Must be a valid IPv4 or IPv6 ip address, e.g. 127.0.0.1 or 2001:DB8:0:0:8:800:200C:417A
Basic Info

City: unknown

Region: unknown

Country: Netherlands

Internet Service Provider: Bunea Telecom SRL

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:
Type Details Datetime
attackspam
Oct 13 20:18:40 sshgateway sshd\[2360\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.148.10.28  user=root
Oct 13 20:18:43 sshgateway sshd\[2360\]: Failed password for root from 45.148.10.28 port 40178 ssh2
Oct 13 20:19:07 sshgateway sshd\[2364\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.148.10.28  user=root
2020-10-14 02:28:44
attackbotsspam
SSH Server Abuse (45.148.10.28 as ): 
...
2020-10-13 17:43:00
attack
Fail2Ban automatic report:
SSH brute-force:
2020-10-11 21:05:28
attackbots
Invalid user admin from 45.148.10.28 port 54486
2020-10-11 13:02:47
attack
(sshd) Failed SSH login from 45.148.10.28 (NL/Netherlands/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Oct 10 18:11:52 server sshd[3299]: Did not receive identification string from 45.148.10.28 port 52168
Oct 10 18:12:20 server sshd[3354]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.148.10.28  user=root
Oct 10 18:12:22 server sshd[3354]: Failed password for root from 45.148.10.28 port 37802 ssh2
Oct 10 18:13:02 server sshd[3662]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.148.10.28  user=root
Oct 10 18:13:04 server sshd[3662]: Failed password for root from 45.148.10.28 port 35472 ssh2
2020-10-11 06:25:52
attackspam
[ssh] SSH attack
2020-10-07 03:45:49
attackbots
Fail2Ban Ban Triggered
2020-10-06 19:47:54
attack
Oct  2 17:34:33 abendstille sshd\[21303\]: Invalid user ansible from 45.148.10.28
Oct  2 17:34:33 abendstille sshd\[21303\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.148.10.28
Oct  2 17:34:35 abendstille sshd\[21303\]: Failed password for invalid user ansible from 45.148.10.28 port 35878 ssh2
Oct  2 17:35:06 abendstille sshd\[21770\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.148.10.28  user=root
Oct  2 17:35:09 abendstille sshd\[21770\]: Failed password for root from 45.148.10.28 port 36076 ssh2
...
2020-10-02 23:53:52
attackspam
Oct  2 12:20:39 shared-1 sshd\[20707\]: Invalid user webadmin from 45.148.10.28Oct  2 12:21:11 shared-1 sshd\[20732\]: Invalid user jira from 45.148.10.28
...
2020-10-02 20:25:02
attack
$f2bV_matches
2020-10-02 16:57:22
attackspambots
 TCP (SYN) 45.148.10.28:55843 -> port 22, len 44
2020-10-02 13:18:57
attackspambots
 TCP (SYN) 45.148.10.28:36836 -> port 8080, len 44
2020-09-13 23:10:43
attack
 TCP (SYN) 45.148.10.28:56514 -> port 80, len 40
2020-09-13 15:04:31
attackbots
Brute force attack stopped by firewall
2020-09-13 06:47:51
attackbotsspam
 TCP (SYN) 45.148.10.28:52597 -> port 80, len 44
2020-09-08 22:50:07
attackspambots
Looking for boaform
2020-09-08 14:36:38
attackspambots
srv02 Mass scanning activity detected Target: 8080(http-alt) ..
2020-09-08 07:06:53
attack
firewall-block, port(s): 8080/tcp
2020-09-06 23:02:45
attackbots
srvr1: (mod_security) mod_security (id:920350) triggered by 45.148.10.28 (AD/-/-): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_MODSEC; Logs: 2020/09/06 06:18:52 [error] 47544#0: *100361 [client 45.148.10.28] ModSecurity: Access denied with code 406 (phase 2). Matched "Operator `Rx' with parameter `^[\d.:]+$' against variable `REQUEST_HEADERS:Host'  [redacted] [file "/etc/modsecurity.d/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "718"] [id "920350"] [rev ""] [msg "Host header is a numeric IP address"] [redacted] [severity "4"] [ver "OWASP_CRS/3.3.0"] [maturity "0"] [accuracy "0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/210/272"] [tag "PCI/6.5.10"] [redacted] [uri "/boaform/admin/formLogin"] [unique_id "159937313244.541040"] [ref "o0,16v45,16"], client: 45.148.10.28, [redacted] request: "POST /boaform/admin/formLogin HTTP/1.1" [redacted]
2020-09-06 14:33:01
attackbots
 TCP (SYN) 45.148.10.28:39138 -> port 80, len 44
2020-09-06 06:40:47
attackbots
Scanning an empty webserver with deny all robots.txt
2020-09-05 03:18:46
attackbots
Scanner : /boaform/admin/formLogin
2020-09-04 18:46:41
attackspambots
Aug 31 15:51:35 : SSH login attempts with invalid user
2020-09-01 06:22:00
Comments on same subnet:
IP Type Details Datetime
45.148.10.247 botsattack
45.148.10.247/Trojan Linux
2025-11-19 14:09:00
45.148.10.241 attack
DDoS Inbound
2023-11-15 18:54:04
45.148.10.15 attackspambots
Bruteforce detected by fail2ban
2020-10-13 21:25:53
45.148.10.186 attackspam
Unable to negotiate with 45.148.10.186 port 47964: no matching key exchange method found. Their offer: diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1 [preauth]
2020-10-13 21:24:21
45.148.10.15 attackbotsspam
Oct 13 05:18:03 server2 sshd\[31409\]: Invalid user user from 45.148.10.15
Oct 13 05:18:48 server2 sshd\[31424\]: Invalid user server from 45.148.10.15
Oct 13 05:19:33 server2 sshd\[31465\]: Invalid user steam from 45.148.10.15
Oct 13 05:20:17 server2 sshd\[31678\]: Invalid user vmware from 45.148.10.15
Oct 13 05:21:00 server2 sshd\[31685\]: Invalid user microsoft from 45.148.10.15
Oct 13 05:21:44 server2 sshd\[31730\]: Invalid user cloud from 45.148.10.15
2020-10-13 12:52:46
45.148.10.186 attackspam
Oct 13 05:33:03 ns308116 sshd[11001]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.148.10.186  user=root
Oct 13 05:33:05 ns308116 sshd[11001]: Failed password for root from 45.148.10.186 port 41866 ssh2
Oct 13 05:33:38 ns308116 sshd[11016]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.148.10.186  user=root
Oct 13 05:33:40 ns308116 sshd[11016]: Failed password for root from 45.148.10.186 port 39380 ssh2
Oct 13 05:34:15 ns308116 sshd[11027]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.148.10.186  user=root
...
2020-10-13 12:50:57
45.148.10.15 attack
Oct 12 23:36:06 srv-ubuntu-dev3 sshd[31523]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.148.10.15
Oct 12 23:36:06 srv-ubuntu-dev3 sshd[31523]: Invalid user user from 45.148.10.15
Oct 12 23:36:08 srv-ubuntu-dev3 sshd[31523]: Failed password for invalid user user from 45.148.10.15 port 40704 ssh2
Oct 12 23:36:38 srv-ubuntu-dev3 sshd[31590]: Invalid user 123Diego from 45.148.10.15
Oct 12 23:36:38 srv-ubuntu-dev3 sshd[31590]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.148.10.15
Oct 12 23:36:38 srv-ubuntu-dev3 sshd[31590]: Invalid user 123Diego from 45.148.10.15
Oct 12 23:36:40 srv-ubuntu-dev3 sshd[31590]: Failed password for invalid user 123Diego from 45.148.10.15 port 59760 ssh2
Oct 12 23:37:17 srv-ubuntu-dev3 sshd[31656]: Invalid user Alphanetworks from 45.148.10.15
Oct 12 23:37:17 srv-ubuntu-dev3 sshd[31656]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rh
...
2020-10-13 05:40:39
45.148.10.186 attack
Fail2Ban
2020-10-13 05:39:02
45.148.10.15 attackbotsspam
Fail2Ban
2020-10-12 05:52:51
45.148.10.65 attackbots
Invalid user ubuntu from 45.148.10.65 port 43138
2020-10-12 05:36:52
45.148.10.15 attack
Brute force attempt
2020-10-11 21:59:38
45.148.10.65 attackspam
Oct 01 10:49:15 host sshd[12378]: Invalid user ubuntu from 45.148.10.65 port 41060
2020-10-11 21:43:21
45.148.10.15 attackspam
Cowrie Honeypot: 10 unauthorised SSH/Telnet login attempts between 2020-10-11T05:41:40Z and 2020-10-11T05:47:54Z
2020-10-11 13:57:38
45.148.10.65 attackspam
Unauthorized connection attempt detected from IP address 45.148.10.65 to port 22
2020-10-11 13:40:50
45.148.10.15 attack
Oct 11 01:15:04 rotator sshd\[26401\]: Failed password for root from 45.148.10.15 port 40526 ssh2Oct 11 01:15:48 rotator sshd\[27150\]: Failed password for root from 45.148.10.15 port 59498 ssh2Oct 11 01:16:29 rotator sshd\[27159\]: Failed password for root from 45.148.10.15 port 50118 ssh2Oct 11 01:17:11 rotator sshd\[27170\]: Failed password for root from 45.148.10.15 port 40796 ssh2Oct 11 01:17:49 rotator sshd\[27180\]: Invalid user tomcat from 45.148.10.15Oct 11 01:17:51 rotator sshd\[27180\]: Failed password for invalid user tomcat from 45.148.10.15 port 59744 ssh2
...
2020-10-11 07:19:58
Whois info:
b
Dig info:
; <<>> DiG 9.10.3-P4-Ubuntu <<>> 45.148.10.28
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 12890
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;45.148.10.28.			IN	A

;; AUTHORITY SECTION:
.			352	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020083101 1800 900 604800 86400

;; Query time: 16 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Sep 01 06:21:56 CST 2020
;; MSG SIZE  rcvd: 116
Host info
Host 28.10.148.45.in-addr.arpa. not found: 3(NXDOMAIN)
Nslookup info:
Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 28.10.148.45.in-addr.arpa: NXDOMAIN
Related IP info:
Related comments:
IP Type Details Datetime
87.181.245.86 attackbotsspam
Aug  1 15:09:41 pl3server sshd[1394535]: Bad protocol version identification '' from 87.181.245.86 port 40134
Aug  1 15:09:59 pl3server sshd[1394624]: Invalid user pi from 87.181.245.86
Aug  1 15:10:01 pl3server sshd[1394624]: Failed password for invalid user pi from 87.181.245.86 port 60660 ssh2
Aug  1 15:10:01 pl3server sshd[1394624]: Connection closed by 87.181.245.86 [preauth]


........
-----------------------------------------------
https://www.blocklist.de/en/view.html?ip=87.181.245.86
2019-08-02 04:26:33
187.132.40.131 attack
Aug  1 16:23:24 MK-Soft-VM6 sshd\[9658\]: Invalid user website from 187.132.40.131 port 51289
Aug  1 16:23:24 MK-Soft-VM6 sshd\[9658\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=187.132.40.131
Aug  1 16:23:26 MK-Soft-VM6 sshd\[9658\]: Failed password for invalid user website from 187.132.40.131 port 51289 ssh2
...
2019-08-02 04:22:52
180.149.125.168 attack
Honeypot hit.
2019-08-02 03:52:32
60.30.92.74 attackbotsspam
Automatic report - Banned IP Access
2019-08-02 03:58:36
184.97.48.126 attack
20 attempts against mh-ssh on beach.magehost.pro
2019-08-02 04:12:33
222.232.29.235 attackspam
2019-08-01T17:58:35.820062abusebot-3.cloudsearch.cf sshd\[28764\]: Invalid user frank from 222.232.29.235 port 40830
2019-08-02 04:32:12
148.72.212.161 attackbots
Aug  1 15:57:49 TORMINT sshd\[14499\]: Invalid user randall from 148.72.212.161
Aug  1 15:57:49 TORMINT sshd\[14499\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.72.212.161
Aug  1 15:57:51 TORMINT sshd\[14499\]: Failed password for invalid user randall from 148.72.212.161 port 49596 ssh2
...
2019-08-02 04:03:26
217.41.38.19 attackspam
Automatic report - Banned IP Access
2019-08-02 04:06:45
191.53.236.126 attackspambots
Aug  1 08:17:34 mailman postfix/smtpd[9955]: warning: unknown[191.53.236.126]: SASL PLAIN authentication failed: authentication failure
2019-08-02 04:26:03
218.92.0.182 attack
Aug  1 18:47:00 h2177944 sshd\[26144\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.182  user=root
Aug  1 18:47:02 h2177944 sshd\[26144\]: Failed password for root from 218.92.0.182 port 47980 ssh2
Aug  1 18:47:05 h2177944 sshd\[26144\]: Failed password for root from 218.92.0.182 port 47980 ssh2
Aug  1 18:47:08 h2177944 sshd\[26144\]: Failed password for root from 218.92.0.182 port 47980 ssh2
...
2019-08-02 04:17:53
197.248.100.50 attackbots
8291/tcp
2019-08-02 04:08:20
217.61.20.209 attackbots
Scanning random ports - tries to find possible vulnerable services
2019-08-02 03:55:10
103.218.240.17 attackspambots
2019-08-01T19:28:52.824932abusebot-6.cloudsearch.cf sshd\[23132\]: Invalid user resin from 103.218.240.17 port 49752
2019-08-02 03:49:10
180.96.69.215 attack
Unauthorized SSH login attempts
2019-08-02 04:11:27
206.189.153.178 attack
Aug  1 20:35:38 mout sshd[2832]: Invalid user maurice123 from 206.189.153.178 port 34648
2019-08-02 04:04:50

Recently Reported IPs

154.3.251.117 190.72.32.213 166.151.207.82 23.98.210.9
116.27.126.195 113.112.37.64 100.19.117.215 87.128.101.234
192.36.85.2 223.199.30.230 85.95.9.233 192.71.37.62
116.148.138.158 94.23.9.102 116.31.140.13 206.41.172.60
206.41.172.164 206.41.172.115 202.111.134.234 200.121.139.121