必须是合法有效的IP地址, 可以是IPv4或者是IPv6, 例如127.0.0.1或者2001:DB8:0:0:8:800:200C:417A
基本信息:

城市(city): unknown

省份(region): unknown

国家(country): United States

运营商(isp): DigitalOcean LLC

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:
类型 评论内容 时间
attack
SSH Brute Force
2020-04-29 13:39:20
attackbots
(sshd) Failed SSH login from 104.131.14.14 (US/United States/nyxstudios.moe): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Feb 23 15:16:23 srv sshd[11650]: Invalid user work from 104.131.14.14 port 48203
Feb 23 15:16:24 srv sshd[11650]: Failed password for invalid user work from 104.131.14.14 port 48203 ssh2
Feb 23 15:22:06 srv sshd[11768]: Invalid user bitrix from 104.131.14.14 port 38228
Feb 23 15:22:09 srv sshd[11768]: Failed password for invalid user bitrix from 104.131.14.14 port 38228 ssh2
Feb 23 15:27:27 srv sshd[11843]: Invalid user redmine from 104.131.14.14 port 52984
2020-02-24 00:05:44
attackspam
Unauthorized connection attempt detected from IP address 104.131.14.14 to port 2220 [J]
2020-01-25 14:02:46
attackbots
Automatic report - SSH Brute-Force Attack
2019-12-24 15:39:27
attackbots
Dec 16 18:15:01 vpn01 sshd[15710]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.14.14
Dec 16 18:15:04 vpn01 sshd[15710]: Failed password for invalid user yank from 104.131.14.14 port 37409 ssh2
...
2019-12-17 01:44:09
attack
Dec 14 07:16:43 xeon sshd[56111]: Failed password for invalid user squid from 104.131.14.14 port 45780 ssh2
2019-12-14 14:43:11
attackbotsspam
2019-12-09T15:43:25.807341abusebot-6.cloudsearch.cf sshd\[9681\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=nyxstudios.moe  user=root
2019-12-10 00:05:30
attack
Nov 28 05:56:43 * sshd[2356]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.14.14
Nov 28 05:56:45 * sshd[2356]: Failed password for invalid user diego from 104.131.14.14 port 33840 ssh2
2019-11-28 14:13:59
attackbots
Nov 13 07:29:11 vmanager6029 sshd\[7398\]: Invalid user schmelmeier from 104.131.14.14 port 51611
Nov 13 07:29:11 vmanager6029 sshd\[7398\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.14.14
Nov 13 07:29:13 vmanager6029 sshd\[7398\]: Failed password for invalid user schmelmeier from 104.131.14.14 port 51611 ssh2
2019-11-13 15:22:48
attack
2019-11-08T06:31:31.056327abusebot-5.cloudsearch.cf sshd\[28638\]: Invalid user wang from 104.131.14.14 port 52938
2019-11-08 14:45:33
attack
SSH Brute Force
2019-11-01 12:07:19
attack
Lines containing failures of 104.131.14.14
Oct 21 02:16:02 shared03 sshd[13293]: Invalid user vanderlei from 104.131.14.14 port 40849
Oct 21 02:16:02 shared03 sshd[13293]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.14.14
Oct 21 02:16:03 shared03 sshd[13293]: Failed password for invalid user vanderlei from 104.131.14.14 port 40849 ssh2
Oct 21 02:16:04 shared03 sshd[13293]: Received disconnect from 104.131.14.14 port 40849:11: Bye Bye [preauth]
Oct 21 02:16:04 shared03 sshd[13293]: Disconnected from invalid user vanderlei 104.131.14.14 port 40849 [preauth]


........
-----------------------------------------------
https://www.blocklist.de/en/view.html?ip=104.131.14.14
2019-10-21 17:12:56
attackbotsspam
Sep 16 18:25:03 server sshd[34906]: Failed password for invalid user test from 104.131.14.14 port 35685 ssh2
Sep 16 19:02:01 server sshd[39344]: Failed password for invalid user rpmbuilder from 104.131.14.14 port 37973 ssh2
Sep 16 19:27:43 server sshd[42502]: Failed password for invalid user odoo9 from 104.131.14.14 port 39280 ssh2
2019-09-17 01:59:15
attackspambots
SSH Brute Force, server-1 sshd[6618]: Failed password for invalid user alex from 104.131.14.14 port 57300 ssh2
2019-09-06 14:37:31
attackspambots
Aug 30 21:58:25 MK-Soft-VM5 sshd\[9990\]: Invalid user marilena from 104.131.14.14 port 50046
Aug 30 21:58:25 MK-Soft-VM5 sshd\[9990\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.14.14
Aug 30 21:58:27 MK-Soft-VM5 sshd\[9990\]: Failed password for invalid user marilena from 104.131.14.14 port 50046 ssh2
...
2019-08-31 06:11:19
attackbots
Aug 28 17:39:41 h2177944 sshd\[28660\]: Invalid user hadoop from 104.131.14.14 port 49508
Aug 28 17:39:41 h2177944 sshd\[28660\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.14.14
Aug 28 17:39:43 h2177944 sshd\[28660\]: Failed password for invalid user hadoop from 104.131.14.14 port 49508 ssh2
Aug 28 17:59:43 h2177944 sshd\[29031\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.14.14  user=root
...
2019-08-29 00:38:02
attack
Invalid user administrador from 104.131.14.14 port 44955
2019-08-13 20:17:04
attack
Aug  9 00:26:26 unicornsoft sshd\[21924\]: Invalid user peter from 104.131.14.14
Aug  9 00:26:27 unicornsoft sshd\[21924\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.14.14
Aug  9 00:26:28 unicornsoft sshd\[21924\]: Failed password for invalid user peter from 104.131.14.14 port 57683 ssh2
2019-08-09 09:04:46
attackspambots
SSH Brute-Force reported by Fail2Ban
2019-08-08 02:49:05
attackbots
2019-08-06T08:36:31.911148abusebot-8.cloudsearch.cf sshd\[5719\]: Invalid user lava from 104.131.14.14 port 60012
2019-08-06 17:57:27
attackspam
Jul 24 06:51:30 localhost sshd\[9637\]: Invalid user john from 104.131.14.14 port 44672
Jul 24 06:51:30 localhost sshd\[9637\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.14.14
Jul 24 06:51:32 localhost sshd\[9637\]: Failed password for invalid user john from 104.131.14.14 port 44672 ssh2
2019-07-24 13:01:36
attackspambots
Jul 16 10:54:13 XXXXXX sshd[44772]: Invalid user mis from 104.131.14.14 port 38913
2019-07-17 04:24:10
attackspam
Jul  2 18:57:10 aat-srv002 sshd[21247]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.14.14
Jul  2 18:57:12 aat-srv002 sshd[21247]: Failed password for invalid user smbprint from 104.131.14.14 port 47173 ssh2
Jul  2 19:07:46 aat-srv002 sshd[21443]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.14.14
Jul  2 19:07:47 aat-srv002 sshd[21443]: Failed password for invalid user iz from 104.131.14.14 port 56598 ssh2
...
2019-07-03 08:20:16
相同子网IP讨论:
IP 类型 评论内容 时间
104.131.149.33 attack
$f2bV_matches
2020-08-31 07:02:25
104.131.148.158 attackbotsspam
Unauthorized connection attempt detected from IP address 104.131.148.158 to port 2220 [J]
2020-02-03 13:23:03
104.131.148.158 attack
Unauthorized connection attempt detected from IP address 104.131.148.158 to port 2220 [J]
2020-01-26 17:30:50
104.131.148.158 attackspam
Unauthorized connection attempt detected from IP address 104.131.148.158 to port 2220 [J]
2020-01-13 19:56:10
104.131.149.33 attack
Automatic report - XMLRPC Attack
2019-11-28 16:08:43
104.131.147.112 attackbots
EventTime:Mon Sep 16 18:29:05 AEST 2019,Protocol:TCP,VendorEventCode:RT_FLOW_SESSION_DENY,TargetPort:443,SourceIP:104.131.147.112,SourcePort:42552
2019-09-16 16:52:02
104.131.147.112 attack
Web App Attack
2019-07-14 09:03:46
104.131.149.33 attackbots
C1,WP GET /humor/2018/wp-includes/wlwmanifest.xml
2019-07-02 04:05:28
104.131.147.112 attack
Looking for resource vulnerabilities
2019-06-22 19:24:11
WHOIS信息:
b
DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 104.131.14.14
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 54728
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;104.131.14.14.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019061301 1800 900 604800 86400

;; Query time: 4 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Fri Jun 14 04:36:59 CST 2019
;; MSG SIZE  rcvd: 117

HOST信息:
14.14.131.104.in-addr.arpa domain name pointer nyxstudios.moe.
NSLOOKUP信息:
Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
14.14.131.104.in-addr.arpa	name = nyxstudios.moe.

Authoritative answers can be found from:

相关IP信息:
最新评论:
IP 类型 评论内容 时间
82.119.100.182 attack
Aug 17 12:16:37 legacy sshd[18281]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=82.119.100.182
Aug 17 12:16:39 legacy sshd[18281]: Failed password for invalid user velocity from 82.119.100.182 port 14401 ssh2
Aug 17 12:21:31 legacy sshd[18457]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=82.119.100.182
...
2019-08-17 19:17:01
37.49.229.160 attackspambots
\[2019-08-17 06:49:03\] SECURITY\[2326\] res_security_log.c: SecurityEvent="FailedACL",EventTV="2019-08-17T06:49:03.918-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="005390237920793",SessionID="0x7ff4d0348688",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/37.49.229.160/9673",ACLName="no_extension_match"
\[2019-08-17 06:53:42\] SECURITY\[2326\] res_security_log.c: SecurityEvent="FailedACL",EventTV="2019-08-17T06:53:42.923-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="004390237920793",SessionID="0x7ff4d0348688",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/37.49.229.160/6200",ACLName="no_extension_match"
\[2019-08-17 06:58:47\] SECURITY\[2326\] res_security_log.c: SecurityEvent="FailedACL",EventTV="2019-08-17T06:58:47.487-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="003390237920793",SessionID="0x7ff4d07952f8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/37.49.229.160/5832",ACLName="no_extens
2019-08-17 19:22:41
223.72.68.150 attackbotsspam
Aug 17 12:08:59 dedicated sshd[6512]: Invalid user tomcat from 223.72.68.150 port 20244
2019-08-17 19:35:10
42.157.130.18 attackbots
Aug 17 00:59:16 friendsofhawaii sshd\[31680\]: Invalid user ht from 42.157.130.18
Aug 17 00:59:16 friendsofhawaii sshd\[31680\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.157.130.18
Aug 17 00:59:18 friendsofhawaii sshd\[31680\]: Failed password for invalid user ht from 42.157.130.18 port 53092 ssh2
Aug 17 01:04:33 friendsofhawaii sshd\[32576\]: Invalid user oracle from 42.157.130.18
Aug 17 01:04:33 friendsofhawaii sshd\[32576\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.157.130.18
2019-08-17 19:13:00
66.240.236.119 attackbotsspam
Port scan attempt detected by AWS-CCS, CTS, India
2019-08-17 19:25:37
170.83.155.210 attack
Aug 17 01:02:31 hiderm sshd\[22348\]: Invalid user minecraft from 170.83.155.210
Aug 17 01:02:31 hiderm sshd\[22348\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=170.83.155.210
Aug 17 01:02:33 hiderm sshd\[22348\]: Failed password for invalid user minecraft from 170.83.155.210 port 49738 ssh2
Aug 17 01:07:43 hiderm sshd\[22848\]: Invalid user polycom from 170.83.155.210
Aug 17 01:07:43 hiderm sshd\[22848\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=170.83.155.210
2019-08-17 19:15:32
139.162.110.42 attack
MultiHost/MultiPort Probe, Scan, Hack -
2019-08-17 19:34:29
50.197.162.169 attackspam
email spam
2019-08-17 19:39:37
89.36.217.142 attack
Aug 17 11:28:31 motanud sshd\[17898\]: Invalid user guest from 89.36.217.142 port 40798
Aug 17 11:28:31 motanud sshd\[17898\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=89.36.217.142
Aug 17 11:28:33 motanud sshd\[17898\]: Failed password for invalid user guest from 89.36.217.142 port 40798 ssh2
2019-08-17 19:07:23
193.29.13.20 attackbotsspam
MultiHost/MultiPort Probe, Scan, Hack -
2019-08-17 19:23:44
97.90.233.17 attack
Aug 16 23:22:36 hanapaa sshd\[5151\]: Invalid user 123456 from 97.90.233.17
Aug 16 23:22:36 hanapaa sshd\[5151\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=97-90-233-17.dhcp.eucl.wi.charter.com
Aug 16 23:22:38 hanapaa sshd\[5151\]: Failed password for invalid user 123456 from 97.90.233.17 port 58812 ssh2
Aug 16 23:27:27 hanapaa sshd\[5639\]: Invalid user admin@1234 from 97.90.233.17
Aug 16 23:27:27 hanapaa sshd\[5639\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=97-90-233-17.dhcp.eucl.wi.charter.com
2019-08-17 19:54:19
157.25.160.75 attackbotsspam
Automatic report - Banned IP Access
2019-08-17 19:32:41
168.227.202.118 attack
firewall-block, port(s): 445/tcp
2019-08-17 19:30:16
220.126.227.74 attackbotsspam
Aug 17 12:49:59 vps691689 sshd[18477]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=220.126.227.74
Aug 17 12:50:01 vps691689 sshd[18477]: Failed password for invalid user michael from 220.126.227.74 port 47934 ssh2
Aug 17 12:55:17 vps691689 sshd[18578]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=220.126.227.74
...
2019-08-17 19:07:52
103.63.109.74 attackbots
Aug 17 16:01:35 lcl-usvr-02 sshd[22513]: Invalid user postgres from 103.63.109.74 port 34070
Aug 17 16:01:35 lcl-usvr-02 sshd[22513]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.63.109.74
Aug 17 16:01:35 lcl-usvr-02 sshd[22513]: Invalid user postgres from 103.63.109.74 port 34070
Aug 17 16:01:36 lcl-usvr-02 sshd[22513]: Failed password for invalid user postgres from 103.63.109.74 port 34070 ssh2
Aug 17 16:06:50 lcl-usvr-02 sshd[23601]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.63.109.74  user=root
Aug 17 16:06:52 lcl-usvr-02 sshd[23601]: Failed password for root from 103.63.109.74 port 53394 ssh2
...
2019-08-17 19:06:16

最近上报的IP列表

193.207.164.81 203.128.6.130 177.140.176.147 51.77.242.176
201.216.193.65 103.90.224.226 180.76.103.139 179.184.66.213
68.44.101.90 77.73.95.88 89.122.192.141 247.7.81.73
182.84.110.148 181.95.225.151 91.97.192.68 251.211.235.69
135.62.223.73 124.235.183.103 92.70.42.160 68.183.80.186