45.148.10.40 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Italy

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbots	Only those who intend to destroy a site make attempts like this below, so if this ip appears on your site, block it immediately 45.148.10.0/24 is high risk: 45.148.10.40 - - [03/Nov/2019:23:35:31 -0300] "GET /.git/index HTTP/1.1" 404 101 "-" "git/2.0.0" 45.148.10.40 - - [04/Nov/2019:00:16:32 -0300] "GET /.git/index HTTP/1.1" 404 101 "-" "git/2.0.0" 45.148.10.40 - - [04/Nov/2019:00:16:33 -0300] "GET /.git/index HTTP/1.1" 404 101 "-" "git/2.0.0"	2019-11-06 08:42:25
attackspam	git attack	2019-11-05 16:54:08
attackspambots	Bad user agent	2019-11-05 13:15:57
attackbotsspam	15 probes eg: /.git/ia user agent: Mozilla/5.0 (Linux; U; Android 8.1.0; zh-CN; EML-AL00 Build/HUAWEIEML-AL00) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/57.0.2987.108 baidu.sogo.uc.UCBrowser/11.9.4.974 UWS/2.13.1.48 Mobile Safari/537.36 AliApp(DingTalk/4.5.11) com.alibaba.android.rimet/10487439 Channel/227200 language/zh-CN	2019-10-16 22:44:35
attack	09/23/2019-08:53:44.570874 45.148.10.40 Protocol: 6 ET SCAN Suspicious inbound to mySQL port 3306	2019-09-23 21:52:25

Comments on same subnet:

IP	Type	Details	Datetime
45.148.10.247	botsattack	45.148.10.247/Trojan Linux	2025-11-19 14:09:00
45.148.10.241	attack	DDoS Inbound	2023-11-15 18:54:04
45.148.10.28	attackspam	Oct 13 20:18:40 sshgateway sshd\[2360\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.148.10.28 user=root Oct 13 20:18:43 sshgateway sshd\[2360\]: Failed password for root from 45.148.10.28 port 40178 ssh2 Oct 13 20:19:07 sshgateway sshd\[2364\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.148.10.28 user=root	2020-10-14 02:28:44
45.148.10.15	attackspambots	Bruteforce detected by fail2ban	2020-10-13 21:25:53
45.148.10.186	attackspam	Unable to negotiate with 45.148.10.186 port 47964: no matching key exchange method found. Their offer: diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1 [preauth]	2020-10-13 21:24:21
45.148.10.28	attackbotsspam	SSH Server Abuse (45.148.10.28 as ): ...	2020-10-13 17:43:00
45.148.10.15	attackbotsspam	Oct 13 05:18:03 server2 sshd\[31409\]: Invalid user user from 45.148.10.15 Oct 13 05:18:48 server2 sshd\[31424\]: Invalid user server from 45.148.10.15 Oct 13 05:19:33 server2 sshd\[31465\]: Invalid user steam from 45.148.10.15 Oct 13 05:20:17 server2 sshd\[31678\]: Invalid user vmware from 45.148.10.15 Oct 13 05:21:00 server2 sshd\[31685\]: Invalid user microsoft from 45.148.10.15 Oct 13 05:21:44 server2 sshd\[31730\]: Invalid user cloud from 45.148.10.15	2020-10-13 12:52:46
45.148.10.186	attackspam	Oct 13 05:33:03 ns308116 sshd[11001]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.148.10.186 user=root Oct 13 05:33:05 ns308116 sshd[11001]: Failed password for root from 45.148.10.186 port 41866 ssh2 Oct 13 05:33:38 ns308116 sshd[11016]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.148.10.186 user=root Oct 13 05:33:40 ns308116 sshd[11016]: Failed password for root from 45.148.10.186 port 39380 ssh2 Oct 13 05:34:15 ns308116 sshd[11027]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.148.10.186 user=root ...	2020-10-13 12:50:57
45.148.10.15	attack	Oct 12 23:36:06 srv-ubuntu-dev3 sshd[31523]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.148.10.15 Oct 12 23:36:06 srv-ubuntu-dev3 sshd[31523]: Invalid user user from 45.148.10.15 Oct 12 23:36:08 srv-ubuntu-dev3 sshd[31523]: Failed password for invalid user user from 45.148.10.15 port 40704 ssh2 Oct 12 23:36:38 srv-ubuntu-dev3 sshd[31590]: Invalid user 123Diego from 45.148.10.15 Oct 12 23:36:38 srv-ubuntu-dev3 sshd[31590]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.148.10.15 Oct 12 23:36:38 srv-ubuntu-dev3 sshd[31590]: Invalid user 123Diego from 45.148.10.15 Oct 12 23:36:40 srv-ubuntu-dev3 sshd[31590]: Failed password for invalid user 123Diego from 45.148.10.15 port 59760 ssh2 Oct 12 23:37:17 srv-ubuntu-dev3 sshd[31656]: Invalid user Alphanetworks from 45.148.10.15 Oct 12 23:37:17 srv-ubuntu-dev3 sshd[31656]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rh ...	2020-10-13 05:40:39
45.148.10.186	attack	Fail2Ban	2020-10-13 05:39:02
45.148.10.15	attackbotsspam	Fail2Ban	2020-10-12 05:52:51
45.148.10.65	attackbots	Invalid user ubuntu from 45.148.10.65 port 43138	2020-10-12 05:36:52
45.148.10.15	attack	Brute force attempt	2020-10-11 21:59:38
45.148.10.65	attackspam	Oct 01 10:49:15 host sshd[12378]: Invalid user ubuntu from 45.148.10.65 port 41060	2020-10-11 21:43:21
45.148.10.28	attack	Fail2Ban automatic report: SSH brute-force:	2020-10-11 21:05:28

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 45.148.10.40
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 60270
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;45.148.10.40.			IN	A

;; AUTHORITY SECTION:
.			258	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019092300 1800 900 604800 86400

;; Query time: 53 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Sep 23 21:52:22 CST 2019
;; MSG SIZE  rcvd: 116

Host info

Host 40.10.148.45.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 40.10.148.45.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
157.245.109.223	attack	Multiple SSH login attempts.	2020-03-30 03:33:12
46.105.29.160	attackbots	Mar 29 20:55:12 meumeu sshd[31514]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=46.105.29.160 Mar 29 20:55:14 meumeu sshd[31514]: Failed password for invalid user work from 46.105.29.160 port 39530 ssh2 Mar 29 21:01:27 meumeu sshd[32225]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=46.105.29.160 ...	2020-03-30 03:08:30
51.77.109.98	attack	Invalid user efd from 51.77.109.98 port 38076	2020-03-30 03:31:30
117.103.2.114	attack	Mar 29 15:25:47 firewall sshd[14467]: Invalid user qtk from 117.103.2.114 Mar 29 15:25:49 firewall sshd[14467]: Failed password for invalid user qtk from 117.103.2.114 port 50136 ssh2 Mar 29 15:30:14 firewall sshd[14780]: Invalid user godunov from 117.103.2.114 ...	2020-03-30 03:16:00
51.15.99.106	attackbots	$f2bV_matches	2020-03-30 03:16:47
36.67.197.52	attackbotsspam	SSH/22 MH Probe, BF, Hack -	2020-03-30 03:19:02
139.59.169.37	attack	Brute-force attempt banned	2020-03-30 03:37:28
77.157.175.106	attackbots	SSH Brute Force	2020-03-30 03:28:27
142.93.174.47	attackbotsspam	Mar 29 18:39:00 vpn01 sshd[25300]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.174.47 Mar 29 18:39:02 vpn01 sshd[25300]: Failed password for invalid user zkr from 142.93.174.47 port 43660 ssh2 ...	2020-03-30 03:25:12
104.248.1.92	attackspam	Mar 29 12:52:14 serwer sshd\[31279\]: Invalid user kfn from 104.248.1.92 port 41286 Mar 29 12:52:14 serwer sshd\[31279\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.1.92 Mar 29 12:52:16 serwer sshd\[31279\]: Failed password for invalid user kfn from 104.248.1.92 port 41286 ssh2 Mar 29 12:58:39 serwer sshd\[32001\]: Invalid user omj from 104.248.1.92 port 45484 Mar 29 12:58:39 serwer sshd\[32001\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.1.92 Mar 29 12:58:41 serwer sshd\[32001\]: Failed password for invalid user omj from 104.248.1.92 port 45484 ssh2 Mar 29 13:01:10 serwer sshd\[32330\]: Invalid user eav from 104.248.1.92 port 34800 Mar 29 13:01:10 serwer sshd\[32330\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.1.92 Mar 29 13:01:12 serwer sshd\[32330\]: Failed password for invalid user eav from 104.248.1.92 port 34800 ...	2020-03-30 03:47:39
93.137.213.212	attackbots	Mar 29 20:15:14 ns4 sshd[22194]: Invalid user zhr from 93.137.213.212 Mar 29 20:15:14 ns4 sshd[22194]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=93-137-213-212.adsl.net.t-com.hr Mar 29 20:15:15 ns4 sshd[22194]: Failed password for invalid user zhr from 93.137.213.212 port 51812 ssh2 Mar 29 20:19:31 ns4 sshd[22691]: Invalid user htg from 93.137.213.212 Mar 29 20:19:31 ns4 sshd[22691]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=93-137-213-212.adsl.net.t-com.hr Mar 29 20:19:33 ns4 sshd[22691]: Failed password for invalid user htg from 93.137.213.212 port 41818 ssh2 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=93.137.213.212	2020-03-30 03:27:10
159.89.80.160	attack	DigitalOcean BotNet attack - 10s of requests to non- pages - :443/app-ads.txt - typically bursts of 8 requests per second - undefined, XSS attacks UA removed	2020-03-30 03:24:51
35.181.139.77	attackspambots	Brute force attack against VPN service	2020-03-30 03:09:16
122.154.120.50	attack	DATE:2020-03-29 14:38:47, IP:122.154.120.50, PORT:5900 VNC brute force auth on honeypot server (epe-honey1-hq)	2020-03-30 03:48:26
112.244.234.200	attack	Unauthorised access (Mar 29) SRC=112.244.234.200 LEN=40 TTL=49 ID=15680 TCP DPT=8080 WINDOW=40546 SYN Unauthorised access (Mar 28) SRC=112.244.234.200 LEN=40 TTL=49 ID=59445 TCP DPT=8080 WINDOW=9829 SYN Unauthorised access (Mar 27) SRC=112.244.234.200 LEN=40 TTL=49 ID=11738 TCP DPT=8080 WINDOW=9829 SYN Unauthorised access (Mar 25) SRC=112.244.234.200 LEN=40 TTL=49 ID=3936 TCP DPT=8080 WINDOW=5360 SYN Unauthorised access (Mar 25) SRC=112.244.234.200 LEN=40 TTL=49 ID=34716 TCP DPT=8080 WINDOW=52488 SYN Unauthorised access (Mar 25) SRC=112.244.234.200 LEN=40 TTL=49 ID=10928 TCP DPT=8080 WINDOW=52488 SYN Unauthorised access (Mar 23) SRC=112.244.234.200 LEN=40 TTL=49 ID=32926 TCP DPT=8080 WINDOW=52488 SYN Unauthorised access (Mar 23) SRC=112.244.234.200 LEN=40 TTL=49 ID=7478 TCP DPT=8080 WINDOW=5360 SYN Unauthorised access (Mar 22) SRC=112.244.234.200 LEN=40 TTL=49 ID=43895 TCP DPT=8080 WINDOW=40546 SYN	2020-03-30 03:30:31

Recently Reported IPs

221.227.248.2	98.15.130.118	51.77.64.186	89.248.168.223
104.211.242.189	1.174.55.227	177.128.81.186	116.87.230.42
135.236.146.35	103.89.88.64	92.222.88.22	183.136.236.43
35.184.35.57	59.60.180.163	64.32.11.37	35.184.63.162
95.77.22.251	145.145.25.219	5.133.179.221	153.156.45.206