104.45.132.214

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): United States of America

运营商(isp): Microsoft Corporation

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbots	Jul 17 23:05:06 scw-focused-cartwright sshd[18717]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.45.132.214 Jul 17 23:05:08 scw-focused-cartwright sshd[18717]: Failed password for invalid user admin from 104.45.132.214 port 3228 ssh2	2020-07-18 07:07:02
attackbots	Jul 15 13:45:49 odroid64 sshd\[16012\]: Invalid user thunder from 104.45.132.214 Jul 15 13:45:49 odroid64 sshd\[16012\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.45.132.214 ...	2020-07-15 19:55:19
attackbotsspam	Jul 15 05:51:21 mout sshd[24874]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.45.132.214 Jul 15 05:51:21 mout sshd[24874]: Invalid user admin from 104.45.132.214 port 32518 Jul 15 05:51:23 mout sshd[24874]: Failed password for invalid user admin from 104.45.132.214 port 32518 ssh2	2020-07-15 11:58:05

类型

评论内容

时间

attackbots

Jul 17 23:05:06 scw-focused-cartwright sshd[18717]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.45.132.214
Jul 17 23:05:08 scw-focused-cartwright sshd[18717]: Failed password for invalid user admin from 104.45.132.214 port 3228 ssh2

2020-07-18 07:07:02

attackbots

Jul 15 13:45:49 odroid64 sshd\[16012\]: Invalid user thunder from 104.45.132.214
Jul 15 13:45:49 odroid64 sshd\[16012\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.45.132.214
...

2020-07-15 19:55:19

attackbotsspam

Jul 15 05:51:21 mout sshd[24874]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.45.132.214 
Jul 15 05:51:21 mout sshd[24874]: Invalid user admin from 104.45.132.214 port 32518
Jul 15 05:51:23 mout sshd[24874]: Failed password for invalid user admin from 104.45.132.214 port 32518 ssh2

2020-07-15 11:58:05

相同子网IP讨论:

IP	类型	评论内容	时间
104.45.132.206	attackbots	Tried sshing with brute force.	2020-07-15 11:20:16

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 104.45.132.214
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 2285
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;104.45.132.214.			IN	A

;; AUTHORITY SECTION:
.			276	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020071402 1800 900 604800 86400

;; Query time: 170 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Jul 15 11:57:59 CST 2020
;; MSG SIZE  rcvd: 118

HOST信息:

Host 214.132.45.104.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 214.132.45.104.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
175.107.198.23	attack	Apr 28 06:52:46 lukav-desktop sshd\[27828\]: Invalid user postgres from 175.107.198.23 Apr 28 06:52:46 lukav-desktop sshd\[27828\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=175.107.198.23 Apr 28 06:52:48 lukav-desktop sshd\[27828\]: Failed password for invalid user postgres from 175.107.198.23 port 41082 ssh2 Apr 28 06:55:13 lukav-desktop sshd\[1877\]: Invalid user manu from 175.107.198.23 Apr 28 06:55:13 lukav-desktop sshd\[1877\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=175.107.198.23	2020-04-28 12:02:35
106.52.102.190	attackbotsspam	SSH brute force attempt	2020-04-28 12:13:38
200.70.56.204	attack	Apr 28 01:53:54 OPSO sshd\[2146\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.70.56.204 user=root Apr 28 01:53:56 OPSO sshd\[2146\]: Failed password for root from 200.70.56.204 port 46726 ssh2 Apr 28 01:58:02 OPSO sshd\[3229\]: Invalid user ttest from 200.70.56.204 port 44106 Apr 28 01:58:02 OPSO sshd\[3229\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.70.56.204 Apr 28 01:58:04 OPSO sshd\[3229\]: Failed password for invalid user ttest from 200.70.56.204 port 44106 ssh2	2020-04-28 08:06:01
178.62.198.142	attackspambots	Apr 27 00:43:04: Invalid user fvs from 178.62.198.142 port 33102	2020-04-28 08:09:17
175.24.67.124	attack	Apr 28 05:55:17 v22018086721571380 sshd[4125]: Failed password for invalid user scp from 175.24.67.124 port 53922 ssh2	2020-04-28 12:01:12
68.183.133.156	attack	Port Scan detected from 68.183.133.156 (US/United States/New Jersey/North Bergen/-). 4 hits in the last 60 seconds	2020-04-28 12:11:36
5.188.206.34	attack	Apr 28 02:06:39 mail kernel: [38020.583943] [UFW BLOCK] IN=eth0 OUT= MAC=00:16:3c:05:0d:89:f8:66:f2:68:66:ff:08:00 SRC=5.188.206.34 DST=77.73.69.240 LEN=40 TOS=0x00 PREC=0x00 TTL=246 ID=28682 PROTO=TCP SPT=8080 DPT=14841 WINDOW=1024 RES=0x00 SYN URGP=0 ...	2020-04-28 08:15:40
136.49.109.217	attackbots	2020-04-27T15:10:10.554676linuxbox-skyline sshd[3566]: Invalid user planet from 136.49.109.217 port 59796 ...	2020-04-28 08:13:04
128.199.137.252	attackspambots	Apr 27 23:02:05 ip-172-31-61-156 sshd[2777]: Failed password for invalid user user from 128.199.137.252 port 57742 ssh2 Apr 27 23:02:04 ip-172-31-61-156 sshd[2777]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.137.252 Apr 27 23:02:04 ip-172-31-61-156 sshd[2777]: Invalid user user from 128.199.137.252 Apr 27 23:02:05 ip-172-31-61-156 sshd[2777]: Failed password for invalid user user from 128.199.137.252 port 57742 ssh2 Apr 27 23:07:07 ip-172-31-61-156 sshd[3033]: Invalid user print from 128.199.137.252 ...	2020-04-28 07:58:21
84.255.249.179	attackbots	Apr 28 03:51:36 XXXXXX sshd[46597]: Invalid user smitty from 84.255.249.179 port 44422	2020-04-28 12:12:38
178.62.36.116	attackspam	SSH invalid-user multiple login try	2020-04-28 08:08:50
153.36.110.43	attackbots	Apr 28 03:39:45 webhost01 sshd[28711]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=153.36.110.43 Apr 28 03:39:46 webhost01 sshd[28711]: Failed password for invalid user faxserver from 153.36.110.43 port 6050 ssh2 ...	2020-04-28 08:14:10
106.12.139.149	attack	Apr 28 05:38:59 v22018086721571380 sshd[12824]: Failed password for invalid user sridhar from 106.12.139.149 port 52636 ssh2	2020-04-28 12:03:00
130.18.237.35	attack	X-Gm-Message-State: AGi0PuZpqK6do53/fWNDf4rKJjk1DNh38sqFWwKfEOsWtzQvxcXR6+OZ s2QBc/5sT7OoR/IyVstzPzHe8Ur0fiG1bcAd1XKqHbjikT7frQ== X-Google-Smtp-Source: APiQypINK0TjStzrTbJCjeaxXMuSBPZ8ZpJndmVW5FxKPT5P5RfZocbeJh45YCsozmHD8rar9VUaINdtHMmj X-Received: by 2002:aa7:8429:: with SMTP id q9mr19647190pfn.205.1587923190437; Sun, 26 Apr 2020 10:46:30 -0700 (PDT) Return-Path: Received: from instance-3 (130.18.237.35.bc.googleusercontent.com. [35.237.18.130]) by smtp-relay.gmail.com with ESMTPS id b5sm1079236pjw.5.2020.04.26.10.46.30 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Sun, 26 Apr 2020 10:46:30 -0700 (PDT) X-Relaying-Domain: gafewfolas.com From: AppIe lD X-From: AppIe lD Sender: dontreplybr.nVEaOYQZCi@UHPOMJM11COOGGRW3NBX.myid.ga	2020-04-28 07:58:52
138.68.26.48	attackbots	2020-02-26T08:33:01.527735suse-nuc sshd[7545]: Invalid user rabbitmq from 138.68.26.48 port 50282 ...	2020-04-28 12:15:41

最近上报的IP列表

40.87.98.133	23.101.228.20	13.65.214.72	216.161.180.22
36.71.95.224	74.135.71.37	186.194.71.200	150.210.226.15
52.249.186.176	180.124.38.195	52.187.75.102	52.149.47.143
13.66.166.169	34.248.72.201	78.108.17.158	104.168.174.16
52.185.139.85	107.182.208.87	19.1.82.88	249.242.1.148