184.105.139.70

Basic Info

City: Fremont

Region: California

Country: United States

Internet Service Provider: Hurricane Electric LLC

Hostname: unknown

Organization: Hurricane Electric LLC

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Vulnerability Scanner	2024-04-20 00:30:49
attackbotsspam	TCP (SYN) 184.105.139.70:51140 -> port 5900, len 40	2020-10-14 04:24:47
attackspam	TCP (SYN) 184.105.139.70:51140 -> port 5900, len 40	2020-10-13 19:51:22
attackbots	Found on Alienvault / proto=6 . srcport=38971 . dstport=6379 . (2878)	2020-09-20 03:39:23
attackspambots	firewall-block, port(s): 123/udp	2020-09-19 19:42:26
attackspam	srv02 Mass scanning activity detected Target: 5900 ..	2020-09-07 03:02:56
attackspambots	Tried our host z.	2020-09-06 18:28:03
attack	3389/tcp 873/tcp 50070/tcp... [2020-06-29/08-29]36pkt,13pt.(tcp),2pt.(udp)	2020-08-29 15:16:09
attackspam	Fail2Ban Ban Triggered	2020-08-11 15:10:05
attackbotsspam	Unauthorized SSH login attempts	2020-07-25 12:12:36
attack	Unauthorized connection attempt detected from IP address 184.105.139.70 to port 23	2020-07-19 06:51:16
attack	Unauthorized connection attempt detected from IP address 184.105.139.70 to port 389	2020-07-12 07:23:05
attackbots	Unauthorized connection attempt detected from IP address 184.105.139.70 to port 5555	2020-07-04 23:15:22
attack	Unauthorized connection attempt detected from IP address 184.105.139.70 to port 6379	2020-06-28 23:48:05
attackspam	Unauthorized connection attempt detected from IP address 184.105.139.70 to port 443	2020-06-25 16:04:52
attack	Unauthorized connection attempt detected from IP address 184.105.139.70 to port 6379	2020-04-15 00:18:20
attack	Unauthorized connection attempt detected from IP address 184.105.139.70 to port 389	2020-03-25 19:37:04
attackbotsspam	Fail2Ban Ban Triggered	2020-03-24 07:16:43
attack	Unauthorized connection attempt detected from IP address 184.105.139.70 to port 8443 [J]	2020-03-03 01:02:40
attackbots	RDP brute force attack detected by fail2ban	2020-02-19 05:26:17
attackspam	TCP port 8080: Scan and connection	2020-02-15 03:03:22
attack	Unauthorized connection attempt detected from IP address 184.105.139.70 to port 11211	2020-01-07 02:32:11
attackspam	Unauthorized connection attempt detected from IP address 184.105.139.70 to port 389 [J]	2020-01-06 17:27:13
attack	Unauthorized connection attempt detected from IP address 184.105.139.70 to port 8443	2019-12-29 02:58:04
attackspam	Unauthorized connection attempt detected from IP address 184.105.139.70 to port 8080	2019-12-12 19:30:07
attackbotsspam	MultiHost/MultiPort Probe, Scan, Hack -	2019-10-16 22:30:51
attack	Connection by 184.105.139.70 on port: 21 got caught by honeypot at 10/5/2019 9:44:54 PM	2019-10-06 14:02:53
attackspambots	SMB Server BruteForce Attack	2019-09-29 21:40:41
attackbots	port scan and connect, tcp 23 (telnet)	2019-08-11 01:48:28
attackspam	Automatic report - Port Scan Attack	2019-07-20 12:21:25

Comments on same subnet:

IP	Type	Details	Datetime
184.105.139.105	attackproxy	Compromised IP	2024-05-09 23:09:39
184.105.139.109	attackproxy	Vulnerability Scanner	2024-04-30 12:59:43
184.105.139.90	botsattackproxy	Ddos bot	2024-04-20 00:26:45
184.105.139.68	attack	Vulnerability Scanner	2024-04-10 01:16:38
184.105.139.69	proxy	VPN fraud	2023-05-15 19:23:33
184.105.139.120	proxy	VPN fraud	2023-05-10 13:17:43
184.105.139.103	proxy	VPN fraud	2023-03-20 14:02:25
184.105.139.99	proxy	VPN fraud	2023-03-20 13:57:09
184.105.139.74	proxy	VPN	2023-01-30 14:03:54
184.105.139.86	proxy	VPN	2023-01-19 13:51:12
184.105.139.124	attackproxy	VPN	2022-12-29 20:40:24
184.105.139.124	attack	VPN	2022-12-29 20:40:21
184.105.139.126	proxy	Attack VPN	2022-12-09 13:59:02
184.105.139.67	attackspambots	1601820404 - 10/04/2020 16:06:44 Host: 184.105.139.67/184.105.139.67 Port: 873 TCP Blocked ...	2020-10-05 06:27:37
184.105.139.67	attackspam	1601820404 - 10/04/2020 16:06:44 Host: 184.105.139.67/184.105.139.67 Port: 873 TCP Blocked ...	2020-10-04 22:28:58

Whois info:

Dig info:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 184.105.139.70
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 41173
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;184.105.139.70.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019040101 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.3#53(67.207.67.3)
;; WHEN: Tue Apr 02 10:26:30 +08 2019
;; MSG SIZE  rcvd: 118

Host info

70.139.105.184.in-addr.arpa is an alias for 70.64-26.139.105.184.in-addr.arpa.
70.64-26.139.105.184.in-addr.arpa domain name pointer scan-04.shadowserver.org.

Nslookup info:

Server:		67.207.67.3
Address:	67.207.67.3#53

Non-authoritative answer:
70.139.105.184.in-addr.arpa	canonical name = 70.64-26.139.105.184.in-addr.arpa.
70.64-26.139.105.184.in-addr.arpa	name = scan-04.shadowserver.org.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
157.245.115.45	attackspam	May 16 00:25:06 124388 sshd[25280]: Invalid user postgres from 157.245.115.45 port 44270 May 16 00:25:06 124388 sshd[25280]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.245.115.45 May 16 00:25:06 124388 sshd[25280]: Invalid user postgres from 157.245.115.45 port 44270 May 16 00:25:08 124388 sshd[25280]: Failed password for invalid user postgres from 157.245.115.45 port 44270 ssh2 May 16 00:28:25 124388 sshd[25430]: Invalid user miner from 157.245.115.45 port 52258	2020-05-16 08:59:25
122.51.150.134	attackspam	$f2bV_matches	2020-05-16 08:40:51
74.102.39.43	attack	Blocked Remote Command Execution via Shell Script	2020-05-16 09:05:39
71.38.84.147	attackspambots	Attempted connection to port 2323.	2020-05-16 08:52:38
216.244.66.249	attackspambots	WordPress brute force	2020-05-16 08:47:25
61.154.14.234	attack	May 15 22:56:33 onepixel sshd[3781792]: Invalid user test from 61.154.14.234 port 46519 May 15 22:56:33 onepixel sshd[3781792]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.154.14.234 May 15 22:56:33 onepixel sshd[3781792]: Invalid user test from 61.154.14.234 port 46519 May 15 22:56:35 onepixel sshd[3781792]: Failed password for invalid user test from 61.154.14.234 port 46519 ssh2 May 15 23:00:34 onepixel sshd[3782210]: Invalid user israel from 61.154.14.234 port 46684	2020-05-16 08:36:28
139.155.127.59	attackbots	May 16 02:18:14 host sshd[55826]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.127.59 user=root May 16 02:18:15 host sshd[55826]: Failed password for root from 139.155.127.59 port 53322 ssh2 ...	2020-05-16 08:30:34
117.18.15.239	attack	WEB SQL injection attempt -1.b	2020-05-16 08:51:47
89.31.57.5	attack	CMS (WordPress or Joomla) login attempt.	2020-05-16 08:56:10
112.85.42.185	attackbotsspam	11. On May 15 2020 experienced a Brute Force SSH login attempt -> 786 unique times by 112.85.42.185.	2020-05-16 12:02:02
41.232.88.4	attackbotsspam	SSH bruteforce	2020-05-16 08:56:34
27.34.12.45	attack	WordPress brute force	2020-05-16 08:46:09
94.241.232.50	attack	Unauthorized connection attempt from IP address 94.241.232.50 on Port 445(SMB)	2020-05-16 09:00:27
34.70.213.45	attackspam	WordPress brute force	2020-05-16 08:43:52
52.163.185.174	attackspambots	WordPress brute force	2020-05-16 08:33:56

Recently Reported IPs

103.21.218.242	163.172.61.101	162.243.139.184	84.140.195.53
193.112.51.121	134.209.207.123	107.172.221.203	58.218.213.166
27.211.227.68	106.12.208.152	216.218.206.77	51.38.186.207
14.29.116.223	206.81.10.230	217.182.165.158	119.92.218.136
151.226.23.238	158.69.242.200	104.248.66.72	79.1.212.37