184.105.139.70

基本信息:

城市(city): Fremont

省份(region): California

国家(country): United States

运营商(isp): Hurricane Electric LLC

主机名(hostname): unknown

机构(organization): Hurricane Electric LLC

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Vulnerability Scanner	2024-04-20 00:30:49
attackbotsspam	TCP (SYN) 184.105.139.70:51140 -> port 5900, len 40	2020-10-14 04:24:47
attackspam	TCP (SYN) 184.105.139.70:51140 -> port 5900, len 40	2020-10-13 19:51:22
attackbots	Found on Alienvault / proto=6 . srcport=38971 . dstport=6379 . (2878)	2020-09-20 03:39:23
attackspambots	firewall-block, port(s): 123/udp	2020-09-19 19:42:26
attackspam	srv02 Mass scanning activity detected Target: 5900 ..	2020-09-07 03:02:56
attackspambots	Tried our host z.	2020-09-06 18:28:03
attack	3389/tcp 873/tcp 50070/tcp... [2020-06-29/08-29]36pkt,13pt.(tcp),2pt.(udp)	2020-08-29 15:16:09
attackspam	Fail2Ban Ban Triggered	2020-08-11 15:10:05
attackbotsspam	Unauthorized SSH login attempts	2020-07-25 12:12:36
attack	Unauthorized connection attempt detected from IP address 184.105.139.70 to port 23	2020-07-19 06:51:16
attack	Unauthorized connection attempt detected from IP address 184.105.139.70 to port 389	2020-07-12 07:23:05
attackbots	Unauthorized connection attempt detected from IP address 184.105.139.70 to port 5555	2020-07-04 23:15:22
attack	Unauthorized connection attempt detected from IP address 184.105.139.70 to port 6379	2020-06-28 23:48:05
attackspam	Unauthorized connection attempt detected from IP address 184.105.139.70 to port 443	2020-06-25 16:04:52
attack	Unauthorized connection attempt detected from IP address 184.105.139.70 to port 6379	2020-04-15 00:18:20
attack	Unauthorized connection attempt detected from IP address 184.105.139.70 to port 389	2020-03-25 19:37:04
attackbotsspam	Fail2Ban Ban Triggered	2020-03-24 07:16:43
attack	Unauthorized connection attempt detected from IP address 184.105.139.70 to port 8443 [J]	2020-03-03 01:02:40
attackbots	RDP brute force attack detected by fail2ban	2020-02-19 05:26:17
attackspam	TCP port 8080: Scan and connection	2020-02-15 03:03:22
attack	Unauthorized connection attempt detected from IP address 184.105.139.70 to port 11211	2020-01-07 02:32:11
attackspam	Unauthorized connection attempt detected from IP address 184.105.139.70 to port 389 [J]	2020-01-06 17:27:13
attack	Unauthorized connection attempt detected from IP address 184.105.139.70 to port 8443	2019-12-29 02:58:04
attackspam	Unauthorized connection attempt detected from IP address 184.105.139.70 to port 8080	2019-12-12 19:30:07
attackbotsspam	MultiHost/MultiPort Probe, Scan, Hack -	2019-10-16 22:30:51
attack	Connection by 184.105.139.70 on port: 21 got caught by honeypot at 10/5/2019 9:44:54 PM	2019-10-06 14:02:53
attackspambots	SMB Server BruteForce Attack	2019-09-29 21:40:41
attackbots	port scan and connect, tcp 23 (telnet)	2019-08-11 01:48:28
attackspam	Automatic report - Port Scan Attack	2019-07-20 12:21:25

相同子网IP讨论:

IP	类型	评论内容	时间
184.105.139.105	attackproxy	Compromised IP	2024-05-09 23:09:39
184.105.139.109	attackproxy	Vulnerability Scanner	2024-04-30 12:59:43
184.105.139.90	botsattackproxy	Ddos bot	2024-04-20 00:26:45
184.105.139.68	attack	Vulnerability Scanner	2024-04-10 01:16:38
184.105.139.69	proxy	VPN fraud	2023-05-15 19:23:33
184.105.139.120	proxy	VPN fraud	2023-05-10 13:17:43
184.105.139.103	proxy	VPN fraud	2023-03-20 14:02:25
184.105.139.99	proxy	VPN fraud	2023-03-20 13:57:09
184.105.139.74	proxy	VPN	2023-01-30 14:03:54
184.105.139.86	proxy	VPN	2023-01-19 13:51:12
184.105.139.124	attackproxy	VPN	2022-12-29 20:40:24
184.105.139.124	attack	VPN	2022-12-29 20:40:21
184.105.139.126	proxy	Attack VPN	2022-12-09 13:59:02
184.105.139.67	attackspambots	1601820404 - 10/04/2020 16:06:44 Host: 184.105.139.67/184.105.139.67 Port: 873 TCP Blocked ...	2020-10-05 06:27:37
184.105.139.67	attackspam	1601820404 - 10/04/2020 16:06:44 Host: 184.105.139.67/184.105.139.67 Port: 873 TCP Blocked ...	2020-10-04 22:28:58

WHOIS信息:

DIG信息:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 184.105.139.70
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 41173
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;184.105.139.70.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019040101 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.3#53(67.207.67.3)
;; WHEN: Tue Apr 02 10:26:30 +08 2019
;; MSG SIZE  rcvd: 118

HOST信息:

70.139.105.184.in-addr.arpa is an alias for 70.64-26.139.105.184.in-addr.arpa.
70.64-26.139.105.184.in-addr.arpa domain name pointer scan-04.shadowserver.org.

NSLOOKUP信息:

Server:		67.207.67.3
Address:	67.207.67.3#53

Non-authoritative answer:
70.139.105.184.in-addr.arpa	canonical name = 70.64-26.139.105.184.in-addr.arpa.
70.64-26.139.105.184.in-addr.arpa	name = scan-04.shadowserver.org.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
89.234.157.254	attack	Jul 29 10:55:42 itv-usvr-01 sshd[21160]: Invalid user admin from 89.234.157.254 Jul 29 10:55:42 itv-usvr-01 sshd[21160]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=89.234.157.254 Jul 29 10:55:42 itv-usvr-01 sshd[21160]: Invalid user admin from 89.234.157.254 Jul 29 10:55:44 itv-usvr-01 sshd[21160]: Failed password for invalid user admin from 89.234.157.254 port 45893 ssh2 Jul 29 10:55:47 itv-usvr-01 sshd[21162]: Invalid user admin from 89.234.157.254	2020-07-29 13:15:29
54.37.153.80	attack	Invalid user xiaohua from 54.37.153.80 port 32914	2020-07-29 13:05:33
129.204.115.246	attackbotsspam	Jul 29 07:41:41 lukav-desktop sshd\[32348\]: Invalid user zouyao from 129.204.115.246 Jul 29 07:41:41 lukav-desktop sshd\[32348\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.204.115.246 Jul 29 07:41:43 lukav-desktop sshd\[32348\]: Failed password for invalid user zouyao from 129.204.115.246 port 43032 ssh2 Jul 29 07:45:06 lukav-desktop sshd\[32412\]: Invalid user jruiz from 129.204.115.246 Jul 29 07:45:06 lukav-desktop sshd\[32412\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.204.115.246	2020-07-29 13:09:12
87.226.165.143	attackbots	2020-07-29T03:51:33.426128abusebot-5.cloudsearch.cf sshd[23230]: Invalid user otrs from 87.226.165.143 port 50936 2020-07-29T03:51:33.431562abusebot-5.cloudsearch.cf sshd[23230]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=87.226.165.143 2020-07-29T03:51:33.426128abusebot-5.cloudsearch.cf sshd[23230]: Invalid user otrs from 87.226.165.143 port 50936 2020-07-29T03:51:34.865447abusebot-5.cloudsearch.cf sshd[23230]: Failed password for invalid user otrs from 87.226.165.143 port 50936 ssh2 2020-07-29T03:55:51.078351abusebot-5.cloudsearch.cf sshd[23239]: Invalid user liyuan from 87.226.165.143 port 41412 2020-07-29T03:55:51.083437abusebot-5.cloudsearch.cf sshd[23239]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=87.226.165.143 2020-07-29T03:55:51.078351abusebot-5.cloudsearch.cf sshd[23239]: Invalid user liyuan from 87.226.165.143 port 41412 2020-07-29T03:55:53.268593abusebot-5.cloudsearch.cf sshd[23239]: ...	2020-07-29 13:10:03
120.92.209.229	attackspam	Jul 29 01:16:04 ny01 sshd[30771]: Failed password for root from 120.92.209.229 port 1634 ssh2 Jul 29 01:20:52 ny01 sshd[31328]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.92.209.229 Jul 29 01:20:54 ny01 sshd[31328]: Failed password for invalid user jianhaoc from 120.92.209.229 port 54174 ssh2	2020-07-29 13:27:46
218.2.197.240	attackspambots	Jul 29 00:29:52 ny01 sshd[24637]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.2.197.240 Jul 29 00:29:54 ny01 sshd[24637]: Failed password for invalid user liangyu from 218.2.197.240 port 44808 ssh2 Jul 29 00:35:00 ny01 sshd[25209]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.2.197.240	2020-07-29 13:07:08
177.242.46.46	attackbots	Jul 29 04:33:24 hcbbdb sshd\[9933\]: Invalid user odoo8 from 177.242.46.46 Jul 29 04:33:24 hcbbdb sshd\[9933\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=177.242.46.46 Jul 29 04:33:26 hcbbdb sshd\[9933\]: Failed password for invalid user odoo8 from 177.242.46.46 port 40932 ssh2 Jul 29 04:37:57 hcbbdb sshd\[10504\]: Invalid user htjcadd from 177.242.46.46 Jul 29 04:37:57 hcbbdb sshd\[10504\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=177.242.46.46	2020-07-29 13:13:40
89.248.168.17	attack	Jul 29 06:01:49 debian-2gb-nbg1-2 kernel: \[18253806.662545\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=89.248.168.17 DST=195.201.40.59 LEN=32 TOS=0x00 PREC=0x00 TTL=247 ID=54321 PROTO=UDP SPT=54945 DPT=3283 LEN=12	2020-07-29 13:26:06
49.88.112.115	attack	Jul 29 07:04:16 vps sshd[57326]: Failed password for root from 49.88.112.115 port 23180 ssh2 Jul 29 07:04:18 vps sshd[57326]: Failed password for root from 49.88.112.115 port 23180 ssh2 Jul 29 07:05:11 vps sshd[66553]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.88.112.115 user=root Jul 29 07:05:14 vps sshd[66553]: Failed password for root from 49.88.112.115 port 26511 ssh2 Jul 29 07:05:16 vps sshd[66553]: Failed password for root from 49.88.112.115 port 26511 ssh2 ...	2020-07-29 13:18:17
47.244.166.23	attackspambots	Automatically reported by fail2ban report script (mx1)	2020-07-29 12:55:55
162.243.129.112	attack	IP: 162.243.129.112 Ports affected HTTP protocol over TLS/SSL (443) Abuse Confidence rating 100% Found in DNSBL('s) ASN Details AS14061 DIGITALOCEAN-ASN United States (US) CIDR 162.243.0.0/16 Log Date: 29/07/2020 3:39:54 AM UTC	2020-07-29 13:32:28
104.154.147.52	attackspambots	Jul 29 04:03:04 django-0 sshd[1921]: Invalid user zitong from 104.154.147.52 ...	2020-07-29 13:11:23
221.229.218.50	attack	Invalid user luoxianjun from 221.229.218.50 port 55697	2020-07-29 13:14:07
106.13.187.27	attackspambots	Jul 29 05:44:26 ns382633 sshd\[10923\]: Invalid user odoo from 106.13.187.27 port 64872 Jul 29 05:44:26 ns382633 sshd\[10923\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.187.27 Jul 29 05:44:28 ns382633 sshd\[10923\]: Failed password for invalid user odoo from 106.13.187.27 port 64872 ssh2 Jul 29 05:55:45 ns382633 sshd\[13335\]: Invalid user shajiaojiao from 106.13.187.27 port 9827 Jul 29 05:55:45 ns382633 sshd\[13335\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.187.27	2020-07-29 13:16:01
122.15.16.12	attack	122.15.16.12 - - [29/Jul/2020:04:55:30 +0100] "POST /wp-login.php HTTP/1.1" 200 2160 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 122.15.16.12 - - [29/Jul/2020:04:55:32 +0100] "POST /wp-login.php HTTP/1.1" 200 2104 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 122.15.16.12 - - [29/Jul/2020:04:55:32 +0100] "POST /xmlrpc.php HTTP/1.1" 403 219 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-07-29 13:26:18

最近上报的IP列表

103.21.218.242	163.172.61.101	162.243.139.184	84.140.195.53
193.112.51.121	134.209.207.123	107.172.221.203	58.218.213.166
27.211.227.68	106.12.208.152	216.218.206.77	51.38.186.207
14.29.116.223	206.81.10.230	217.182.165.158	119.92.218.136
151.226.23.238	158.69.242.200	104.248.66.72	79.1.212.37