202.46.1.74 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Indonesia

Internet Service Provider: Ipteknet Indonesian Science and Technology Network

Hostname: unknown

Organization: unknown

Usage Type: University/College/School

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspambots	Connection to SSH Honeypot - Detected by HoneypotDB	2020-09-25 07:42:11
attackbotsspam	2020-09-08 UTC: (37x) - agent,lkihara,rippel,root(31x),ubnt,vyos,webssh	2020-09-09 23:21:43
attackbots	SSH login attempts.	2020-05-28 16:56:27
attackbots	Too many connections or unauthorized access detected from Arctic banned ip	2020-05-28 02:14:53
attackbots	Feb 22 06:49:03 server sshd[3422364]: Failed password for invalid user akazam from 202.46.1.74 port 60681 ssh2 Feb 22 06:51:16 server sshd[3423706]: Failed password for invalid user Fred from 202.46.1.74 port 40557 ssh2 Feb 22 06:53:28 server sshd[3424920]: Failed password for invalid user ts3serv from 202.46.1.74 port 48665 ssh2	2020-02-22 17:16:23
attackbots	Automatic report - SSH Brute-Force Attack	2020-02-18 17:58:21
attackbots	Feb 13 14:48:59 vps647732 sshd[29070]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.46.1.74 Feb 13 14:49:01 vps647732 sshd[29070]: Failed password for invalid user vagrant from 202.46.1.74 port 60445 ssh2 ...	2020-02-13 23:54:09
attackspam	Feb 10 20:16:32 lukav-desktop sshd\[19322\]: Invalid user hye from 202.46.1.74 Feb 10 20:16:32 lukav-desktop sshd\[19322\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.46.1.74 Feb 10 20:16:34 lukav-desktop sshd\[19322\]: Failed password for invalid user hye from 202.46.1.74 port 57520 ssh2 Feb 10 20:20:38 lukav-desktop sshd\[19359\]: Invalid user ifk from 202.46.1.74 Feb 10 20:20:38 lukav-desktop sshd\[19359\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.46.1.74	2020-02-11 02:55:59
attack	Feb 5 16:16:08 web8 sshd\[20907\]: Invalid user tanya from 202.46.1.74 Feb 5 16:16:08 web8 sshd\[20907\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.46.1.74 Feb 5 16:16:10 web8 sshd\[20907\]: Failed password for invalid user tanya from 202.46.1.74 port 39736 ssh2 Feb 5 16:19:20 web8 sshd\[22457\]: Invalid user 12345678 from 202.46.1.74 Feb 5 16:19:20 web8 sshd\[22457\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.46.1.74	2020-02-06 00:26:31
attack	Unauthorized connection attempt detected from IP address 202.46.1.74 to port 2220 [J]	2020-01-18 15:35:34
attackspam	Unauthorized connection attempt detected from IP address 202.46.1.74 to port 2220 [J]	2020-01-05 18:02:35
attackbots	Dec 20 01:35:39 php1 sshd\[10713\]: Invalid user kennady from 202.46.1.74 Dec 20 01:35:39 php1 sshd\[10713\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.46.1.74 Dec 20 01:35:40 php1 sshd\[10713\]: Failed password for invalid user kennady from 202.46.1.74 port 56558 ssh2 Dec 20 01:42:35 php1 sshd\[11744\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.46.1.74 user=root Dec 20 01:42:37 php1 sshd\[11744\]: Failed password for root from 202.46.1.74 port 59350 ssh2	2019-12-20 19:51:02
attack	Dec 19 13:11:51 wbs sshd\[11778\]: Invalid user wwwadmin from 202.46.1.74 Dec 19 13:11:51 wbs sshd\[11778\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.46.1.74 Dec 19 13:11:53 wbs sshd\[11778\]: Failed password for invalid user wwwadmin from 202.46.1.74 port 43135 ssh2 Dec 19 13:19:28 wbs sshd\[12537\]: Invalid user mikulka from 202.46.1.74 Dec 19 13:19:28 wbs sshd\[12537\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.46.1.74	2019-12-20 07:36:18
attackbotsspam	Dec 12 01:49:37 sd-53420 sshd\[21283\]: Invalid user webmaster from 202.46.1.74 Dec 12 01:49:37 sd-53420 sshd\[21283\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.46.1.74 Dec 12 01:49:39 sd-53420 sshd\[21283\]: Failed password for invalid user webmaster from 202.46.1.74 port 38241 ssh2 Dec 12 01:57:12 sd-53420 sshd\[21836\]: Invalid user guest from 202.46.1.74 Dec 12 01:57:12 sd-53420 sshd\[21836\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.46.1.74 ...	2019-12-12 08:58:03

Comments on same subnet:

IP	Type	Details	Datetime
202.46.129.204	attackspambots	Automatic report - XMLRPC Attack	2020-01-09 15:45:25
202.46.129.204	attackspam	202.46.129.204 - - \[27/Dec/2019:18:24:26 +0100\] "POST /wp-login.php HTTP/1.0" 200 7427 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" 202.46.129.204 - - \[27/Dec/2019:18:24:28 +0100\] "POST /wp-login.php HTTP/1.0" 200 7242 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" 202.46.129.204 - - \[27/Dec/2019:18:24:30 +0100\] "POST /wp-login.php HTTP/1.0" 200 7239 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0"	2019-12-28 03:26:48
202.46.129.204	attackspam	202.46.129.204 - - [08/Dec/2019:09:00:47 +0100] "GET /wp-login.php HTTP/1.1" 200 1122 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 202.46.129.204 - - [08/Dec/2019:09:00:48 +0100] "POST /wp-login.php HTTP/1.1" 200 1503 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 202.46.129.204 - - [08/Dec/2019:09:00:49 +0100] "GET /wp-login.php HTTP/1.1" 200 1122 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 202.46.129.204 - - [08/Dec/2019:09:00:50 +0100] "POST /wp-login.php HTTP/1.1" 200 1489 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 202.46.129.204 - - [08/Dec/2019:09:00:50 +0100] "GET /wp-login.php HTTP/1.1" 200 1122 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 202.46.129.204 - - [08/Dec/2019:09:00:51 +0100] "POST /wp-login.php HTTP/1.1" 200 1491 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2019-12-08 16:47:46
202.46.129.200	attackbots	Automatic report - XMLRPC Attack	2019-12-05 06:03:53
202.46.129.204	attackspam	joshuajohannes.de 202.46.129.204 \[11/Nov/2019:07:27:45 +0100\] "POST /wp-login.php HTTP/1.1" 200 5605 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" joshuajohannes.de 202.46.129.204 \[11/Nov/2019:07:27:47 +0100\] "POST /wp-login.php HTTP/1.1" 200 5570 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0"	2019-11-11 16:48:01
202.46.129.204	attack	[munged]::443 202.46.129.204 - - [08/Nov/2019:05:53:22 +0100] "POST /[munged]: HTTP/1.1" 200 6092 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2019-11-08 14:05:21
202.46.129.204	attackbotsspam	www.lust-auf-land.com 202.46.129.204 \[02/Nov/2019:07:04:01 +0100\] "POST /wp-login.php HTTP/1.1" 200 5827 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" www.lust-auf-land.com 202.46.129.204 \[02/Nov/2019:07:04:02 +0100\] "POST /wp-login.php HTTP/1.1" 200 5786 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0"	2019-11-02 15:42:18
202.46.129.204	attackspambots	kidness.family 202.46.129.204 \[30/Oct/2019:21:26:00 +0100\] "POST /wp-login.php HTTP/1.1" 200 5618 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" kidness.family 202.46.129.204 \[30/Oct/2019:21:26:02 +0100\] "POST /wp-login.php HTTP/1.1" 200 5572 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0"	2019-10-31 06:57:47
202.46.1.25	attackspambots	Oct 21 10:26:24 dedicated sshd[19790]: Invalid user zmkm from 202.46.1.25 port 51990	2019-10-21 16:53:30
202.46.1.25	attackbotsspam	Oct 18 10:20:13 tux-35-217 sshd\[27232\]: Invalid user xi from 202.46.1.25 port 53490 Oct 18 10:20:13 tux-35-217 sshd\[27232\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.46.1.25 Oct 18 10:20:15 tux-35-217 sshd\[27232\]: Failed password for invalid user xi from 202.46.1.25 port 53490 ssh2 Oct 18 10:24:38 tux-35-217 sshd\[27244\]: Invalid user matt from 202.46.1.25 port 35986 Oct 18 10:24:38 tux-35-217 sshd\[27244\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.46.1.25 ...	2019-10-18 16:29:13
202.46.129.204	attack	C1,WP GET /suche/wp-login.php	2019-10-16 07:31:54
202.46.129.204	attackspam	WordPress wp-login brute force :: 202.46.129.204 0.044 BYPASS [05/Oct/2019:21:41:44 1000] [censored_2] "POST /wp-login.php HTTP/1.1" 200 4630 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2019-10-05 19:51:48

Whois info:

Dig info:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 202.46.1.74
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 34125
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;202.46.1.74.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019060301 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Tue Jun 04 02:01:20 CST 2019
;; MSG SIZE  rcvd: 115

Host info

Host 74.1.46.202.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 74.1.46.202.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
103.120.224.150	attack	Invalid user azman from 103.120.224.150 port 9509	2019-07-19 01:46:50
113.181.20.15	attackspam	Automatic report - Port Scan Attack	2019-07-19 01:25:31
27.147.169.73	attack	ssh failed login	2019-07-19 01:56:17
159.65.242.16	attackspambots	Jul 18 19:25:54 vps691689 sshd[10708]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.65.242.16 Jul 18 19:25:56 vps691689 sshd[10708]: Failed password for invalid user nc from 159.65.242.16 port 43446 ssh2 Jul 18 19:30:26 vps691689 sshd[10755]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.65.242.16 ...	2019-07-19 01:35:40
203.183.40.240	attackbotsspam	Jul 18 18:02:03 MK-Soft-Root1 sshd\[12999\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=203.183.40.240 user=root Jul 18 18:02:05 MK-Soft-Root1 sshd\[12999\]: Failed password for root from 203.183.40.240 port 34108 ssh2 Jul 18 18:07:24 MK-Soft-Root1 sshd\[13779\]: Invalid user devuser from 203.183.40.240 port 60202 Jul 18 18:07:24 MK-Soft-Root1 sshd\[13779\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=203.183.40.240 ...	2019-07-19 01:14:35
220.132.75.167	attackspam	$f2bV_matches	2019-07-19 01:17:42
36.66.188.183	attackspambots	2019-07-18T17:30:33.689492abusebot-5.cloudsearch.cf sshd\[8298\]: Invalid user riina from 36.66.188.183 port 41706	2019-07-19 01:42:41
104.248.183.0	attackspambots	Jul 18 13:37:14 master sshd[27312]: Failed password for invalid user edward from 104.248.183.0 port 50060 ssh2 Jul 18 13:44:23 master sshd[27336]: Failed password for invalid user anirudh from 104.248.183.0 port 52324 ssh2 Jul 18 13:50:51 master sshd[27348]: Failed password for invalid user david from 104.248.183.0 port 50536 ssh2 Jul 18 13:57:13 master sshd[27371]: Failed password for invalid user rancid from 104.248.183.0 port 48758 ssh2 Jul 18 14:03:49 master sshd[27676]: Failed password for invalid user bei from 104.248.183.0 port 46968 ssh2 Jul 18 14:10:06 master sshd[27703]: Failed password for invalid user lorenzo from 104.248.183.0 port 45184 ssh2 Jul 18 14:16:26 master sshd[27717]: Failed password for invalid user admin from 104.248.183.0 port 43396 ssh2 Jul 18 14:22:54 master sshd[27739]: Failed password for invalid user ubuntu from 104.248.183.0 port 41610 ssh2 Jul 18 14:29:00 master sshd[27766]: Failed password for invalid user ehsan from 104.248.183.0 port 39824 ssh2 Jul 18 14:35:18 master sshd[2	2019-07-19 01:46:34
99.46.143.22	attackspambots	Jul 18 18:12:05 localhost sshd\[29904\]: Invalid user ines from 99.46.143.22 port 36616 Jul 18 18:12:05 localhost sshd\[29904\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=99.46.143.22 ...	2019-07-19 01:26:07
81.173.49.96	attackbotsspam	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-07-18 09:02:48,608 INFO [amun_request_handler] PortScan Detected on Port: 445 (81.173.49.96)	2019-07-19 01:08:48
189.62.155.72	attack	Jul 16 06:31:31 cumulus sshd[24972]: Invalid user miner from 189.62.155.72 port 41025 Jul 16 06:31:31 cumulus sshd[24972]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=189.62.155.72 Jul 16 06:31:33 cumulus sshd[24972]: Failed password for invalid user miner from 189.62.155.72 port 41025 ssh2 Jul 16 06:31:33 cumulus sshd[24972]: Received disconnect from 189.62.155.72 port 41025:11: Bye Bye [preauth] Jul 16 06:31:33 cumulus sshd[24972]: Disconnected from 189.62.155.72 port 41025 [preauth] Jul 16 06:45:19 cumulus sshd[25903]: Invalid user sammy from 189.62.155.72 port 28993 Jul 16 06:45:19 cumulus sshd[25903]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=189.62.155.72 Jul 16 06:45:21 cumulus sshd[25903]: Failed password for invalid user sammy from 189.62.155.72 port 28993 ssh2 Jul 16 06:45:22 cumulus sshd[25903]: Received disconnect from 189.62.155.72 port 28993:11: Bye Bye [preauth] Jul ........ -------------------------------	2019-07-19 01:48:37
112.140.185.64	attackspambots	Jul 18 18:23:37 srv-4 sshd\[22750\]: Invalid user sharon from 112.140.185.64 Jul 18 18:23:37 srv-4 sshd\[22750\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.140.185.64 Jul 18 18:23:39 srv-4 sshd\[22750\]: Failed password for invalid user sharon from 112.140.185.64 port 33277 ssh2 ...	2019-07-19 01:39:31
88.121.72.24	attack	$f2bV_matches	2019-07-19 01:27:01
88.249.98.35	attackspam	MultiHost/MultiPort Probe, Scan, Hack -	2019-07-19 01:52:44
36.67.226.223	attack	Jul 18 13:36:56 vps200512 sshd\[8603\]: Invalid user prueba from 36.67.226.223 Jul 18 13:36:56 vps200512 sshd\[8603\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=36.67.226.223 Jul 18 13:36:58 vps200512 sshd\[8603\]: Failed password for invalid user prueba from 36.67.226.223 port 45352 ssh2 Jul 18 13:42:38 vps200512 sshd\[8766\]: Invalid user web from 36.67.226.223 Jul 18 13:42:38 vps200512 sshd\[8766\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=36.67.226.223	2019-07-19 01:55:52

Recently Reported IPs

233.197.205.198	243.135.84.203	142.126.140.21	207.219.97.161
26.194.78.73	188.241.222.221	120.126.64.146	191.53.249.139
191.53.112.170	128.199.75.133	163.53.75.237	1.212.157.115
185.247.20.162	85.192.165.50	58.145.168.162	3.5.234.172
51.79.29.144	178.170.254.175	219.146.196.114	173.254.251.250