45.148.10.28 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Netherlands

Internet Service Provider: Bunea Telecom SRL

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspam	Oct 13 20:18:40 sshgateway sshd\[2360\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.148.10.28 user=root Oct 13 20:18:43 sshgateway sshd\[2360\]: Failed password for root from 45.148.10.28 port 40178 ssh2 Oct 13 20:19:07 sshgateway sshd\[2364\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.148.10.28 user=root	2020-10-14 02:28:44
attackbotsspam	SSH Server Abuse (45.148.10.28 as ): ...	2020-10-13 17:43:00
attack	Fail2Ban automatic report: SSH brute-force:	2020-10-11 21:05:28
attackbots	Invalid user admin from 45.148.10.28 port 54486	2020-10-11 13:02:47
attack	(sshd) Failed SSH login from 45.148.10.28 (NL/Netherlands/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Oct 10 18:11:52 server sshd[3299]: Did not receive identification string from 45.148.10.28 port 52168 Oct 10 18:12:20 server sshd[3354]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.148.10.28 user=root Oct 10 18:12:22 server sshd[3354]: Failed password for root from 45.148.10.28 port 37802 ssh2 Oct 10 18:13:02 server sshd[3662]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.148.10.28 user=root Oct 10 18:13:04 server sshd[3662]: Failed password for root from 45.148.10.28 port 35472 ssh2	2020-10-11 06:25:52
attackspam	[ssh] SSH attack	2020-10-07 03:45:49
attackbots	Fail2Ban Ban Triggered	2020-10-06 19:47:54
attack	Oct 2 17:34:33 abendstille sshd\[21303\]: Invalid user ansible from 45.148.10.28 Oct 2 17:34:33 abendstille sshd\[21303\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.148.10.28 Oct 2 17:34:35 abendstille sshd\[21303\]: Failed password for invalid user ansible from 45.148.10.28 port 35878 ssh2 Oct 2 17:35:06 abendstille sshd\[21770\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.148.10.28 user=root Oct 2 17:35:09 abendstille sshd\[21770\]: Failed password for root from 45.148.10.28 port 36076 ssh2 ...	2020-10-02 23:53:52
attackspam	Oct 2 12:20:39 shared-1 sshd\[20707\]: Invalid user webadmin from 45.148.10.28Oct 2 12:21:11 shared-1 sshd\[20732\]: Invalid user jira from 45.148.10.28 ...	2020-10-02 20:25:02
attack	$f2bV_matches	2020-10-02 16:57:22
attackspambots	TCP (SYN) 45.148.10.28:55843 -> port 22, len 44	2020-10-02 13:18:57
attackspambots	TCP (SYN) 45.148.10.28:36836 -> port 8080, len 44	2020-09-13 23:10:43
attack	TCP (SYN) 45.148.10.28:56514 -> port 80, len 40	2020-09-13 15:04:31
attackbots	Brute force attack stopped by firewall	2020-09-13 06:47:51
attackbotsspam	TCP (SYN) 45.148.10.28:52597 -> port 80, len 44	2020-09-08 22:50:07
attackspambots	Looking for boaform	2020-09-08 14:36:38
attackspambots	srv02 Mass scanning activity detected Target: 8080(http-alt) ..	2020-09-08 07:06:53
attack	firewall-block, port(s): 8080/tcp	2020-09-06 23:02:45
attackbots	srvr1: (mod_security) mod_security (id:920350) triggered by 45.148.10.28 (AD/-/-): 1 in the last 3600 secs; Ports: ; Direction: inout; Trigger: LF_MODSEC; Logs: 2020/09/06 06:18:52 [error] 47544#0: 100361 [client 45.148.10.28] ModSecurity: Access denied with code 406 (phase 2). Matched "Operator `Rx' with parameter `^[\d.:]+$' against variable `REQUEST_HEADERS:Host' [redacted] [file "/etc/modsecurity.d/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "718"] [id "920350"] [rev ""] [msg "Host header is a numeric IP address"] [redacted] [severity "4"] [ver "OWASP_CRS/3.3.0"] [maturity "0"] [accuracy "0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/210/272"] [tag "PCI/6.5.10"] [redacted] [uri "/boaform/admin/formLogin"] [unique_id "159937313244.541040"] [ref "o0,16v45,16"], client: 45.148.10.28, [redacted] request: "POST /boaform/admin/formLogin HTTP/1.1" [redacted]	2020-09-06 14:33:01
attackbots	TCP (SYN) 45.148.10.28:39138 -> port 80, len 44	2020-09-06 06:40:47
attackbots	Scanning an empty webserver with deny all robots.txt	2020-09-05 03:18:46
attackbots	Scanner : /boaform/admin/formLogin	2020-09-04 18:46:41
attackspambots	Aug 31 15:51:35 : SSH login attempts with invalid user	2020-09-01 06:22:00

Comments on same subnet:

IP	Type	Details	Datetime
45.148.10.247	botsattack	45.148.10.247/Trojan Linux	2025-11-19 14:09:00
45.148.10.241	attack	DDoS Inbound	2023-11-15 18:54:04
45.148.10.15	attackspambots	Bruteforce detected by fail2ban	2020-10-13 21:25:53
45.148.10.186	attackspam	Unable to negotiate with 45.148.10.186 port 47964: no matching key exchange method found. Their offer: diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1 [preauth]	2020-10-13 21:24:21
45.148.10.15	attackbotsspam	Oct 13 05:18:03 server2 sshd\[31409\]: Invalid user user from 45.148.10.15 Oct 13 05:18:48 server2 sshd\[31424\]: Invalid user server from 45.148.10.15 Oct 13 05:19:33 server2 sshd\[31465\]: Invalid user steam from 45.148.10.15 Oct 13 05:20:17 server2 sshd\[31678\]: Invalid user vmware from 45.148.10.15 Oct 13 05:21:00 server2 sshd\[31685\]: Invalid user microsoft from 45.148.10.15 Oct 13 05:21:44 server2 sshd\[31730\]: Invalid user cloud from 45.148.10.15	2020-10-13 12:52:46
45.148.10.186	attackspam	Oct 13 05:33:03 ns308116 sshd[11001]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.148.10.186 user=root Oct 13 05:33:05 ns308116 sshd[11001]: Failed password for root from 45.148.10.186 port 41866 ssh2 Oct 13 05:33:38 ns308116 sshd[11016]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.148.10.186 user=root Oct 13 05:33:40 ns308116 sshd[11016]: Failed password for root from 45.148.10.186 port 39380 ssh2 Oct 13 05:34:15 ns308116 sshd[11027]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.148.10.186 user=root ...	2020-10-13 12:50:57
45.148.10.15	attack	Oct 12 23:36:06 srv-ubuntu-dev3 sshd[31523]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.148.10.15 Oct 12 23:36:06 srv-ubuntu-dev3 sshd[31523]: Invalid user user from 45.148.10.15 Oct 12 23:36:08 srv-ubuntu-dev3 sshd[31523]: Failed password for invalid user user from 45.148.10.15 port 40704 ssh2 Oct 12 23:36:38 srv-ubuntu-dev3 sshd[31590]: Invalid user 123Diego from 45.148.10.15 Oct 12 23:36:38 srv-ubuntu-dev3 sshd[31590]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.148.10.15 Oct 12 23:36:38 srv-ubuntu-dev3 sshd[31590]: Invalid user 123Diego from 45.148.10.15 Oct 12 23:36:40 srv-ubuntu-dev3 sshd[31590]: Failed password for invalid user 123Diego from 45.148.10.15 port 59760 ssh2 Oct 12 23:37:17 srv-ubuntu-dev3 sshd[31656]: Invalid user Alphanetworks from 45.148.10.15 Oct 12 23:37:17 srv-ubuntu-dev3 sshd[31656]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rh ...	2020-10-13 05:40:39
45.148.10.186	attack	Fail2Ban	2020-10-13 05:39:02
45.148.10.15	attackbotsspam	Fail2Ban	2020-10-12 05:52:51
45.148.10.65	attackbots	Invalid user ubuntu from 45.148.10.65 port 43138	2020-10-12 05:36:52
45.148.10.15	attack	Brute force attempt	2020-10-11 21:59:38
45.148.10.65	attackspam	Oct 01 10:49:15 host sshd[12378]: Invalid user ubuntu from 45.148.10.65 port 41060	2020-10-11 21:43:21
45.148.10.15	attackspam	Cowrie Honeypot: 10 unauthorised SSH/Telnet login attempts between 2020-10-11T05:41:40Z and 2020-10-11T05:47:54Z	2020-10-11 13:57:38
45.148.10.65	attackspam	Unauthorized connection attempt detected from IP address 45.148.10.65 to port 22	2020-10-11 13:40:50
45.148.10.15	attack	Oct 11 01:15:04 rotator sshd\[26401\]: Failed password for root from 45.148.10.15 port 40526 ssh2Oct 11 01:15:48 rotator sshd\[27150\]: Failed password for root from 45.148.10.15 port 59498 ssh2Oct 11 01:16:29 rotator sshd\[27159\]: Failed password for root from 45.148.10.15 port 50118 ssh2Oct 11 01:17:11 rotator sshd\[27170\]: Failed password for root from 45.148.10.15 port 40796 ssh2Oct 11 01:17:49 rotator sshd\[27180\]: Invalid user tomcat from 45.148.10.15Oct 11 01:17:51 rotator sshd\[27180\]: Failed password for invalid user tomcat from 45.148.10.15 port 59744 ssh2 ...	2020-10-11 07:19:58

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 45.148.10.28
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 12890
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;45.148.10.28.			IN	A

;; AUTHORITY SECTION:
.			352	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020083101 1800 900 604800 86400

;; Query time: 16 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Sep 01 06:21:56 CST 2020
;; MSG SIZE  rcvd: 116

Host info

Host 28.10.148.45.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 28.10.148.45.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
87.181.245.86	attackbotsspam	Aug 1 15:09:41 pl3server sshd[1394535]: Bad protocol version identification '' from 87.181.245.86 port 40134 Aug 1 15:09:59 pl3server sshd[1394624]: Invalid user pi from 87.181.245.86 Aug 1 15:10:01 pl3server sshd[1394624]: Failed password for invalid user pi from 87.181.245.86 port 60660 ssh2 Aug 1 15:10:01 pl3server sshd[1394624]: Connection closed by 87.181.245.86 [preauth] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=87.181.245.86	2019-08-02 04:26:33
187.132.40.131	attack	Aug 1 16:23:24 MK-Soft-VM6 sshd\[9658\]: Invalid user website from 187.132.40.131 port 51289 Aug 1 16:23:24 MK-Soft-VM6 sshd\[9658\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=187.132.40.131 Aug 1 16:23:26 MK-Soft-VM6 sshd\[9658\]: Failed password for invalid user website from 187.132.40.131 port 51289 ssh2 ...	2019-08-02 04:22:52
180.149.125.168	attack	Honeypot hit.	2019-08-02 03:52:32
60.30.92.74	attackbotsspam	Automatic report - Banned IP Access	2019-08-02 03:58:36
184.97.48.126	attack	20 attempts against mh-ssh on beach.magehost.pro	2019-08-02 04:12:33
222.232.29.235	attackspam	2019-08-01T17:58:35.820062abusebot-3.cloudsearch.cf sshd\[28764\]: Invalid user frank from 222.232.29.235 port 40830	2019-08-02 04:32:12
148.72.212.161	attackbots	Aug 1 15:57:49 TORMINT sshd\[14499\]: Invalid user randall from 148.72.212.161 Aug 1 15:57:49 TORMINT sshd\[14499\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.72.212.161 Aug 1 15:57:51 TORMINT sshd\[14499\]: Failed password for invalid user randall from 148.72.212.161 port 49596 ssh2 ...	2019-08-02 04:03:26
217.41.38.19	attackspam	Automatic report - Banned IP Access	2019-08-02 04:06:45
191.53.236.126	attackspambots	Aug 1 08:17:34 mailman postfix/smtpd[9955]: warning: unknown[191.53.236.126]: SASL PLAIN authentication failed: authentication failure	2019-08-02 04:26:03
218.92.0.182	attack	Aug 1 18:47:00 h2177944 sshd\[26144\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.182 user=root Aug 1 18:47:02 h2177944 sshd\[26144\]: Failed password for root from 218.92.0.182 port 47980 ssh2 Aug 1 18:47:05 h2177944 sshd\[26144\]: Failed password for root from 218.92.0.182 port 47980 ssh2 Aug 1 18:47:08 h2177944 sshd\[26144\]: Failed password for root from 218.92.0.182 port 47980 ssh2 ...	2019-08-02 04:17:53
197.248.100.50	attackbots	8291/tcp	2019-08-02 04:08:20
217.61.20.209	attackbots	Scanning random ports - tries to find possible vulnerable services	2019-08-02 03:55:10
103.218.240.17	attackspambots	2019-08-01T19:28:52.824932abusebot-6.cloudsearch.cf sshd\[23132\]: Invalid user resin from 103.218.240.17 port 49752	2019-08-02 03:49:10
180.96.69.215	attack	Unauthorized SSH login attempts	2019-08-02 04:11:27
206.189.153.178	attack	Aug 1 20:35:38 mout sshd[2832]: Invalid user maurice123 from 206.189.153.178 port 34648	2019-08-02 04:04:50

Recently Reported IPs

154.3.251.117	190.72.32.213	166.151.207.82	23.98.210.9
116.27.126.195	113.112.37.64	100.19.117.215	87.128.101.234
192.36.85.2	223.199.30.230	85.95.9.233	192.71.37.62
116.148.138.158	94.23.9.102	116.31.140.13	206.41.172.60
206.41.172.164	206.41.172.115	202.111.134.234	200.121.139.121