37.139.0.44 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Netherlands

运营商(isp): DigitalOcean LLC

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Oct 12 02:24:34 gw1 sshd[13161]: Failed password for root from 37.139.0.44 port 35214 ssh2 ...	2020-10-12 05:32:47
attack	SSH login attempts.	2020-10-11 21:39:46
attack	SSH bruteforce	2020-10-11 13:36:31
attackspambots	2020-10-10T22:49:46.662421shield sshd\[8107\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=37.139.0.44 user=root 2020-10-10T22:49:48.579768shield sshd\[8107\]: Failed password for root from 37.139.0.44 port 56608 ssh2 2020-10-10T22:54:10.804996shield sshd\[8955\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=37.139.0.44 user=root 2020-10-10T22:54:12.631929shield sshd\[8955\]: Failed password for root from 37.139.0.44 port 60860 ssh2 2020-10-10T22:58:50.340852shield sshd\[9892\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=37.139.0.44 user=root	2020-10-11 07:00:34

相同子网IP讨论:

IP	类型	评论内容	时间
37.139.0.226	attackbots	2020-02-27T15:19:37.300461 sshd[23783]: Invalid user email from 37.139.0.226 port 40882 2020-02-27T15:19:37.316078 sshd[23783]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=37.139.0.226 2020-02-27T15:19:37.300461 sshd[23783]: Invalid user email from 37.139.0.226 port 40882 2020-02-27T15:19:39.848281 sshd[23783]: Failed password for invalid user email from 37.139.0.226 port 40882 ssh2 ...	2020-02-28 05:41:38
37.139.0.226	attackbotsspam	Feb 20 13:30:11 marvibiene sshd[1541]: Invalid user lishuoguo from 37.139.0.226 port 45500 Feb 20 13:30:11 marvibiene sshd[1541]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=37.139.0.226 Feb 20 13:30:11 marvibiene sshd[1541]: Invalid user lishuoguo from 37.139.0.226 port 45500 Feb 20 13:30:13 marvibiene sshd[1541]: Failed password for invalid user lishuoguo from 37.139.0.226 port 45500 ssh2 ...	2020-02-20 22:12:35
37.139.0.226	attackbots	Feb 9 08:22:35 markkoudstaal sshd[31589]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=37.139.0.226 Feb 9 08:22:38 markkoudstaal sshd[31589]: Failed password for invalid user ewx from 37.139.0.226 port 41240 ssh2 Feb 9 08:24:48 markkoudstaal sshd[31965]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=37.139.0.226	2020-02-09 19:31:36
37.139.0.226	attack	Feb 3 07:21:30 dedicated sshd[18664]: Invalid user kannur from 37.139.0.226 port 46700	2020-02-03 17:18:22
37.139.0.226	attack	Jan 30 05:59:40 mail sshd\[29534\]: Invalid user lauhi from 37.139.0.226 Jan 30 05:59:40 mail sshd\[29534\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=37.139.0.226 Jan 30 05:59:42 mail sshd\[29534\]: Failed password for invalid user lauhi from 37.139.0.226 port 47856 ssh2 ...	2020-01-30 13:06:11
37.139.0.226	attackspam	Unauthorized connection attempt detected from IP address 37.139.0.226 to port 2220 [J]	2020-01-22 02:26:23
37.139.0.226	attackspam	Invalid user admin from 37.139.0.226 port 33414	2020-01-19 21:19:41
37.139.0.226	attackspam	Jan 10 06:55:59 SilenceServices sshd[19916]: Failed password for root from 37.139.0.226 port 60790 ssh2 Jan 10 06:58:05 SilenceServices sshd[21621]: Failed password for root from 37.139.0.226 port 53476 ssh2	2020-01-10 15:00:40
37.139.0.226	attack	Invalid user plotkin from 37.139.0.226 port 35636	2020-01-04 14:58:59
37.139.0.226	attackbotsspam	Dec 24 18:53:43 mout sshd[30053]: Invalid user 123456 from 37.139.0.226 port 55250	2019-12-25 05:21:59
37.139.0.226	attackspam	Dec 22 06:24:00 sachi sshd\[7236\]: Invalid user ubnt from 37.139.0.226 Dec 22 06:24:00 sachi sshd\[7236\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=37.139.0.226 Dec 22 06:24:02 sachi sshd\[7236\]: Failed password for invalid user ubnt from 37.139.0.226 port 36668 ssh2 Dec 22 06:29:39 sachi sshd\[8665\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=37.139.0.226 user=root Dec 22 06:29:41 sachi sshd\[8665\]: Failed password for root from 37.139.0.226 port 42300 ssh2	2019-12-23 03:59:04
37.139.0.226	attack	Dec 16 01:34:26 cp sshd[8805]: Failed password for root from 37.139.0.226 port 35406 ssh2 Dec 16 01:41:12 cp sshd[12781]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=37.139.0.226 Dec 16 01:41:13 cp sshd[12781]: Failed password for invalid user yoyo from 37.139.0.226 port 56356 ssh2	2019-12-16 08:47:29
37.139.0.226	attackbotsspam	$f2bV_matches	2019-12-11 22:25:00
37.139.0.226	attackspam	Dec 5 22:26:13 vps647732 sshd[25822]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=37.139.0.226 Dec 5 22:26:15 vps647732 sshd[25822]: Failed password for invalid user nv from 37.139.0.226 port 35418 ssh2 ...	2019-12-06 05:50:08
37.139.0.226	attackbots	5x Failed Password	2019-11-30 22:57:02

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 37.139.0.44
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 28024
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;37.139.0.44.			IN	A

;; AUTHORITY SECTION:
.			473	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020101002 1800 900 604800 86400

;; Query time: 110 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Oct 11 07:00:30 CST 2020
;; MSG SIZE  rcvd: 115

HOST信息:

Host 44.0.139.37.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 44.0.139.37.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
122.35.120.59	attackspam	Invalid user new from 122.35.120.59 port 33148	2020-07-16 15:47:47
218.25.161.226	attackbotsspam	Jul 16 05:11:18 mail.srvfarm.net postfix/smtpd[699392]: lost connection after CONNECT from unknown[218.25.161.226] Jul 16 05:11:22 mail.srvfarm.net postfix/smtpd[699496]: warning: unknown[218.25.161.226]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jul 16 05:11:30 mail.srvfarm.net postfix/smtpd[700170]: warning: unknown[218.25.161.226]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jul 16 05:11:42 mail.srvfarm.net postfix/smtpd[700172]: warning: unknown[218.25.161.226]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jul 16 05:21:03 mail.srvfarm.net postfix/smtpd[699498]: lost connection after CONNECT from unknown[218.25.161.226]	2020-07-16 15:53:55
198.71.238.19	attackbots	Automatic report - XMLRPC Attack	2020-07-16 15:32:29
123.157.78.171	attack	Jul 16 05:53:54 onepixel sshd[2542275]: Invalid user admin from 123.157.78.171 port 55366 Jul 16 05:53:54 onepixel sshd[2542275]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.157.78.171 Jul 16 05:53:54 onepixel sshd[2542275]: Invalid user admin from 123.157.78.171 port 55366 Jul 16 05:53:56 onepixel sshd[2542275]: Failed password for invalid user admin from 123.157.78.171 port 55366 ssh2 Jul 16 05:58:15 onepixel sshd[2544612]: Invalid user git from 123.157.78.171 port 56510	2020-07-16 15:36:49
104.248.138.221	attackbots	$f2bV_matches	2020-07-16 15:41:22
200.114.236.19	attackspambots	Jul 16 07:31:03 nextcloud sshd\[13310\]: Invalid user cic from 200.114.236.19 Jul 16 07:31:03 nextcloud sshd\[13310\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.114.236.19 Jul 16 07:31:06 nextcloud sshd\[13310\]: Failed password for invalid user cic from 200.114.236.19 port 52518 ssh2	2020-07-16 15:52:04
185.143.72.23	attackbots	2020-07-16T01:36:48.808430linuxbox-skyline auth[15831]: pam_unix(dovecot:auth): authentication failure; logname= uid=0 euid=0 tty=dovecot ruser=hengbing123654 rhost=185.143.72.23 ...	2020-07-16 15:42:41
205.185.127.217	attackbots	Time: Thu Jul 16 01:34:20 2020 -0300 IP: 205.185.127.217 (US/United States/tor-exit.monoxyde.org) Failures: 5 (mod_security) Interval: 3600 seconds Blocked: Permanent Block	2020-07-16 15:41:39
106.13.41.25	attackspambots	TCP (SYN) 106.13.41.25:58475 -> port 1834, len 44	2020-07-16 15:40:02
5.182.210.206	attackbotsspam	GET / HTTP/1.1 403 0 "-" "python-requests/2.6.0 CPython/2.7.5 Linux/3.10.0-1127.13.1.el7.x86_64"	2020-07-16 15:31:54
122.51.82.22	attack	Jul 16 09:42:50 vps639187 sshd\[27216\]: Invalid user build from 122.51.82.22 port 34874 Jul 16 09:42:50 vps639187 sshd\[27216\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.51.82.22 Jul 16 09:42:52 vps639187 sshd\[27216\]: Failed password for invalid user build from 122.51.82.22 port 34874 ssh2 ...	2020-07-16 15:44:57
191.53.236.188	attackspambots	Jul 16 05:08:01 mail.srvfarm.net postfix/smtps/smtpd[684471]: warning: unknown[191.53.236.188]: SASL PLAIN authentication failed: Jul 16 05:08:02 mail.srvfarm.net postfix/smtps/smtpd[684471]: lost connection after AUTH from unknown[191.53.236.188] Jul 16 05:10:41 mail.srvfarm.net postfix/smtpd[699497]: warning: unknown[191.53.236.188]: SASL PLAIN authentication failed: Jul 16 05:10:41 mail.srvfarm.net postfix/smtpd[699497]: lost connection after AUTH from unknown[191.53.236.188] Jul 16 05:17:11 mail.srvfarm.net postfix/smtpd[699498]: warning: unknown[191.53.236.188]: SASL PLAIN authentication failed:	2020-07-16 16:09:19
218.92.0.168	attackspambots	DATE:2020-07-16 10:04:54,IP:218.92.0.168,MATCHES:10,PORT:ssh	2020-07-16 16:07:42
40.76.91.70	attack	Jul 16 09:34:10 lvps178-77-74-153 sshd[6039]: User root from 40.76.91.70 not allowed because none of user's groups are listed in AllowGroups ...	2020-07-16 15:40:15
185.204.3.36	attackspam	Invalid user admin from 185.204.3.36 port 46804	2020-07-16 15:56:24

最近上报的IP列表

84.90.123.51	23.202.174.202	41.33.126.139	45.162.228.201
185.200.202.34	77.71.34.58	77.71.34.57	128.199.182.170
77.71.34.54	192.95.31.71	193.203.239.1	141.101.69.211
115.159.71.95	108.162.229.62	27.219.96.245	198.211.115.226
86.26.33.173	211.50.54.124	191.252.222.69	112.238.78.55