104.131.14.14 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): United States

运营商(isp): DigitalOcean LLC

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	SSH Brute Force	2020-04-29 13:39:20
attackbots	(sshd) Failed SSH login from 104.131.14.14 (US/United States/nyxstudios.moe): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Feb 23 15:16:23 srv sshd[11650]: Invalid user work from 104.131.14.14 port 48203 Feb 23 15:16:24 srv sshd[11650]: Failed password for invalid user work from 104.131.14.14 port 48203 ssh2 Feb 23 15:22:06 srv sshd[11768]: Invalid user bitrix from 104.131.14.14 port 38228 Feb 23 15:22:09 srv sshd[11768]: Failed password for invalid user bitrix from 104.131.14.14 port 38228 ssh2 Feb 23 15:27:27 srv sshd[11843]: Invalid user redmine from 104.131.14.14 port 52984	2020-02-24 00:05:44
attackspam	Unauthorized connection attempt detected from IP address 104.131.14.14 to port 2220 [J]	2020-01-25 14:02:46
attackbots	Automatic report - SSH Brute-Force Attack	2019-12-24 15:39:27
attackbots	Dec 16 18:15:01 vpn01 sshd[15710]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.14.14 Dec 16 18:15:04 vpn01 sshd[15710]: Failed password for invalid user yank from 104.131.14.14 port 37409 ssh2 ...	2019-12-17 01:44:09
attack	Dec 14 07:16:43 xeon sshd[56111]: Failed password for invalid user squid from 104.131.14.14 port 45780 ssh2	2019-12-14 14:43:11
attackbotsspam	2019-12-09T15:43:25.807341abusebot-6.cloudsearch.cf sshd\[9681\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=nyxstudios.moe user=root	2019-12-10 00:05:30
attack	Nov 28 05:56:43 * sshd[2356]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.14.14 Nov 28 05:56:45 * sshd[2356]: Failed password for invalid user diego from 104.131.14.14 port 33840 ssh2	2019-11-28 14:13:59
attackbots	Nov 13 07:29:11 vmanager6029 sshd\[7398\]: Invalid user schmelmeier from 104.131.14.14 port 51611 Nov 13 07:29:11 vmanager6029 sshd\[7398\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.14.14 Nov 13 07:29:13 vmanager6029 sshd\[7398\]: Failed password for invalid user schmelmeier from 104.131.14.14 port 51611 ssh2	2019-11-13 15:22:48
attack	2019-11-08T06:31:31.056327abusebot-5.cloudsearch.cf sshd\[28638\]: Invalid user wang from 104.131.14.14 port 52938	2019-11-08 14:45:33
attack	SSH Brute Force	2019-11-01 12:07:19
attack	Lines containing failures of 104.131.14.14 Oct 21 02:16:02 shared03 sshd[13293]: Invalid user vanderlei from 104.131.14.14 port 40849 Oct 21 02:16:02 shared03 sshd[13293]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.14.14 Oct 21 02:16:03 shared03 sshd[13293]: Failed password for invalid user vanderlei from 104.131.14.14 port 40849 ssh2 Oct 21 02:16:04 shared03 sshd[13293]: Received disconnect from 104.131.14.14 port 40849:11: Bye Bye [preauth] Oct 21 02:16:04 shared03 sshd[13293]: Disconnected from invalid user vanderlei 104.131.14.14 port 40849 [preauth] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=104.131.14.14	2019-10-21 17:12:56
attackbotsspam	Sep 16 18:25:03 server sshd[34906]: Failed password for invalid user test from 104.131.14.14 port 35685 ssh2 Sep 16 19:02:01 server sshd[39344]: Failed password for invalid user rpmbuilder from 104.131.14.14 port 37973 ssh2 Sep 16 19:27:43 server sshd[42502]: Failed password for invalid user odoo9 from 104.131.14.14 port 39280 ssh2	2019-09-17 01:59:15
attackspambots	SSH Brute Force, server-1 sshd[6618]: Failed password for invalid user alex from 104.131.14.14 port 57300 ssh2	2019-09-06 14:37:31
attackspambots	Aug 30 21:58:25 MK-Soft-VM5 sshd\[9990\]: Invalid user marilena from 104.131.14.14 port 50046 Aug 30 21:58:25 MK-Soft-VM5 sshd\[9990\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.14.14 Aug 30 21:58:27 MK-Soft-VM5 sshd\[9990\]: Failed password for invalid user marilena from 104.131.14.14 port 50046 ssh2 ...	2019-08-31 06:11:19
attackbots	Aug 28 17:39:41 h2177944 sshd\[28660\]: Invalid user hadoop from 104.131.14.14 port 49508 Aug 28 17:39:41 h2177944 sshd\[28660\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.14.14 Aug 28 17:39:43 h2177944 sshd\[28660\]: Failed password for invalid user hadoop from 104.131.14.14 port 49508 ssh2 Aug 28 17:59:43 h2177944 sshd\[29031\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.14.14 user=root ...	2019-08-29 00:38:02
attack	Invalid user administrador from 104.131.14.14 port 44955	2019-08-13 20:17:04
attack	Aug 9 00:26:26 unicornsoft sshd\[21924\]: Invalid user peter from 104.131.14.14 Aug 9 00:26:27 unicornsoft sshd\[21924\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.14.14 Aug 9 00:26:28 unicornsoft sshd\[21924\]: Failed password for invalid user peter from 104.131.14.14 port 57683 ssh2	2019-08-09 09:04:46
attackspambots	SSH Brute-Force reported by Fail2Ban	2019-08-08 02:49:05
attackbots	2019-08-06T08:36:31.911148abusebot-8.cloudsearch.cf sshd\[5719\]: Invalid user lava from 104.131.14.14 port 60012	2019-08-06 17:57:27
attackspam	Jul 24 06:51:30 localhost sshd\[9637\]: Invalid user john from 104.131.14.14 port 44672 Jul 24 06:51:30 localhost sshd\[9637\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.14.14 Jul 24 06:51:32 localhost sshd\[9637\]: Failed password for invalid user john from 104.131.14.14 port 44672 ssh2	2019-07-24 13:01:36
attackspambots	Jul 16 10:54:13 XXXXXX sshd[44772]: Invalid user mis from 104.131.14.14 port 38913	2019-07-17 04:24:10
attackspam	Jul 2 18:57:10 aat-srv002 sshd[21247]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.14.14 Jul 2 18:57:12 aat-srv002 sshd[21247]: Failed password for invalid user smbprint from 104.131.14.14 port 47173 ssh2 Jul 2 19:07:46 aat-srv002 sshd[21443]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.14.14 Jul 2 19:07:47 aat-srv002 sshd[21443]: Failed password for invalid user iz from 104.131.14.14 port 56598 ssh2 ...	2019-07-03 08:20:16

相同子网IP讨论:

IP	类型	评论内容	时间
104.131.149.33	attack	$f2bV_matches	2020-08-31 07:02:25
104.131.148.158	attackbotsspam	Unauthorized connection attempt detected from IP address 104.131.148.158 to port 2220 [J]	2020-02-03 13:23:03
104.131.148.158	attack	Unauthorized connection attempt detected from IP address 104.131.148.158 to port 2220 [J]	2020-01-26 17:30:50
104.131.148.158	attackspam	Unauthorized connection attempt detected from IP address 104.131.148.158 to port 2220 [J]	2020-01-13 19:56:10
104.131.149.33	attack	Automatic report - XMLRPC Attack	2019-11-28 16:08:43
104.131.147.112	attackbots	EventTime:Mon Sep 16 18:29:05 AEST 2019,Protocol:TCP,VendorEventCode:RT_FLOW_SESSION_DENY,TargetPort:443,SourceIP:104.131.147.112,SourcePort:42552	2019-09-16 16:52:02
104.131.147.112	attack	Web App Attack	2019-07-14 09:03:46
104.131.149.33	attackbots	C1,WP GET /humor/2018/wp-includes/wlwmanifest.xml	2019-07-02 04:05:28
104.131.147.112	attack	Looking for resource vulnerabilities	2019-06-22 19:24:11

WHOIS信息:

DIG信息:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 104.131.14.14
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 54728
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;104.131.14.14.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019061301 1800 900 604800 86400

;; Query time: 4 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Fri Jun 14 04:36:59 CST 2019
;; MSG SIZE  rcvd: 117

HOST信息:

14.14.131.104.in-addr.arpa domain name pointer nyxstudios.moe.

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
14.14.131.104.in-addr.arpa	name = nyxstudios.moe.

Authoritative answers can be found from:

IP	类型	评论内容	时间
103.73.96.153	attackspam	MultiHost/MultiPort Probe, Scan, Hack -	2020-02-20 00:47:59
156.96.116.244	attackbots	Brute forcing email accounts	2020-02-20 00:44:12
139.59.188.207	attack	Total attacks: 2	2020-02-20 00:39:24
27.54.45.184	attackbots	Port probing on unauthorized port 23	2020-02-20 01:09:25
185.176.27.14	attackbotsspam	ET DROP Dshield Block Listed Source group 1 - port: 3388 proto: TCP cat: Misc Attack	2020-02-20 00:55:11
190.104.197.90	attackspambots	Feb 19 16:39:18 lnxmysql61 sshd[32009]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.104.197.90	2020-02-20 00:53:50
118.174.180.148	attackbots	Attempt to attack host OS, exploiting network vulnerabilities, on 19-02-2020 13:35:14.	2020-02-20 01:16:00
196.52.43.127	attack	MultiHost/MultiPort Probe, Scan, Hack -	2020-02-20 00:41:44
109.105.238.2	attackbots	Automatic report - Port Scan Attack	2020-02-20 01:07:42
106.13.105.88	attack	2020-02-19T15:44:23.308437scmdmz1 sshd[8772]: Invalid user postgres from 106.13.105.88 port 50118 2020-02-19T15:44:23.311364scmdmz1 sshd[8772]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.105.88 2020-02-19T15:44:23.308437scmdmz1 sshd[8772]: Invalid user postgres from 106.13.105.88 port 50118 2020-02-19T15:44:25.792566scmdmz1 sshd[8772]: Failed password for invalid user postgres from 106.13.105.88 port 50118 ssh2 2020-02-19T15:48:06.945431scmdmz1 sshd[9141]: Invalid user irc from 106.13.105.88 port 40102 ...	2020-02-20 01:17:42
107.189.11.11	attackspambots	k+ssh-bruteforce	2020-02-20 00:54:08
128.199.255.81	attackspambots	Attempt to log in with non-existing username: admin	2020-02-20 01:07:03
151.80.37.18	attackspam	Feb 19 17:48:06 server sshd\[3015\]: Invalid user proxy from 151.80.37.18 Feb 19 17:48:06 server sshd\[3015\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=ns3003769.ip-151-80-37.eu Feb 19 17:48:08 server sshd\[3015\]: Failed password for invalid user proxy from 151.80.37.18 port 48104 ssh2 Feb 19 18:05:38 server sshd\[6254\]: Invalid user rstudio-server from 151.80.37.18 Feb 19 18:05:38 server sshd\[6254\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=ns3003769.ip-151-80-37.eu ...	2020-02-20 01:12:36
89.248.162.161	attack	3400/tcp 9966/tcp 3308/tcp... [2020-01-17/02-19]92pkt,78pt.(tcp)	2020-02-20 01:15:00
134.209.125.36	attack	WordPress login Brute force / Web App Attack on client site.	2020-02-20 00:41:18

最近上报的IP列表

193.207.164.81	203.128.6.130	177.140.176.147	51.77.242.176
201.216.193.65	103.90.224.226	180.76.103.139	179.184.66.213
68.44.101.90	77.73.95.88	89.122.192.141	247.7.81.73
182.84.110.148	181.95.225.151	91.97.192.68	251.211.235.69
135.62.223.73	124.235.183.103	92.70.42.160	68.183.80.186