NOTE: Due to excessive queries, page processing has been limited to 10 per minute. Please contact us for bulk data access or try out our API. Do not use this data as a blocklist.
To lookup several IP addresses at the same time, or to just copy/paste a section of a log, use our "Color My Logs" feature.
General Information
| Submitter Diversity: | Very High |
| Risk (0-10)details: | 6 |
| IP Address (click for more detail): | 45.148.10.242 |
| Hostname: | 45.148.10.242 |
| Country: | RO  |
| AS: | 48090 |
| AS Name: | PPTECHNOLOGY, GB |
| Network: | 45.148.10.0/24 (45.148.10.0-45.148.10.255) 45.148.11.0 |
| Reports: | 13235 |
| Targets: | 530 |
| First Reported: | 2024-09-05 |
| Most Recent Report: | 2024-09-18 |
| Comment: | - none - |
| Abuse POC Email: | abuse@vegatele.com |
Note: We update the data once an hour. To refresh the data, click here. Not all source IPs in our database are "attackers". There are a few common false positives. For example, hosts that participate in P2P networks, mail servers, load balancers and DNS servers are some of the most common issues. For details, click on the number of reports. Clicking on the number of reports may allow you to conclude if a report is a false positive or not. Scroll down for information from other data feeds.
SSH/Telnet Logs
no ssh logs.Web Honeypot Logs
| Date | Reports | Different URLs | Different User Agents |
|---|---|---|---|
| 2024-09-19 | 626 | 6 | 4 |
| 2024-09-18 | 2352 | 6 | 4 |
| 2024-09-17 | 2669 | 6 | 4 |
| 2024-09-16 | 2532 | 6 | 4 |
| 2024-09-15 | 2270 | 8 | 5 |
| 2024-09-14 | 2420 | 6 | 4 |
| 2024-09-13 | 2778 | 5 | 3 |
| 2024-09-12 | 4696 | 8 | 4 |
| 2024-09-11 | 4225 | 5 | 3 |
| 2024-09-10 | 5437 | 6 | 4 |
| 2024-09-09 | 9104 | 6 | 4 |
| 2024-09-08 | 9119 | 6 | 4 |
| 2024-09-07 | 9956 | 5 | 3 |
| 2024-09-06 | 10175 | 5 | 3 |
For more details about the web honeypot, see the Weblogs Page. Do not use these reports to identify IP addresses as "bad" for now.
External Threat Feeds
This data was retrieved from various external threat feeds
| First Seen | Last Seen | Feed |
|---|---|---|
| 2022-03-07 | 2024-09-18 | Port 110 Scanner |
| 2022-03-07 | 2024-09-18 | Port 143 Scanner |
| 2024-09-08 | 2024-09-18 | Port 22 Scanner |
| 2022-03-07 | 2024-09-18 | Port 25 Scanner |
| 2024-09-05 | 2024-09-19 | Port 443 Scanner |
| 2024-09-06 | 2024-09-19 | Port 80 Scanner |
| 2022-03-07 | 2024-09-18 | Port 993 Scanner |
| 2024-09-05 | 2024-09-19 | Apache Web Server Scanner |
| 2024-09-05 | 2024-09-18 | Bruteforce |
| 2022-03-07 | 2024-09-18 | courier imap attacker |
| 2024-09-05 | 2024-09-19 | CI Army List |
| 2024-09-11 | 2024-09-19 | Emergingthreats |
Whois Info
Sorry, but RIPE blocks our requests. Please check directly at whois.ripe.net
NetRange: 45.138.168.0 - 45.150.57.255
CIDR: 45.144.0.0/14, 45.150.48.0/21, 45.138.192.0/18, 45.139.0.0/16, 45.150.32.0/20, 45.140.0.0/14, 45.150.0.0/19, 45.150.56.0/23, 45.138.168.0/21, 45.138.176.0/20, 45.148.0.0/15
NetName: RIPE
NetHandle: NET-45-138-168-0-1
Parent: NET45 (NET-45-0-0-0-0)
NetType: Early Registrations, Transferred to RIPE NCC
OriginAS:
Organization: RIPE Network Coordination Centre (RIPE)
RegDate: 2014-05-22
Updated: 2021-12-13
Ref: https://rdap.arin.net/registry/ip/45.138.168.0
ResourceLink: https://apps.db.ripe.net/search/query.html
ResourceLink: whois.ripe.net
OrgName: RIPE Network Coordination Centre
OrgId: RIPE
Address: P.O. Box 10096
City: Amsterdam
StateProv:
PostalCode: 1001EB
Country: NL
RegDate:
Updated: 2013-07-29
Ref: https://rdap.arin.net/registry/entity/RIPE
ReferralServer: whois://whois.ripe.net
ResourceLink: https://apps.db.ripe.net/search/query.html
OrgAbuseHandle: ABUSE3850-ARIN
OrgAbuseName: Abuse Contact
OrgAbusePhone: +31205354444
OrgAbuseEmail: abuse@ripe.net
OrgAbuseRef: https://rdap.arin.net/registry/entity/ABUSE3850-ARIN
OrgTechHandle: RNO29-ARIN
OrgTechName: RIPE NCC Operations
OrgTechPhone: +31 20 535 4444
OrgTechEmail: hostmaster@ripe.net
OrgTechRef: https://rdap.arin.net/registry/entity/RNO29-ARIN
