37.139.16.94 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Netherlands

运营商(isp): DigitalOcean LLC

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspambots	Invalid user workstation from 37.139.16.94 port 56807	2020-05-01 14:42:27
attack	Apr 15 19:12:56 webhost01 sshd[9055]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=37.139.16.94 Apr 15 19:12:57 webhost01 sshd[9055]: Failed password for invalid user ubuntu from 37.139.16.94 port 44534 ssh2 ...	2020-04-15 20:48:27
attackbotsspam	SSH Authentication Attempts Exceeded	2020-04-02 20:20:04
attackspambots	leo_www	2020-03-19 03:08:05
attackbotsspam	Mar 10 23:26:54 hosting sshd[27776]: Invalid user windows from 37.139.16.94 port 37130 ...	2020-03-11 08:48:56
attackbotsspam	Invalid user git from 37.139.16.94 port 49177 pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=37.139.16.94 Failed password for invalid user git from 37.139.16.94 port 49177 ssh2 Invalid user lingqi from 37.139.16.94 port 37156 pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=37.139.16.94	2020-03-02 00:53:03
attackspambots	(sshd) Failed SSH login from 37.139.16.94 (NL/Netherlands/lukasklein.com): 2 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Feb 18 07:18:28 ubnt-55d23 sshd[26378]: Invalid user zabbix from 37.139.16.94 port 58191 Feb 18 07:18:30 ubnt-55d23 sshd[26378]: Failed password for invalid user zabbix from 37.139.16.94 port 58191 ssh2	2020-02-18 21:15:46
attackspam	Jan 30 17:21:15 mail sshd\[43452\]: Invalid user prachetas from 37.139.16.94 Jan 30 17:21:15 mail sshd\[43452\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=37.139.16.94 ...	2020-01-31 06:21:35
attackspambots	Jan 23 19:42:42 hosting sshd[14820]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=37.139.16.94 user=root Jan 23 19:42:44 hosting sshd[14820]: Failed password for root from 37.139.16.94 port 42086 ssh2 ...	2020-01-24 02:17:36
attack	3x Failed Password	2020-01-02 04:02:32
attackspam	5x Failed Password	2020-01-01 01:06:34
attackbotsspam	Dec 25 21:17:25 MK-Soft-VM6 sshd[29001]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=37.139.16.94 Dec 25 21:17:27 MK-Soft-VM6 sshd[29001]: Failed password for invalid user ethelbert from 37.139.16.94 port 36668 ssh2 ...	2019-12-26 04:50:10
attackbots	fraudulent SSH attempt	2019-12-21 05:46:28
attackbotsspam	Dec 17 00:08:47 server6 sshd[26711]: Address 37.139.16.94 maps to lukasklein.com, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT! Dec 17 00:08:47 server6 sshd[26711]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=37.139.16.94 user=r.r Dec 17 00:08:49 server6 sshd[26711]: Failed password for r.r from 37.139.16.94 port 48222 ssh2 Dec 17 00:08:49 server6 sshd[26711]: Received disconnect from 37.139.16.94: 11: Bye Bye [preauth] Dec 17 00:17:15 server6 sshd[13108]: Address 37.139.16.94 maps to lukasklein.com, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT! Dec 17 00:17:17 server6 sshd[13108]: Failed password for invalid user burgwell from 37.139.16.94 port 46168 ssh2 Dec 17 00:17:17 server6 sshd[13108]: Received disconnect from 37.139.16.94: 11: Bye Bye [preauth] Dec 17 00:22:05 server6 sshd[23185]: Address 37.139.16.94 maps to lukasklein.com, but this does not map back to the address - ........ -------------------------------	2019-12-20 18:08:23
attack	Dec 17 00:08:47 server6 sshd[26711]: Address 37.139.16.94 maps to lukasklein.com, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT! Dec 17 00:08:47 server6 sshd[26711]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=37.139.16.94 user=r.r Dec 17 00:08:49 server6 sshd[26711]: Failed password for r.r from 37.139.16.94 port 48222 ssh2 Dec 17 00:08:49 server6 sshd[26711]: Received disconnect from 37.139.16.94: 11: Bye Bye [preauth] Dec 17 00:17:15 server6 sshd[13108]: Address 37.139.16.94 maps to lukasklein.com, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT! Dec 17 00:17:17 server6 sshd[13108]: Failed password for invalid user burgwell from 37.139.16.94 port 46168 ssh2 Dec 17 00:17:17 server6 sshd[13108]: Received disconnect from 37.139.16.94: 11: Bye Bye [preauth] Dec 17 00:22:05 server6 sshd[23185]: Address 37.139.16.94 maps to lukasklein.com, but this does not map back to the address - ........ -------------------------------	2019-12-18 01:06:27

相同子网IP讨论:

IP	类型	评论内容	时间
37.139.16.229	attackbots	Oct 12 21:09:40 ip106 sshd[16323]: Failed password for root from 37.139.16.229 port 34697 ssh2 Oct 12 21:16:46 ip106 sshd[16603]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=37.139.16.229 ...	2020-10-13 04:08:28
37.139.16.229	attackbotsspam	2020-09-18 18:14:54 server sshd[45345]: Failed password for invalid user root from 37.139.16.229 port 60015 ssh2	2020-09-21 00:07:16
37.139.16.229	attack	37.139.16.229 (NL/Netherlands/-), 6 distributed sshd attacks on account [root] in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_DISTATTACK; Logs: Sep 20 01:49:51 server2 sshd[17081]: Failed password for root from 144.217.85.124 port 38590 ssh2 Sep 20 01:49:59 server2 sshd[17147]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.15.56 user=root Sep 20 01:49:41 server2 sshd[17044]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=183.237.191.186 user=root Sep 20 01:49:41 server2 sshd[17038]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=37.139.16.229 user=root Sep 20 01:49:43 server2 sshd[17044]: Failed password for root from 183.237.191.186 port 42600 ssh2 Sep 20 01:49:43 server2 sshd[17038]: Failed password for root from 37.139.16.229 port 55849 ssh2 IP Addresses Blocked: 144.217.85.124 (CA/Canada/-) 106.12.15.56 (CN/China/-) 183.237.191.186 (CN/China/-)	2020-09-20 16:01:20
37.139.16.229	attackspambots	Banned for a week because repeated abuses, for example SSH, but not only	2020-09-20 07:51:52
37.139.16.229	attack	2020-08-27T03:18:02.982215hostname sshd[48781]: Failed password for invalid user cbq from 37.139.16.229 port 36158 ssh2 ...	2020-08-29 03:04:33
37.139.16.229	attackbotsspam	prod8 ...	2020-08-23 00:54:10
37.139.16.229	attackspambots	web-1 [ssh] SSH Attack	2020-08-06 04:37:23
37.139.16.229	attackbots	$f2bV_matches	2020-08-04 14:01:39
37.139.16.229	attackbots	Invalid user amdocs from 37.139.16.229 port 48480	2020-08-02 15:37:32
37.139.16.229	attackspam	Failed password for invalid user zhangfeng from 37.139.16.229 port 45246 ssh2	2020-07-27 17:37:46
37.139.16.229	attackbots	ET CINS Active Threat Intelligence Poor Reputation IP group 16 - port: 20025 proto: tcp cat: Misc Attackbytes: 60	2020-07-26 22:21:05
37.139.16.229	attack	Invalid user aip from 37.139.16.229 port 52375	2020-07-25 18:38:38
37.139.16.229	attackbots	Jul 23 16:24:49 sshd\[14330\]: Invalid user loyal from 37.139.16.229Jul 23 16:24:51 sshd\[14330\]: Failed password for invalid user loyal from 37.139.16.229 port 53237 ssh2 ...	2020-07-24 01:20:02
37.139.16.229	attack	[ssh] SSH attack	2020-07-22 05:05:25
37.139.16.229	attackspam	$f2bV_matches	2020-07-20 07:54:52

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 37.139.16.94
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 52312
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;37.139.16.94.			IN	A

;; AUTHORITY SECTION:
.			317	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019121700 1800 900 604800 86400

;; Query time: 67 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Dec 18 01:06:21 CST 2019
;; MSG SIZE  rcvd: 116

HOST信息:

94.16.139.37.in-addr.arpa domain name pointer lukasklein.com.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
94.16.139.37.in-addr.arpa	name = lukasklein.com.

Authoritative answers can be found from:

IP	类型	评论内容	时间
178.93.45.28	attackbotsspam	Unauthorized connection attempt detected from IP address 178.93.45.28 to port 23	2019-12-29 02:58:38
196.52.43.57	attackspam	Unauthorized connection attempt detected from IP address 196.52.43.57 to port 139	2019-12-29 03:16:01
91.197.18.221	attackbotsspam	firewall-block, port(s): 85/tcp	2019-12-29 03:26:54
196.52.43.89	attackbots	Unauthorized connection attempt detected from IP address 196.52.43.89 to port 80	2019-12-29 02:54:24
119.28.188.26	attackspambots	Dec 28 17:05:12 localhost sshd\[13900\]: Invalid user jelem from 119.28.188.26 port 51252 Dec 28 17:05:12 localhost sshd\[13900\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.28.188.26 Dec 28 17:05:13 localhost sshd\[13900\]: Failed password for invalid user jelem from 119.28.188.26 port 51252 ssh2 Dec 28 17:08:08 localhost sshd\[13960\]: Invalid user detective from 119.28.188.26 port 50400 Dec 28 17:08:08 localhost sshd\[13960\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.28.188.26 ...	2019-12-29 03:00:59
125.143.128.170	attackbots	Unauthorized connection attempt detected from IP address 125.143.128.170 to port 26	2019-12-29 03:00:11
46.177.231.21	attackbots	Unauthorized connection attempt detected from IP address 46.177.231.21 to port 83	2019-12-29 03:10:36
211.225.230.85	attack	Unauthorized connection attempt detected from IP address 211.225.230.85 to port 8089	2019-12-29 03:13:34
88.250.134.236	attackbots	Unauthorized connection attempt detected from IP address 88.250.134.236 to port 23	2019-12-29 03:27:37
152.249.53.196	attackspam	Unauthorized connection attempt detected from IP address 152.249.53.196 to port 8080	2019-12-29 03:22:55
121.167.230.132	attackspambots	Unauthorized connection attempt detected from IP address 121.167.230.132 to port 5555	2019-12-29 03:00:36
71.6.147.254	attackbotsspam	Fail2Ban Ban Triggered	2019-12-29 03:08:31
71.6.232.9	attackspambots	Unauthorized connection attempt detected from IP address 71.6.232.9 to port 80	2019-12-29 03:08:16
72.79.67.79	attackbots	Unauthorized connection attempt detected from IP address 72.79.67.79 to port 80	2019-12-29 03:28:40
73.142.56.236	attackbotsspam	Unauthorized connection attempt detected from IP address 73.142.56.236 to port 83	2019-12-29 03:08:00

最近上报的IP列表

40.92.4.43	168.6.174.121	64.202.188.10	51.255.36.166
46.228.199.111	111.47.166.118	232.185.188.177	117.222.166.180
220.24.144.29	185.70.184.149	222.252.113.241	106.201.175.111
185.50.25.26	50.239.163.172	41.68.130.240	81.166.65.230
180.76.38.74	7.253.113.224	78.179.99.237	8.49.164.230