184.105.139.99

Basic Info

City: unknown

Region: unknown

Country: United States

Internet Service Provider: Hurricane Electric LLC

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
proxy	VPN fraud	2023-03-20 13:57:09
attackspam	TCP (SYN) 184.105.139.99:56522 -> port 21, len 44	2020-08-11 01:18:03
attackbotsspam	MultiHost/MultiPort Probe, Scan, Hack -	2020-07-04 22:41:03
attackbots	" "	2019-12-26 03:49:43
attackbots	MultiHost/MultiPort Probe, Scan, Hack -	2019-10-16 22:55:43
attackbotsspam	firewall-block, port(s): 4786/tcp	2019-09-10 04:34:06
attackspambots	" "	2019-07-10 19:03:56

Comments on same subnet:

IP	Type	Details	Datetime
184.105.139.105	attackproxy	Compromised IP	2024-05-09 23:09:39
184.105.139.109	attackproxy	Vulnerability Scanner	2024-04-30 12:59:43
184.105.139.70	attack	Vulnerability Scanner	2024-04-20 00:30:49
184.105.139.90	botsattackproxy	Ddos bot	2024-04-20 00:26:45
184.105.139.68	attack	Vulnerability Scanner	2024-04-10 01:16:38
184.105.139.69	proxy	VPN fraud	2023-05-15 19:23:33
184.105.139.120	proxy	VPN fraud	2023-05-10 13:17:43
184.105.139.103	proxy	VPN fraud	2023-03-20 14:02:25
184.105.139.74	proxy	VPN	2023-01-30 14:03:54
184.105.139.86	proxy	VPN	2023-01-19 13:51:12
184.105.139.124	attackproxy	VPN	2022-12-29 20:40:24
184.105.139.124	attack	VPN	2022-12-29 20:40:21
184.105.139.126	proxy	Attack VPN	2022-12-09 13:59:02
184.105.139.70	attackbotsspam	TCP (SYN) 184.105.139.70:51140 -> port 5900, len 40	2020-10-14 04:24:47
184.105.139.70	attackspam	TCP (SYN) 184.105.139.70:51140 -> port 5900, len 40	2020-10-13 19:51:22

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 184.105.139.99
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 49776
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;184.105.139.99.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019071000 1800 900 604800 86400

;; Query time: 3 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Wed Jul 10 19:03:46 CST 2019
;; MSG SIZE  rcvd: 118

Host info

99.139.105.184.in-addr.arpa is an alias for 99.64-26.139.105.184.in-addr.arpa.
99.64-26.139.105.184.in-addr.arpa domain name pointer scan-01i.shadowserver.org.

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
99.139.105.184.in-addr.arpa	canonical name = 99.64-26.139.105.184.in-addr.arpa.
99.64-26.139.105.184.in-addr.arpa	name = scan-01i.shadowserver.org.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
122.51.2.177	attackbots	Brute-force attempt banned	2020-01-11 19:52:46
115.79.5.206	attack	Unauthorized connection attempt from IP address 115.79.5.206 on Port 445(SMB)	2020-01-11 20:00:12
36.73.54.63	attack	Unauthorized connection attempt from IP address 36.73.54.63 on Port 445(SMB)	2020-01-11 19:45:40
114.67.235.72	attack	Jan 11 11:22:55 vpn01 sshd[19255]: Failed password for root from 114.67.235.72 port 49512 ssh2 ...	2020-01-11 19:42:34
177.84.146.44	attack	Autoban 177.84.146.44 AUTH/CONNECT	2020-01-11 19:41:08
123.20.112.28	attackbots	Jan 11 05:48:04 grey postfix/smtpd\[14586\]: NOQUEUE: reject: RCPT from unknown\[123.20.112.28\]: 554 5.7.1 Service unavailable\; Client host \[123.20.112.28\] blocked using dul.dnsbl.sorbs.net\; Dynamic IP Addresses See: http://www.sorbs.net/lookup.shtml\?123.20.112.28\; from=\ to=\ proto=ESMTP helo=\<\[123.20.112.28\]\> ...	2020-01-11 19:47:03
115.85.46.234	attackspam	Unauthorized connection attempt from IP address 115.85.46.234 on Port 445(SMB)	2020-01-11 19:50:18
116.228.70.126	attack	01/10/2020-23:47:56.231732 116.228.70.126 Protocol: 6 ET SCAN Suspicious inbound to MSSQL port 1433	2020-01-11 19:56:41
77.247.108.15	attackspam	01/11/2020-09:00:47.986404 77.247.108.15 Protocol: 17 ET SCAN Sipvicious Scan	2020-01-11 20:01:05
220.130.79.158	attack	Unauthorized connection attempt from IP address 220.130.79.158 on Port 445(SMB)	2020-01-11 19:56:10
54.38.18.211	attack	Automatic report - SSH Brute-Force Attack	2020-01-11 20:15:16
175.4.212.78	attack	Telnet/23 MH Probe, BF, Hack -	2020-01-11 19:50:53
115.79.26.123	attackspambots	Honeypot attack, port: 445, PTR: adsl.viettel.vn.	2020-01-11 20:06:17
202.102.79.232	attack	Jan 11 06:55:19 *** sshd[6740]: Invalid user segelinde from 202.102.79.232	2020-01-11 20:02:08
89.244.78.185	attackspambots	Jan 11 15:02:59 server sshd\[24814\]: Invalid user pi from 89.244.78.185 Jan 11 15:02:59 server sshd\[24814\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=i59f44eb9.versanet.de Jan 11 15:02:59 server sshd\[24813\]: Invalid user pi from 89.244.78.185 Jan 11 15:02:59 server sshd\[24813\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=i59f44eb9.versanet.de Jan 11 15:03:01 server sshd\[24814\]: Failed password for invalid user pi from 89.244.78.185 port 39422 ssh2 ...	2020-01-11 20:12:39

Recently Reported IPs

86.202.213.249	68.230.158.216	209.250.227.105	33.70.4.110
187.55.76.79	143.142.171.113	221.121.109.253	83.82.177.89
188.173.218.188	113.23.33.59	180.241.147.180	117.4.184.50
171.225.112.192	186.46.92.249	41.33.119.67	171.38.217.61
14.249.111.70	113.176.99.39	101.95.116.6	60.182.190.24