202.46.1.74 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Indonesia

Internet Service Provider: Ipteknet Indonesian Science and Technology Network

Hostname: unknown

Organization: unknown

Usage Type: University/College/School

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspambots	Connection to SSH Honeypot - Detected by HoneypotDB	2020-09-25 07:42:11
attackbotsspam	2020-09-08 UTC: (37x) - agent,lkihara,rippel,root(31x),ubnt,vyos,webssh	2020-09-09 23:21:43
attackbots	SSH login attempts.	2020-05-28 16:56:27
attackbots	Too many connections or unauthorized access detected from Arctic banned ip	2020-05-28 02:14:53
attackbots	Feb 22 06:49:03 server sshd[3422364]: Failed password for invalid user akazam from 202.46.1.74 port 60681 ssh2 Feb 22 06:51:16 server sshd[3423706]: Failed password for invalid user Fred from 202.46.1.74 port 40557 ssh2 Feb 22 06:53:28 server sshd[3424920]: Failed password for invalid user ts3serv from 202.46.1.74 port 48665 ssh2	2020-02-22 17:16:23
attackbots	Automatic report - SSH Brute-Force Attack	2020-02-18 17:58:21
attackbots	Feb 13 14:48:59 vps647732 sshd[29070]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.46.1.74 Feb 13 14:49:01 vps647732 sshd[29070]: Failed password for invalid user vagrant from 202.46.1.74 port 60445 ssh2 ...	2020-02-13 23:54:09
attackspam	Feb 10 20:16:32 lukav-desktop sshd\[19322\]: Invalid user hye from 202.46.1.74 Feb 10 20:16:32 lukav-desktop sshd\[19322\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.46.1.74 Feb 10 20:16:34 lukav-desktop sshd\[19322\]: Failed password for invalid user hye from 202.46.1.74 port 57520 ssh2 Feb 10 20:20:38 lukav-desktop sshd\[19359\]: Invalid user ifk from 202.46.1.74 Feb 10 20:20:38 lukav-desktop sshd\[19359\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.46.1.74	2020-02-11 02:55:59
attack	Feb 5 16:16:08 web8 sshd\[20907\]: Invalid user tanya from 202.46.1.74 Feb 5 16:16:08 web8 sshd\[20907\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.46.1.74 Feb 5 16:16:10 web8 sshd\[20907\]: Failed password for invalid user tanya from 202.46.1.74 port 39736 ssh2 Feb 5 16:19:20 web8 sshd\[22457\]: Invalid user 12345678 from 202.46.1.74 Feb 5 16:19:20 web8 sshd\[22457\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.46.1.74	2020-02-06 00:26:31
attack	Unauthorized connection attempt detected from IP address 202.46.1.74 to port 2220 [J]	2020-01-18 15:35:34
attackspam	Unauthorized connection attempt detected from IP address 202.46.1.74 to port 2220 [J]	2020-01-05 18:02:35
attackbots	Dec 20 01:35:39 php1 sshd\[10713\]: Invalid user kennady from 202.46.1.74 Dec 20 01:35:39 php1 sshd\[10713\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.46.1.74 Dec 20 01:35:40 php1 sshd\[10713\]: Failed password for invalid user kennady from 202.46.1.74 port 56558 ssh2 Dec 20 01:42:35 php1 sshd\[11744\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.46.1.74 user=root Dec 20 01:42:37 php1 sshd\[11744\]: Failed password for root from 202.46.1.74 port 59350 ssh2	2019-12-20 19:51:02
attack	Dec 19 13:11:51 wbs sshd\[11778\]: Invalid user wwwadmin from 202.46.1.74 Dec 19 13:11:51 wbs sshd\[11778\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.46.1.74 Dec 19 13:11:53 wbs sshd\[11778\]: Failed password for invalid user wwwadmin from 202.46.1.74 port 43135 ssh2 Dec 19 13:19:28 wbs sshd\[12537\]: Invalid user mikulka from 202.46.1.74 Dec 19 13:19:28 wbs sshd\[12537\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.46.1.74	2019-12-20 07:36:18
attackbotsspam	Dec 12 01:49:37 sd-53420 sshd\[21283\]: Invalid user webmaster from 202.46.1.74 Dec 12 01:49:37 sd-53420 sshd\[21283\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.46.1.74 Dec 12 01:49:39 sd-53420 sshd\[21283\]: Failed password for invalid user webmaster from 202.46.1.74 port 38241 ssh2 Dec 12 01:57:12 sd-53420 sshd\[21836\]: Invalid user guest from 202.46.1.74 Dec 12 01:57:12 sd-53420 sshd\[21836\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.46.1.74 ...	2019-12-12 08:58:03

Comments on same subnet:

IP	Type	Details	Datetime
202.46.129.204	attackspambots	Automatic report - XMLRPC Attack	2020-01-09 15:45:25
202.46.129.204	attackspam	202.46.129.204 - - \[27/Dec/2019:18:24:26 +0100\] "POST /wp-login.php HTTP/1.0" 200 7427 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" 202.46.129.204 - - \[27/Dec/2019:18:24:28 +0100\] "POST /wp-login.php HTTP/1.0" 200 7242 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" 202.46.129.204 - - \[27/Dec/2019:18:24:30 +0100\] "POST /wp-login.php HTTP/1.0" 200 7239 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0"	2019-12-28 03:26:48
202.46.129.204	attackspam	202.46.129.204 - - [08/Dec/2019:09:00:47 +0100] "GET /wp-login.php HTTP/1.1" 200 1122 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 202.46.129.204 - - [08/Dec/2019:09:00:48 +0100] "POST /wp-login.php HTTP/1.1" 200 1503 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 202.46.129.204 - - [08/Dec/2019:09:00:49 +0100] "GET /wp-login.php HTTP/1.1" 200 1122 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 202.46.129.204 - - [08/Dec/2019:09:00:50 +0100] "POST /wp-login.php HTTP/1.1" 200 1489 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 202.46.129.204 - - [08/Dec/2019:09:00:50 +0100] "GET /wp-login.php HTTP/1.1" 200 1122 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 202.46.129.204 - - [08/Dec/2019:09:00:51 +0100] "POST /wp-login.php HTTP/1.1" 200 1491 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2019-12-08 16:47:46
202.46.129.200	attackbots	Automatic report - XMLRPC Attack	2019-12-05 06:03:53
202.46.129.204	attackspam	joshuajohannes.de 202.46.129.204 \[11/Nov/2019:07:27:45 +0100\] "POST /wp-login.php HTTP/1.1" 200 5605 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" joshuajohannes.de 202.46.129.204 \[11/Nov/2019:07:27:47 +0100\] "POST /wp-login.php HTTP/1.1" 200 5570 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0"	2019-11-11 16:48:01
202.46.129.204	attack	[munged]::443 202.46.129.204 - - [08/Nov/2019:05:53:22 +0100] "POST /[munged]: HTTP/1.1" 200 6092 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2019-11-08 14:05:21
202.46.129.204	attackbotsspam	www.lust-auf-land.com 202.46.129.204 \[02/Nov/2019:07:04:01 +0100\] "POST /wp-login.php HTTP/1.1" 200 5827 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" www.lust-auf-land.com 202.46.129.204 \[02/Nov/2019:07:04:02 +0100\] "POST /wp-login.php HTTP/1.1" 200 5786 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0"	2019-11-02 15:42:18
202.46.129.204	attackspambots	kidness.family 202.46.129.204 \[30/Oct/2019:21:26:00 +0100\] "POST /wp-login.php HTTP/1.1" 200 5618 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" kidness.family 202.46.129.204 \[30/Oct/2019:21:26:02 +0100\] "POST /wp-login.php HTTP/1.1" 200 5572 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0"	2019-10-31 06:57:47
202.46.1.25	attackspambots	Oct 21 10:26:24 dedicated sshd[19790]: Invalid user zmkm from 202.46.1.25 port 51990	2019-10-21 16:53:30
202.46.1.25	attackbotsspam	Oct 18 10:20:13 tux-35-217 sshd\[27232\]: Invalid user xi from 202.46.1.25 port 53490 Oct 18 10:20:13 tux-35-217 sshd\[27232\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.46.1.25 Oct 18 10:20:15 tux-35-217 sshd\[27232\]: Failed password for invalid user xi from 202.46.1.25 port 53490 ssh2 Oct 18 10:24:38 tux-35-217 sshd\[27244\]: Invalid user matt from 202.46.1.25 port 35986 Oct 18 10:24:38 tux-35-217 sshd\[27244\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.46.1.25 ...	2019-10-18 16:29:13
202.46.129.204	attack	C1,WP GET /suche/wp-login.php	2019-10-16 07:31:54
202.46.129.204	attackspam	WordPress wp-login brute force :: 202.46.129.204 0.044 BYPASS [05/Oct/2019:21:41:44 1000] [censored_2] "POST /wp-login.php HTTP/1.1" 200 4630 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2019-10-05 19:51:48

Whois info:

Dig info:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 202.46.1.74
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 34125
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;202.46.1.74.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019060301 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Tue Jun 04 02:01:20 CST 2019
;; MSG SIZE  rcvd: 115

Host info

Host 74.1.46.202.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 74.1.46.202.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
185.176.27.42	attackbots	ET DROP Dshield Block Listed Source group 1 - port: 1341 proto: TCP cat: Misc Attack	2020-03-29 03:06:13
185.202.1.240	attackbotsspam	SSH Authentication Attempts Exceeded	2020-03-29 02:33:24
69.229.6.6	attackbots	Invalid user tiv from 69.229.6.6 port 53350	2020-03-29 02:56:17
45.55.189.252	attackspam	Mar 28 16:15:28 v22019038103785759 sshd\[19886\]: Invalid user nga from 45.55.189.252 port 60540 Mar 28 16:15:28 v22019038103785759 sshd\[19886\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.55.189.252 Mar 28 16:15:30 v22019038103785759 sshd\[19886\]: Failed password for invalid user nga from 45.55.189.252 port 60540 ssh2 Mar 28 16:24:22 v22019038103785759 sshd\[20435\]: Invalid user clh from 45.55.189.252 port 47342 Mar 28 16:24:22 v22019038103785759 sshd\[20435\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.55.189.252 ...	2020-03-29 02:30:35
118.24.126.48	attack	Mar 28 15:35:26 XXX sshd[64593]: Invalid user ak from 118.24.126.48 port 59348	2020-03-29 02:47:31
86.101.56.141	attack	(sshd) Failed SSH login from 86.101.56.141 (HU/Hungary/catv-86-101-56-141.catv.broadband.hu): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Mar 28 13:11:57 localhost sshd[24731]: Invalid user hqk from 86.101.56.141 port 51380 Mar 28 13:11:59 localhost sshd[24731]: Failed password for invalid user hqk from 86.101.56.141 port 51380 ssh2 Mar 28 13:33:27 localhost sshd[26085]: Did not receive identification string from 86.101.56.141 port 45880 Mar 28 13:58:52 localhost sshd[27963]: Invalid user kwn from 86.101.56.141 port 34560 Mar 28 13:58:54 localhost sshd[27963]: Failed password for invalid user kwn from 86.101.56.141 port 34560 ssh2	2020-03-29 02:53:22
36.78.212.91	attack	SSH Brute-Force reported by Fail2Ban	2020-03-29 03:00:48
103.219.112.48	attackspambots	SSH brute force attempt	2020-03-29 02:30:18
65.229.5.158	attackspambots	SSH Brute Force	2020-03-29 02:56:33
80.82.77.33	attackbotsspam	ET DROP Dshield Block Listed Source group 1 - port: 6666 proto: TCP cat: Misc Attack	2020-03-29 02:54:56
128.199.99.204	attackspam	Brute-force attempt banned	2020-03-29 02:45:21
49.88.112.109	attackspam	03/28/2020-12:06:56.263612 49.88.112.109 Protocol: 6 ET CINS Active Threat Intelligence Poor Reputation IP group 50	2020-03-29 02:59:43
89.248.172.16	attack	Unauthorized connection attempt detected from IP address 89.248.172.16 to port 2000	2020-03-29 02:51:35
54.37.66.73	attackbots	Mar 28 19:54:44 santamaria sshd\[16488\]: Invalid user ypl from 54.37.66.73 Mar 28 19:54:44 santamaria sshd\[16488\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.37.66.73 Mar 28 19:54:46 santamaria sshd\[16488\]: Failed password for invalid user ypl from 54.37.66.73 port 56084 ssh2 ...	2020-03-29 02:57:51
46.101.26.21	attackspam	Invalid user ntu from 46.101.26.21 port 59951	2020-03-29 03:00:15

Recently Reported IPs

233.197.205.198	243.135.84.203	142.126.140.21	207.219.97.161
26.194.78.73	188.241.222.221	120.126.64.146	191.53.249.139
191.53.112.170	128.199.75.133	163.53.75.237	1.212.157.115
185.247.20.162	85.192.165.50	58.145.168.162	3.5.234.172
51.79.29.144	178.170.254.175	219.146.196.114	173.254.251.250