Must be a valid IPv4 or IPv6 ip address, e.g. 127.0.0.1 or 2001:DB8:0:0:8:800:200C:417A
Basic Info

City: unknown

Region: unknown

Country: Netherlands

Internet Service Provider: Bunea Telecom SRL

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:
Type Details Datetime
attackspam
Oct 13 20:18:40 sshgateway sshd\[2360\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.148.10.28  user=root
Oct 13 20:18:43 sshgateway sshd\[2360\]: Failed password for root from 45.148.10.28 port 40178 ssh2
Oct 13 20:19:07 sshgateway sshd\[2364\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.148.10.28  user=root
2020-10-14 02:28:44
attackbotsspam
SSH Server Abuse (45.148.10.28 as ): 
...
2020-10-13 17:43:00
attack
Fail2Ban automatic report:
SSH brute-force:
2020-10-11 21:05:28
attackbots
Invalid user admin from 45.148.10.28 port 54486
2020-10-11 13:02:47
attack
(sshd) Failed SSH login from 45.148.10.28 (NL/Netherlands/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Oct 10 18:11:52 server sshd[3299]: Did not receive identification string from 45.148.10.28 port 52168
Oct 10 18:12:20 server sshd[3354]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.148.10.28  user=root
Oct 10 18:12:22 server sshd[3354]: Failed password for root from 45.148.10.28 port 37802 ssh2
Oct 10 18:13:02 server sshd[3662]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.148.10.28  user=root
Oct 10 18:13:04 server sshd[3662]: Failed password for root from 45.148.10.28 port 35472 ssh2
2020-10-11 06:25:52
attackspam
[ssh] SSH attack
2020-10-07 03:45:49
attackbots
Fail2Ban Ban Triggered
2020-10-06 19:47:54
attack
Oct  2 17:34:33 abendstille sshd\[21303\]: Invalid user ansible from 45.148.10.28
Oct  2 17:34:33 abendstille sshd\[21303\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.148.10.28
Oct  2 17:34:35 abendstille sshd\[21303\]: Failed password for invalid user ansible from 45.148.10.28 port 35878 ssh2
Oct  2 17:35:06 abendstille sshd\[21770\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.148.10.28  user=root
Oct  2 17:35:09 abendstille sshd\[21770\]: Failed password for root from 45.148.10.28 port 36076 ssh2
...
2020-10-02 23:53:52
attackspam
Oct  2 12:20:39 shared-1 sshd\[20707\]: Invalid user webadmin from 45.148.10.28Oct  2 12:21:11 shared-1 sshd\[20732\]: Invalid user jira from 45.148.10.28
...
2020-10-02 20:25:02
attack
$f2bV_matches
2020-10-02 16:57:22
attackspambots
 TCP (SYN) 45.148.10.28:55843 -> port 22, len 44
2020-10-02 13:18:57
attackspambots
 TCP (SYN) 45.148.10.28:36836 -> port 8080, len 44
2020-09-13 23:10:43
attack
 TCP (SYN) 45.148.10.28:56514 -> port 80, len 40
2020-09-13 15:04:31
attackbots
Brute force attack stopped by firewall
2020-09-13 06:47:51
attackbotsspam
 TCP (SYN) 45.148.10.28:52597 -> port 80, len 44
2020-09-08 22:50:07
attackspambots
Looking for boaform
2020-09-08 14:36:38
attackspambots
srv02 Mass scanning activity detected Target: 8080(http-alt) ..
2020-09-08 07:06:53
attack
firewall-block, port(s): 8080/tcp
2020-09-06 23:02:45
attackbots
srvr1: (mod_security) mod_security (id:920350) triggered by 45.148.10.28 (AD/-/-): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_MODSEC; Logs: 2020/09/06 06:18:52 [error] 47544#0: *100361 [client 45.148.10.28] ModSecurity: Access denied with code 406 (phase 2). Matched "Operator `Rx' with parameter `^[\d.:]+$' against variable `REQUEST_HEADERS:Host'  [redacted] [file "/etc/modsecurity.d/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "718"] [id "920350"] [rev ""] [msg "Host header is a numeric IP address"] [redacted] [severity "4"] [ver "OWASP_CRS/3.3.0"] [maturity "0"] [accuracy "0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/210/272"] [tag "PCI/6.5.10"] [redacted] [uri "/boaform/admin/formLogin"] [unique_id "159937313244.541040"] [ref "o0,16v45,16"], client: 45.148.10.28, [redacted] request: "POST /boaform/admin/formLogin HTTP/1.1" [redacted]
2020-09-06 14:33:01
attackbots
 TCP (SYN) 45.148.10.28:39138 -> port 80, len 44
2020-09-06 06:40:47
attackbots
Scanning an empty webserver with deny all robots.txt
2020-09-05 03:18:46
attackbots
Scanner : /boaform/admin/formLogin
2020-09-04 18:46:41
attackspambots
Aug 31 15:51:35 : SSH login attempts with invalid user
2020-09-01 06:22:00
Comments on same subnet:
IP Type Details Datetime
45.148.10.247 botsattack
45.148.10.247/Trojan Linux
2025-11-19 14:09:00
45.148.10.241 attack
DDoS Inbound
2023-11-15 18:54:04
45.148.10.15 attackspambots
Bruteforce detected by fail2ban
2020-10-13 21:25:53
45.148.10.186 attackspam
Unable to negotiate with 45.148.10.186 port 47964: no matching key exchange method found. Their offer: diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1 [preauth]
2020-10-13 21:24:21
45.148.10.15 attackbotsspam
Oct 13 05:18:03 server2 sshd\[31409\]: Invalid user user from 45.148.10.15
Oct 13 05:18:48 server2 sshd\[31424\]: Invalid user server from 45.148.10.15
Oct 13 05:19:33 server2 sshd\[31465\]: Invalid user steam from 45.148.10.15
Oct 13 05:20:17 server2 sshd\[31678\]: Invalid user vmware from 45.148.10.15
Oct 13 05:21:00 server2 sshd\[31685\]: Invalid user microsoft from 45.148.10.15
Oct 13 05:21:44 server2 sshd\[31730\]: Invalid user cloud from 45.148.10.15
2020-10-13 12:52:46
45.148.10.186 attackspam
Oct 13 05:33:03 ns308116 sshd[11001]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.148.10.186  user=root
Oct 13 05:33:05 ns308116 sshd[11001]: Failed password for root from 45.148.10.186 port 41866 ssh2
Oct 13 05:33:38 ns308116 sshd[11016]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.148.10.186  user=root
Oct 13 05:33:40 ns308116 sshd[11016]: Failed password for root from 45.148.10.186 port 39380 ssh2
Oct 13 05:34:15 ns308116 sshd[11027]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.148.10.186  user=root
...
2020-10-13 12:50:57
45.148.10.15 attack
Oct 12 23:36:06 srv-ubuntu-dev3 sshd[31523]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.148.10.15
Oct 12 23:36:06 srv-ubuntu-dev3 sshd[31523]: Invalid user user from 45.148.10.15
Oct 12 23:36:08 srv-ubuntu-dev3 sshd[31523]: Failed password for invalid user user from 45.148.10.15 port 40704 ssh2
Oct 12 23:36:38 srv-ubuntu-dev3 sshd[31590]: Invalid user 123Diego from 45.148.10.15
Oct 12 23:36:38 srv-ubuntu-dev3 sshd[31590]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.148.10.15
Oct 12 23:36:38 srv-ubuntu-dev3 sshd[31590]: Invalid user 123Diego from 45.148.10.15
Oct 12 23:36:40 srv-ubuntu-dev3 sshd[31590]: Failed password for invalid user 123Diego from 45.148.10.15 port 59760 ssh2
Oct 12 23:37:17 srv-ubuntu-dev3 sshd[31656]: Invalid user Alphanetworks from 45.148.10.15
Oct 12 23:37:17 srv-ubuntu-dev3 sshd[31656]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rh
...
2020-10-13 05:40:39
45.148.10.186 attack
Fail2Ban
2020-10-13 05:39:02
45.148.10.15 attackbotsspam
Fail2Ban
2020-10-12 05:52:51
45.148.10.65 attackbots
Invalid user ubuntu from 45.148.10.65 port 43138
2020-10-12 05:36:52
45.148.10.15 attack
Brute force attempt
2020-10-11 21:59:38
45.148.10.65 attackspam
Oct 01 10:49:15 host sshd[12378]: Invalid user ubuntu from 45.148.10.65 port 41060
2020-10-11 21:43:21
45.148.10.15 attackspam
Cowrie Honeypot: 10 unauthorised SSH/Telnet login attempts between 2020-10-11T05:41:40Z and 2020-10-11T05:47:54Z
2020-10-11 13:57:38
45.148.10.65 attackspam
Unauthorized connection attempt detected from IP address 45.148.10.65 to port 22
2020-10-11 13:40:50
45.148.10.15 attack
Oct 11 01:15:04 rotator sshd\[26401\]: Failed password for root from 45.148.10.15 port 40526 ssh2Oct 11 01:15:48 rotator sshd\[27150\]: Failed password for root from 45.148.10.15 port 59498 ssh2Oct 11 01:16:29 rotator sshd\[27159\]: Failed password for root from 45.148.10.15 port 50118 ssh2Oct 11 01:17:11 rotator sshd\[27170\]: Failed password for root from 45.148.10.15 port 40796 ssh2Oct 11 01:17:49 rotator sshd\[27180\]: Invalid user tomcat from 45.148.10.15Oct 11 01:17:51 rotator sshd\[27180\]: Failed password for invalid user tomcat from 45.148.10.15 port 59744 ssh2
...
2020-10-11 07:19:58
Whois info:
b
Dig info:
; <<>> DiG 9.10.3-P4-Ubuntu <<>> 45.148.10.28
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 12890
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;45.148.10.28.			IN	A

;; AUTHORITY SECTION:
.			352	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020083101 1800 900 604800 86400

;; Query time: 16 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Sep 01 06:21:56 CST 2020
;; MSG SIZE  rcvd: 116
Host info
Host 28.10.148.45.in-addr.arpa. not found: 3(NXDOMAIN)
Nslookup info:
Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 28.10.148.45.in-addr.arpa: NXDOMAIN
Related IP info:
Related comments:
IP Type Details Datetime
203.126.185.187 attackbotsspam
5500/tcp 23/tcp...
[2019-08-25/10-26]11pkt,2pt.(tcp)
2019-10-26 14:40:20
3.95.186.231 attackbotsspam
WordPress login Brute force / Web App Attack on client site.
2019-10-26 14:33:49
112.85.42.227 attack
Oct 26 00:32:16 TORMINT sshd\[21038\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.227  user=root
Oct 26 00:32:18 TORMINT sshd\[21038\]: Failed password for root from 112.85.42.227 port 37785 ssh2
Oct 26 00:35:09 TORMINT sshd\[21216\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.227  user=root
...
2019-10-26 14:02:42
106.54.121.34 attack
$f2bV_matches
2019-10-26 14:28:00
185.49.65.57 attack
[portscan] Port scan
2019-10-26 14:16:58
200.89.159.149 attack
26.10.2019 05:51:19 - Login Fail on hMailserver 
Detected by ELinOX-hMail-A2F
2019-10-26 14:08:45
178.128.122.22 attackspam
Oct 26 13:06:58 lcl-usvr-02 sshd[4462]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.128.122.22  user=root
Oct 26 13:07:00 lcl-usvr-02 sshd[4462]: Failed password for root from 178.128.122.22 port 56771 ssh2
...
2019-10-26 14:21:08
112.85.42.237 attack
Oct 26 01:52:31 TORMINT sshd\[25356\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.237  user=root
Oct 26 01:52:34 TORMINT sshd\[25356\]: Failed password for root from 112.85.42.237 port 43843 ssh2
Oct 26 01:53:08 TORMINT sshd\[25408\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.237  user=root
...
2019-10-26 14:05:21
112.175.124.221 attackbots
Unauthorized SSH login attempts
2019-10-26 14:21:33
193.17.4.119 attack
SASL Brute Force
2019-10-26 14:38:56
103.232.85.210 attackbotsspam
1433/tcp 7001/tcp...
[2019-10-12/26]4pkt,2pt.(tcp)
2019-10-26 14:22:48
165.227.97.108 attackbotsspam
Oct 26 05:09:21 localhost sshd\[6285\]: Invalid user applmgr from 165.227.97.108 port 52082
Oct 26 05:09:21 localhost sshd\[6285\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=165.227.97.108
Oct 26 05:09:23 localhost sshd\[6285\]: Failed password for invalid user applmgr from 165.227.97.108 port 52082 ssh2
...
2019-10-26 14:06:48
14.192.17.145 attack
failed root login
2019-10-26 14:20:53
49.88.112.115 attack
Oct 25 18:42:19 php1 sshd\[22674\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.88.112.115  user=root
Oct 25 18:42:21 php1 sshd\[22674\]: Failed password for root from 49.88.112.115 port 43453 ssh2
Oct 25 18:43:23 php1 sshd\[22766\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.88.112.115  user=root
Oct 25 18:43:25 php1 sshd\[22766\]: Failed password for root from 49.88.112.115 port 63017 ssh2
Oct 25 18:47:12 php1 sshd\[23084\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.88.112.115  user=root
2019-10-26 14:05:39
112.175.124.24 attackspambots
slow and persistent scanner
2019-10-26 14:13:11

Recently Reported IPs

154.3.251.117 190.72.32.213 166.151.207.82 23.98.210.9
116.27.126.195 113.112.37.64 100.19.117.215 87.128.101.234
192.36.85.2 223.199.30.230 85.95.9.233 192.71.37.62
116.148.138.158 94.23.9.102 116.31.140.13 206.41.172.60
206.41.172.164 206.41.172.115 202.111.134.234 200.121.139.121