37.139.16.94 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Netherlands

运营商(isp): DigitalOcean LLC

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspambots	Invalid user workstation from 37.139.16.94 port 56807	2020-05-01 14:42:27
attack	Apr 15 19:12:56 webhost01 sshd[9055]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=37.139.16.94 Apr 15 19:12:57 webhost01 sshd[9055]: Failed password for invalid user ubuntu from 37.139.16.94 port 44534 ssh2 ...	2020-04-15 20:48:27
attackbotsspam	SSH Authentication Attempts Exceeded	2020-04-02 20:20:04
attackspambots	leo_www	2020-03-19 03:08:05
attackbotsspam	Mar 10 23:26:54 hosting sshd[27776]: Invalid user windows from 37.139.16.94 port 37130 ...	2020-03-11 08:48:56
attackbotsspam	Invalid user git from 37.139.16.94 port 49177 pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=37.139.16.94 Failed password for invalid user git from 37.139.16.94 port 49177 ssh2 Invalid user lingqi from 37.139.16.94 port 37156 pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=37.139.16.94	2020-03-02 00:53:03
attackspambots	(sshd) Failed SSH login from 37.139.16.94 (NL/Netherlands/lukasklein.com): 2 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Feb 18 07:18:28 ubnt-55d23 sshd[26378]: Invalid user zabbix from 37.139.16.94 port 58191 Feb 18 07:18:30 ubnt-55d23 sshd[26378]: Failed password for invalid user zabbix from 37.139.16.94 port 58191 ssh2	2020-02-18 21:15:46
attackspam	Jan 30 17:21:15 mail sshd\[43452\]: Invalid user prachetas from 37.139.16.94 Jan 30 17:21:15 mail sshd\[43452\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=37.139.16.94 ...	2020-01-31 06:21:35
attackspambots	Jan 23 19:42:42 hosting sshd[14820]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=37.139.16.94 user=root Jan 23 19:42:44 hosting sshd[14820]: Failed password for root from 37.139.16.94 port 42086 ssh2 ...	2020-01-24 02:17:36
attack	3x Failed Password	2020-01-02 04:02:32
attackspam	5x Failed Password	2020-01-01 01:06:34
attackbotsspam	Dec 25 21:17:25 MK-Soft-VM6 sshd[29001]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=37.139.16.94 Dec 25 21:17:27 MK-Soft-VM6 sshd[29001]: Failed password for invalid user ethelbert from 37.139.16.94 port 36668 ssh2 ...	2019-12-26 04:50:10
attackbots	fraudulent SSH attempt	2019-12-21 05:46:28
attackbotsspam	Dec 17 00:08:47 server6 sshd[26711]: Address 37.139.16.94 maps to lukasklein.com, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT! Dec 17 00:08:47 server6 sshd[26711]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=37.139.16.94 user=r.r Dec 17 00:08:49 server6 sshd[26711]: Failed password for r.r from 37.139.16.94 port 48222 ssh2 Dec 17 00:08:49 server6 sshd[26711]: Received disconnect from 37.139.16.94: 11: Bye Bye [preauth] Dec 17 00:17:15 server6 sshd[13108]: Address 37.139.16.94 maps to lukasklein.com, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT! Dec 17 00:17:17 server6 sshd[13108]: Failed password for invalid user burgwell from 37.139.16.94 port 46168 ssh2 Dec 17 00:17:17 server6 sshd[13108]: Received disconnect from 37.139.16.94: 11: Bye Bye [preauth] Dec 17 00:22:05 server6 sshd[23185]: Address 37.139.16.94 maps to lukasklein.com, but this does not map back to the address - ........ -------------------------------	2019-12-20 18:08:23
attack	Dec 17 00:08:47 server6 sshd[26711]: Address 37.139.16.94 maps to lukasklein.com, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT! Dec 17 00:08:47 server6 sshd[26711]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=37.139.16.94 user=r.r Dec 17 00:08:49 server6 sshd[26711]: Failed password for r.r from 37.139.16.94 port 48222 ssh2 Dec 17 00:08:49 server6 sshd[26711]: Received disconnect from 37.139.16.94: 11: Bye Bye [preauth] Dec 17 00:17:15 server6 sshd[13108]: Address 37.139.16.94 maps to lukasklein.com, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT! Dec 17 00:17:17 server6 sshd[13108]: Failed password for invalid user burgwell from 37.139.16.94 port 46168 ssh2 Dec 17 00:17:17 server6 sshd[13108]: Received disconnect from 37.139.16.94: 11: Bye Bye [preauth] Dec 17 00:22:05 server6 sshd[23185]: Address 37.139.16.94 maps to lukasklein.com, but this does not map back to the address - ........ -------------------------------	2019-12-18 01:06:27

相同子网IP讨论:

IP	类型	评论内容	时间
37.139.16.229	attackbots	Oct 12 21:09:40 ip106 sshd[16323]: Failed password for root from 37.139.16.229 port 34697 ssh2 Oct 12 21:16:46 ip106 sshd[16603]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=37.139.16.229 ...	2020-10-13 04:08:28
37.139.16.229	attackbotsspam	2020-09-18 18:14:54 server sshd[45345]: Failed password for invalid user root from 37.139.16.229 port 60015 ssh2	2020-09-21 00:07:16
37.139.16.229	attack	37.139.16.229 (NL/Netherlands/-), 6 distributed sshd attacks on account [root] in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_DISTATTACK; Logs: Sep 20 01:49:51 server2 sshd[17081]: Failed password for root from 144.217.85.124 port 38590 ssh2 Sep 20 01:49:59 server2 sshd[17147]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.15.56 user=root Sep 20 01:49:41 server2 sshd[17044]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=183.237.191.186 user=root Sep 20 01:49:41 server2 sshd[17038]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=37.139.16.229 user=root Sep 20 01:49:43 server2 sshd[17044]: Failed password for root from 183.237.191.186 port 42600 ssh2 Sep 20 01:49:43 server2 sshd[17038]: Failed password for root from 37.139.16.229 port 55849 ssh2 IP Addresses Blocked: 144.217.85.124 (CA/Canada/-) 106.12.15.56 (CN/China/-) 183.237.191.186 (CN/China/-)	2020-09-20 16:01:20
37.139.16.229	attackspambots	Banned for a week because repeated abuses, for example SSH, but not only	2020-09-20 07:51:52
37.139.16.229	attack	2020-08-27T03:18:02.982215hostname sshd[48781]: Failed password for invalid user cbq from 37.139.16.229 port 36158 ssh2 ...	2020-08-29 03:04:33
37.139.16.229	attackbotsspam	prod8 ...	2020-08-23 00:54:10
37.139.16.229	attackspambots	web-1 [ssh] SSH Attack	2020-08-06 04:37:23
37.139.16.229	attackbots	$f2bV_matches	2020-08-04 14:01:39
37.139.16.229	attackbots	Invalid user amdocs from 37.139.16.229 port 48480	2020-08-02 15:37:32
37.139.16.229	attackspam	Failed password for invalid user zhangfeng from 37.139.16.229 port 45246 ssh2	2020-07-27 17:37:46
37.139.16.229	attackbots	ET CINS Active Threat Intelligence Poor Reputation IP group 16 - port: 20025 proto: tcp cat: Misc Attackbytes: 60	2020-07-26 22:21:05
37.139.16.229	attack	Invalid user aip from 37.139.16.229 port 52375	2020-07-25 18:38:38
37.139.16.229	attackbots	Jul 23 16:24:49 sshd\[14330\]: Invalid user loyal from 37.139.16.229Jul 23 16:24:51 sshd\[14330\]: Failed password for invalid user loyal from 37.139.16.229 port 53237 ssh2 ...	2020-07-24 01:20:02
37.139.16.229	attack	[ssh] SSH attack	2020-07-22 05:05:25
37.139.16.229	attackspam	$f2bV_matches	2020-07-20 07:54:52

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 37.139.16.94
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 52312
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;37.139.16.94.			IN	A

;; AUTHORITY SECTION:
.			317	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019121700 1800 900 604800 86400

;; Query time: 67 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Dec 18 01:06:21 CST 2019
;; MSG SIZE  rcvd: 116

HOST信息:

94.16.139.37.in-addr.arpa domain name pointer lukasklein.com.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
94.16.139.37.in-addr.arpa	name = lukasklein.com.

Authoritative answers can be found from:

IP	类型	评论内容	时间
80.182.46.4	attackspam	port scan/probe/communication attempt	2019-11-30 02:28:20
51.91.212.81	attackspam	11/29/2019-19:44:29.226458 51.91.212.81 Protocol: 6 ET CINS Active Threat Intelligence Poor Reputation IP group 53	2019-11-30 02:49:13
139.155.1.18	attackbotsspam	Nov 29 16:10:03 dedicated sshd[15255]: Invalid user jszpila from 139.155.1.18 port 48810	2019-11-30 02:48:15
208.73.203.84	attackspambots	Automatic report - XMLRPC Attack	2019-11-30 02:44:19
221.238.192.25	attackspambots	blacklist username admin Invalid user admin from 221.238.192.25 port 60655	2019-11-30 02:27:14
222.161.56.248	attack	2019-09-25T20:08:51.905391suse-nuc sshd[27981]: Invalid user scan from 222.161.56.248 port 47989 ...	2019-11-30 02:35:06
106.12.98.7	attack	fail2ban	2019-11-30 02:57:12
195.244.162.100	attackspambots	400 BAD REQUEST	2019-11-30 02:42:32
111.231.132.94	attackspam	$f2bV_matches	2019-11-30 02:46:35
206.189.114.0	attack	2019-11-29T12:11:30.249573ns547587 sshd\[5970\]: Invalid user ftpuser from 206.189.114.0 port 33674 2019-11-29T12:11:30.253105ns547587 sshd\[5970\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=206.189.114.0 2019-11-29T12:11:32.211857ns547587 sshd\[5970\]: Failed password for invalid user ftpuser from 206.189.114.0 port 33674 ssh2 2019-11-29T12:18:09.600052ns547587 sshd\[8628\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=206.189.114.0 user=apache ...	2019-11-30 02:22:00
83.171.107.216	attackbots	$f2bV_matches	2019-11-30 02:53:44
46.101.77.58	attackbots	Nov 29 16:10:26 vpn01 sshd[32467]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=46.101.77.58 Nov 29 16:10:29 vpn01 sshd[32467]: Failed password for invalid user webster from 46.101.77.58 port 38941 ssh2 ...	2019-11-30 02:29:41
110.80.142.84	attack	2019-11-23T14:19:20.852685suse-nuc sshd[16471]: Invalid user host from 110.80.142.84 port 60718 ...	2019-11-30 02:51:04
176.38.191.11	attackspambots	Nov 29 17:29:36 shenron sshd[9655]: Invalid user pi from 176.38.191.11 Nov 29 17:29:36 shenron sshd[9656]: Invalid user pi from 176.38.191.11 Nov 29 17:29:36 shenron sshd[9655]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=176.38.191.11 Nov 29 17:29:36 shenron sshd[9656]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=176.38.191.11 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=176.38.191.11	2019-11-30 02:46:05
185.156.73.7	attackspambots	4494/tcp 4492/tcp 4493/tcp... [2019-10-17/11-29]2111pkt,664pt.(tcp)	2019-11-30 02:23:34

最近上报的IP列表

40.92.4.43	168.6.174.121	64.202.188.10	51.255.36.166
46.228.199.111	111.47.166.118	232.185.188.177	117.222.166.180
220.24.144.29	185.70.184.149	222.252.113.241	106.201.175.111
185.50.25.26	50.239.163.172	41.68.130.240	81.166.65.230
180.76.38.74	7.253.113.224	78.179.99.237	8.49.164.230