1.46.41.142 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Thailand

Internet Service Provider: Total Access Communication PLC

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	1596426964 - 08/03/2020 05:56:04 Host: 1.46.41.142/1.46.41.142 Port: 445 TCP Blocked	2020-08-03 13:46:06

Comments on same subnet:

IP	Type	Details	Datetime
1.46.41.75	attackbotsspam	Jul 30 14:11:38 h2034429 postfix/smtpd[2471]: connect from unknown[1.46.41.75] Jul x@x Jul 30 14:11:39 h2034429 postfix/smtpd[2471]: lost connection after DATA from unknown[1.46.41.75] Jul 30 14:11:39 h2034429 postfix/smtpd[2471]: disconnect from unknown[1.46.41.75] ehlo=1 mail=1 rcpt=0/1 data=0/1 commands=2/4 Jul 30 14:12:02 h2034429 postfix/smtpd[2471]: connect from unknown[1.46.41.75] Jul x@x Jul 30 14:12:03 h2034429 postfix/smtpd[2471]: lost connection after DATA from unknown[1.46.41.75] Jul 30 14:12:03 h2034429 postfix/smtpd[2471]: disconnect from unknown[1.46.41.75] ehlo=1 mail=1 rcpt=0/1 data=0/1 commands=2/4 Jul 30 14:12:16 h2034429 postfix/smtpd[2471]: connect from unknown[1.46.41.75] Jul x@x ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=1.46.41.75	2019-07-30 20:35:41

Type

Details

Datetime

1.46.41.75

attackbotsspam

Jul 30 14:11:38 h2034429 postfix/smtpd[2471]: connect from unknown[1.46.41.75]
Jul x@x
Jul 30 14:11:39 h2034429 postfix/smtpd[2471]: lost connection after DATA from unknown[1.46.41.75]
Jul 30 14:11:39 h2034429 postfix/smtpd[2471]: disconnect from unknown[1.46.41.75] ehlo=1 mail=1 rcpt=0/1 data=0/1 commands=2/4
Jul 30 14:12:02 h2034429 postfix/smtpd[2471]: connect from unknown[1.46.41.75]
Jul x@x
Jul 30 14:12:03 h2034429 postfix/smtpd[2471]: lost connection after DATA from unknown[1.46.41.75]
Jul 30 14:12:03 h2034429 postfix/smtpd[2471]: disconnect from unknown[1.46.41.75] ehlo=1 mail=1 rcpt=0/1 data=0/1 commands=2/4
Jul 30 14:12:16 h2034429 postfix/smtpd[2471]: connect from unknown[1.46.41.75]
Jul x@x


........
-----------------------------------------------
https://www.blocklist.de/en/view.html?ip=1.46.41.75

2019-07-30 20:35:41

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 1.46.41.142
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 2803
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;1.46.41.142.			IN	A

;; AUTHORITY SECTION:
.			593	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020080300 1800 900 604800 86400

;; Query time: 507 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Aug 03 13:45:58 CST 2020
;; MSG SIZE  rcvd: 115

Host info

Host 142.41.46.1.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 142.41.46.1.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
75.75.17.68	attack	SSH-bruteforce attempts	2019-09-14 09:49:51
62.4.21.58	attack	RDP Bruteforce	2019-09-14 09:34:05
93.103.6.14	attackspam	proto=tcp . spt=41920 . dpt=25 . (listed on Blocklist de Sep 13) (946)	2019-09-14 10:06:15
116.110.95.195	attackspam	2019-09-14T01:36:57.868501abusebot-6.cloudsearch.cf sshd\[29620\]: Invalid user phpmy from 116.110.95.195 port 43068	2019-09-14 10:03:31
46.101.127.49	attackbotsspam	Sep 14 04:56:25 tuotantolaitos sshd[18601]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=46.101.127.49 Sep 14 04:56:27 tuotantolaitos sshd[18601]: Failed password for invalid user mailer from 46.101.127.49 port 51154 ssh2 ...	2019-09-14 10:04:57
198.12.149.33	attack	WordPress wp-login brute force :: 198.12.149.33 0.060 BYPASS [14/Sep/2019:10:43:17 1000] [censored_4] "POST /wp-login.php HTTP/1.1" 200 3989 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2019-09-14 09:24:20
41.236.245.75	attack	Chat Spam	2019-09-14 09:22:18
223.247.194.119	attackbots	Sep 13 21:38:33 ny01 sshd[10902]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=223.247.194.119 Sep 13 21:38:35 ny01 sshd[10902]: Failed password for invalid user mysql2 from 223.247.194.119 port 47378 ssh2 Sep 13 21:43:55 ny01 sshd[11768]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=223.247.194.119	2019-09-14 09:58:29
212.156.86.226	attackspam	proto=tcp . spt=48695 . dpt=25 . (listed on Blocklist de Sep 13) (961)	2019-09-14 09:32:46
123.108.35.186	attackbotsspam	Sep 14 03:20:31 meumeu sshd[27229]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.108.35.186 Sep 14 03:20:34 meumeu sshd[27229]: Failed password for invalid user dabdallxl from 123.108.35.186 port 39566 ssh2 Sep 14 03:25:08 meumeu sshd[27756]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.108.35.186 ...	2019-09-14 09:27:02
180.76.246.79	attack	Sep 13 15:28:48 home sshd[13458]: Invalid user je from 180.76.246.79 port 40846 Sep 13 15:28:48 home sshd[13458]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.76.246.79 Sep 13 15:28:48 home sshd[13458]: Invalid user je from 180.76.246.79 port 40846 Sep 13 15:28:50 home sshd[13458]: Failed password for invalid user je from 180.76.246.79 port 40846 ssh2 Sep 13 15:47:56 home sshd[13563]: Invalid user test from 180.76.246.79 port 55776 Sep 13 15:47:56 home sshd[13563]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.76.246.79 Sep 13 15:47:56 home sshd[13563]: Invalid user test from 180.76.246.79 port 55776 Sep 13 15:47:58 home sshd[13563]: Failed password for invalid user test from 180.76.246.79 port 55776 ssh2 Sep 13 15:52:20 home sshd[13590]: Invalid user 1415926 from 180.76.246.79 port 40306 Sep 13 15:52:20 home sshd[13590]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.76.24	2019-09-14 09:33:37
139.59.8.66	attackspam	pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.8.66 Failed password for invalid user testing from 139.59.8.66 port 33620 ssh2 Invalid user webpass from 139.59.8.66 port 48774 pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.8.66 Failed password for invalid user webpass from 139.59.8.66 port 48774 ssh2	2019-09-14 09:55:48
31.163.174.227	attack	Sep 6 19:35:55 vpxxxxxxx22308 sshd[32067]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=31.163.174.227 user=r.r Sep 6 19:35:57 vpxxxxxxx22308 sshd[32067]: Failed password for r.r from 31.163.174.227 port 45231 ssh2 Sep 6 19:35:59 vpxxxxxxx22308 sshd[32067]: Failed password for r.r from 31.163.174.227 port 45231 ssh2 Sep 6 19:36:01 vpxxxxxxx22308 sshd[32067]: Failed password for r.r from 31.163.174.227 port 45231 ssh2 Sep 6 19:36:03 vpxxxxxxx22308 sshd[32067]: Failed password for r.r from 31.163.174.227 port 45231 ssh2 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=31.163.174.227	2019-09-14 09:21:56
37.53.91.78	attackspam	proto=tcp . spt=54167 . dpt=25 . (listed on Blocklist de Sep 13) (951)	2019-09-14 09:54:17
37.59.46.85	attack	Sep 14 04:28:54 www sshd\[34139\]: Invalid user steam from 37.59.46.85Sep 14 04:28:56 www sshd\[34139\]: Failed password for invalid user steam from 37.59.46.85 port 53440 ssh2Sep 14 04:32:47 www sshd\[34167\]: Invalid user abuse from 37.59.46.85 ...	2019-09-14 09:43:19

Recently Reported IPs

70.50.190.124	101.128.180.219	17.105.158.93	170.181.230.41
35.236.239.153	210.218.223.244	124.235.204.47	98.159.99.227
2a01:4f8:172:369b::2	178.184.24.126	68.183.113.151	185.99.213.13
45.62.123.254	45.84.176.150	166.152.228.206	132.208.28.226
79.157.237.80	4.158.156.143	177.36.103.56	180.123.4.12