45.148.10.28 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Netherlands

Internet Service Provider: Bunea Telecom SRL

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspam	Oct 13 20:18:40 sshgateway sshd\[2360\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.148.10.28 user=root Oct 13 20:18:43 sshgateway sshd\[2360\]: Failed password for root from 45.148.10.28 port 40178 ssh2 Oct 13 20:19:07 sshgateway sshd\[2364\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.148.10.28 user=root	2020-10-14 02:28:44
attackbotsspam	SSH Server Abuse (45.148.10.28 as ): ...	2020-10-13 17:43:00
attack	Fail2Ban automatic report: SSH brute-force:	2020-10-11 21:05:28
attackbots	Invalid user admin from 45.148.10.28 port 54486	2020-10-11 13:02:47
attack	(sshd) Failed SSH login from 45.148.10.28 (NL/Netherlands/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Oct 10 18:11:52 server sshd[3299]: Did not receive identification string from 45.148.10.28 port 52168 Oct 10 18:12:20 server sshd[3354]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.148.10.28 user=root Oct 10 18:12:22 server sshd[3354]: Failed password for root from 45.148.10.28 port 37802 ssh2 Oct 10 18:13:02 server sshd[3662]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.148.10.28 user=root Oct 10 18:13:04 server sshd[3662]: Failed password for root from 45.148.10.28 port 35472 ssh2	2020-10-11 06:25:52
attackspam	[ssh] SSH attack	2020-10-07 03:45:49
attackbots	Fail2Ban Ban Triggered	2020-10-06 19:47:54
attack	Oct 2 17:34:33 abendstille sshd\[21303\]: Invalid user ansible from 45.148.10.28 Oct 2 17:34:33 abendstille sshd\[21303\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.148.10.28 Oct 2 17:34:35 abendstille sshd\[21303\]: Failed password for invalid user ansible from 45.148.10.28 port 35878 ssh2 Oct 2 17:35:06 abendstille sshd\[21770\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.148.10.28 user=root Oct 2 17:35:09 abendstille sshd\[21770\]: Failed password for root from 45.148.10.28 port 36076 ssh2 ...	2020-10-02 23:53:52
attackspam	Oct 2 12:20:39 shared-1 sshd\[20707\]: Invalid user webadmin from 45.148.10.28Oct 2 12:21:11 shared-1 sshd\[20732\]: Invalid user jira from 45.148.10.28 ...	2020-10-02 20:25:02
attack	$f2bV_matches	2020-10-02 16:57:22
attackspambots	TCP (SYN) 45.148.10.28:55843 -> port 22, len 44	2020-10-02 13:18:57
attackspambots	TCP (SYN) 45.148.10.28:36836 -> port 8080, len 44	2020-09-13 23:10:43
attack	TCP (SYN) 45.148.10.28:56514 -> port 80, len 40	2020-09-13 15:04:31
attackbots	Brute force attack stopped by firewall	2020-09-13 06:47:51
attackbotsspam	TCP (SYN) 45.148.10.28:52597 -> port 80, len 44	2020-09-08 22:50:07
attackspambots	Looking for boaform	2020-09-08 14:36:38
attackspambots	srv02 Mass scanning activity detected Target: 8080(http-alt) ..	2020-09-08 07:06:53
attack	firewall-block, port(s): 8080/tcp	2020-09-06 23:02:45
attackbots	srvr1: (mod_security) mod_security (id:920350) triggered by 45.148.10.28 (AD/-/-): 1 in the last 3600 secs; Ports: ; Direction: inout; Trigger: LF_MODSEC; Logs: 2020/09/06 06:18:52 [error] 47544#0: 100361 [client 45.148.10.28] ModSecurity: Access denied with code 406 (phase 2). Matched "Operator `Rx' with parameter `^[\d.:]+$' against variable `REQUEST_HEADERS:Host' [redacted] [file "/etc/modsecurity.d/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "718"] [id "920350"] [rev ""] [msg "Host header is a numeric IP address"] [redacted] [severity "4"] [ver "OWASP_CRS/3.3.0"] [maturity "0"] [accuracy "0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/210/272"] [tag "PCI/6.5.10"] [redacted] [uri "/boaform/admin/formLogin"] [unique_id "159937313244.541040"] [ref "o0,16v45,16"], client: 45.148.10.28, [redacted] request: "POST /boaform/admin/formLogin HTTP/1.1" [redacted]	2020-09-06 14:33:01
attackbots	TCP (SYN) 45.148.10.28:39138 -> port 80, len 44	2020-09-06 06:40:47
attackbots	Scanning an empty webserver with deny all robots.txt	2020-09-05 03:18:46
attackbots	Scanner : /boaform/admin/formLogin	2020-09-04 18:46:41
attackspambots	Aug 31 15:51:35 : SSH login attempts with invalid user	2020-09-01 06:22:00

Comments on same subnet:

IP	Type	Details	Datetime
45.148.10.247	botsattack	45.148.10.247/Trojan Linux	2025-11-19 14:09:00
45.148.10.241	attack	DDoS Inbound	2023-11-15 18:54:04
45.148.10.15	attackspambots	Bruteforce detected by fail2ban	2020-10-13 21:25:53
45.148.10.186	attackspam	Unable to negotiate with 45.148.10.186 port 47964: no matching key exchange method found. Their offer: diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1 [preauth]	2020-10-13 21:24:21
45.148.10.15	attackbotsspam	Oct 13 05:18:03 server2 sshd\[31409\]: Invalid user user from 45.148.10.15 Oct 13 05:18:48 server2 sshd\[31424\]: Invalid user server from 45.148.10.15 Oct 13 05:19:33 server2 sshd\[31465\]: Invalid user steam from 45.148.10.15 Oct 13 05:20:17 server2 sshd\[31678\]: Invalid user vmware from 45.148.10.15 Oct 13 05:21:00 server2 sshd\[31685\]: Invalid user microsoft from 45.148.10.15 Oct 13 05:21:44 server2 sshd\[31730\]: Invalid user cloud from 45.148.10.15	2020-10-13 12:52:46
45.148.10.186	attackspam	Oct 13 05:33:03 ns308116 sshd[11001]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.148.10.186 user=root Oct 13 05:33:05 ns308116 sshd[11001]: Failed password for root from 45.148.10.186 port 41866 ssh2 Oct 13 05:33:38 ns308116 sshd[11016]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.148.10.186 user=root Oct 13 05:33:40 ns308116 sshd[11016]: Failed password for root from 45.148.10.186 port 39380 ssh2 Oct 13 05:34:15 ns308116 sshd[11027]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.148.10.186 user=root ...	2020-10-13 12:50:57
45.148.10.15	attack	Oct 12 23:36:06 srv-ubuntu-dev3 sshd[31523]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.148.10.15 Oct 12 23:36:06 srv-ubuntu-dev3 sshd[31523]: Invalid user user from 45.148.10.15 Oct 12 23:36:08 srv-ubuntu-dev3 sshd[31523]: Failed password for invalid user user from 45.148.10.15 port 40704 ssh2 Oct 12 23:36:38 srv-ubuntu-dev3 sshd[31590]: Invalid user 123Diego from 45.148.10.15 Oct 12 23:36:38 srv-ubuntu-dev3 sshd[31590]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.148.10.15 Oct 12 23:36:38 srv-ubuntu-dev3 sshd[31590]: Invalid user 123Diego from 45.148.10.15 Oct 12 23:36:40 srv-ubuntu-dev3 sshd[31590]: Failed password for invalid user 123Diego from 45.148.10.15 port 59760 ssh2 Oct 12 23:37:17 srv-ubuntu-dev3 sshd[31656]: Invalid user Alphanetworks from 45.148.10.15 Oct 12 23:37:17 srv-ubuntu-dev3 sshd[31656]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rh ...	2020-10-13 05:40:39
45.148.10.186	attack	Fail2Ban	2020-10-13 05:39:02
45.148.10.15	attackbotsspam	Fail2Ban	2020-10-12 05:52:51
45.148.10.65	attackbots	Invalid user ubuntu from 45.148.10.65 port 43138	2020-10-12 05:36:52
45.148.10.15	attack	Brute force attempt	2020-10-11 21:59:38
45.148.10.65	attackspam	Oct 01 10:49:15 host sshd[12378]: Invalid user ubuntu from 45.148.10.65 port 41060	2020-10-11 21:43:21
45.148.10.15	attackspam	Cowrie Honeypot: 10 unauthorised SSH/Telnet login attempts between 2020-10-11T05:41:40Z and 2020-10-11T05:47:54Z	2020-10-11 13:57:38
45.148.10.65	attackspam	Unauthorized connection attempt detected from IP address 45.148.10.65 to port 22	2020-10-11 13:40:50
45.148.10.15	attack	Oct 11 01:15:04 rotator sshd\[26401\]: Failed password for root from 45.148.10.15 port 40526 ssh2Oct 11 01:15:48 rotator sshd\[27150\]: Failed password for root from 45.148.10.15 port 59498 ssh2Oct 11 01:16:29 rotator sshd\[27159\]: Failed password for root from 45.148.10.15 port 50118 ssh2Oct 11 01:17:11 rotator sshd\[27170\]: Failed password for root from 45.148.10.15 port 40796 ssh2Oct 11 01:17:49 rotator sshd\[27180\]: Invalid user tomcat from 45.148.10.15Oct 11 01:17:51 rotator sshd\[27180\]: Failed password for invalid user tomcat from 45.148.10.15 port 59744 ssh2 ...	2020-10-11 07:19:58

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 45.148.10.28
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 12890
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;45.148.10.28.			IN	A

;; AUTHORITY SECTION:
.			352	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020083101 1800 900 604800 86400

;; Query time: 16 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Sep 01 06:21:56 CST 2020
;; MSG SIZE  rcvd: 116

Host info

Host 28.10.148.45.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 28.10.148.45.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
10.255.18.194	attackbots	firewall-block, port(s): 23/tcp	2020-04-27 05:28:55
193.176.79.45	attack	Apr 26 23:08:17 legacy sshd[15196]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=193.176.79.45 Apr 26 23:08:19 legacy sshd[15196]: Failed password for invalid user neo4j from 193.176.79.45 port 39618 ssh2 Apr 26 23:12:19 legacy sshd[15403]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=193.176.79.45 ...	2020-04-27 05:14:04
40.114.35.218	attack	(smtpauth) Failed SMTP AUTH login from 40.114.35.218 (US/United States/-): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: 2020-04-27 01:09:35 login authenticator failed for (ADMIN) [40.114.35.218]: 535 Incorrect authentication data (set_id=info@fpdamavand.com)	2020-04-27 05:49:36
45.248.70.132	attackbotsspam	$f2bV_matches	2020-04-27 05:42:01
194.44.61.133	attackspam	Apr 26 17:15:48 ny01 sshd[17867]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=194.44.61.133 Apr 26 17:15:49 ny01 sshd[17867]: Failed password for invalid user zhangwei from 194.44.61.133 port 60938 ssh2 Apr 26 17:20:02 ny01 sshd[18453]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=194.44.61.133	2020-04-27 05:29:11
116.98.54.41	attack	Dear Sir, I received an E-mail from yahoo that this IP address want to sign in my yahoo mail. I want to help that who owns this IP address (116.98.54.41)? I can send you the yahoo mail if you want. The IP address wanted to hack my E-mail is : 116.98.54.41 Sincerely yours, Hamid Hanifi	2020-04-27 05:24:06
45.126.74.195	attack	Apr 26 21:35:32 scw-6657dc sshd[16638]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.126.74.195 Apr 26 21:35:32 scw-6657dc sshd[16638]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.126.74.195 Apr 26 21:35:34 scw-6657dc sshd[16638]: Failed password for invalid user zb from 45.126.74.195 port 45390 ssh2 ...	2020-04-27 05:37:29
36.91.76.171	attackspam	2020-04-27T06:12:16.286930vivaldi2.tree2.info sshd[6755]: Invalid user ftp_user from 36.91.76.171 2020-04-27T06:12:16.304009vivaldi2.tree2.info sshd[6755]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=36.91.76.171 2020-04-27T06:12:16.286930vivaldi2.tree2.info sshd[6755]: Invalid user ftp_user from 36.91.76.171 2020-04-27T06:12:18.515144vivaldi2.tree2.info sshd[6755]: Failed password for invalid user ftp_user from 36.91.76.171 port 53050 ssh2 2020-04-27T06:14:41.256944vivaldi2.tree2.info sshd[6818]: Invalid user gang from 36.91.76.171 ...	2020-04-27 05:32:03
162.144.79.223	attackspam	WordPress login Brute force / Web App Attack on client site.	2020-04-27 05:19:20
62.33.168.46	attack	Apr 26 22:44:50 h2829583 sshd[26976]: Failed password for root from 62.33.168.46 port 43006 ssh2	2020-04-27 05:27:17
112.85.42.188	attackspam	04/26/2020-17:30:39.040355 112.85.42.188 Protocol: 6 ET SCAN Potential SSH Scan	2020-04-27 05:31:39
217.61.20.147	attackbotsspam	Apr 26 22:39:47 debian-2gb-nbg1-2 kernel: \[10192521.035257\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=217.61.20.147 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=244 ID=54321 PROTO=TCP SPT=53921 DPT=81 WINDOW=65535 RES=0x00 SYN URGP=0	2020-04-27 05:41:35
37.213.67.247	attackbots	1,75-02/02 [bc02/m351] PostRequest-Spammer scoring: berlin	2020-04-27 05:12:23
49.88.112.75	attackbots	Apr 27 02:22:58 gw1 sshd[15621]: Failed password for root from 49.88.112.75 port 60227 ssh2 ...	2020-04-27 05:36:11
206.214.6.33	attackbots	2020-04-2622:37:291jSo1e-00081Q-CP\<=info@whatsup2013.chH=$localhost$[205.217.246.45]:44553P=esmtpsaX=TLS1.2:ECDHE-RSA-AES256-GCM-SHA384:256CV=noA=dovecot_login:info@whatsup2013.chS=3158id=0cafde0f042ffa092ad422717aae97bb98726a7761@whatsup2013.chT="Pleasesparkmyheart."forgabrielsanchez106@yahoo.comcadenwhitehead48@gmail.com2020-04-2622:39:181jSo3Y-0008BH-6C\<=info@whatsup2013.chH=$localhost$[206.214.6.33]:42175P=esmtpsaX=TLS1.2:ECDHE-RSA-AES256-GCM-SHA384:256CV=noA=dovecot_login:info@whatsup2013.chS=3193id=0eadaf7c775c897a59a7510209dde4c8eb01e82e5f@whatsup2013.chT="Seekingmybesthalf"forponyboy86@yahoo.comarmandosanchez19@gmail.com2020-04-2622:37:501jSo29-00089E-Fc\<=info@whatsup2013.chH=$localhost$[116.104.246.25]:38693P=esmtpsaX=TLS1.2:ECDHE-RSA-AES256-GCM-SHA384:256CV=noA=dovecot_login:info@whatsup2013.chS=3103id=0fb18eddd6fd28240346f0a357909a96a56ab973@whatsup2013.chT="Iadoreyourphotos"forjustinbrewster147@yahoo.comhamm21joshua@gmail.com2020-04-2622:39:411jSo3q-0008FB-8E\<=info@whatsup2013.chH=	2020-04-27 05:39:29

Recently Reported IPs

154.3.251.117	190.72.32.213	166.151.207.82	23.98.210.9
116.27.126.195	113.112.37.64	100.19.117.215	87.128.101.234
192.36.85.2	223.199.30.230	85.95.9.233	192.71.37.62
116.148.138.158	94.23.9.102	116.31.140.13	206.41.172.60
206.41.172.164	206.41.172.115	202.111.134.234	200.121.139.121