104.131.14.14 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): United States

运营商(isp): DigitalOcean LLC

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	SSH Brute Force	2020-04-29 13:39:20
attackbots	(sshd) Failed SSH login from 104.131.14.14 (US/United States/nyxstudios.moe): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Feb 23 15:16:23 srv sshd[11650]: Invalid user work from 104.131.14.14 port 48203 Feb 23 15:16:24 srv sshd[11650]: Failed password for invalid user work from 104.131.14.14 port 48203 ssh2 Feb 23 15:22:06 srv sshd[11768]: Invalid user bitrix from 104.131.14.14 port 38228 Feb 23 15:22:09 srv sshd[11768]: Failed password for invalid user bitrix from 104.131.14.14 port 38228 ssh2 Feb 23 15:27:27 srv sshd[11843]: Invalid user redmine from 104.131.14.14 port 52984	2020-02-24 00:05:44
attackspam	Unauthorized connection attempt detected from IP address 104.131.14.14 to port 2220 [J]	2020-01-25 14:02:46
attackbots	Automatic report - SSH Brute-Force Attack	2019-12-24 15:39:27
attackbots	Dec 16 18:15:01 vpn01 sshd[15710]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.14.14 Dec 16 18:15:04 vpn01 sshd[15710]: Failed password for invalid user yank from 104.131.14.14 port 37409 ssh2 ...	2019-12-17 01:44:09
attack	Dec 14 07:16:43 xeon sshd[56111]: Failed password for invalid user squid from 104.131.14.14 port 45780 ssh2	2019-12-14 14:43:11
attackbotsspam	2019-12-09T15:43:25.807341abusebot-6.cloudsearch.cf sshd\[9681\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=nyxstudios.moe user=root	2019-12-10 00:05:30
attack	Nov 28 05:56:43 * sshd[2356]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.14.14 Nov 28 05:56:45 * sshd[2356]: Failed password for invalid user diego from 104.131.14.14 port 33840 ssh2	2019-11-28 14:13:59
attackbots	Nov 13 07:29:11 vmanager6029 sshd\[7398\]: Invalid user schmelmeier from 104.131.14.14 port 51611 Nov 13 07:29:11 vmanager6029 sshd\[7398\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.14.14 Nov 13 07:29:13 vmanager6029 sshd\[7398\]: Failed password for invalid user schmelmeier from 104.131.14.14 port 51611 ssh2	2019-11-13 15:22:48
attack	2019-11-08T06:31:31.056327abusebot-5.cloudsearch.cf sshd\[28638\]: Invalid user wang from 104.131.14.14 port 52938	2019-11-08 14:45:33
attack	SSH Brute Force	2019-11-01 12:07:19
attack	Lines containing failures of 104.131.14.14 Oct 21 02:16:02 shared03 sshd[13293]: Invalid user vanderlei from 104.131.14.14 port 40849 Oct 21 02:16:02 shared03 sshd[13293]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.14.14 Oct 21 02:16:03 shared03 sshd[13293]: Failed password for invalid user vanderlei from 104.131.14.14 port 40849 ssh2 Oct 21 02:16:04 shared03 sshd[13293]: Received disconnect from 104.131.14.14 port 40849:11: Bye Bye [preauth] Oct 21 02:16:04 shared03 sshd[13293]: Disconnected from invalid user vanderlei 104.131.14.14 port 40849 [preauth] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=104.131.14.14	2019-10-21 17:12:56
attackbotsspam	Sep 16 18:25:03 server sshd[34906]: Failed password for invalid user test from 104.131.14.14 port 35685 ssh2 Sep 16 19:02:01 server sshd[39344]: Failed password for invalid user rpmbuilder from 104.131.14.14 port 37973 ssh2 Sep 16 19:27:43 server sshd[42502]: Failed password for invalid user odoo9 from 104.131.14.14 port 39280 ssh2	2019-09-17 01:59:15
attackspambots	SSH Brute Force, server-1 sshd[6618]: Failed password for invalid user alex from 104.131.14.14 port 57300 ssh2	2019-09-06 14:37:31
attackspambots	Aug 30 21:58:25 MK-Soft-VM5 sshd\[9990\]: Invalid user marilena from 104.131.14.14 port 50046 Aug 30 21:58:25 MK-Soft-VM5 sshd\[9990\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.14.14 Aug 30 21:58:27 MK-Soft-VM5 sshd\[9990\]: Failed password for invalid user marilena from 104.131.14.14 port 50046 ssh2 ...	2019-08-31 06:11:19
attackbots	Aug 28 17:39:41 h2177944 sshd\[28660\]: Invalid user hadoop from 104.131.14.14 port 49508 Aug 28 17:39:41 h2177944 sshd\[28660\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.14.14 Aug 28 17:39:43 h2177944 sshd\[28660\]: Failed password for invalid user hadoop from 104.131.14.14 port 49508 ssh2 Aug 28 17:59:43 h2177944 sshd\[29031\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.14.14 user=root ...	2019-08-29 00:38:02
attack	Invalid user administrador from 104.131.14.14 port 44955	2019-08-13 20:17:04
attack	Aug 9 00:26:26 unicornsoft sshd\[21924\]: Invalid user peter from 104.131.14.14 Aug 9 00:26:27 unicornsoft sshd\[21924\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.14.14 Aug 9 00:26:28 unicornsoft sshd\[21924\]: Failed password for invalid user peter from 104.131.14.14 port 57683 ssh2	2019-08-09 09:04:46
attackspambots	SSH Brute-Force reported by Fail2Ban	2019-08-08 02:49:05
attackbots	2019-08-06T08:36:31.911148abusebot-8.cloudsearch.cf sshd\[5719\]: Invalid user lava from 104.131.14.14 port 60012	2019-08-06 17:57:27
attackspam	Jul 24 06:51:30 localhost sshd\[9637\]: Invalid user john from 104.131.14.14 port 44672 Jul 24 06:51:30 localhost sshd\[9637\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.14.14 Jul 24 06:51:32 localhost sshd\[9637\]: Failed password for invalid user john from 104.131.14.14 port 44672 ssh2	2019-07-24 13:01:36
attackspambots	Jul 16 10:54:13 XXXXXX sshd[44772]: Invalid user mis from 104.131.14.14 port 38913	2019-07-17 04:24:10
attackspam	Jul 2 18:57:10 aat-srv002 sshd[21247]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.14.14 Jul 2 18:57:12 aat-srv002 sshd[21247]: Failed password for invalid user smbprint from 104.131.14.14 port 47173 ssh2 Jul 2 19:07:46 aat-srv002 sshd[21443]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.14.14 Jul 2 19:07:47 aat-srv002 sshd[21443]: Failed password for invalid user iz from 104.131.14.14 port 56598 ssh2 ...	2019-07-03 08:20:16

相同子网IP讨论:

IP	类型	评论内容	时间
104.131.149.33	attack	$f2bV_matches	2020-08-31 07:02:25
104.131.148.158	attackbotsspam	Unauthorized connection attempt detected from IP address 104.131.148.158 to port 2220 [J]	2020-02-03 13:23:03
104.131.148.158	attack	Unauthorized connection attempt detected from IP address 104.131.148.158 to port 2220 [J]	2020-01-26 17:30:50
104.131.148.158	attackspam	Unauthorized connection attempt detected from IP address 104.131.148.158 to port 2220 [J]	2020-01-13 19:56:10
104.131.149.33	attack	Automatic report - XMLRPC Attack	2019-11-28 16:08:43
104.131.147.112	attackbots	EventTime:Mon Sep 16 18:29:05 AEST 2019,Protocol:TCP,VendorEventCode:RT_FLOW_SESSION_DENY,TargetPort:443,SourceIP:104.131.147.112,SourcePort:42552	2019-09-16 16:52:02
104.131.147.112	attack	Web App Attack	2019-07-14 09:03:46
104.131.149.33	attackbots	C1,WP GET /humor/2018/wp-includes/wlwmanifest.xml	2019-07-02 04:05:28
104.131.147.112	attack	Looking for resource vulnerabilities	2019-06-22 19:24:11

WHOIS信息:

DIG信息:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 104.131.14.14
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 54728
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;104.131.14.14.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019061301 1800 900 604800 86400

;; Query time: 4 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Fri Jun 14 04:36:59 CST 2019
;; MSG SIZE  rcvd: 117

HOST信息:

14.14.131.104.in-addr.arpa domain name pointer nyxstudios.moe.

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
14.14.131.104.in-addr.arpa	name = nyxstudios.moe.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
82.119.100.182	attack	Aug 17 12:16:37 legacy sshd[18281]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=82.119.100.182 Aug 17 12:16:39 legacy sshd[18281]: Failed password for invalid user velocity from 82.119.100.182 port 14401 ssh2 Aug 17 12:21:31 legacy sshd[18457]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=82.119.100.182 ...	2019-08-17 19:17:01
37.49.229.160	attackspambots	\[2019-08-17 06:49:03\] SECURITY\[2326\] res_security_log.c: SecurityEvent="FailedACL",EventTV="2019-08-17T06:49:03.918-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="005390237920793",SessionID="0x7ff4d0348688",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/37.49.229.160/9673",ACLName="no_extension_match" \[2019-08-17 06:53:42\] SECURITY\[2326\] res_security_log.c: SecurityEvent="FailedACL",EventTV="2019-08-17T06:53:42.923-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="004390237920793",SessionID="0x7ff4d0348688",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/37.49.229.160/6200",ACLName="no_extension_match" \[2019-08-17 06:58:47\] SECURITY\[2326\] res_security_log.c: SecurityEvent="FailedACL",EventTV="2019-08-17T06:58:47.487-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="003390237920793",SessionID="0x7ff4d07952f8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/37.49.229.160/5832",ACLName="no_extens	2019-08-17 19:22:41
223.72.68.150	attackbotsspam	Aug 17 12:08:59 dedicated sshd[6512]: Invalid user tomcat from 223.72.68.150 port 20244	2019-08-17 19:35:10
42.157.130.18	attackbots	Aug 17 00:59:16 friendsofhawaii sshd\[31680\]: Invalid user ht from 42.157.130.18 Aug 17 00:59:16 friendsofhawaii sshd\[31680\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.157.130.18 Aug 17 00:59:18 friendsofhawaii sshd\[31680\]: Failed password for invalid user ht from 42.157.130.18 port 53092 ssh2 Aug 17 01:04:33 friendsofhawaii sshd\[32576\]: Invalid user oracle from 42.157.130.18 Aug 17 01:04:33 friendsofhawaii sshd\[32576\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.157.130.18	2019-08-17 19:13:00
66.240.236.119	attackbotsspam	Port scan attempt detected by AWS-CCS, CTS, India	2019-08-17 19:25:37
170.83.155.210	attack	Aug 17 01:02:31 hiderm sshd\[22348\]: Invalid user minecraft from 170.83.155.210 Aug 17 01:02:31 hiderm sshd\[22348\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=170.83.155.210 Aug 17 01:02:33 hiderm sshd\[22348\]: Failed password for invalid user minecraft from 170.83.155.210 port 49738 ssh2 Aug 17 01:07:43 hiderm sshd\[22848\]: Invalid user polycom from 170.83.155.210 Aug 17 01:07:43 hiderm sshd\[22848\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=170.83.155.210	2019-08-17 19:15:32
139.162.110.42	attack	MultiHost/MultiPort Probe, Scan, Hack -	2019-08-17 19:34:29
50.197.162.169	attackspam	email spam	2019-08-17 19:39:37
89.36.217.142	attack	Aug 17 11:28:31 motanud sshd\[17898\]: Invalid user guest from 89.36.217.142 port 40798 Aug 17 11:28:31 motanud sshd\[17898\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=89.36.217.142 Aug 17 11:28:33 motanud sshd\[17898\]: Failed password for invalid user guest from 89.36.217.142 port 40798 ssh2	2019-08-17 19:07:23
193.29.13.20	attackbotsspam	MultiHost/MultiPort Probe, Scan, Hack -	2019-08-17 19:23:44
97.90.233.17	attack	Aug 16 23:22:36 hanapaa sshd\[5151\]: Invalid user 123456 from 97.90.233.17 Aug 16 23:22:36 hanapaa sshd\[5151\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=97-90-233-17.dhcp.eucl.wi.charter.com Aug 16 23:22:38 hanapaa sshd\[5151\]: Failed password for invalid user 123456 from 97.90.233.17 port 58812 ssh2 Aug 16 23:27:27 hanapaa sshd\[5639\]: Invalid user admin@1234 from 97.90.233.17 Aug 16 23:27:27 hanapaa sshd\[5639\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=97-90-233-17.dhcp.eucl.wi.charter.com	2019-08-17 19:54:19
157.25.160.75	attackbotsspam	Automatic report - Banned IP Access	2019-08-17 19:32:41
168.227.202.118	attack	firewall-block, port(s): 445/tcp	2019-08-17 19:30:16
220.126.227.74	attackbotsspam	Aug 17 12:49:59 vps691689 sshd[18477]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=220.126.227.74 Aug 17 12:50:01 vps691689 sshd[18477]: Failed password for invalid user michael from 220.126.227.74 port 47934 ssh2 Aug 17 12:55:17 vps691689 sshd[18578]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=220.126.227.74 ...	2019-08-17 19:07:52
103.63.109.74	attackbots	Aug 17 16:01:35 lcl-usvr-02 sshd[22513]: Invalid user postgres from 103.63.109.74 port 34070 Aug 17 16:01:35 lcl-usvr-02 sshd[22513]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.63.109.74 Aug 17 16:01:35 lcl-usvr-02 sshd[22513]: Invalid user postgres from 103.63.109.74 port 34070 Aug 17 16:01:36 lcl-usvr-02 sshd[22513]: Failed password for invalid user postgres from 103.63.109.74 port 34070 ssh2 Aug 17 16:06:50 lcl-usvr-02 sshd[23601]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.63.109.74 user=root Aug 17 16:06:52 lcl-usvr-02 sshd[23601]: Failed password for root from 103.63.109.74 port 53394 ssh2 ...	2019-08-17 19:06:16

最近上报的IP列表

193.207.164.81	203.128.6.130	177.140.176.147	51.77.242.176
201.216.193.65	103.90.224.226	180.76.103.139	179.184.66.213
68.44.101.90	77.73.95.88	89.122.192.141	247.7.81.73
182.84.110.148	181.95.225.151	91.97.192.68	251.211.235.69
135.62.223.73	124.235.183.103	92.70.42.160	68.183.80.186