184.105.139.73

基本信息:

城市(city): Fremont

省份(region): California

国家(country): United States

运营商(isp): Hurricane Electric LLC

主机名(hostname): unknown

机构(organization): Hurricane Electric LLC

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	srv02 Mass scanning activity detected Target: 177(xdmcp) ..	2020-08-22 15:54:35
attackspam	MultiHost/MultiPort Probe, Scan, Hack -	2020-08-03 16:31:01
attackspam	1 Attack(s) Detected [DoS Attack: TCP/UDP Chargen] from source: 184.105.139.73, port 46854, Thursday, July 23, 2020 22:52:05	2020-07-25 00:55:12
attack	Mar 31 06:40:16 debian-2gb-nbg1-2 kernel: \[7888671.137061\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=184.105.139.73 DST=195.201.40.59 LEN=29 TOS=0x00 PREC=0x00 TTL=52 ID=38197 DF PROTO=UDP SPT=32839 DPT=19 LEN=9	2020-03-31 16:18:38
attackbots	MultiHost/MultiPort Probe, Scan, Hack -	2020-02-28 20:57:13
attackbotsspam	firewall-block, port(s): 19/udp	2020-02-13 17:15:42
attackspambots	Fail2Ban Ban Triggered	2020-02-10 14:35:59
attackbots	6379/tcp 21/tcp 389/tcp... [2019-11-22/2020-01-20]40pkt,14pt.(tcp),3pt.(udp)	2020-01-21 04:31:43
attackbots	27017/tcp 4786/tcp 5900/tcp... [2019-11-09/2020-01-09]30pkt,11pt.(tcp),3pt.(udp)	2020-01-10 18:39:03
attackspambots	11211/tcp 8443/tcp 5555/tcp... [2019-09-25/11-26]36pkt,11pt.(tcp),3pt.(udp)	2019-11-26 13:53:06
attackspambots	scan r	2019-11-01 19:33:28
attackspambots	Honeypot hit.	2019-09-04 20:24:50
attackspambots	" "	2019-09-01 15:59:07
attack	Scanning random ports - tries to find possible vulnerable services	2019-08-30 03:39:01
attack	" "	2019-07-11 01:03:39

相同子网IP讨论:

IP	类型	评论内容	时间
184.105.139.105	attackproxy	Compromised IP	2024-05-09 23:09:39
184.105.139.109	attackproxy	Vulnerability Scanner	2024-04-30 12:59:43
184.105.139.70	attack	Vulnerability Scanner	2024-04-20 00:30:49
184.105.139.90	botsattackproxy	Ddos bot	2024-04-20 00:26:45
184.105.139.68	attack	Vulnerability Scanner	2024-04-10 01:16:38
184.105.139.69	proxy	VPN fraud	2023-05-15 19:23:33
184.105.139.120	proxy	VPN fraud	2023-05-10 13:17:43
184.105.139.103	proxy	VPN fraud	2023-03-20 14:02:25
184.105.139.99	proxy	VPN fraud	2023-03-20 13:57:09
184.105.139.74	proxy	VPN	2023-01-30 14:03:54
184.105.139.86	proxy	VPN	2023-01-19 13:51:12
184.105.139.124	attackproxy	VPN	2022-12-29 20:40:24
184.105.139.124	attack	VPN	2022-12-29 20:40:21
184.105.139.126	proxy	Attack VPN	2022-12-09 13:59:02
184.105.139.70	attackbotsspam	TCP (SYN) 184.105.139.70:51140 -> port 5900, len 40	2020-10-14 04:24:47

WHOIS信息:

DIG信息:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 184.105.139.73
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 61188
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;184.105.139.73.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019040800 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.3#53(67.207.67.3)
;; WHEN: Mon Apr 08 17:28:43 +08 2019
;; MSG SIZE  rcvd: 118

HOST信息:

73.139.105.184.in-addr.arpa is an alias for 73.64-26.139.105.184.in-addr.arpa.
73.64-26.139.105.184.in-addr.arpa domain name pointer scan-03a.shadowserver.org.

NSLOOKUP信息:

Server:		67.207.67.3
Address:	67.207.67.3#53

Non-authoritative answer:
73.139.105.184.in-addr.arpa	canonical name = 73.64-26.139.105.184.in-addr.arpa.
73.64-26.139.105.184.in-addr.arpa	name = scan-03a.shadowserver.org.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
45.143.223.212	attackbots	Bad Postfix AUTH attempts	2020-03-09 15:33:30
183.129.160.229	attackspambots	Port 13832 scan denied	2020-03-09 15:29:25
74.122.10.9	attack	Mar 9 07:57:36 * sshd[3868]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=74.122.10.9 Mar 9 07:57:38 * sshd[3868]: Failed password for invalid user bot from 74.122.10.9 port 39986 ssh2	2020-03-09 15:28:29
170.106.76.57	attackspam	firewall-block, port(s): 888/tcp	2020-03-09 15:30:25
189.68.156.184	attackbots	firewall-block, port(s): 23/tcp	2020-03-09 15:24:51
140.143.197.56	attackbots	Mar 9 07:54:16 sso sshd[7860]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.143.197.56 Mar 9 07:54:18 sso sshd[7860]: Failed password for invalid user cat from 140.143.197.56 port 17902 ssh2 ...	2020-03-09 15:21:20
115.84.113.253	attackbotsspam	Email rejected due to spam filtering	2020-03-09 15:02:36
106.12.55.118	attack	Mar 9 01:07:35 server sshd\[20510\]: Failed password for invalid user ansible from 106.12.55.118 port 59516 ssh2 Mar 9 07:11:32 server sshd\[25179\]: Invalid user testing from 106.12.55.118 Mar 9 07:11:32 server sshd\[25179\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.55.118 Mar 9 07:11:34 server sshd\[25179\]: Failed password for invalid user testing from 106.12.55.118 port 55658 ssh2 Mar 9 07:16:47 server sshd\[26048\]: Invalid user john from 106.12.55.118 Mar 9 07:16:47 server sshd\[26048\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.55.118 ...	2020-03-09 14:55:38
14.177.235.243	attackspambots	Port probing on unauthorized port 445	2020-03-09 15:25:19
45.146.202.165	attackbots	Mar 9 05:43:02 mail.srvfarm.net postfix/smtpd[3865705]: NOQUEUE: reject: RCPT from unknown[45.146.202.165]: 450 4.1.8 : Sender address rejected: Domain not found; from= to= proto=ESMTP helo= Mar 9 05:43:02 mail.srvfarm.net postfix/smtpd[3863082]: NOQUEUE: reject: RCPT from unknown[45.146.202.165]: 450 4.1.8 : Sender address rejected: Domain not found; from= to= proto=ESMTP helo= Mar 9 05:43:02 mail.srvfarm.net postfix/smtpd[3862606]: NOQUEUE: reject: RCPT from unknown[45.146.202.165]: 450 4.1.8 : Sender address rejected: Domain not found; from= to= proto=ESMTP helo= Mar 9 05:43:03 mail.srvfarm.net postfix/smtpd[3865705]: NOQUEUE: reject: RCPT from	2020-03-09 15:07:18
222.186.30.209	attack	Mar 9 08:18:16 MK-Soft-Root1 sshd[8022]: Failed password for root from 222.186.30.209 port 64453 ssh2 Mar 9 08:18:18 MK-Soft-Root1 sshd[8022]: Failed password for root from 222.186.30.209 port 64453 ssh2 ...	2020-03-09 15:20:00
180.241.44.108	attackbots	1583725851 - 03/09/2020 04:50:51 Host: 180.241.44.108/180.241.44.108 Port: 445 TCP Blocked	2020-03-09 15:08:44
63.81.87.185	attack	Mar 9 04:40:47 mail.srvfarm.net postfix/smtpd[3846783]: NOQUEUE: reject: RCPT from unknown[63.81.87.185]: 450 4.1.8 : Sender address rejected: Domain not found; from= to= proto=ESMTP helo= Mar 9 04:42:30 mail.srvfarm.net postfix/smtpd[3846778]: NOQUEUE: reject: RCPT from unknown[63.81.87.185]: 450 4.1.8 : Sender address rejected: Domain not found; from= to= proto=ESMTP helo= Mar 9 04:48:48 mail.srvfarm.net postfix/smtpd[3846778]: NOQUEUE: reject: RCPT from unknown[63.81.87.185]: 450 4.1.8 : Sender address rejected: Domain not found; from= to= proto=ESMTP helo= Mar 9 04:48:49 mail.srvfarm.net postfix/smtpd[3846781]: NOQUEUE: reject: RCPT from unknown[63.81.87.185]: 450 4.1.8	2020-03-09 15:06:59
84.54.78.248	attackspambots	Email rejected due to spam filtering	2020-03-09 15:14:53
89.36.223.227	attack	2020-03-09T00:03:53.948751linuxbox-skyline auth[53490]: pam_unix(dovecot:auth): authentication failure; logname= uid=0 euid=0 tty=dovecot ruser=contact rhost=89.36.223.227 ...	2020-03-09 15:03:04

最近上报的IP列表

103.209.255.10	123.26.144.37	219.113.123.42	138.197.206.217
176.58.224.237	119.205.221.146	54.36.189.143	185.104.185.238
104.223.105.145	154.126.32.150	93.148.209.75	183.157.184.135
103.97.179.162	222.35.21.206	81.30.208.114	62.240.54.227
113.160.142.127	45.227.254.18	82.200.226.226	210.102.195.249