45.148.10.28 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Netherlands

Internet Service Provider: Bunea Telecom SRL

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspam	Oct 13 20:18:40 sshgateway sshd\[2360\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.148.10.28 user=root Oct 13 20:18:43 sshgateway sshd\[2360\]: Failed password for root from 45.148.10.28 port 40178 ssh2 Oct 13 20:19:07 sshgateway sshd\[2364\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.148.10.28 user=root	2020-10-14 02:28:44
attackbotsspam	SSH Server Abuse (45.148.10.28 as ): ...	2020-10-13 17:43:00
attack	Fail2Ban automatic report: SSH brute-force:	2020-10-11 21:05:28
attackbots	Invalid user admin from 45.148.10.28 port 54486	2020-10-11 13:02:47
attack	(sshd) Failed SSH login from 45.148.10.28 (NL/Netherlands/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Oct 10 18:11:52 server sshd[3299]: Did not receive identification string from 45.148.10.28 port 52168 Oct 10 18:12:20 server sshd[3354]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.148.10.28 user=root Oct 10 18:12:22 server sshd[3354]: Failed password for root from 45.148.10.28 port 37802 ssh2 Oct 10 18:13:02 server sshd[3662]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.148.10.28 user=root Oct 10 18:13:04 server sshd[3662]: Failed password for root from 45.148.10.28 port 35472 ssh2	2020-10-11 06:25:52
attackspam	[ssh] SSH attack	2020-10-07 03:45:49
attackbots	Fail2Ban Ban Triggered	2020-10-06 19:47:54
attack	Oct 2 17:34:33 abendstille sshd\[21303\]: Invalid user ansible from 45.148.10.28 Oct 2 17:34:33 abendstille sshd\[21303\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.148.10.28 Oct 2 17:34:35 abendstille sshd\[21303\]: Failed password for invalid user ansible from 45.148.10.28 port 35878 ssh2 Oct 2 17:35:06 abendstille sshd\[21770\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.148.10.28 user=root Oct 2 17:35:09 abendstille sshd\[21770\]: Failed password for root from 45.148.10.28 port 36076 ssh2 ...	2020-10-02 23:53:52
attackspam	Oct 2 12:20:39 shared-1 sshd\[20707\]: Invalid user webadmin from 45.148.10.28Oct 2 12:21:11 shared-1 sshd\[20732\]: Invalid user jira from 45.148.10.28 ...	2020-10-02 20:25:02
attack	$f2bV_matches	2020-10-02 16:57:22
attackspambots	TCP (SYN) 45.148.10.28:55843 -> port 22, len 44	2020-10-02 13:18:57
attackspambots	TCP (SYN) 45.148.10.28:36836 -> port 8080, len 44	2020-09-13 23:10:43
attack	TCP (SYN) 45.148.10.28:56514 -> port 80, len 40	2020-09-13 15:04:31
attackbots	Brute force attack stopped by firewall	2020-09-13 06:47:51
attackbotsspam	TCP (SYN) 45.148.10.28:52597 -> port 80, len 44	2020-09-08 22:50:07
attackspambots	Looking for boaform	2020-09-08 14:36:38
attackspambots	srv02 Mass scanning activity detected Target: 8080(http-alt) ..	2020-09-08 07:06:53
attack	firewall-block, port(s): 8080/tcp	2020-09-06 23:02:45
attackbots	srvr1: (mod_security) mod_security (id:920350) triggered by 45.148.10.28 (AD/-/-): 1 in the last 3600 secs; Ports: ; Direction: inout; Trigger: LF_MODSEC; Logs: 2020/09/06 06:18:52 [error] 47544#0: 100361 [client 45.148.10.28] ModSecurity: Access denied with code 406 (phase 2). Matched "Operator `Rx' with parameter `^[\d.:]+$' against variable `REQUEST_HEADERS:Host' [redacted] [file "/etc/modsecurity.d/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "718"] [id "920350"] [rev ""] [msg "Host header is a numeric IP address"] [redacted] [severity "4"] [ver "OWASP_CRS/3.3.0"] [maturity "0"] [accuracy "0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/210/272"] [tag "PCI/6.5.10"] [redacted] [uri "/boaform/admin/formLogin"] [unique_id "159937313244.541040"] [ref "o0,16v45,16"], client: 45.148.10.28, [redacted] request: "POST /boaform/admin/formLogin HTTP/1.1" [redacted]	2020-09-06 14:33:01
attackbots	TCP (SYN) 45.148.10.28:39138 -> port 80, len 44	2020-09-06 06:40:47
attackbots	Scanning an empty webserver with deny all robots.txt	2020-09-05 03:18:46
attackbots	Scanner : /boaform/admin/formLogin	2020-09-04 18:46:41
attackspambots	Aug 31 15:51:35 : SSH login attempts with invalid user	2020-09-01 06:22:00

Comments on same subnet:

IP	Type	Details	Datetime
45.148.10.247	botsattack	45.148.10.247/Trojan Linux	2025-11-19 14:09:00
45.148.10.241	attack	DDoS Inbound	2023-11-15 18:54:04
45.148.10.15	attackspambots	Bruteforce detected by fail2ban	2020-10-13 21:25:53
45.148.10.186	attackspam	Unable to negotiate with 45.148.10.186 port 47964: no matching key exchange method found. Their offer: diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1 [preauth]	2020-10-13 21:24:21
45.148.10.15	attackbotsspam	Oct 13 05:18:03 server2 sshd\[31409\]: Invalid user user from 45.148.10.15 Oct 13 05:18:48 server2 sshd\[31424\]: Invalid user server from 45.148.10.15 Oct 13 05:19:33 server2 sshd\[31465\]: Invalid user steam from 45.148.10.15 Oct 13 05:20:17 server2 sshd\[31678\]: Invalid user vmware from 45.148.10.15 Oct 13 05:21:00 server2 sshd\[31685\]: Invalid user microsoft from 45.148.10.15 Oct 13 05:21:44 server2 sshd\[31730\]: Invalid user cloud from 45.148.10.15	2020-10-13 12:52:46
45.148.10.186	attackspam	Oct 13 05:33:03 ns308116 sshd[11001]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.148.10.186 user=root Oct 13 05:33:05 ns308116 sshd[11001]: Failed password for root from 45.148.10.186 port 41866 ssh2 Oct 13 05:33:38 ns308116 sshd[11016]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.148.10.186 user=root Oct 13 05:33:40 ns308116 sshd[11016]: Failed password for root from 45.148.10.186 port 39380 ssh2 Oct 13 05:34:15 ns308116 sshd[11027]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.148.10.186 user=root ...	2020-10-13 12:50:57
45.148.10.15	attack	Oct 12 23:36:06 srv-ubuntu-dev3 sshd[31523]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.148.10.15 Oct 12 23:36:06 srv-ubuntu-dev3 sshd[31523]: Invalid user user from 45.148.10.15 Oct 12 23:36:08 srv-ubuntu-dev3 sshd[31523]: Failed password for invalid user user from 45.148.10.15 port 40704 ssh2 Oct 12 23:36:38 srv-ubuntu-dev3 sshd[31590]: Invalid user 123Diego from 45.148.10.15 Oct 12 23:36:38 srv-ubuntu-dev3 sshd[31590]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.148.10.15 Oct 12 23:36:38 srv-ubuntu-dev3 sshd[31590]: Invalid user 123Diego from 45.148.10.15 Oct 12 23:36:40 srv-ubuntu-dev3 sshd[31590]: Failed password for invalid user 123Diego from 45.148.10.15 port 59760 ssh2 Oct 12 23:37:17 srv-ubuntu-dev3 sshd[31656]: Invalid user Alphanetworks from 45.148.10.15 Oct 12 23:37:17 srv-ubuntu-dev3 sshd[31656]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rh ...	2020-10-13 05:40:39
45.148.10.186	attack	Fail2Ban	2020-10-13 05:39:02
45.148.10.15	attackbotsspam	Fail2Ban	2020-10-12 05:52:51
45.148.10.65	attackbots	Invalid user ubuntu from 45.148.10.65 port 43138	2020-10-12 05:36:52
45.148.10.15	attack	Brute force attempt	2020-10-11 21:59:38
45.148.10.65	attackspam	Oct 01 10:49:15 host sshd[12378]: Invalid user ubuntu from 45.148.10.65 port 41060	2020-10-11 21:43:21
45.148.10.15	attackspam	Cowrie Honeypot: 10 unauthorised SSH/Telnet login attempts between 2020-10-11T05:41:40Z and 2020-10-11T05:47:54Z	2020-10-11 13:57:38
45.148.10.65	attackspam	Unauthorized connection attempt detected from IP address 45.148.10.65 to port 22	2020-10-11 13:40:50
45.148.10.15	attack	Oct 11 01:15:04 rotator sshd\[26401\]: Failed password for root from 45.148.10.15 port 40526 ssh2Oct 11 01:15:48 rotator sshd\[27150\]: Failed password for root from 45.148.10.15 port 59498 ssh2Oct 11 01:16:29 rotator sshd\[27159\]: Failed password for root from 45.148.10.15 port 50118 ssh2Oct 11 01:17:11 rotator sshd\[27170\]: Failed password for root from 45.148.10.15 port 40796 ssh2Oct 11 01:17:49 rotator sshd\[27180\]: Invalid user tomcat from 45.148.10.15Oct 11 01:17:51 rotator sshd\[27180\]: Failed password for invalid user tomcat from 45.148.10.15 port 59744 ssh2 ...	2020-10-11 07:19:58

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 45.148.10.28
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 12890
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;45.148.10.28.			IN	A

;; AUTHORITY SECTION:
.			352	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020083101 1800 900 604800 86400

;; Query time: 16 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Sep 01 06:21:56 CST 2020
;; MSG SIZE  rcvd: 116

Host info

Host 28.10.148.45.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 28.10.148.45.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
203.126.185.187	attackbotsspam	5500/tcp 23/tcp... [2019-08-25/10-26]11pkt,2pt.(tcp)	2019-10-26 14:40:20
3.95.186.231	attackbotsspam	WordPress login Brute force / Web App Attack on client site.	2019-10-26 14:33:49
112.85.42.227	attack	Oct 26 00:32:16 TORMINT sshd\[21038\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.227 user=root Oct 26 00:32:18 TORMINT sshd\[21038\]: Failed password for root from 112.85.42.227 port 37785 ssh2 Oct 26 00:35:09 TORMINT sshd\[21216\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.227 user=root ...	2019-10-26 14:02:42
106.54.121.34	attack	$f2bV_matches	2019-10-26 14:28:00
185.49.65.57	attack	[portscan] Port scan	2019-10-26 14:16:58
200.89.159.149	attack	26.10.2019 05:51:19 - Login Fail on hMailserver Detected by ELinOX-hMail-A2F	2019-10-26 14:08:45
178.128.122.22	attackspam	Oct 26 13:06:58 lcl-usvr-02 sshd[4462]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.128.122.22 user=root Oct 26 13:07:00 lcl-usvr-02 sshd[4462]: Failed password for root from 178.128.122.22 port 56771 ssh2 ...	2019-10-26 14:21:08
112.85.42.237	attack	Oct 26 01:52:31 TORMINT sshd\[25356\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.237 user=root Oct 26 01:52:34 TORMINT sshd\[25356\]: Failed password for root from 112.85.42.237 port 43843 ssh2 Oct 26 01:53:08 TORMINT sshd\[25408\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.237 user=root ...	2019-10-26 14:05:21
112.175.124.221	attackbots	Unauthorized SSH login attempts	2019-10-26 14:21:33
193.17.4.119	attack	SASL Brute Force	2019-10-26 14:38:56
103.232.85.210	attackbotsspam	1433/tcp 7001/tcp... [2019-10-12/26]4pkt,2pt.(tcp)	2019-10-26 14:22:48
165.227.97.108	attackbotsspam	Oct 26 05:09:21 localhost sshd\[6285\]: Invalid user applmgr from 165.227.97.108 port 52082 Oct 26 05:09:21 localhost sshd\[6285\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=165.227.97.108 Oct 26 05:09:23 localhost sshd\[6285\]: Failed password for invalid user applmgr from 165.227.97.108 port 52082 ssh2 ...	2019-10-26 14:06:48
14.192.17.145	attack	failed root login	2019-10-26 14:20:53
49.88.112.115	attack	Oct 25 18:42:19 php1 sshd\[22674\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.88.112.115 user=root Oct 25 18:42:21 php1 sshd\[22674\]: Failed password for root from 49.88.112.115 port 43453 ssh2 Oct 25 18:43:23 php1 sshd\[22766\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.88.112.115 user=root Oct 25 18:43:25 php1 sshd\[22766\]: Failed password for root from 49.88.112.115 port 63017 ssh2 Oct 25 18:47:12 php1 sshd\[23084\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.88.112.115 user=root	2019-10-26 14:05:39
112.175.124.24	attackspambots	slow and persistent scanner	2019-10-26 14:13:11

Recently Reported IPs

154.3.251.117	190.72.32.213	166.151.207.82	23.98.210.9
116.27.126.195	113.112.37.64	100.19.117.215	87.128.101.234
192.36.85.2	223.199.30.230	85.95.9.233	192.71.37.62
116.148.138.158	94.23.9.102	116.31.140.13	206.41.172.60
206.41.172.164	206.41.172.115	202.111.134.234	200.121.139.121