37.139.13.105 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Netherlands

Internet Service Provider: DigitalOcean LLC

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Apr 1 20:03:57 NPSTNNYC01T sshd[28453]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=37.139.13.105 Apr 1 20:04:00 NPSTNNYC01T sshd[28453]: Failed password for invalid user suporte from 37.139.13.105 port 59136 ssh2 Apr 1 20:05:47 NPSTNNYC01T sshd[28628]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=37.139.13.105 ...	2020-04-02 08:42:11
attackbots	Invalid user oracle from 37.139.13.105 port 42898	2020-02-27 04:56:39
attack	Feb 24 14:46:15 dev0-dcde-rnet sshd[22323]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=37.139.13.105 Feb 24 14:46:18 dev0-dcde-rnet sshd[22323]: Failed password for invalid user oracle from 37.139.13.105 port 37136 ssh2 Feb 24 14:49:45 dev0-dcde-rnet sshd[22430]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=37.139.13.105	2020-02-24 22:02:30
attackspam	Feb 6 03:43:20 vps647732 sshd[14143]: Failed password for root from 37.139.13.105 port 59818 ssh2 Feb 6 03:44:48 vps647732 sshd[14148]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=37.139.13.105 ...	2020-02-06 10:53:33
attackspambots	$f2bV_matches	2020-01-27 18:12:42
attackbotsspam	Jan 14 22:16:25 v22018053744266470 sshd[2464]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=37.139.13.105 Jan 14 22:16:27 v22018053744266470 sshd[2464]: Failed password for invalid user vmadmin from 37.139.13.105 port 52106 ssh2 Jan 14 22:17:22 v22018053744266470 sshd[2531]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=37.139.13.105 ...	2020-01-15 05:40:52
attackbotsspam	$f2bV_matches	2019-12-21 22:34:42
attackspam	Dec 20 17:53:15 sso sshd[1730]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=37.139.13.105 Dec 20 17:53:17 sso sshd[1730]: Failed password for invalid user user from 37.139.13.105 port 44292 ssh2 ...	2019-12-21 00:58:46
attackspam	Dec 20 15:15:53 herz-der-gamer sshd[15054]: Invalid user user from 37.139.13.105 port 35092 Dec 20 15:15:53 herz-der-gamer sshd[15054]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=37.139.13.105 Dec 20 15:15:53 herz-der-gamer sshd[15054]: Invalid user user from 37.139.13.105 port 35092 Dec 20 15:15:55 herz-der-gamer sshd[15054]: Failed password for invalid user user from 37.139.13.105 port 35092 ssh2 ...	2019-12-20 22:16:29
attackspambots	"Fail2Ban detected SSH brute force attempt"	2019-12-19 04:41:30
attackspambots	SSH brutforce	2019-12-08 20:50:48
attackbots	Dec 5 00:54:41 server sshd\[30538\]: Invalid user postgres from 37.139.13.105 Dec 5 00:54:41 server sshd\[30538\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=37.139.13.105 Dec 5 00:54:44 server sshd\[30538\]: Failed password for invalid user postgres from 37.139.13.105 port 45686 ssh2 Dec 5 02:17:21 server sshd\[22117\]: Invalid user tomcat from 37.139.13.105 Dec 5 02:17:21 server sshd\[22117\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=37.139.13.105 ...	2019-12-05 07:22:27
attackspambots	SSH invalid-user multiple login attempts	2019-12-03 06:52:10
attack	2019-11-24T19:30:25.203294abusebot-8.cloudsearch.cf sshd\[23551\]: Invalid user dbuser from 37.139.13.105 port 55498	2019-11-25 05:26:26
attackspambots	Nov 20 03:25:34 ws24vmsma01 sshd[135277]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=37.139.13.105 Nov 20 03:25:36 ws24vmsma01 sshd[135277]: Failed password for invalid user ftp from 37.139.13.105 port 44202 ssh2 ...	2019-11-20 18:21:50
attack	Nov 11 13:11:18 srv3 sshd\[25912\]: Invalid user postgres from 37.139.13.105 Nov 11 13:11:18 srv3 sshd\[25912\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=37.139.13.105 Nov 11 13:11:20 srv3 sshd\[25912\]: Failed password for invalid user postgres from 37.139.13.105 port 49120 ssh2 ...	2019-11-12 03:13:22
attackspambots	2019-10-28T20:43:18.834619abusebot-3.cloudsearch.cf sshd\[25625\]: Invalid user zimbra from 37.139.13.105 port 47100	2019-10-29 06:12:13
attackbots	Oct 26 14:05:42 vps01 sshd[8939]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=37.139.13.105 Oct 26 14:05:44 vps01 sshd[8939]: Failed password for invalid user ftpuser from 37.139.13.105 port 53346 ssh2	2019-10-26 20:16:30
attack	2019-10-26T10:19:44.560092abusebot-6.cloudsearch.cf sshd\[17311\]: Invalid user postgres from 37.139.13.105 port 54890	2019-10-26 18:36:44
attack	Invalid user ubuntu from 37.139.13.105 port 40186	2019-10-25 04:12:43
attackspam	Oct 21 20:02:51 server sshd\[17823\]: Failed password for invalid user jboss from 37.139.13.105 port 52550 ssh2 Oct 22 12:03:47 server sshd\[5007\]: Invalid user ubuntu from 37.139.13.105 Oct 22 12:03:47 server sshd\[5007\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=37.139.13.105 Oct 22 12:03:49 server sshd\[5007\]: Failed password for invalid user ubuntu from 37.139.13.105 port 41420 ssh2 Oct 22 12:08:08 server sshd\[6101\]: Invalid user support from 37.139.13.105 Oct 22 12:08:08 server sshd\[6101\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=37.139.13.105 ...	2019-10-22 17:30:01
attack	Triggered by Fail2Ban at Vostok web server	2019-10-16 04:57:38
attackbotsspam	Oct 9 11:43:49 thevastnessof sshd[22705]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=37.139.13.105 ...	2019-10-09 22:16:53
attackbots	Aug 30 10:48:57 unicornsoft sshd\[30625\]: Invalid user test from 37.139.13.105 Aug 30 10:48:57 unicornsoft sshd\[30625\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=37.139.13.105 Aug 30 10:48:59 unicornsoft sshd\[30625\]: Failed password for invalid user test from 37.139.13.105 port 56626 ssh2	2019-08-30 19:56:51
attack	Invalid user test from 37.139.13.105 port 48634	2019-08-30 08:12:41
attack	Aug 29 18:57:11 work-partkepr sshd\[12654\]: Invalid user test from 37.139.13.105 port 40144 Aug 29 18:57:11 work-partkepr sshd\[12654\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=37.139.13.105 ...	2019-08-30 03:08:10
attack	2019-08-24T23:31:04.204192wiz-ks3 sshd[25513]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=37.139.13.105 user=root 2019-08-24T23:31:05.662405wiz-ks3 sshd[25513]: Failed password for root from 37.139.13.105 port 32914 ssh2 2019-08-24T23:35:46.796103wiz-ks3 sshd[25546]: Invalid user radvd from 37.139.13.105 port 57222 2019-08-24T23:35:46.798222wiz-ks3 sshd[25546]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=37.139.13.105 2019-08-24T23:35:46.796103wiz-ks3 sshd[25546]: Invalid user radvd from 37.139.13.105 port 57222 2019-08-24T23:35:48.637647wiz-ks3 sshd[25546]: Failed password for invalid user radvd from 37.139.13.105 port 57222 ssh2 2019-08-24T23:40:54.503620wiz-ks3 sshd[25580]: Invalid user jean from 37.139.13.105 port 54128 2019-08-24T23:40:54.505670wiz-ks3 sshd[25580]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=37.139.13.105 2019-08-24T23:40:54.503620wiz-ks3 sshd[25580]: Inva	2019-08-29 11:09:06
attackbotsspam	<6 unauthorized SSH connections	2019-08-26 15:45:37
attackspam	Aug 25 14:48:08 [HOSTNAME] sshd[2645]: User removed from 37.139.13.105 not allowed because not listed in AllowUsers Aug 25 14:53:00 [HOSTNAME] sshd[2683]: Invalid user photo from 37.139.13.105 port 47748 Aug 25 14:58:18 [HOSTNAME] sshd[2719]: Invalid user angel from 37.139.13.105 port 44948 ...	2019-08-25 21:11:15
attackspambots	Aug 23 14:49:14 alx-lms-prod01 sshd\[9594\]: Invalid user anne from 37.139.13.105 Aug 23 14:55:52 alx-lms-prod01 sshd\[13712\]: Invalid user lnx from 37.139.13.105 Aug 23 17:02:13 alx-lms-prod01 sshd\[16962\]: Invalid user valid from 37.139.13.105 ...	2019-08-24 01:42:02

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 37.139.13.105
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 5677
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;37.139.13.105.			IN	A

;; AUTHORITY SECTION:
.			2502	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019032900 1800 900 604800 86400

;; Query time: 0 msec
;; SERVER: 67.207.67.3#53(67.207.67.3)
;; WHEN: Fri Mar 29 15:45:57 +08 2019
;; MSG SIZE  rcvd: 117

Host info

Host 105.13.139.37.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		67.207.67.3
Address:	67.207.67.3#53

** server can't find 105.13.139.37.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
45.7.196.77	attackbots	Invalid user debian from 45.7.196.77 port 59150	2020-09-24 04:59:08
41.188.169.250	attack	Cowrie Honeypot: 3 unauthorised SSH/Telnet login attempts between 2020-09-23T16:56:00Z and 2020-09-23T17:05:04Z	2020-09-24 04:52:55
185.6.9.59	attackbotsspam	185.6.9.59 - - \[23/Sep/2020:19:05:00 +0200\] "POST /wp-login.php HTTP/1.0" 200 3152 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" 185.6.9.59 - - \[23/Sep/2020:19:05:02 +0200\] "POST /wp-login.php HTTP/1.0" 200 3118 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" 185.6.9.59 - - \[23/Sep/2020:19:05:03 +0200\] "POST /wp-login.php HTTP/1.0" 200 3113 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0"	2020-09-24 04:47:15
106.12.52.154	attackspam	2020-09-23T20:09:56.131405vps-d63064a2 sshd[48398]: User root from 106.12.52.154 not allowed because not listed in AllowUsers 2020-09-23T20:09:57.936382vps-d63064a2 sshd[48398]: Failed password for invalid user root from 106.12.52.154 port 48992 ssh2 2020-09-23T20:11:57.083915vps-d63064a2 sshd[48496]: Invalid user vp from 106.12.52.154 port 49782 2020-09-23T20:11:57.143877vps-d63064a2 sshd[48496]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.52.154 2020-09-23T20:11:57.083915vps-d63064a2 sshd[48496]: Invalid user vp from 106.12.52.154 port 49782 2020-09-23T20:11:59.481140vps-d63064a2 sshd[48496]: Failed password for invalid user vp from 106.12.52.154 port 49782 ssh2 ...	2020-09-24 04:40:44
116.58.172.118	attack	Invalid user manuel from 116.58.172.118 port 37433	2020-09-24 04:56:16
35.197.130.217	attackspambots	Automatically reported by fail2ban report script (pm.ch)	2020-09-24 04:41:53
122.51.171.165	attackspam	(sshd) Failed SSH login from 122.51.171.165 (CN/China/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Sep 23 13:40:01 cvps sshd[12971]: Invalid user user7 from 122.51.171.165 Sep 23 13:40:01 cvps sshd[12971]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.51.171.165 Sep 23 13:40:03 cvps sshd[12971]: Failed password for invalid user user7 from 122.51.171.165 port 34292 ssh2 Sep 23 13:44:10 cvps sshd[14336]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.51.171.165 user=root Sep 23 13:44:12 cvps sshd[14336]: Failed password for root from 122.51.171.165 port 47494 ssh2	2020-09-24 04:49:37
112.85.42.94	attackbotsspam	Sep 23 23:36:43 pkdns2 sshd\[46074\]: Failed password for root from 112.85.42.94 port 20942 ssh2Sep 23 23:38:36 pkdns2 sshd\[46172\]: Failed password for root from 112.85.42.94 port 17618 ssh2Sep 23 23:39:32 pkdns2 sshd\[46215\]: Failed password for root from 112.85.42.94 port 60294 ssh2Sep 23 23:39:35 pkdns2 sshd\[46215\]: Failed password for root from 112.85.42.94 port 60294 ssh2Sep 23 23:39:37 pkdns2 sshd\[46215\]: Failed password for root from 112.85.42.94 port 60294 ssh2Sep 23 23:40:27 pkdns2 sshd\[46311\]: Failed password for root from 112.85.42.94 port 54633 ssh2 ...	2020-09-24 04:42:28
111.230.204.113	attack	Sep 23 17:40:04 firewall sshd[5232]: Failed password for invalid user postgres from 111.230.204.113 port 36456 ssh2 Sep 23 17:43:11 firewall sshd[5293]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.230.204.113 user=root Sep 23 17:43:12 firewall sshd[5293]: Failed password for root from 111.230.204.113 port 44212 ssh2 ...	2020-09-24 05:14:24
51.105.58.206	attackbotsspam	2020-09-23 15:48:29.786954-0500 localhost sshd[21984]: Failed password for root from 51.105.58.206 port 36241 ssh2	2020-09-24 04:52:27
113.18.254.225	attack	Sep 23 15:08:08 firewall sshd[948]: Failed password for invalid user deluge from 113.18.254.225 port 39284 ssh2 Sep 23 15:12:11 firewall sshd[1045]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=113.18.254.225 user=root Sep 23 15:12:13 firewall sshd[1045]: Failed password for root from 113.18.254.225 port 43956 ssh2 ...	2020-09-24 05:06:13
52.249.193.43	attackbotsspam	"Unauthorized connection attempt on SSHD detected"	2020-09-24 04:49:58
172.245.214.38	attackbots	Hi, Hi, The IP 172.245.214.38 has just been banned by after 5 attempts against postfix. Here is more information about 172.245.214.38 : ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=172.245.214.38	2020-09-24 05:09:18
104.248.66.115	attackbotsspam	Invalid user xxx from 104.248.66.115 port 34702	2020-09-24 04:56:41
195.154.118.69	attackbots	$f2bV_matches	2020-09-24 05:00:36

Recently Reported IPs

81.139.60.251	37.187.0.20	5.196.75.178	220.130.221.140
218.89.241.68	217.182.95.16	207.154.215.236	206.189.145.152
201.17.130.197	181.129.14.218	165.227.150.158	142.93.74.45
140.143.25.35	132.248.52.241	129.204.108.143	128.134.30.40
122.166.14.59	119.254.100.209	114.255.211.1	111.230.110.87