46.14.23.1 - IPInfo

基本信息:

城市(city): Zug

省份(region): Zug

国家(country): Switzerland

运营商(isp): Swisscom AG

主机名(hostname): unknown

机构(organization): Bluewin

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Aug720:38:50server2dovecot:imap-login:Disconnected:Inactivity\(authfailed\,1attemptsin180secs\):user=\\,method=PLAIN\,rip=46.14.23.1\,lip=136.243.224.50\,TLS\,session=\ Aug720:40:05server2dovecot:imap-login:Disconnected\(authfailed\,1attemptsin37secs\):user=\\,method=PLAIN\,rip=77.57.76.40\,lip=136.243.224.50\,TLS:Connectionclosed\,session=\Aug720:38:30server2dovecot:imap-login:Disconnected\(authfailed\,1attemptsin2secs\):user=\\,method=PLAIN\,rip=77.57.76.40\,lip=136.243.224.50\,TLS:Connectionclosed\,session=\Aug720:35:50server2dovecot:imap-login:Disconnected\(authfailed\,1attemptsin4secs\):user=\\,method=PLAIN\,rip=46.140.1.166\,lip=136.243.224.50\,TLS:Connectionclosed\,session=\Aug720:36:36server2dovecot:imap-login:Disconnected\(authfailed\,1attemptsin2secs\):user=\\,method=PLAIN\,rip=46.140.1.166\,lip=136.243.224.50\,TLS\,session=\	2019-08-08 03:50:31

类型

评论内容

时间

attack

Aug720:38:50server2dovecot:imap-login:Disconnected:Inactivity\(authfailed\,1attemptsin180secs\):user=\\,method=PLAIN\,rip=46.14.23.1\,lip=136.243.224.50\,TLS\,session=\
Aug720:40:05server2dovecot:imap-login:Disconnected\(authfailed\,1attemptsin37secs\):user=\\,method=PLAIN\,rip=77.57.76.40\,lip=136.243.224.50\,TLS:Connectionclosed\,session=\Aug720:38:30server2dovecot:imap-login:Disconnected\(authfailed\,1attemptsin2secs\):user=\\,method=PLAIN\,rip=77.57.76.40\,lip=136.243.224.50\,TLS:Connectionclosed\,session=\Aug720:35:50server2dovecot:imap-login:Disconnected\(authfailed\,1attemptsin4secs\):user=\\,method=PLAIN\,rip=46.140.1.166\,lip=136.243.224.50\,TLS:Connectionclosed\,session=\Aug720:36:36server2dovecot:imap-login:Disconnected\(authfailed\,1attemptsin2secs\):user=\\,method=PLAIN\,rip=46.140.1.166\,lip=136.243.224.50\,TLS\,session=\

2019-08-08 03:50:31

相同子网IP讨论:

IP	类型	评论内容	时间
46.14.231.34	attackbots	Failed password for invalid user mzd from 46.14.231.34 port 43530 ssh2	2020-07-24 01:41:46
46.14.230.202	attack	Invalid user user1 from 46.14.230.202 port 16266	2019-07-28 04:24:01
46.14.230.202	attackbots	Jul 8 23:37:54 unicornsoft sshd\[2131\]: Invalid user james from 46.14.230.202 Jul 8 23:37:54 unicornsoft sshd\[2131\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=46.14.230.202 Jul 8 23:37:56 unicornsoft sshd\[2131\]: Failed password for invalid user james from 46.14.230.202 port 32176 ssh2	2019-07-09 09:33:49
46.14.230.202	attack	Unauthorized SSH login attempts	2019-07-08 10:27:03
46.14.230.202	attack	Jul 7 15:43:42 Ubuntu-1404-trusty-64-minimal sshd\[20436\]: Invalid user usuario from 46.14.230.202 Jul 7 15:43:42 Ubuntu-1404-trusty-64-minimal sshd\[20436\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=46.14.230.202 Jul 7 15:43:44 Ubuntu-1404-trusty-64-minimal sshd\[20436\]: Failed password for invalid user usuario from 46.14.230.202 port 41121 ssh2 Jul 7 15:46:19 Ubuntu-1404-trusty-64-minimal sshd\[21881\]: Invalid user job from 46.14.230.202 Jul 7 15:46:19 Ubuntu-1404-trusty-64-minimal sshd\[21881\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=46.14.230.202	2019-07-07 22:45:34

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 46.14.23.1
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 29656
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;46.14.23.1.			IN	A

;; AUTHORITY SECTION:
.			37	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019080701 1800 900 604800 86400

;; Query time: 1 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Thu Aug 08 03:50:23 CST 2019
;; MSG SIZE  rcvd: 114

HOST信息:

1.23.14.46.in-addr.arpa domain name pointer 1.23.14.46.static.wline.lns.sme.cust.swisscom.ch.

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
1.23.14.46.in-addr.arpa	name = 1.23.14.46.static.wline.lns.sme.cust.swisscom.ch.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
205.186.161.61	attackspam	205.186.161.61 - - \[23/Jun/2019:21:57:18 +0200\] "GET /wp-login.php HTTP/1.1" 200 1301 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" 205.186.161.61 - - \[23/Jun/2019:21:57:18 +0200\] "POST /wp-login.php HTTP/1.1" 200 1704 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" 205.186.161.61 - - \[23/Jun/2019:21:57:19 +0200\] "GET /wp-login.php HTTP/1.1" 200 1301 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" 205.186.161.61 - - \[23/Jun/2019:21:57:19 +0200\] "POST /wp-login.php HTTP/1.1" 200 1684 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" 205.186.161.61 - - \[23/Jun/2019:21:57:19 +0200\] "GET /wp-login.php HTTP/1.1" 200 1301 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" 205.186.161.61 - - \[23/Jun/2019:21:57:20 +0200\] "POST /wp-login.php HTTP/1.1" 200 1688 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:6	2019-06-24 09:33:38
186.148.188.94	attackspambots	Jun 23 21:59:47 pornomens sshd\[23223\]: Invalid user nagios from 186.148.188.94 port 43270 Jun 23 21:59:47 pornomens sshd\[23223\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=186.148.188.94 Jun 23 21:59:50 pornomens sshd\[23223\]: Failed password for invalid user nagios from 186.148.188.94 port 43270 ssh2 ...	2019-06-24 08:57:15
103.138.109.106	attack	NAME : MTK-VN CIDR : 103.138.108.0/23 \| EMAIL - SPAM {Looking for resource vulnerabilities} DDoS Attack Viet Nam - block certain countries :) IP: 103.138.109.106 Denial-of-Service Attack (DoS) Detected and Blocked by ADMIN - data recovery https://help-dysk.pl	2019-06-24 09:29:08
194.28.112.49	attackspambots	Port scan attempt detected by AWS-CCS, CTS, India	2019-06-24 09:32:08
111.79.114.177	attackbots	Jun 23 21:58:52 icinga sshd[25754]: Failed password for root from 111.79.114.177 port 41341 ssh2 Jun 23 21:59:05 icinga sshd[25754]: error: maximum authentication attempts exceeded for root from 111.79.114.177 port 41341 ssh2 [preauth] ...	2019-06-24 09:11:26
158.69.193.32	attackbots	Jun 23 21:59:53 cvbmail sshd\[18637\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=158.69.193.32 user=root Jun 23 21:59:56 cvbmail sshd\[18637\]: Failed password for root from 158.69.193.32 port 34248 ssh2 Jun 23 21:59:58 cvbmail sshd\[18637\]: Failed password for root from 158.69.193.32 port 34248 ssh2	2019-06-24 08:49:18
179.108.244.167	attackbots	dovecot jail - smtp auth [ma]	2019-06-24 09:32:57
58.64.144.109	attackspambots	Jun 23 19:59:03 sshgateway sshd\[9989\]: Invalid user glassfish from 58.64.144.109 Jun 23 19:59:03 sshgateway sshd\[9989\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.64.144.109 Jun 23 19:59:05 sshgateway sshd\[9989\]: Failed password for invalid user glassfish from 58.64.144.109 port 46174 ssh2	2019-06-24 09:10:25
191.53.252.112	attackspam	Jun 23 15:57:33 web1 postfix/smtpd[16458]: warning: unknown[191.53.252.112]: SASL PLAIN authentication failed: authentication failure ...	2019-06-24 09:30:46
162.241.181.222	attack	8886/tcp 220/tcp 7000/tcp... [2019-06-17/23]32pkt,10pt.(tcp)	2019-06-24 09:06:40
191.253.47.120	attack	failed_logins	2019-06-24 09:29:45
61.160.190.45	attackspam	$f2bV_matches	2019-06-24 08:51:29
162.249.236.55	attack	3389BruteforceFW21	2019-06-24 09:04:57
106.1.184.222	attackspam	1561319918 - 06/24/2019 02:58:38 Host: 106.1.184.222/106.1.184.222 Port: 23 TCP Blocked ...	2019-06-24 09:18:16
199.249.230.111	attack	pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=199.249.230.111 user=root Failed password for root from 199.249.230.111 port 16207 ssh2 Failed password for root from 199.249.230.111 port 16207 ssh2 Failed password for root from 199.249.230.111 port 16207 ssh2 Failed password for root from 199.249.230.111 port 16207 ssh2	2019-06-24 08:56:33

最近上报的IP列表

236.1.59.16	136.19.71.44	140.82.66.132	165.46.71.41
5.13.134.5	184.244.46.31	1.1.1.1	54.94.22.109
184.100.136.159	61.141.233.184	206.225.86.73	123.31.128.94
41.218.50.224	84.163.11.244	124.102.151.56	196.214.144.139
112.119.36.140	157.230.243.126	80.178.130.249	36.83.120.164