184.105.139.70

基本信息:

城市(city): Fremont

省份(region): California

国家(country): United States

运营商(isp): Hurricane Electric LLC

主机名(hostname): unknown

机构(organization): Hurricane Electric LLC

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Vulnerability Scanner	2024-04-20 00:30:49
attackbotsspam	TCP (SYN) 184.105.139.70:51140 -> port 5900, len 40	2020-10-14 04:24:47
attackspam	TCP (SYN) 184.105.139.70:51140 -> port 5900, len 40	2020-10-13 19:51:22
attackbots	Found on Alienvault / proto=6 . srcport=38971 . dstport=6379 . (2878)	2020-09-20 03:39:23
attackspambots	firewall-block, port(s): 123/udp	2020-09-19 19:42:26
attackspam	srv02 Mass scanning activity detected Target: 5900 ..	2020-09-07 03:02:56
attackspambots	Tried our host z.	2020-09-06 18:28:03
attack	3389/tcp 873/tcp 50070/tcp... [2020-06-29/08-29]36pkt,13pt.(tcp),2pt.(udp)	2020-08-29 15:16:09
attackspam	Fail2Ban Ban Triggered	2020-08-11 15:10:05
attackbotsspam	Unauthorized SSH login attempts	2020-07-25 12:12:36
attack	Unauthorized connection attempt detected from IP address 184.105.139.70 to port 23	2020-07-19 06:51:16
attack	Unauthorized connection attempt detected from IP address 184.105.139.70 to port 389	2020-07-12 07:23:05
attackbots	Unauthorized connection attempt detected from IP address 184.105.139.70 to port 5555	2020-07-04 23:15:22
attack	Unauthorized connection attempt detected from IP address 184.105.139.70 to port 6379	2020-06-28 23:48:05
attackspam	Unauthorized connection attempt detected from IP address 184.105.139.70 to port 443	2020-06-25 16:04:52
attack	Unauthorized connection attempt detected from IP address 184.105.139.70 to port 6379	2020-04-15 00:18:20
attack	Unauthorized connection attempt detected from IP address 184.105.139.70 to port 389	2020-03-25 19:37:04
attackbotsspam	Fail2Ban Ban Triggered	2020-03-24 07:16:43
attack	Unauthorized connection attempt detected from IP address 184.105.139.70 to port 8443 [J]	2020-03-03 01:02:40
attackbots	RDP brute force attack detected by fail2ban	2020-02-19 05:26:17
attackspam	TCP port 8080: Scan and connection	2020-02-15 03:03:22
attack	Unauthorized connection attempt detected from IP address 184.105.139.70 to port 11211	2020-01-07 02:32:11
attackspam	Unauthorized connection attempt detected from IP address 184.105.139.70 to port 389 [J]	2020-01-06 17:27:13
attack	Unauthorized connection attempt detected from IP address 184.105.139.70 to port 8443	2019-12-29 02:58:04
attackspam	Unauthorized connection attempt detected from IP address 184.105.139.70 to port 8080	2019-12-12 19:30:07
attackbotsspam	MultiHost/MultiPort Probe, Scan, Hack -	2019-10-16 22:30:51
attack	Connection by 184.105.139.70 on port: 21 got caught by honeypot at 10/5/2019 9:44:54 PM	2019-10-06 14:02:53
attackspambots	SMB Server BruteForce Attack	2019-09-29 21:40:41
attackbots	port scan and connect, tcp 23 (telnet)	2019-08-11 01:48:28
attackspam	Automatic report - Port Scan Attack	2019-07-20 12:21:25

相同子网IP讨论:

IP	类型	评论内容	时间
184.105.139.105	attackproxy	Compromised IP	2024-05-09 23:09:39
184.105.139.109	attackproxy	Vulnerability Scanner	2024-04-30 12:59:43
184.105.139.90	botsattackproxy	Ddos bot	2024-04-20 00:26:45
184.105.139.68	attack	Vulnerability Scanner	2024-04-10 01:16:38
184.105.139.69	proxy	VPN fraud	2023-05-15 19:23:33
184.105.139.120	proxy	VPN fraud	2023-05-10 13:17:43
184.105.139.103	proxy	VPN fraud	2023-03-20 14:02:25
184.105.139.99	proxy	VPN fraud	2023-03-20 13:57:09
184.105.139.74	proxy	VPN	2023-01-30 14:03:54
184.105.139.86	proxy	VPN	2023-01-19 13:51:12
184.105.139.124	attackproxy	VPN	2022-12-29 20:40:24
184.105.139.124	attack	VPN	2022-12-29 20:40:21
184.105.139.126	proxy	Attack VPN	2022-12-09 13:59:02
184.105.139.67	attackspambots	1601820404 - 10/04/2020 16:06:44 Host: 184.105.139.67/184.105.139.67 Port: 873 TCP Blocked ...	2020-10-05 06:27:37
184.105.139.67	attackspam	1601820404 - 10/04/2020 16:06:44 Host: 184.105.139.67/184.105.139.67 Port: 873 TCP Blocked ...	2020-10-04 22:28:58

WHOIS信息:

DIG信息:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 184.105.139.70
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 41173
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;184.105.139.70.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019040101 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.3#53(67.207.67.3)
;; WHEN: Tue Apr 02 10:26:30 +08 2019
;; MSG SIZE  rcvd: 118

HOST信息:

70.139.105.184.in-addr.arpa is an alias for 70.64-26.139.105.184.in-addr.arpa.
70.64-26.139.105.184.in-addr.arpa domain name pointer scan-04.shadowserver.org.

NSLOOKUP信息:

Server:		67.207.67.3
Address:	67.207.67.3#53

Non-authoritative answer:
70.139.105.184.in-addr.arpa	canonical name = 70.64-26.139.105.184.in-addr.arpa.
70.64-26.139.105.184.in-addr.arpa	name = scan-04.shadowserver.org.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
120.52.146.211	attack	(sshd) Failed SSH login from 120.52.146.211 (CN/China/Beijing/Beijing/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Sep 24 18:10:19 atlas sshd[16282]: Invalid user www-data from 120.52.146.211 port 56044 Sep 24 18:10:21 atlas sshd[16282]: Failed password for invalid user www-data from 120.52.146.211 port 56044 ssh2 Sep 24 18:14:49 atlas sshd[17111]: Invalid user deployer from 120.52.146.211 port 47098 Sep 24 18:14:52 atlas sshd[17111]: Failed password for invalid user deployer from 120.52.146.211 port 47098 ssh2 Sep 24 18:16:53 atlas sshd[17773]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.52.146.211 user=root	2020-09-25 09:28:49
218.92.0.168	attack	$f2bV_matches	2020-09-25 09:05:36
138.91.78.42	attackspambots	2020-09-24T21:26:59.847717sorsha.thespaminator.com sshd[27225]: Invalid user kidso from 138.91.78.42 port 46837 2020-09-24T21:27:01.645350sorsha.thespaminator.com sshd[27225]: Failed password for invalid user kidso from 138.91.78.42 port 46837 ssh2 ...	2020-09-25 09:30:21
52.224.67.47	attack	Sep 24 21:38:01 vps46666688 sshd[31842]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.224.67.47 Sep 24 21:38:03 vps46666688 sshd[31842]: Failed password for invalid user infomedia from 52.224.67.47 port 40527 ssh2 ...	2020-09-25 08:54:58
220.166.42.139	attackspambots	2020-09-24T22:47:52.423902shield sshd\[25661\]: Invalid user ts3bot from 220.166.42.139 port 49618 2020-09-24T22:47:52.437793shield sshd\[25661\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=220.166.42.139 2020-09-24T22:47:54.594774shield sshd\[25661\]: Failed password for invalid user ts3bot from 220.166.42.139 port 49618 ssh2 2020-09-24T22:52:31.047570shield sshd\[27110\]: Invalid user guest from 220.166.42.139 port 57100 2020-09-24T22:52:31.056533shield sshd\[27110\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=220.166.42.139	2020-09-25 09:24:32
112.85.42.195	attack	Sep 25 01:24:15 onepixel sshd[2397254]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.195 user=root Sep 25 01:24:18 onepixel sshd[2397254]: Failed password for root from 112.85.42.195 port 41504 ssh2 Sep 25 01:24:15 onepixel sshd[2397254]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.195 user=root Sep 25 01:24:18 onepixel sshd[2397254]: Failed password for root from 112.85.42.195 port 41504 ssh2 Sep 25 01:24:21 onepixel sshd[2397254]: Failed password for root from 112.85.42.195 port 41504 ssh2	2020-09-25 09:28:15
175.24.62.199	attackspambots	Sep 25 01:18:31 lavrea sshd[189747]: Invalid user ts2 from 175.24.62.199 port 52794 ...	2020-09-25 09:12:40
40.74.242.172	attackbots	Sep 25 03:04:42 * sshd[6355]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=40.74.242.172 Sep 25 03:04:44 * sshd[6355]: Failed password for invalid user ditvision from 40.74.242.172 port 58067 ssh2	2020-09-25 09:09:50
40.88.128.168	attack	Sep 25 02:14:14 rancher-0 sshd[275208]: Invalid user hyerelle from 40.88.128.168 port 25065 ...	2020-09-25 08:58:28
78.128.113.121	attackspam	Sep 25 03:04:33 websrv1.derweidener.de postfix/smtpd[1249142]: warning: unknown[78.128.113.121]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 25 03:04:33 websrv1.derweidener.de postfix/smtpd[1249142]: lost connection after AUTH from unknown[78.128.113.121] Sep 25 03:04:37 websrv1.derweidener.de postfix/smtpd[1249142]: lost connection after AUTH from unknown[78.128.113.121] Sep 25 03:04:42 websrv1.derweidener.de postfix/smtpd[1249145]: lost connection after AUTH from unknown[78.128.113.121] Sep 25 03:04:47 websrv1.derweidener.de postfix/smtpd[1249142]: lost connection after AUTH from unknown[78.128.113.121]	2020-09-25 09:14:53
65.52.233.250	attackbots	3x Failed Password	2020-09-25 09:13:01
51.103.136.3	attackbots	Sep 24 22:07:22 mx sshd[12532]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.103.136.3 Sep 24 22:07:24 mx sshd[12532]: Failed password for invalid user groupin from 51.103.136.3 port 33307 ssh2	2020-09-25 09:23:51
209.97.183.120	attack	2020-09-24 21:52:52,155 fail2ban.actions: WARNING [ssh] Ban 209.97.183.120	2020-09-25 08:56:30
167.99.88.51	attackspambots	$f2bV_matches	2020-09-25 09:09:03
159.89.144.102	attack	SCAN: Host Sweep CloudCIX Reconnaissance Scan Detected, PTR: prod-sfo2.qencode-encoder-9137f07cfe8411eaa27feef0a7ddd79b.	2020-09-25 08:52:45

最近上报的IP列表

103.21.218.242	163.172.61.101	162.243.139.184	84.140.195.53
193.112.51.121	134.209.207.123	107.172.221.203	58.218.213.166
27.211.227.68	106.12.208.152	216.218.206.77	51.38.186.207
14.29.116.223	206.81.10.230	217.182.165.158	119.92.218.136
151.226.23.238	158.69.242.200	104.248.66.72	79.1.212.37