104.45.132.214

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): United States of America

运营商(isp): Microsoft Corporation

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbots	Jul 17 23:05:06 scw-focused-cartwright sshd[18717]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.45.132.214 Jul 17 23:05:08 scw-focused-cartwright sshd[18717]: Failed password for invalid user admin from 104.45.132.214 port 3228 ssh2	2020-07-18 07:07:02
attackbots	Jul 15 13:45:49 odroid64 sshd\[16012\]: Invalid user thunder from 104.45.132.214 Jul 15 13:45:49 odroid64 sshd\[16012\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.45.132.214 ...	2020-07-15 19:55:19
attackbotsspam	Jul 15 05:51:21 mout sshd[24874]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.45.132.214 Jul 15 05:51:21 mout sshd[24874]: Invalid user admin from 104.45.132.214 port 32518 Jul 15 05:51:23 mout sshd[24874]: Failed password for invalid user admin from 104.45.132.214 port 32518 ssh2	2020-07-15 11:58:05

类型

评论内容

时间

attackbots

Jul 17 23:05:06 scw-focused-cartwright sshd[18717]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.45.132.214
Jul 17 23:05:08 scw-focused-cartwright sshd[18717]: Failed password for invalid user admin from 104.45.132.214 port 3228 ssh2

2020-07-18 07:07:02

attackbots

Jul 15 13:45:49 odroid64 sshd\[16012\]: Invalid user thunder from 104.45.132.214
Jul 15 13:45:49 odroid64 sshd\[16012\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.45.132.214
...

2020-07-15 19:55:19

attackbotsspam

Jul 15 05:51:21 mout sshd[24874]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.45.132.214 
Jul 15 05:51:21 mout sshd[24874]: Invalid user admin from 104.45.132.214 port 32518
Jul 15 05:51:23 mout sshd[24874]: Failed password for invalid user admin from 104.45.132.214 port 32518 ssh2

2020-07-15 11:58:05

相同子网IP讨论:

IP	类型	评论内容	时间
104.45.132.206	attackbots	Tried sshing with brute force.	2020-07-15 11:20:16

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 104.45.132.214
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 2285
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;104.45.132.214.			IN	A

;; AUTHORITY SECTION:
.			276	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020071402 1800 900 604800 86400

;; Query time: 170 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Jul 15 11:57:59 CST 2020
;; MSG SIZE  rcvd: 118

HOST信息:

Host 214.132.45.104.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 214.132.45.104.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
68.183.178.162	attackspambots	Nov 28 21:00:01 vps691689 sshd[17771]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=68.183.178.162 Nov 28 21:00:02 vps691689 sshd[17771]: Failed password for invalid user fffffff from 68.183.178.162 port 35314 ssh2 Nov 28 21:07:09 vps691689 sshd[17917]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=68.183.178.162 ...	2019-11-29 05:02:47
180.104.6.189	attackspambots	Brute force attempt	2019-11-29 05:20:17
193.32.163.44	attackspambots	2019-11-28T20:46:26.929587+01:00 lumpi kernel: [260351.557857] INPUT:DROP:SPAMHAUS_EDROP:IN=eth0 OUT= MAC=52:54:a2:01:a5:04:d2:74:7f:6e:37:e3:08:00 SRC=193.32.163.44 DST=78.46.199.189 LEN=40 TOS=0x00 PREC=0x00 TTL=245 ID=3836 PROTO=TCP SPT=57310 DPT=33890 WINDOW=1024 RES=0x00 SYN URGP=0 ...	2019-11-29 05:19:31
185.93.3.110	attackspambots	0,61-01/01 [bc01/m31] PostRequest-Spammer scoring: Durban01	2019-11-29 05:26:13
110.143.38.169	attack	RDP Bruteforce	2019-11-29 05:21:50
106.12.188.252	attackspam	Triggered by Fail2Ban at Vostok web server	2019-11-29 04:56:29
197.118.222.206	attackspambots	197.118.222.206 - - [28/Nov/2019:15:27:47 +0100] "GET /wp-login.php HTTP/1.1" 403 1012 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:40.0) Gecko/20100101 Firefox/40.1"	2019-11-29 05:11:50
95.231.76.33	attackspambots	Nov 29 02:32:23 webhost01 sshd[9266]: Failed password for root from 95.231.76.33 port 48920 ssh2 ...	2019-11-29 05:03:43
177.67.0.234	attack	postfix (unknown user, SPF fail or relay access denied)	2019-11-29 05:01:48
45.143.221.25	attack	\[2019-11-28 15:42:14\] NOTICE\[2754\] chan_sip.c: Registration from '"40" \' failed for '45.143.221.25:5689' - Wrong password \[2019-11-28 15:42:14\] SECURITY\[2765\] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2019-11-28T15:42:14.205-0500",Severity="Error",Service="SIP",EventVersion="2",AccountID="40",SessionID="0x7f26c445f668",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/45.143.221.25/5689",Challenge="37b7eb6e",ReceivedChallenge="37b7eb6e",ReceivedHash="b79a9479737ce55837caee0e05ea28a5" \[2019-11-28 15:42:14\] NOTICE\[2754\] chan_sip.c: Registration from '"40" \' failed for '45.143.221.25:5689' - Wrong password \[2019-11-28 15:42:14\] SECURITY\[2765\] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2019-11-28T15:42:14.403-0500",Severity="Error",Service="SIP",EventVersion="2",AccountID="40",SessionID="0x7f26c40e0438",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/45.143.221	2019-11-29 04:52:06
192.227.81.9	attack	Automatic report - XMLRPC Attack	2019-11-29 04:58:26
218.92.0.157	attackspam	2019-11-28T21:06:36.404649abusebot.cloudsearch.cf sshd\[22072\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.157 user=root	2019-11-29 05:08:36
41.180.1.182	attackbots	T: f2b postfix aggressive 3x	2019-11-29 05:12:53
222.180.94.70	attackbotsspam	DATE:2019-11-28 15:28:24, IP:222.180.94.70, PORT:telnet Telnet brute force auth on honeypot server (honey-neo-dc)	2019-11-29 04:53:09
124.153.75.28	attack	Automatic report - SSH Brute-Force Attack	2019-11-29 05:11:17

最近上报的IP列表

40.87.98.133	23.101.228.20	13.65.214.72	216.161.180.22
36.71.95.224	74.135.71.37	186.194.71.200	150.210.226.15
52.249.186.176	180.124.38.195	52.187.75.102	52.149.47.143
13.66.166.169	34.248.72.201	78.108.17.158	104.168.174.16
52.185.139.85	107.182.208.87	19.1.82.88	249.242.1.148