184.105.139.117

Basic Info

City: Fremont

Region: California

Country: United States

Internet Service Provider: Hurricane Electric LLC

Hostname: unknown

Organization: Hurricane Electric LLC

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspambots	UDP port : 177	2020-08-30 19:14:59
attackbotsspam	srv02 Mass scanning activity detected Target: 1900 ..	2020-07-13 01:32:28
attackspam	MultiHost/MultiPort Probe, Scan, Hack -	2020-07-04 23:28:00
attackspambots	unauthorized connection attempt	2020-06-26 18:51:45
attackspam	UDP 184.105.139.117:48505 -> port 177, len 35	2020-06-24 18:50:30
attackbots	May 20 19:12:33 debian-2gb-nbg1-2 kernel: \[12253579.024060\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=184.105.139.117 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=243 ID=54321 PROTO=TCP SPT=42718 DPT=5555 WINDOW=65535 RES=0x00 SYN URGP=0	2020-05-21 02:03:46
attackbots	1589434738 - 05/14/2020 12:38:58 Host: scan-03k.shadowserver.org/184.105.139.117 Port: 19 UDP Blocked ...	2020-05-14 14:22:15
attackbots	11211/tcp 5555/tcp 9200/tcp... [2020-03-08/05-06]37pkt,8pt.(tcp),3pt.(udp)	2020-05-07 02:36:08
attackspam	Apr 16 12:03:31 debian-2gb-nbg1-2 kernel: \[9290392.849005\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=184.105.139.117 DST=195.201.40.59 LEN=125 TOS=0x00 PREC=0x00 TTL=52 ID=43083 DF PROTO=UDP SPT=19929 DPT=1900 LEN=105	2020-04-16 18:18:08
attackbotsspam	4786/tcp 548/tcp 50075/tcp... [2020-01-25/03-25]34pkt,7pt.(tcp),3pt.(udp)	2020-03-25 20:24:30
attackbots	4786/tcp 548/tcp 50075/tcp... [2020-01-23/03-23]33pkt,8pt.(tcp),3pt.(udp)	2020-03-23 17:35:55
attack	Mar 11 10:41:56 src: 184.105.139.117 signature match: "SCAN UPnP communication attempt" (sid: 100074) udp port: 1900	2020-03-12 01:16:04
attackbotsspam	1582954916 - 02/29/2020 12:41:56 Host: scan-03k.shadowserver.org/184.105.139.117 Port: 19 UDP Blocked ...	2020-02-29 18:22:01
attackbots	firewall-block, port(s): 19/udp	2020-01-16 16:59:23
attackbotsspam	Scanning random ports - tries to find possible vulnerable services	2019-11-27 17:59:42
attack	[portscan] tcp/3389 [MS RDP] *(RWIN=65535)(11171349)	2019-11-17 19:37:58
attackbotsspam	Port scan: Attack repeated for 24 hours	2019-10-29 23:47:53
attack	Honeypot hit.	2019-10-16 12:49:50
attackspambots	" "	2019-08-10 15:43:29

Comments on same subnet:

IP	Type	Details	Datetime
184.105.139.105	attackproxy	Compromised IP	2024-05-09 23:09:39
184.105.139.109	attackproxy	Vulnerability Scanner	2024-04-30 12:59:43
184.105.139.70	attack	Vulnerability Scanner	2024-04-20 00:30:49
184.105.139.90	botsattackproxy	Ddos bot	2024-04-20 00:26:45
184.105.139.68	attack	Vulnerability Scanner	2024-04-10 01:16:38
184.105.139.69	proxy	VPN fraud	2023-05-15 19:23:33
184.105.139.120	proxy	VPN fraud	2023-05-10 13:17:43
184.105.139.103	proxy	VPN fraud	2023-03-20 14:02:25
184.105.139.99	proxy	VPN fraud	2023-03-20 13:57:09
184.105.139.74	proxy	VPN	2023-01-30 14:03:54
184.105.139.86	proxy	VPN	2023-01-19 13:51:12
184.105.139.124	attackproxy	VPN	2022-12-29 20:40:24
184.105.139.124	attack	VPN	2022-12-29 20:40:21
184.105.139.126	proxy	Attack VPN	2022-12-09 13:59:02
184.105.139.70	attackbotsspam	TCP (SYN) 184.105.139.70:51140 -> port 5900, len 40	2020-10-14 04:24:47

Whois info:

Dig info:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 184.105.139.117
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 21813
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;184.105.139.117.		IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019040500 1800 900 604800 86400

;; Query time: 4 msec
;; SERVER: 67.207.67.3#53(67.207.67.3)
;; WHEN: Sat Apr 06 00:28:46 +08 2019
;; MSG SIZE  rcvd: 119

Host info

117.139.105.184.in-addr.arpa is an alias for 117.64-26.139.105.184.in-addr.arpa.
117.64-26.139.105.184.in-addr.arpa domain name pointer scan-03k.shadowserver.org.

Nslookup info:

Server:		67.207.67.3
Address:	67.207.67.3#53

Non-authoritative answer:
117.139.105.184.in-addr.arpa	canonical name = 117.64-26.139.105.184.in-addr.arpa.
117.64-26.139.105.184.in-addr.arpa	name = scan-03k.shadowserver.org.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
77.247.108.14	attack	01/30/2020-14:38:55.923787 77.247.108.14 Protocol: 17 ET SCAN Sipvicious Scan	2020-01-30 21:41:34
185.176.27.18	attackspambots	Jan 30 13:36:40 TCP Attack: SRC=185.176.27.18 DST=[Masked] LEN=40 TOS=0x00 PREC=0x00 TTL=244 PROTO=TCP SPT=48500 DPT=27944 WINDOW=1024 RES=0x00 SYN URGP=0	2020-01-30 22:07:13
222.186.30.31	attack	Jan 30 15:08:48 vps691689 sshd[1630]: Failed password for root from 222.186.30.31 port 63569 ssh2 Jan 30 15:08:50 vps691689 sshd[1630]: Failed password for root from 222.186.30.31 port 63569 ssh2 Jan 30 15:08:52 vps691689 sshd[1630]: Failed password for root from 222.186.30.31 port 63569 ssh2 ...	2020-01-30 22:09:43
89.73.110.59	attack	TCP Port Scanning	2020-01-30 21:34:46
136.179.17.179	attack	Mail/25/465/587-993/995 Probe, Reject, BadAuth, Hack, SPAM -	2020-01-30 22:02:33
165.22.37.70	attackbotsspam	2020-01-30T08:34:32.570036xentho-1 sshd[911083]: Invalid user yang from 165.22.37.70 port 53958 2020-01-30T08:34:32.577082xentho-1 sshd[911083]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=165.22.37.70 2020-01-30T08:34:32.570036xentho-1 sshd[911083]: Invalid user yang from 165.22.37.70 port 53958 2020-01-30T08:34:34.404242xentho-1 sshd[911083]: Failed password for invalid user yang from 165.22.37.70 port 53958 ssh2 2020-01-30T08:35:39.240219xentho-1 sshd[911102]: Invalid user sanatani from 165.22.37.70 port 34866 2020-01-30T08:35:39.246067xentho-1 sshd[911102]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=165.22.37.70 2020-01-30T08:35:39.240219xentho-1 sshd[911102]: Invalid user sanatani from 165.22.37.70 port 34866 2020-01-30T08:35:41.604853xentho-1 sshd[911102]: Failed password for invalid user sanatani from 165.22.37.70 port 34866 ssh2 2020-01-30T08:36:42.641204xentho-1 sshd[911115]: Invalid user ...	2020-01-30 21:42:02
77.79.132.51	attackspambots	Honeypot attack, port: 81, PTR: 77.79.132.51.static.neft.ufanet.ru.	2020-01-30 21:53:41
178.62.79.227	attackspambots	Jan 30 14:24:10 ArkNodeAT sshd\[7410\]: Invalid user balamohana from 178.62.79.227 Jan 30 14:24:10 ArkNodeAT sshd\[7410\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.62.79.227 Jan 30 14:24:11 ArkNodeAT sshd\[7410\]: Failed password for invalid user balamohana from 178.62.79.227 port 34272 ssh2	2020-01-30 21:35:25
23.226.54.2	attackbotsspam	firewall-block, port(s): 1433/tcp	2020-01-30 21:37:33
178.128.221.237	attack	2020-01-30T13:49:30.000558shield sshd\[32064\]: Invalid user kalakanya from 178.128.221.237 port 41602 2020-01-30T13:49:30.005798shield sshd\[32064\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.128.221.237 2020-01-30T13:49:32.111870shield sshd\[32064\]: Failed password for invalid user kalakanya from 178.128.221.237 port 41602 ssh2 2020-01-30T13:51:20.259056shield sshd\[32444\]: Invalid user deepamala from 178.128.221.237 port 56360 2020-01-30T13:51:20.267639shield sshd\[32444\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.128.221.237	2020-01-30 22:03:32
98.196.0.8	attackspambots	Jan 30 13:44:59 ns382633 sshd\[3994\]: Invalid user shrinivas from 98.196.0.8 port 54510 Jan 30 13:44:59 ns382633 sshd\[3994\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=98.196.0.8 Jan 30 13:45:01 ns382633 sshd\[3994\]: Failed password for invalid user shrinivas from 98.196.0.8 port 54510 ssh2 Jan 30 14:38:44 ns382633 sshd\[13613\]: Invalid user vanaspati from 98.196.0.8 port 49890 Jan 30 14:38:44 ns382633 sshd\[13613\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=98.196.0.8	2020-01-30 21:53:15
92.63.194.104	attackbotsspam	SSH Bruteforce attack	2020-01-30 22:20:02
200.165.167.10	attackspam	Jan 30 03:34:51 eddieflores sshd\[7066\]: Invalid user asit from 200.165.167.10 Jan 30 03:34:51 eddieflores sshd\[7066\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.165.167.10 Jan 30 03:34:53 eddieflores sshd\[7066\]: Failed password for invalid user asit from 200.165.167.10 port 45430 ssh2 Jan 30 03:38:40 eddieflores sshd\[7532\]: Invalid user manda from 200.165.167.10 Jan 30 03:38:40 eddieflores sshd\[7532\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.165.167.10	2020-01-30 22:00:01
115.138.187.201	attack	Honeypot attack, port: 5555, PTR: PTR record not found	2020-01-30 22:05:38
213.32.67.160	attack	Jan 30 14:47:15 xeon sshd[58730]: Failed password for invalid user lakshita from 213.32.67.160 port 56120 ssh2	2020-01-30 22:07:51

Recently Reported IPs

106.13.60.187	120.92.20.197	193.112.69.117	60.48.104.79
107.173.143.130	212.129.36.27	152.104.31.35	106.75.17.46
201.242.170.210	194.230.215.179	188.131.224.179	106.223.167.161
106.12.73.236	84.236.67.33	1.22.91.179	94.249.106.241
119.183.52.18	179.185.168.86	78.39.101.33	5.135.230.129