184.105.139.93

Basic Info

City: unknown

Region: unknown

Country: United States

Internet Service Provider: Hurricane Electric LLC

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbots	MultiHost/MultiPort Probe, Scan, Hack -	2020-07-04 22:47:42
attackspambots	Honeypot hit.	2020-05-03 03:46:56
attackbotsspam	Mar 6 14:56:22 debian-2gb-nbg1-2 kernel: \[5762147.584421\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=184.105.139.93 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=243 ID=54321 PROTO=TCP SPT=51329 DPT=9200 WINDOW=65535 RES=0x00 SYN URGP=0	2020-03-07 02:51:25
attackbots	UTC: 2019-12-25 port: 873/tcp	2019-12-26 13:41:04
attackspam	scan z	2019-11-30 16:46:48
attack	3389BruteforceFW22	2019-11-18 14:06:05
attackbotsspam	9200/tcp 27017/tcp 7547/tcp... [2019-09-01/11-02]30pkt,8pt.(tcp),3pt.(udp)	2019-11-03 14:54:52
attackspambots	MultiHost/MultiPort Probe, Scan, Hack -	2019-11-02 03:03:09
attackbotsspam	UTC: 2019-10-21 port: 19/udp	2019-10-22 18:37:18
attackbots	Honeypot hit.	2019-10-16 22:42:49
attack	UTC: 2019-10-03 port: 177/udp	2019-10-04 20:07:51
attackspambots	873/tcp 443/udp 548/tcp... [2019-05-10/07-11]42pkt,10pt.(tcp),4pt.(udp)	2019-07-12 17:22:00
attackspambots	Port scan: Attack repeated for 24 hours	2019-06-22 19:01:25

Comments on same subnet:

IP	Type	Details	Datetime
184.105.139.105	attackproxy	Compromised IP	2024-05-09 23:09:39
184.105.139.109	attackproxy	Vulnerability Scanner	2024-04-30 12:59:43
184.105.139.70	attack	Vulnerability Scanner	2024-04-20 00:30:49
184.105.139.90	botsattackproxy	Ddos bot	2024-04-20 00:26:45
184.105.139.68	attack	Vulnerability Scanner	2024-04-10 01:16:38
184.105.139.69	proxy	VPN fraud	2023-05-15 19:23:33
184.105.139.120	proxy	VPN fraud	2023-05-10 13:17:43
184.105.139.103	proxy	VPN fraud	2023-03-20 14:02:25
184.105.139.99	proxy	VPN fraud	2023-03-20 13:57:09
184.105.139.74	proxy	VPN	2023-01-30 14:03:54
184.105.139.86	proxy	VPN	2023-01-19 13:51:12
184.105.139.124	attackproxy	VPN	2022-12-29 20:40:24
184.105.139.124	attack	VPN	2022-12-29 20:40:21
184.105.139.126	proxy	Attack VPN	2022-12-09 13:59:02
184.105.139.70	attackbotsspam	TCP (SYN) 184.105.139.70:51140 -> port 5900, len 40	2020-10-14 04:24:47

Whois info:

Dig info:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 184.105.139.93
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 15644
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;184.105.139.93.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019050401 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.3#53(67.207.67.3)
;; WHEN: Sun May 05 09:45:40 +08 2019
;; MSG SIZE  rcvd: 118

Host info

93.139.105.184.in-addr.arpa is an alias for 93.64-26.139.105.184.in-addr.arpa.
93.64-26.139.105.184.in-addr.arpa domain name pointer scan-03e.shadowserver.org.

Nslookup info:

Server:		67.207.67.3
Address:	67.207.67.3#53

Non-authoritative answer:
93.139.105.184.in-addr.arpa	canonical name = 93.64-26.139.105.184.in-addr.arpa.
93.64-26.139.105.184.in-addr.arpa	name = scan-03e.shadowserver.org.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
36.66.222.130	attackbotsspam	SpamReport	2019-08-18 20:38:33
114.242.169.37	attackbotsspam	2019-08-18T05:04:24.133101abusebot-6.cloudsearch.cf sshd\[19418\]: Invalid user guest from 114.242.169.37 port 43798	2019-08-18 20:24:17
81.22.45.165	attackspambots	Port scan attempt detected by AWS-CCS, CTS, India	2019-08-18 20:38:00
179.49.11.234	attackspam	Unauthorized connection attempt from IP address 179.49.11.234 on Port 445(SMB)	2019-08-18 20:01:29
193.169.252.27	attackspam	B: /wp-login.php attack	2019-08-18 20:31:36
121.149.168.193	attack	Aug 18 13:37:35 srv-4 sshd\[18328\]: Invalid user usuario from 121.149.168.193 Aug 18 13:37:35 srv-4 sshd\[18328\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.149.168.193 Aug 18 13:37:37 srv-4 sshd\[18328\]: Failed password for invalid user usuario from 121.149.168.193 port 50930 ssh2 ...	2019-08-18 20:23:56
142.93.254.124	attackspam	2019-08-18T05:15:46.800278mizuno.rwx.ovh sshd[14851]: Connection from 142.93.254.124 port 34900 on 78.46.61.178 port 22 2019-08-18T05:15:47.387811mizuno.rwx.ovh sshd[14851]: Invalid user www-data from 142.93.254.124 port 34900 2019-08-18T05:15:47.397277mizuno.rwx.ovh sshd[14851]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.254.124 2019-08-18T05:15:46.800278mizuno.rwx.ovh sshd[14851]: Connection from 142.93.254.124 port 34900 on 78.46.61.178 port 22 2019-08-18T05:15:47.387811mizuno.rwx.ovh sshd[14851]: Invalid user www-data from 142.93.254.124 port 34900 2019-08-18T05:15:49.184618mizuno.rwx.ovh sshd[14851]: Failed password for invalid user www-data from 142.93.254.124 port 34900 ssh2 ...	2019-08-18 20:16:33
167.99.66.166	attackbotsspam	2019-08-18T10:21:11.307516abusebot-8.cloudsearch.cf sshd\[3509\]: Invalid user guest from 167.99.66.166 port 38266	2019-08-18 20:05:51
81.22.45.150	attackspam	Aug 18 13:31:00 lumpi kernel: INPUT:DROP:SPAMHAUS_EDROP:IN=eth0 OUT= MAC=52:54:a2:01:a5:04:d2:74:7f:6e:37:e3:08:00 SRC=81.22.45.150 DST=172.31.1.100 LEN=40 TOS=0x00 PREC=0x00 TTL=244 ID=42304 PROTO=TCP SPT=53678 DPT=3159 WINDOW=1024 RES=0x00 SYN URGP=0 ...	2019-08-18 20:14:59
162.243.143.52	attackspambots	Unauthorized access on Port 443 [https]	2019-08-18 20:43:08
78.57.250.211	attackspam	Unauthorized connection attempt from IP address 78.57.250.211 on Port 445(SMB)	2019-08-18 20:00:03
4.26.24.242	attack	Aug 17 19:40:24 web1 sshd\[12673\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=4.26.24.242 user=root Aug 17 19:40:26 web1 sshd\[12673\]: Failed password for root from 4.26.24.242 port 46510 ssh2 Aug 17 19:44:54 web1 sshd\[13092\]: Invalid user jboss from 4.26.24.242 Aug 17 19:44:54 web1 sshd\[13092\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=4.26.24.242 Aug 17 19:44:56 web1 sshd\[13092\]: Failed password for invalid user jboss from 4.26.24.242 port 38384 ssh2	2019-08-18 20:31:06
134.209.77.161	attack	Aug 18 13:55:35 dedicated sshd[8472]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.77.161 user=root Aug 18 13:55:37 dedicated sshd[8472]: Failed password for root from 134.209.77.161 port 44558 ssh2	2019-08-18 20:15:31
50.249.31.13	attackspambots	Aug 18 18:17:20 localhost sshd[25856]: Invalid user project from 50.249.31.13 port 58202 Aug 18 18:17:20 localhost sshd[25856]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=50.249.31.13 Aug 18 18:17:20 localhost sshd[25856]: Invalid user project from 50.249.31.13 port 58202 Aug 18 18:17:22 localhost sshd[25856]: Failed password for invalid user project from 50.249.31.13 port 58202 ssh2 ...	2019-08-18 20:18:14
128.199.154.237	attackspam	Aug 18 10:21:23 debian sshd\[14080\]: Invalid user ts from 128.199.154.237 port 45680 Aug 18 10:21:23 debian sshd\[14080\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.154.237 ...	2019-08-18 20:17:29

Recently Reported IPs

49.128.174.248	187.218.194.202	185.2.5.40	103.57.121.22
154.127.88.155	104.248.155.165	80.62.117.226	218.161.75.200
54.50.166.253	209.199.209.238	182.254.36.204	112.74.111.200
45.77.119.62	238.26.224.5	201.38.210.106	96.202.66.124
91.203.101.134	113.59.194.125	54.208.233.73	199.249.230.116