184.105.139.96

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): United States

运营商(isp): Hurricane Electric LLC

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	TCP (SYN) 184.105.139.96:60373 -> port 3389, len 44	2020-09-21 03:38:21
attack	TCP (SYN) 184.105.139.96:60373 -> port 3389, len 44	2020-09-20 19:47:47
attackspam	Firewall Dropped Connection	2020-09-13 02:29:17
attack	Firewall Dropped Connection	2020-09-12 18:32:12
attackspam	MultiHost/MultiPort Probe, Scan, Hack -	2020-07-04 22:43:18
attackbotsspam	Hit honeypot r.	2020-06-28 13:29:57
attack	srv02 Mass scanning activity detected Target: 123(ntp) ..	2020-06-22 15:39:28
attack	Honeypot hit.	2020-04-08 17:57:49
attackspambots	Scanning random ports - tries to find possible vulnerable services	2020-03-02 09:41:31
attackspambots	MultiHost/MultiPort Probe, Scan, Hack -	2020-02-15 02:37:52
attackspambots	4786/tcp 50075/tcp 7547/tcp... [2019-12-11/2020-02-07]28pkt,14pt.(tcp),1pt.(udp)	2020-02-09 03:35:39
attackbots	Dec 23 07:26:04 debian-2gb-nbg1-2 kernel: \[735111.915704\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=184.105.139.96 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=243 ID=54321 PROTO=TCP SPT=55736 DPT=8443 WINDOW=65535 RES=0x00 SYN URGP=0	2019-12-23 19:44:15
attackspam	3389BruteforceFW21	2019-10-16 00:15:31
attack	Honeypot hit.	2019-09-26 19:30:50
attack	" "	2019-08-08 08:49:09
attackspam	firewall-block, port(s): 5555/tcp	2019-07-30 23:05:52
attack	Honeypot hit.	2019-07-11 17:19:42
attack	50075/tcp 30005/tcp 8080/tcp... [2019-05-06/07-04]32pkt,16pt.(tcp),1pt.(udp)	2019-07-04 17:34:17

相同子网IP讨论:

IP	类型	评论内容	时间
184.105.139.105	attackproxy	Compromised IP	2024-05-09 23:09:39
184.105.139.109	attackproxy	Vulnerability Scanner	2024-04-30 12:59:43
184.105.139.70	attack	Vulnerability Scanner	2024-04-20 00:30:49
184.105.139.90	botsattackproxy	Ddos bot	2024-04-20 00:26:45
184.105.139.68	attack	Vulnerability Scanner	2024-04-10 01:16:38
184.105.139.69	proxy	VPN fraud	2023-05-15 19:23:33
184.105.139.120	proxy	VPN fraud	2023-05-10 13:17:43
184.105.139.103	proxy	VPN fraud	2023-03-20 14:02:25
184.105.139.99	proxy	VPN fraud	2023-03-20 13:57:09
184.105.139.74	proxy	VPN	2023-01-30 14:03:54
184.105.139.86	proxy	VPN	2023-01-19 13:51:12
184.105.139.124	attackproxy	VPN	2022-12-29 20:40:24
184.105.139.124	attack	VPN	2022-12-29 20:40:21
184.105.139.126	proxy	Attack VPN	2022-12-09 13:59:02
184.105.139.70	attackbotsspam	TCP (SYN) 184.105.139.70:51140 -> port 5900, len 40	2020-10-14 04:24:47

WHOIS信息:

DIG信息:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 184.105.139.96
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 65434
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;184.105.139.96.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019051102 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Sun May 12 12:08:17 CST 2019
;; MSG SIZE  rcvd: 118

HOST信息:

96.139.105.184.in-addr.arpa is an alias for 96.64-26.139.105.184.in-addr.arpa.
96.64-26.139.105.184.in-addr.arpa domain name pointer scan-02g.shadowserver.org.

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
96.139.105.184.in-addr.arpa	canonical name = 96.64-26.139.105.184.in-addr.arpa.
96.64-26.139.105.184.in-addr.arpa	name = scan-02g.shadowserver.org.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
59.92.187.18	attackbotsspam	Unauthorised access (Dec 2) SRC=59.92.187.18 LEN=52 TTL=107 ID=27291 DF TCP DPT=445 WINDOW=8192 SYN Unauthorised access (Dec 2) SRC=59.92.187.18 LEN=52 TTL=109 ID=24359 DF TCP DPT=445 WINDOW=8192 SYN	2019-12-02 18:59:14
138.197.163.11	attack	2019-12-02T12:03:22.902030scmdmz1 sshd\[1877\]: Invalid user sofus from 138.197.163.11 port 54902 2019-12-02T12:03:22.904538scmdmz1 sshd\[1877\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.163.11 2019-12-02T12:03:24.879185scmdmz1 sshd\[1877\]: Failed password for invalid user sofus from 138.197.163.11 port 54902 ssh2 ...	2019-12-02 19:11:29
220.225.126.55	attack	Dec 2 00:57:42 hpm sshd\[16399\]: Invalid user kyungsik from 220.225.126.55 Dec 2 00:57:42 hpm sshd\[16399\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=220.225.126.55 Dec 2 00:57:44 hpm sshd\[16399\]: Failed password for invalid user kyungsik from 220.225.126.55 port 50248 ssh2 Dec 2 01:05:13 hpm sshd\[17182\]: Invalid user meeker from 220.225.126.55 Dec 2 01:05:13 hpm sshd\[17182\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=220.225.126.55	2019-12-02 19:15:55
124.228.159.25	attack	[portscan] Port scan	2019-12-02 19:04:28
185.175.93.5	attackspambots	12/02/2019-05:55:51.300222 185.175.93.5 Protocol: 6 ET SCAN NMAP -sS window 1024	2019-12-02 18:56:28
182.72.207.148	attack	Dec 2 00:56:54 web1 sshd\[14492\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.72.207.148 user=lp Dec 2 00:56:56 web1 sshd\[14492\]: Failed password for lp from 182.72.207.148 port 56399 ssh2 Dec 2 01:04:16 web1 sshd\[15300\]: Invalid user miettunen from 182.72.207.148 Dec 2 01:04:16 web1 sshd\[15300\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.72.207.148 Dec 2 01:04:18 web1 sshd\[15300\]: Failed password for invalid user miettunen from 182.72.207.148 port 33920 ssh2	2019-12-02 19:17:26
188.166.117.213	attackspam	2019-12-02T10:53:54.435300shield sshd\[9072\]: Invalid user dapper from 188.166.117.213 port 38730 2019-12-02T10:53:54.439740shield sshd\[9072\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=188.166.117.213 2019-12-02T10:53:55.772011shield sshd\[9072\]: Failed password for invalid user dapper from 188.166.117.213 port 38730 ssh2 2019-12-02T10:59:14.646934shield sshd\[10228\]: Invalid user RR44 from 188.166.117.213 port 50286 2019-12-02T10:59:14.650108shield sshd\[10228\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=188.166.117.213	2019-12-02 19:09:06
194.243.6.150	attack	2019-12-02T08:53:37.339928abusebot-5.cloudsearch.cf sshd\[27184\]: Invalid user robert from 194.243.6.150 port 50244	2019-12-02 19:16:20
184.105.247.254	attackbots	27017/tcp 873/tcp 5900/tcp... [2019-10-03/12-02]31pkt,13pt.(tcp),1pt.(udp)	2019-12-02 19:16:56
114.116.227.247	attack	Port scan on 3 port(s): 2375 2377 4243	2019-12-02 19:26:01
144.217.255.89	attackbots	TCP Port Scanning	2019-12-02 19:07:17
106.13.70.29	attackbots	Dec 2 11:36:44 OPSO sshd\[19481\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.70.29 user=backup Dec 2 11:36:46 OPSO sshd\[19481\]: Failed password for backup from 106.13.70.29 port 53592 ssh2 Dec 2 11:44:10 OPSO sshd\[20762\]: Invalid user smmsp from 106.13.70.29 port 51792 Dec 2 11:44:10 OPSO sshd\[20762\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.70.29 Dec 2 11:44:12 OPSO sshd\[20762\]: Failed password for invalid user smmsp from 106.13.70.29 port 51792 ssh2	2019-12-02 19:01:22
95.91.9.75	attackbots	Telnet Server BruteForce Attack	2019-12-02 19:33:08
124.156.240.14	attack	5672/tcp 1604/udp 1433/tcp... [2019-10-07/12-02]7pkt,5pt.(tcp),2pt.(udp)	2019-12-02 19:05:05
182.254.154.89	attackspam	Dec 2 00:58:19 hpm sshd\[16483\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.254.154.89 user=root Dec 2 00:58:21 hpm sshd\[16483\]: Failed password for root from 182.254.154.89 port 52918 ssh2 Dec 2 01:05:51 hpm sshd\[17223\]: Invalid user pano from 182.254.154.89 Dec 2 01:05:51 hpm sshd\[17223\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.254.154.89 Dec 2 01:05:53 hpm sshd\[17223\]: Failed password for invalid user pano from 182.254.154.89 port 33252 ssh2	2019-12-02 19:06:46

最近上报的IP列表

104.254.244.205	175.105.127.129	93.172.122.200	7.178.132.67
89.46.67.149	161.240.189.141	121.40.37.227	82.193.112.208
85.145.252.67	116.37.100.233	216.82.73.22	7.73.169.150
49.151.198.155	57.75.25.38	214.189.191.235	77.247.109.220
142.253.75.70	27.78.214.17	47.105.32.123	160.114.202.118