NOTE: Due to excessive queries, page processing has been limited to 10 per minute. Please contact us for bulk data access or try out our API. Do not use this data as a blocklist.

To lookup several IP addresses at the same time, or to just copy/paste a section of a log, use our "Color My Logs" feature.

General Information

Submitter Diversity: Very High
Risk (0-10)details: 6
IP Address (click for more detail): 45.148.10.242
Hostname: 45.148.10.242
Country: RO
AS: 48090
AS Name: DMZHOST, GB
Network: 45.148.10.0/24 (45.148.10.0-45.148.10.255) 45.148.11.0
Reports: 13235
Targets: 530
First Reported: 2024-09-05
Most Recent Report: 2024-10-06
Comment: - none -
Abuse POC Email: abuse@vegatele.com

Note: We update the data once an hour. To refresh the data, click here. Not all source IPs in our database are "attackers". There are a few common false positives. For example, hosts that participate in P2P networks, mail servers, load balancers and DNS servers are some of the most common issues. For details, click on the number of reports. Clicking on the number of reports may allow you to conclude if a report is a false positive or not. Scroll down for information from other data feeds.

SSH/Telnet Logs

no ssh logs.

Web Honeypot Logs

Date Reports Different URLs Different User Agents
2024-10-0713313
2024-10-062011
2024-10-05211
2024-10-02174175
2024-10-01622974
2024-09-30273574
2024-09-29281364
2024-09-28304974
2024-09-27538074
2024-09-26650664
2024-09-25569164
2024-09-24642164
2024-09-23638264
2024-09-22557064

For more details about the web honeypot, see the Weblogs Page. Do not use these reports to identify IP addresses as "bad" for now.

External Threat Feeds

This data was retrieved from various external threat feeds

First Seen Last Seen Feed
2022-03-072024-10-06Port 110 Scanner
2022-03-072024-10-06Port 143 Scanner
2024-09-082024-10-06Port 22 Scanner
2022-03-072024-10-06Port 25 Scanner
2024-09-052024-10-07Port 443 Scanner
2024-09-062024-10-07Port 80 Scanner
2022-03-072024-10-06Port 993 Scanner
2024-09-052024-10-07Apache Web Server Scanner
2024-09-052024-10-06Bruteforce
2022-03-072024-10-06courier imap attacker
2024-09-052024-10-07CI Army List
2024-09-112024-10-07Emergingthreats
Check Threatstop for more data link arrow

Whois Info

    
Sorry, but RIPE blocks our requests. Please check directly at whois.ripe.net


NetRange:       45.138.168.0 - 45.150.57.255
CIDR:           45.148.0.0/15, 45.138.168.0/21, 45.138.192.0/18, 45.139.0.0/16, 45.150.0.0/19, 45.138.176.0/20, 45.140.0.0/14, 45.150.32.0/20, 45.144.0.0/14, 45.150.48.0/21, 45.150.56.0/23
NetName:        RIPE
NetHandle:      NET-45-138-168-0-1
Parent:         NET45 (NET-45-0-0-0-0)
NetType:        Early Registrations, Transferred to RIPE NCC
OriginAS:       
Organization:   RIPE Network Coordination Centre (RIPE)
RegDate:        2014-05-22
Updated:        2021-12-13
Ref:            https://rdap.arin.net/registry/ip/45.138.168.0

ResourceLink:  https://apps.db.ripe.net/search/query.html
ResourceLink:  whois.ripe.net


OrgName:        RIPE Network Coordination Centre
OrgId:          RIPE
Address:        P.O. Box 10096
City:           Amsterdam
StateProv:      
PostalCode:     1001EB
Country:        NL
RegDate:        
Updated:        2013-07-29
Ref:            https://rdap.arin.net/registry/entity/RIPE

ReferralServer:  whois://whois.ripe.net
ResourceLink:  https://apps.db.ripe.net/search/query.html

OrgTechHandle: RNO29-ARIN
OrgTechName:   RIPE NCC Operations
OrgTechPhone:  +31 20 535 4444 
OrgTechEmail:  hostmaster@ripe.net
OrgTechRef:    https://rdap.arin.net/registry/entity/RNO29-ARIN

OrgAbuseHandle: ABUSE3850-ARIN
OrgAbuseName:   Abuse Contact
OrgAbusePhone:  +31205354444 
OrgAbuseEmail:  abuse@ripe.net
OrgAbuseRef:    https://rdap.arin.net/registry/entity/ABUSE3850-ARIN