184.105.139.75

Basic Info

City: Fremont

Region: California

Country: United States

Internet Service Provider: Hurricane Electric LLC

Hostname: unknown

Organization: Hurricane Electric LLC

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspambots	8443/tcp 631/tcp 23/tcp... [2020-07-23/09-20]24pkt,13pt.(tcp),1pt.(udp)	2020-09-21 02:17:33
attackbotsspam	Tried our host z.	2020-09-20 18:18:05
attackspam	2323/tcp 873/tcp 1883/tcp... [2020-07-08/09-06]22pkt,12pt.(tcp),1pt.(udp)	2020-09-08 00:43:17
attackspambots	Port scan denied	2020-09-07 16:11:30
attack	TCP (SYN) 184.105.139.75:32995 -> port 2323, len 44	2020-09-07 08:34:18
attackspambots	Port Scan: Events[1] countPorts[1]: 5555 ..	2020-04-17 03:12:05
attackbotsspam	MultiHost/MultiPort Probe, Scan, Hack -	2019-11-02 03:11:04
attackspam	[portscan] tcp/3389 [MS RDP] *(RWIN=65535)(10161238)	2019-10-16 22:33:01
attack	Honeypot hit.	2019-07-26 23:54:33

Comments on same subnet:

IP	Type	Details	Datetime
184.105.139.105	attackproxy	Compromised IP	2024-05-09 23:09:39
184.105.139.109	attackproxy	Vulnerability Scanner	2024-04-30 12:59:43
184.105.139.70	attack	Vulnerability Scanner	2024-04-20 00:30:49
184.105.139.90	botsattackproxy	Ddos bot	2024-04-20 00:26:45
184.105.139.68	attack	Vulnerability Scanner	2024-04-10 01:16:38
184.105.139.69	proxy	VPN fraud	2023-05-15 19:23:33
184.105.139.120	proxy	VPN fraud	2023-05-10 13:17:43
184.105.139.103	proxy	VPN fraud	2023-03-20 14:02:25
184.105.139.99	proxy	VPN fraud	2023-03-20 13:57:09
184.105.139.74	proxy	VPN	2023-01-30 14:03:54
184.105.139.86	proxy	VPN	2023-01-19 13:51:12
184.105.139.124	attackproxy	VPN	2022-12-29 20:40:24
184.105.139.124	attack	VPN	2022-12-29 20:40:21
184.105.139.126	proxy	Attack VPN	2022-12-09 13:59:02
184.105.139.70	attackbotsspam	TCP (SYN) 184.105.139.70:51140 -> port 5900, len 40	2020-10-14 04:24:47

Whois info:

Dig info:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 184.105.139.75
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 15924
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;184.105.139.75.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019040500 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.3#53(67.207.67.3)
;; WHEN: Fri Apr 05 19:54:43 +08 2019
;; MSG SIZE  rcvd: 118

Host info

75.139.105.184.in-addr.arpa is an alias for 75.64-26.139.105.184.in-addr.arpa.
75.64-26.139.105.184.in-addr.arpa domain name pointer scan-01c.shadowserver.org.

Nslookup info:

Server:		67.207.67.3
Address:	67.207.67.3#53

Non-authoritative answer:
75.139.105.184.in-addr.arpa	canonical name = 75.64-26.139.105.184.in-addr.arpa.
75.64-26.139.105.184.in-addr.arpa	name = scan-01c.shadowserver.org.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
198.108.66.179	attack	Apr 14 22:49:23 debian-2gb-nbg1-2 kernel: \[9156351.911208\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=198.108.66.179 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=237 ID=54321 PROTO=TCP SPT=51327 DPT=23 WINDOW=65535 RES=0x00 SYN URGP=0	2020-04-15 06:14:47
140.143.155.172	attackbots	Invalid user test from 140.143.155.172 port 35122	2020-04-15 06:29:34
111.229.165.28	attackbotsspam	Apr 15 00:14:01 jane sshd[6873]: Failed password for root from 111.229.165.28 port 46978 ssh2 Apr 15 00:20:23 jane sshd[17188]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.229.165.28 ...	2020-04-15 06:34:12
139.59.4.62	attackbotsspam	Apr 14 22:41:46 meumeu sshd[27377]: Failed password for root from 139.59.4.62 port 40218 ssh2 Apr 14 22:45:46 meumeu sshd[28012]: Failed password for root from 139.59.4.62 port 48452 ssh2 ...	2020-04-15 06:06:43
162.243.133.130	attack	scan z	2020-04-15 06:11:36
218.92.0.173	attack	2020-04-14T22:28:36.565905shield sshd\[29091\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.173 user=root 2020-04-14T22:28:38.612211shield sshd\[29091\]: Failed password for root from 218.92.0.173 port 40310 ssh2 2020-04-14T22:28:41.993841shield sshd\[29091\]: Failed password for root from 218.92.0.173 port 40310 ssh2 2020-04-14T22:28:44.923262shield sshd\[29091\]: Failed password for root from 218.92.0.173 port 40310 ssh2 2020-04-14T22:28:48.264330shield sshd\[29091\]: Failed password for root from 218.92.0.173 port 40310 ssh2	2020-04-15 06:38:35
37.59.37.69	attack	Apr 14 23:53:27 MainVPS sshd[17434]: Invalid user thuannx from 37.59.37.69 port 52514 Apr 14 23:53:27 MainVPS sshd[17434]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=37.59.37.69 Apr 14 23:53:27 MainVPS sshd[17434]: Invalid user thuannx from 37.59.37.69 port 52514 Apr 14 23:53:29 MainVPS sshd[17434]: Failed password for invalid user thuannx from 37.59.37.69 port 52514 ssh2 Apr 15 00:00:20 MainVPS sshd[23201]: Invalid user zte from 37.59.37.69 port 57255 ...	2020-04-15 06:13:38
167.172.153.137	attackspam	Bruteforce detected by fail2ban	2020-04-15 06:12:10
161.202.187.189	attack	2020-04-15T00:04:03.594100vps773228.ovh.net sshd[20423]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=bd.bb.caa1.ip4.static.sl-reverse.com user=root 2020-04-15T00:04:05.446407vps773228.ovh.net sshd[20423]: Failed password for root from 161.202.187.189 port 38298 ssh2 2020-04-15T00:09:26.468880vps773228.ovh.net sshd[22435]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=bd.bb.caa1.ip4.static.sl-reverse.com user=root 2020-04-15T00:09:28.319427vps773228.ovh.net sshd[22435]: Failed password for root from 161.202.187.189 port 48428 ssh2 2020-04-15T00:14:49.764285vps773228.ovh.net sshd[24436]: Invalid user pdv from 161.202.187.189 port 58560 ...	2020-04-15 06:21:55
175.6.5.233	attackspambots	$f2bV_matches	2020-04-15 06:07:13
213.154.11.207	attackspambots	Dovecot Invalid User Login Attempt.	2020-04-15 06:20:06
162.243.170.252	attackbotsspam	Apr 15 00:10:04 markkoudstaal sshd[12585]: Failed password for root from 162.243.170.252 port 42386 ssh2 Apr 15 00:13:37 markkoudstaal sshd[13068]: Failed password for root from 162.243.170.252 port 51678 ssh2	2020-04-15 06:21:26
222.186.52.139	attackspam	Found by fail2ban	2020-04-15 06:10:04
27.156.126.84	attackspam	Apr 14 23:51:43 santamaria sshd\[8793\]: Invalid user ppldtepe from 27.156.126.84 Apr 14 23:51:43 santamaria sshd\[8793\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=27.156.126.84 Apr 14 23:51:45 santamaria sshd\[8793\]: Failed password for invalid user ppldtepe from 27.156.126.84 port 55300 ssh2 ...	2020-04-15 06:31:16
112.35.27.97	attackbotsspam	Apr 14 21:42:00 *** sshd[3420]: User root from 112.35.27.97 not allowed because not listed in AllowUsers	2020-04-15 06:18:13

Recently Reported IPs

185.176.26.108	213.14.74.210	212.178.1.43	188.18.199.137
218.108.73.134	216.218.206.88	177.42.20.225	59.16.116.81
162.243.141.7	190.60.219.108	107.170.198.115	103.21.119.54
60.15.34.250	104.131.10.62	220.120.53.36	185.123.233.203
115.59.130.35	60.174.40.2	60.8.213.120	59.126.102.144