37.139.16.94 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Netherlands

运营商(isp): DigitalOcean LLC

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspambots	Invalid user workstation from 37.139.16.94 port 56807	2020-05-01 14:42:27
attack	Apr 15 19:12:56 webhost01 sshd[9055]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=37.139.16.94 Apr 15 19:12:57 webhost01 sshd[9055]: Failed password for invalid user ubuntu from 37.139.16.94 port 44534 ssh2 ...	2020-04-15 20:48:27
attackbotsspam	SSH Authentication Attempts Exceeded	2020-04-02 20:20:04
attackspambots	leo_www	2020-03-19 03:08:05
attackbotsspam	Mar 10 23:26:54 hosting sshd[27776]: Invalid user windows from 37.139.16.94 port 37130 ...	2020-03-11 08:48:56
attackbotsspam	Invalid user git from 37.139.16.94 port 49177 pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=37.139.16.94 Failed password for invalid user git from 37.139.16.94 port 49177 ssh2 Invalid user lingqi from 37.139.16.94 port 37156 pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=37.139.16.94	2020-03-02 00:53:03
attackspambots	(sshd) Failed SSH login from 37.139.16.94 (NL/Netherlands/lukasklein.com): 2 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Feb 18 07:18:28 ubnt-55d23 sshd[26378]: Invalid user zabbix from 37.139.16.94 port 58191 Feb 18 07:18:30 ubnt-55d23 sshd[26378]: Failed password for invalid user zabbix from 37.139.16.94 port 58191 ssh2	2020-02-18 21:15:46
attackspam	Jan 30 17:21:15 mail sshd\[43452\]: Invalid user prachetas from 37.139.16.94 Jan 30 17:21:15 mail sshd\[43452\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=37.139.16.94 ...	2020-01-31 06:21:35
attackspambots	Jan 23 19:42:42 hosting sshd[14820]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=37.139.16.94 user=root Jan 23 19:42:44 hosting sshd[14820]: Failed password for root from 37.139.16.94 port 42086 ssh2 ...	2020-01-24 02:17:36
attack	3x Failed Password	2020-01-02 04:02:32
attackspam	5x Failed Password	2020-01-01 01:06:34
attackbotsspam	Dec 25 21:17:25 MK-Soft-VM6 sshd[29001]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=37.139.16.94 Dec 25 21:17:27 MK-Soft-VM6 sshd[29001]: Failed password for invalid user ethelbert from 37.139.16.94 port 36668 ssh2 ...	2019-12-26 04:50:10
attackbots	fraudulent SSH attempt	2019-12-21 05:46:28
attackbotsspam	Dec 17 00:08:47 server6 sshd[26711]: Address 37.139.16.94 maps to lukasklein.com, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT! Dec 17 00:08:47 server6 sshd[26711]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=37.139.16.94 user=r.r Dec 17 00:08:49 server6 sshd[26711]: Failed password for r.r from 37.139.16.94 port 48222 ssh2 Dec 17 00:08:49 server6 sshd[26711]: Received disconnect from 37.139.16.94: 11: Bye Bye [preauth] Dec 17 00:17:15 server6 sshd[13108]: Address 37.139.16.94 maps to lukasklein.com, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT! Dec 17 00:17:17 server6 sshd[13108]: Failed password for invalid user burgwell from 37.139.16.94 port 46168 ssh2 Dec 17 00:17:17 server6 sshd[13108]: Received disconnect from 37.139.16.94: 11: Bye Bye [preauth] Dec 17 00:22:05 server6 sshd[23185]: Address 37.139.16.94 maps to lukasklein.com, but this does not map back to the address - ........ -------------------------------	2019-12-20 18:08:23
attack	Dec 17 00:08:47 server6 sshd[26711]: Address 37.139.16.94 maps to lukasklein.com, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT! Dec 17 00:08:47 server6 sshd[26711]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=37.139.16.94 user=r.r Dec 17 00:08:49 server6 sshd[26711]: Failed password for r.r from 37.139.16.94 port 48222 ssh2 Dec 17 00:08:49 server6 sshd[26711]: Received disconnect from 37.139.16.94: 11: Bye Bye [preauth] Dec 17 00:17:15 server6 sshd[13108]: Address 37.139.16.94 maps to lukasklein.com, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT! Dec 17 00:17:17 server6 sshd[13108]: Failed password for invalid user burgwell from 37.139.16.94 port 46168 ssh2 Dec 17 00:17:17 server6 sshd[13108]: Received disconnect from 37.139.16.94: 11: Bye Bye [preauth] Dec 17 00:22:05 server6 sshd[23185]: Address 37.139.16.94 maps to lukasklein.com, but this does not map back to the address - ........ -------------------------------	2019-12-18 01:06:27

相同子网IP讨论:

IP	类型	评论内容	时间
37.139.16.229	attackbots	Oct 12 21:09:40 ip106 sshd[16323]: Failed password for root from 37.139.16.229 port 34697 ssh2 Oct 12 21:16:46 ip106 sshd[16603]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=37.139.16.229 ...	2020-10-13 04:08:28
37.139.16.229	attackbotsspam	2020-09-18 18:14:54 server sshd[45345]: Failed password for invalid user root from 37.139.16.229 port 60015 ssh2	2020-09-21 00:07:16
37.139.16.229	attack	37.139.16.229 (NL/Netherlands/-), 6 distributed sshd attacks on account [root] in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_DISTATTACK; Logs: Sep 20 01:49:51 server2 sshd[17081]: Failed password for root from 144.217.85.124 port 38590 ssh2 Sep 20 01:49:59 server2 sshd[17147]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.15.56 user=root Sep 20 01:49:41 server2 sshd[17044]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=183.237.191.186 user=root Sep 20 01:49:41 server2 sshd[17038]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=37.139.16.229 user=root Sep 20 01:49:43 server2 sshd[17044]: Failed password for root from 183.237.191.186 port 42600 ssh2 Sep 20 01:49:43 server2 sshd[17038]: Failed password for root from 37.139.16.229 port 55849 ssh2 IP Addresses Blocked: 144.217.85.124 (CA/Canada/-) 106.12.15.56 (CN/China/-) 183.237.191.186 (CN/China/-)	2020-09-20 16:01:20
37.139.16.229	attackspambots	Banned for a week because repeated abuses, for example SSH, but not only	2020-09-20 07:51:52
37.139.16.229	attack	2020-08-27T03:18:02.982215hostname sshd[48781]: Failed password for invalid user cbq from 37.139.16.229 port 36158 ssh2 ...	2020-08-29 03:04:33
37.139.16.229	attackbotsspam	prod8 ...	2020-08-23 00:54:10
37.139.16.229	attackspambots	web-1 [ssh] SSH Attack	2020-08-06 04:37:23
37.139.16.229	attackbots	$f2bV_matches	2020-08-04 14:01:39
37.139.16.229	attackbots	Invalid user amdocs from 37.139.16.229 port 48480	2020-08-02 15:37:32
37.139.16.229	attackspam	Failed password for invalid user zhangfeng from 37.139.16.229 port 45246 ssh2	2020-07-27 17:37:46
37.139.16.229	attackbots	ET CINS Active Threat Intelligence Poor Reputation IP group 16 - port: 20025 proto: tcp cat: Misc Attackbytes: 60	2020-07-26 22:21:05
37.139.16.229	attack	Invalid user aip from 37.139.16.229 port 52375	2020-07-25 18:38:38
37.139.16.229	attackbots	Jul 23 16:24:49 sshd\[14330\]: Invalid user loyal from 37.139.16.229Jul 23 16:24:51 sshd\[14330\]: Failed password for invalid user loyal from 37.139.16.229 port 53237 ssh2 ...	2020-07-24 01:20:02
37.139.16.229	attack	[ssh] SSH attack	2020-07-22 05:05:25
37.139.16.229	attackspam	$f2bV_matches	2020-07-20 07:54:52

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 37.139.16.94
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 52312
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;37.139.16.94.			IN	A

;; AUTHORITY SECTION:
.			317	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019121700 1800 900 604800 86400

;; Query time: 67 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Dec 18 01:06:21 CST 2019
;; MSG SIZE  rcvd: 116

HOST信息:

94.16.139.37.in-addr.arpa domain name pointer lukasklein.com.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
94.16.139.37.in-addr.arpa	name = lukasklein.com.

Authoritative answers can be found from:

IP	类型	评论内容	时间
14.29.232.82	attack	$f2bV_matches	2020-05-30 17:09:42
123.20.28.235	attackspambots	Unauthorized IMAP connection attempt	2020-05-30 16:45:58
87.251.74.132	attackspam	05/30/2020-03:37:26.402998 87.251.74.132 Protocol: 6 ET SCAN NMAP -sS window 1024	2020-05-30 16:51:38
182.61.55.154	attack	May 29 20:48:29 mockhub sshd[23685]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.61.55.154 May 29 20:48:31 mockhub sshd[23685]: Failed password for invalid user user7 from 182.61.55.154 port 57228 ssh2 ...	2020-05-30 16:54:36
177.215.64.243	attack	May 30 02:29:06 server1 sshd\[27464\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=177.215.64.243 user=root May 30 02:29:08 server1 sshd\[27464\]: Failed password for root from 177.215.64.243 port 41550 ssh2 May 30 02:33:23 server1 sshd\[30359\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=177.215.64.243 user=root May 30 02:33:25 server1 sshd\[30359\]: Failed password for root from 177.215.64.243 port 46880 ssh2 May 30 02:37:40 server1 sshd\[32205\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=177.215.64.243 user=ubuntu ...	2020-05-30 16:48:05
103.144.5.5	attackbots	1590810501 - 05/30/2020 05:48:21 Host: 103.144.5.5/103.144.5.5 Port: 445 TCP Blocked	2020-05-30 17:00:44
106.13.18.140	attackspambots	SSH brute force attempt	2020-05-30 16:38:41
184.174.140.166	attackbots	Honeypot hit.	2020-05-30 17:03:15
198.108.66.245	attack	Unauthorized connection attempt from IP address 198.108.66.245 on port 995	2020-05-30 16:58:07
106.124.91.84	attackspam	(eximsyntax) Exim syntax errors from 106.124.91.84 (CN/China/-): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: 2020-05-30 08:18:54 SMTP call from [106.124.91.84] dropped: too many syntax or protocol errors (last command was "?\034?\032?\027?\031?\034?\033?\030?\032?\026?\016?\r?\v?\f? ?")	2020-05-30 16:34:56
37.187.12.126	attackspambots	May 29 11:23:53 mx sshd[15560]: Failed password for root from 37.187.12.126 port 35252 ssh2	2020-05-30 16:52:30
181.48.114.82	attackspam	Failed password for root from 181.48.114.82 port 43944 ssh2 pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=servermail.intraplas.com user=root Failed password for root from 181.48.114.82 port 58514 ssh2 pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=servermail.intraplas.com user=root Failed password for root from 181.48.114.82 port 44840 ssh2	2020-05-30 16:53:30
176.113.115.122	attack	RDP brute forcing (d)	2020-05-30 17:06:30
191.30.134.67	attackspambots	Automatic report - Port Scan Attack	2020-05-30 16:47:31
51.75.123.107	attackbots	May 30 18:48:44 localhost sshd[532961]: Invalid user test from 51.75.123.107 port 52958 ...	2020-05-30 17:06:02

最近上报的IP列表

40.92.4.43	168.6.174.121	64.202.188.10	51.255.36.166
46.228.199.111	111.47.166.118	232.185.188.177	117.222.166.180
220.24.144.29	185.70.184.149	222.252.113.241	106.201.175.111
185.50.25.26	50.239.163.172	41.68.130.240	81.166.65.230
180.76.38.74	7.253.113.224	78.179.99.237	8.49.164.230