46.45.138.42 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Turkey

Internet Service Provider: Radore Veri Merkezi Hizmetleri A.S.

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Automatic report - Banned IP Access	2019-07-25 06:01:03
attack	46.45.138.42 - - \[11/Jul/2019:16:13:33 +0200\] "POST /wp-login.php HTTP/1.1" 200 2110 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" 46.45.138.42 - - \[11/Jul/2019:16:13:34 +0200\] "POST /wp-login.php HTTP/1.1" 200 2091 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" ...	2019-07-12 02:07:27
attack	[munged]::443 46.45.138.42 - - [05/Jul/2019:20:01:29 +0200] "POST /[munged]: HTTP/1.1" 200 8925 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" [munged]::443 46.45.138.42 - - [05/Jul/2019:20:01:30 +0200] "POST /[munged]: HTTP/1.1" 200 8925 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" [munged]::443 46.45.138.42 - - [05/Jul/2019:20:01:30 +0200] "POST /[munged]: HTTP/1.1" 200 8925 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" [munged]::443 46.45.138.42 - - [05/Jul/2019:20:01:31 +0200] "POST /[munged]: HTTP/1.1" 200 8925 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" [munged]::443 46.45.138.42 - - [05/Jul/2019:20:01:31 +0200] "POST /[munged]: HTTP/1.1" 200 8925 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" [munged]::443 46.45.138.42 - - [05/Jul/2019:20:01:32 +0200] "POST /[munged]: HTTP/1.1" 200 8925 "-" "Mozilla/5.0 (X11; Ubuntu; Li	2019-07-06 06:19:49
attackspam	WordPress login Brute force / Web App Attack on client site.	2019-06-28 22:42:00
attack	Automatic report generated by Wazuh	2019-06-27 07:17:41

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 46.45.138.42
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 63698
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;46.45.138.42.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019051601 1800 900 604800 86400

;; Query time: 1 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Fri May 17 08:50:44 CST 2019
;; MSG SIZE  rcvd: 116

Host info

42.138.45.46.in-addr.arpa domain name pointer .

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
42.138.45.46.in-addr.arpa	name = .

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
181.48.18.130	attackbots	"$f2bV_matches"	2020-10-10 20:56:55
62.94.193.216	attackspam	Cowrie Honeypot: Unauthorised SSH/Telnet login attempt with user "a" at 2020-10-10T01:19:17Z	2020-10-10 20:57:52
111.198.48.204	attack	Oct 10 03:05:18 vps46666688 sshd[8675]: Failed password for root from 111.198.48.204 port 36570 ssh2 ...	2020-10-10 21:08:40
217.182.23.55	attackspambots	Oct 10 14:13:05 hidden sshd[51926]: Failed password for hidden from 217.182.23.55 port 59602 ssh2 Oct 10 14:14:50 hidden sshd[52530]: Invalid user httpd from 217.182.23.55 port 34220 Oct 10 14:14:50 hidden sshd[52530]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=217.182.23.55 Oct 10 14:14:52 hidden sshd[52530]: Failed password for invalid user httpd from 217.182.23.55 port 34220 ssh2 Oct 10 14:16:37 hidden sshd[53207]: Invalid user vnc from 217.182.23.55 port 37106	2020-10-10 21:02:01
49.235.38.46	attackspam	Oct 10 13:24:34 rocket sshd[2309]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.235.38.46 Oct 10 13:24:36 rocket sshd[2309]: Failed password for invalid user testuser from 49.235.38.46 port 38428 ssh2 ...	2020-10-10 20:39:29
212.64.38.151	attack	Oct 9 09:31:27 kunden sshd[27789]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=212.64.38.151 user=dovecot Oct 9 09:31:29 kunden sshd[27789]: Failed password for dovecot from 212.64.38.151 port 37470 ssh2 Oct 9 09:31:30 kunden sshd[27789]: Received disconnect from 212.64.38.151: 11: Bye Bye [preauth] Oct 9 09:43:00 kunden sshd[4715]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=212.64.38.151 user=r.r Oct 9 09:43:01 kunden sshd[4715]: Failed password for r.r from 212.64.38.151 port 57384 ssh2 Oct 9 09:43:02 kunden sshd[4715]: Received disconnect from 212.64.38.151: 11: Bye Bye [preauth] Oct 9 09:46:07 kunden sshd[8089]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=212.64.38.151 user=r.r Oct 9 09:46:08 kunden sshd[8089]: Failed password for r.r from 212.64.38.151 port 60704 ssh2 Oct 9 09:46:09 kunden sshd[8089]: Received disconnect f........ -------------------------------	2020-10-10 20:59:47
209.137.225.43	attack	1602276225 - 10/09/2020 22:43:45 Host: 209.137.225.43/209.137.225.43 Port: 22 TCP Blocked	2020-10-10 21:05:19
178.128.158.86	attackspam	178.128.158.86 - - [10/Oct/2020:11:47:57 +0100] "POST /wp-login.php HTTP/1.1" 200 2259 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 178.128.158.86 - - [10/Oct/2020:11:47:59 +0100] "POST /wp-login.php HTTP/1.1" 200 2243 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 178.128.158.86 - - [10/Oct/2020:11:48:00 +0100] "POST /wp-login.php HTTP/1.1" 200 2240 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-10-10 20:53:56
142.93.254.122	attackspam	$f2bV_matches	2020-10-10 20:58:56
61.19.127.228	attack	Oct 10 11:52:51 cho sshd[359831]: Invalid user server from 61.19.127.228 port 40376 Oct 10 11:52:51 cho sshd[359831]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.19.127.228 Oct 10 11:52:51 cho sshd[359831]: Invalid user server from 61.19.127.228 port 40376 Oct 10 11:52:53 cho sshd[359831]: Failed password for invalid user server from 61.19.127.228 port 40376 ssh2 Oct 10 11:57:44 cho sshd[360091]: Invalid user pcap from 61.19.127.228 port 46644 ...	2020-10-10 21:02:37
149.202.56.228	attack	Oct 10 15:27:08 ift sshd\[60085\]: Invalid user wwwuser from 149.202.56.228Oct 10 15:27:10 ift sshd\[60085\]: Failed password for invalid user wwwuser from 149.202.56.228 port 56200 ssh2Oct 10 15:30:48 ift sshd\[60520\]: Invalid user coco from 149.202.56.228Oct 10 15:30:50 ift sshd\[60520\]: Failed password for invalid user coco from 149.202.56.228 port 36312 ssh2Oct 10 15:34:24 ift sshd\[60886\]: Failed password for root from 149.202.56.228 port 44366 ssh2 ...	2020-10-10 21:03:29
58.234.158.62	attack	" "	2020-10-10 20:48:33
150.136.169.139	attackbots	Oct 10 11:37:18 jumpserver sshd[633862]: Failed password for invalid user ftp from 150.136.169.139 port 14382 ssh2 Oct 10 11:40:47 jumpserver sshd[633940]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=150.136.169.139 user=root Oct 10 11:40:49 jumpserver sshd[633940]: Failed password for root from 150.136.169.139 port 44908 ssh2 ...	2020-10-10 21:03:43
176.122.156.32	attackbots	Oct 10 06:35:14 george sshd[29058]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=176.122.156.32 user=root Oct 10 06:35:16 george sshd[29058]: Failed password for root from 176.122.156.32 port 37900 ssh2 Oct 10 06:40:02 george sshd[29185]: Invalid user file from 176.122.156.32 port 43784 Oct 10 06:40:02 george sshd[29185]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=176.122.156.32 Oct 10 06:40:04 george sshd[29185]: Failed password for invalid user file from 176.122.156.32 port 43784 ssh2 ...	2020-10-10 20:29:25
111.229.48.141	attackspam	Oct 10 10:22:51 cho sshd[354856]: Invalid user cvs from 111.229.48.141 port 51788 Oct 10 10:22:51 cho sshd[354856]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.229.48.141 Oct 10 10:22:51 cho sshd[354856]: Invalid user cvs from 111.229.48.141 port 51788 Oct 10 10:22:53 cho sshd[354856]: Failed password for invalid user cvs from 111.229.48.141 port 51788 ssh2 Oct 10 10:27:52 cho sshd[355161]: Invalid user majordom from 111.229.48.141 port 48500 ...	2020-10-10 20:52:25

Recently Reported IPs

139.92.26.208	226.85.21.197	25.104.239.109	5.158.50.63
33.70.211.108	236.232.124.124	206.174.174.115	228.172.118.254
177.52.246.170	75.246.174.6	48.26.158.123	101.68.70.14
122.225.76.214	186.10.88.130	233.8.125.184	173.66.230.4
187.4.52.2	103.227.176.19	103.54.216.186	139.159.48.123