.2.4.144	attack	WordPress login Brute force / Web App Attack on client site.	2019-10-15 04:14:57
46.38.144.179	attackbotsspam	Oct 14 15:59:28 web1 postfix/smtpd[24188]: warning: unknown[46.38.144.179]: SASL LOGIN authentication failed: authentication failure ...	2019-10-15 04:19:56
60.249.21.129	attack	Oct 14 09:55:18 wbs sshd\[19754\]: Invalid user vps from 60.249.21.129 Oct 14 09:55:18 wbs sshd\[19754\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=60-249-21-129.hinet-ip.hinet.net Oct 14 09:55:19 wbs sshd\[19754\]: Failed password for invalid user vps from 60.249.21.129 port 43696 ssh2 Oct 14 09:59:41 wbs sshd\[20102\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=60-249-21-129.hinet-ip.hinet.net user=root Oct 14 09:59:43 wbs sshd\[20102\]: Failed password for root from 60.249.21.129 port 56988 ssh2	2019-10-15 04:16:03
195.175.11.18	attackbotsspam	Unauthorised access (Oct 14) SRC=195.175.11.18 LEN=52 TTL=110 ID=18704 DF TCP DPT=445 WINDOW=8192 SYN Unauthorised access (Oct 14) SRC=195.175.11.18 LEN=52 TTL=110 ID=11118 DF TCP DPT=445 WINDOW=8192 SYN	2019-10-15 04:09:56
118.24.28.39	attack	Oct 14 13:32:33 * sshd[15875]: Failed password for root from 118.24.28.39 port 44128 ssh2	2019-10-15 04:00:10
121.122.141.49	attackbotsspam	2019-10-14T19:36:32.862699abusebot-5.cloudsearch.cf sshd\[26362\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.122.141.49 user=root	2019-10-15 03:55:04
54.159.0.53	attackbots	by Amazon Technologies Inc.	2019-10-15 04:29:32
99.46.143.22	attackspambots	Oct 14 10:11:31 tdfoods sshd\[11862\]: Invalid user biable from 99.46.143.22 Oct 14 10:11:31 tdfoods sshd\[11862\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=99-46-143-22.lightspeed.sntcca.sbcglobal.net Oct 14 10:11:33 tdfoods sshd\[11862\]: Failed password for invalid user biable from 99.46.143.22 port 36750 ssh2 Oct 14 10:15:38 tdfoods sshd\[12205\]: Invalid user jk from 99.46.143.22 Oct 14 10:15:38 tdfoods sshd\[12205\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=99-46-143-22.lightspeed.sntcca.sbcglobal.net	2019-10-15 04:24:10
151.8.21.15	attack	[munged]::443 151.8.21.15 - - [14/Oct/2019:21:59:47 +0200] "POST /[munged]: HTTP/1.1" 200 9078 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" [munged]::443 151.8.21.15 - - [14/Oct/2019:21:59:47 +0200] "POST /[munged]: HTTP/1.1" 200 9078 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" [munged]::443 151.8.21.15 - - [14/Oct/2019:21:59:48 +0200] "POST /[munged]: HTTP/1.1" 200 9078 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" [munged]::443 151.8.21.15 - - [14/Oct/2019:21:59:49 +0200] "POST /[munged]: HTTP/1.1" 200 9078 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" [munged]::443 151.8.21.15 - - [14/Oct/2019:21:59:50 +0200] "POST /[munged]: HTTP/1.1" 200 9078 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" [munged]::443 151.8.21.15 - - [14/Oct/2019:21:59:51 +0200] "POST /[munged]: HTTP/1.1" 200 9078 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x8	2019-10-15 04:09:35
157.230.168.4	attackbots	Oct 14 16:11:47 ny01 sshd[30479]: Failed password for root from 157.230.168.4 port 51624 ssh2 Oct 14 16:15:53 ny01 sshd[30867]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.230.168.4 Oct 14 16:15:55 ny01 sshd[30867]: Failed password for invalid user shah from 157.230.168.4 port 35324 ssh2	2019-10-15 04:19:23

最近上报的IP列表

62.56.251.204	180.211.162.254	162.243.150.140	204.244.124.57
113.176.70.233	112.133.229.242	182.75.82.54	178.89.178.221
200.97.28.54	192.74.224.249	216.218.206.74	198.46.168.107
81.82.28.58	195.158.20.106	190.6.204.123	188.217.151.167
183.64.62.173	148.72.232.27	141.98.81.201	119.28.137.46