46.142.14.52 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Germany

运营商(isp): 1&1 Versatel Deutschland GmbH

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Fixed Line ISP

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspam	User [zhangrd] from [46.142.14.52] failed to log in via [SSH] due to authorization failure. User [root] from [46.142.14.52] failed to log in via [SSH] due to authorization failure. User [deepmagic] from [46.142.14.52] failed to log in via [SSH] due to authorization failure. User [teamspeakbot] from [46.142.14.52] failed to log in via [SSH] due to authorization failure. User [ihor] from [46.142.14.52] failed to log in via [SSH] due to authorization failure. User [root] from [46.142.14.52] failed to log in via [SSH] due to authorization failure. User [admin] from [46.142.14.52] failed to log in via [SSH] due to authorization failure. User [admin] from [46.142.14.52] failed to log in via [SSH] due to authorization failure. User [yuchen] from [46.142.14.52] failed to log in via [SSH] due to authorization failure. User [root] from [46.142.14.52] failed to log in via [SSH] due to authorization failure. User [user3] from [46.142.14.52] failed to log in via [SSH] due to authorization failure.	2020-06-10 02:54:15

类型

评论内容

时间

attackspam

User [zhangrd] from [46.142.14.52] failed to log in via [SSH] due to authorization failure.
User [root] from [46.142.14.52] failed to log in via [SSH] due to authorization failure.
User [deepmagic] from [46.142.14.52] failed to log in via [SSH] due to authorization failure.
User [teamspeakbot] from [46.142.14.52] failed to log in via [SSH] due to authorization failure.
User [ihor] from [46.142.14.52] failed to log in via [SSH] due to authorization failure.
User [root] from [46.142.14.52] failed to log in via [SSH] due to authorization failure.
User [admin] from [46.142.14.52] failed to log in via [SSH] due to authorization failure.
User [admin] from [46.142.14.52] failed to log in via [SSH] due to authorization failure.
User [yuchen] from [46.142.14.52] failed to log in via [SSH] due to authorization failure.
User [root] from [46.142.14.52] failed to log in via [SSH] due to authorization failure.
User [user3] from [46.142.14.52] failed to log in via [SSH] due to authorization failure.

2020-06-10 02:54:15

相同子网IP讨论:

IP	类型	评论内容	时间
46.142.149.3	attackspambots	Jun 17 17:57:46 h2034429 sshd[25718]: Invalid user kelly from 46.142.149.3 Jun 17 17:57:46 h2034429 sshd[25718]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=46.142.149.3 Jun 17 17:57:48 h2034429 sshd[25718]: Failed password for invalid user kelly from 46.142.149.3 port 60710 ssh2 Jun 17 17:57:48 h2034429 sshd[25718]: Received disconnect from 46.142.149.3 port 60710:11: Bye Bye [preauth] Jun 17 17:57:48 h2034429 sshd[25718]: Disconnected from 46.142.149.3 port 60710 [preauth] Jun 17 18:04:01 h2034429 sshd[25783]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=46.142.149.3 user=r.r Jun 17 18:04:03 h2034429 sshd[25783]: Failed password for r.r from 46.142.149.3 port 35004 ssh2 Jun 17 18:04:03 h2034429 sshd[25783]: Received disconnect from 46.142.149.3 port 35004:11: Bye Bye [preauth] Jun 17 18:04:03 h2034429 sshd[25783]: Disconnected from 46.142.149.3 port 35004 [preauth] ........ ---------------------------------------------	2020-06-18 01:41:09
46.142.147.176	attack	Feb 20 13:59:22 server2 sshd[21799]: Invalid user debian from 46.142.147.176 Feb 20 13:59:25 server2 sshd[21799]: Failed password for invalid user debian from 46.142.147.176 port 59376 ssh2 Feb 20 13:59:25 server2 sshd[21799]: Received disconnect from 46.142.147.176: 11: Bye Bye [preauth] Feb 20 14:21:31 server2 sshd[26141]: Invalid user cpaneleximfilter from 46.142.147.176 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=46.142.147.176	2020-02-21 00:38:48

类型

评论内容

时间

46.142.149.3

attackspambots

Jun 17 17:57:46 h2034429 sshd[25718]: Invalid user kelly from 46.142.149.3
Jun 17 17:57:46 h2034429 sshd[25718]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=46.142.149.3
Jun 17 17:57:48 h2034429 sshd[25718]: Failed password for invalid user kelly from 46.142.149.3 port 60710 ssh2
Jun 17 17:57:48 h2034429 sshd[25718]: Received disconnect from 46.142.149.3 port 60710:11: Bye Bye [preauth]
Jun 17 17:57:48 h2034429 sshd[25718]: Disconnected from 46.142.149.3 port 60710 [preauth]
Jun 17 18:04:01 h2034429 sshd[25783]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=46.142.149.3  user=r.r
Jun 17 18:04:03 h2034429 sshd[25783]: Failed password for r.r from 46.142.149.3 port 35004 ssh2
Jun 17 18:04:03 h2034429 sshd[25783]: Received disconnect from 46.142.149.3 port 35004:11: Bye Bye [preauth]
Jun 17 18:04:03 h2034429 sshd[25783]: Disconnected from 46.142.149.3 port 35004 [preauth]


........
---------------------------------------------

2020-06-18 01:41:09

46.142.147.176

attack

Feb 20 13:59:22 server2 sshd[21799]: Invalid user debian from 46.142.147.176
Feb 20 13:59:25 server2 sshd[21799]: Failed password for invalid user debian from 46.142.147.176 port 59376 ssh2
Feb 20 13:59:25 server2 sshd[21799]: Received disconnect from 46.142.147.176: 11: Bye Bye [preauth]
Feb 20 14:21:31 server2 sshd[26141]: Invalid user cpaneleximfilter from 46.142.147.176


........
-----------------------------------------------
https://www.blocklist.de/en/view.html?ip=46.142.147.176

2020-02-21 00:38:48

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 46.142.14.52
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 59748
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;46.142.14.52.			IN	A

;; AUTHORITY SECTION:
.			421	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020060901 1800 900 604800 86400

;; Query time: 55 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Jun 10 02:54:11 CST 2020
;; MSG SIZE  rcvd: 116

HOST信息:

52.14.142.46.in-addr.arpa domain name pointer 52-14-142-46.pool.kielnet.net.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
52.14.142.46.in-addr.arpa	name = 52-14-142-46.pool.kielnet.net.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
157.55.39.15	attackbotsspam	Automatic report - Web App Attack	2019-06-27 02:02:48
107.6.183.162	attackspambots	Automatic report - Web App Attack	2019-06-27 01:37:23
45.247.120.217	attackspambots	445/tcp [2019-06-26]1pkt	2019-06-27 02:17:32
184.105.139.95	attackbots	Port scan attempt detected by AWS-CCS, CTS, India	2019-06-27 01:48:34
219.78.63.249	attack	9527/tcp 9527/tcp 9527/tcp [2019-06-26]3pkt	2019-06-27 02:18:32
51.89.153.215	attackbotsspam	26.06.2019 17:45:18 Connection to port 5060 blocked by firewall	2019-06-27 02:07:34
115.29.5.66	attackbotsspam	TCP src-port=53730 dst-port=25 dnsbl-sorbs abuseat-org barracuda (898)	2019-06-27 01:49:09
209.17.97.42	attackbots	IP: 209.17.97.42 ASN: AS174 Cogent Communications Port: World Wide Web HTTP 80 Found in one or more Blacklists Date: 26/06/2019 3:00:34 PM UTC	2019-06-27 01:50:28
94.54.66.173	attack	DATE:2019-06-26 15:11:23, IP:94.54.66.173, PORT:ssh brute force auth on SSH service (patata)	2019-06-27 01:52:29
182.33.211.24	attack	port scan and connect, tcp 22 (ssh)	2019-06-27 01:33:51
5.62.19.60	attack	\[2019-06-26 13:38:39\] NOTICE\[1849\] chan_sip.c: Registration from '\' failed for '5.62.19.60:2007' - Wrong password \[2019-06-26 13:38:39\] SECURITY\[1857\] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2019-06-26T13:38:39.908-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="6827",SessionID="0x7fc4241c7b08",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/5.62.19.60/56105",Challenge="13ce4ef6",ReceivedChallenge="13ce4ef6",ReceivedHash="28f68dbf18334ca95b79bd7a3f7e0ebb" \[2019-06-26 13:39:42\] NOTICE\[1849\] chan_sip.c: Registration from '\' failed for '5.62.19.60:2047' - Wrong password \[2019-06-26 13:39:42\] SECURITY\[1857\] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2019-06-26T13:39:42.241-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="2476",SessionID="0x7fc42430b1a8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/5.62.19.60/54588",Ch	2019-06-27 01:43:13
36.92.5.11	attackspambots	19/6/26@09:11:15: FAIL: Alarm-Intrusion address from=36.92.5.11 ...	2019-06-27 02:00:25
188.162.166.132	attack	445/tcp [2019-06-26]1pkt	2019-06-27 02:11:31
62.210.251.190	attackbots	Port Scan detected from 62.210.251.190 (FR/France/62-210-251-190.rev.poneytelecom.eu). 4 hits in the last 130 seconds	2019-06-27 01:57:59
51.91.57.190	attack	Automated report - ssh fail2ban: Jun 26 19:31:10 authentication failure Jun 26 19:31:13 wrong password, user=admin, port=58234, ssh2 Jun 26 20:01:54 authentication failure	2019-06-27 02:06:16

最近上报的IP列表

113.203.240.35	85.107.53.177	67.205.142.117	57.219.27.136
182.98.132.153	201.84.95.84	27.86.61.152	94.29.8.113
36.75.212.50	35.221.102.148	29.84.203.96	5.45.210.146
140.167.5.169	170.105.238.213	39.224.230.59	232.94.176.251
198.60.198.153	207.73.154.94	194.229.77.86	25.25.224.9