City: unknown
Region: unknown
Country: Italy
Internet Service Provider: unknown
Hostname: unknown
Organization: unknown
Usage Type: unknown
| Type | Details | Datetime |
|---|---|---|
| attackbots | Only those who intend to destroy a site make attempts like this below, so if this ip appears on your site, block it immediately 45.148.10.0/24 is high risk: 45.148.10.40 - - [03/Nov/2019:23:35:31 -0300] "GET /.git/index HTTP/1.1" 404 101 "-" "git/2.0.0" 45.148.10.40 - - [04/Nov/2019:00:16:32 -0300] "GET /.git/index HTTP/1.1" 404 101 "-" "git/2.0.0" 45.148.10.40 - - [04/Nov/2019:00:16:33 -0300] "GET /.git/index HTTP/1.1" 404 101 "-" "git/2.0.0" |
2019-11-06 08:42:25 |
| attackspam | git attack |
2019-11-05 16:54:08 |
| attackspambots | Bad user agent |
2019-11-05 13:15:57 |
| attackbotsspam | 15 probes eg: /.git/ia user agent: Mozilla/5.0 (Linux; U; Android 8.1.0; zh-CN; EML-AL00 Build/HUAWEIEML-AL00) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/57.0.2987.108 baidu.sogo.uc.UCBrowser/11.9.4.974 UWS/2.13.1.48 Mobile Safari/537.36 AliApp(DingTalk/4.5.11) com.alibaba.android.rimet/10487439 Channel/227200 language/zh-CN |
2019-10-16 22:44:35 |
| attack | 09/23/2019-08:53:44.570874 45.148.10.40 Protocol: 6 ET SCAN Suspicious inbound to mySQL port 3306 |
2019-09-23 21:52:25 |
| IP | Type | Details | Datetime |
|---|---|---|---|
| 45.148.10.241 | attack | DDoS Inbound |
2023-11-15 18:54:04 |
| 45.148.10.28 | attackspam | Oct 13 20:18:40 sshgateway sshd\[2360\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.148.10.28 user=root Oct 13 20:18:43 sshgateway sshd\[2360\]: Failed password for root from 45.148.10.28 port 40178 ssh2 Oct 13 20:19:07 sshgateway sshd\[2364\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.148.10.28 user=root |
2020-10-14 02:28:44 |
| 45.148.10.15 | attackspambots | Bruteforce detected by fail2ban |
2020-10-13 21:25:53 |
| 45.148.10.186 | attackspam | Unable to negotiate with 45.148.10.186 port 47964: no matching key exchange method found. Their offer: diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1 [preauth] |
2020-10-13 21:24:21 |
| 45.148.10.28 | attackbotsspam | SSH Server Abuse (45.148.10.28 as |
2020-10-13 17:43:00 |
| 45.148.10.15 | attackbotsspam | Oct 13 05:18:03 server2 sshd\[31409\]: Invalid user user from 45.148.10.15 Oct 13 05:18:48 server2 sshd\[31424\]: Invalid user server from 45.148.10.15 Oct 13 05:19:33 server2 sshd\[31465\]: Invalid user steam from 45.148.10.15 Oct 13 05:20:17 server2 sshd\[31678\]: Invalid user vmware from 45.148.10.15 Oct 13 05:21:00 server2 sshd\[31685\]: Invalid user microsoft from 45.148.10.15 Oct 13 05:21:44 server2 sshd\[31730\]: Invalid user cloud from 45.148.10.15 |
2020-10-13 12:52:46 |
| 45.148.10.186 | attackspam | Oct 13 05:33:03 ns308116 sshd[11001]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.148.10.186 user=root Oct 13 05:33:05 ns308116 sshd[11001]: Failed password for root from 45.148.10.186 port 41866 ssh2 Oct 13 05:33:38 ns308116 sshd[11016]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.148.10.186 user=root Oct 13 05:33:40 ns308116 sshd[11016]: Failed password for root from 45.148.10.186 port 39380 ssh2 Oct 13 05:34:15 ns308116 sshd[11027]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.148.10.186 user=root ... |
2020-10-13 12:50:57 |
| 45.148.10.15 | attack | Oct 12 23:36:06 srv-ubuntu-dev3 sshd[31523]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.148.10.15 Oct 12 23:36:06 srv-ubuntu-dev3 sshd[31523]: Invalid user user from 45.148.10.15 Oct 12 23:36:08 srv-ubuntu-dev3 sshd[31523]: Failed password for invalid user user from 45.148.10.15 port 40704 ssh2 Oct 12 23:36:38 srv-ubuntu-dev3 sshd[31590]: Invalid user 123Diego from 45.148.10.15 Oct 12 23:36:38 srv-ubuntu-dev3 sshd[31590]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.148.10.15 Oct 12 23:36:38 srv-ubuntu-dev3 sshd[31590]: Invalid user 123Diego from 45.148.10.15 Oct 12 23:36:40 srv-ubuntu-dev3 sshd[31590]: Failed password for invalid user 123Diego from 45.148.10.15 port 59760 ssh2 Oct 12 23:37:17 srv-ubuntu-dev3 sshd[31656]: Invalid user Alphanetworks from 45.148.10.15 Oct 12 23:37:17 srv-ubuntu-dev3 sshd[31656]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rh ... |
2020-10-13 05:40:39 |
| 45.148.10.186 | attack | Fail2Ban |
2020-10-13 05:39:02 |
| 45.148.10.15 | attackbotsspam | Fail2Ban |
2020-10-12 05:52:51 |
| 45.148.10.65 | attackbots | Invalid user ubuntu from 45.148.10.65 port 43138 |
2020-10-12 05:36:52 |
| 45.148.10.15 | attack | Brute force attempt |
2020-10-11 21:59:38 |
| 45.148.10.65 | attackspam | Oct 01 10:49:15 host sshd[12378]: Invalid user ubuntu from 45.148.10.65 port 41060 |
2020-10-11 21:43:21 |
| 45.148.10.28 | attack | Fail2Ban automatic report: SSH brute-force: |
2020-10-11 21:05:28 |
| 45.148.10.15 | attackspam | Cowrie Honeypot: 10 unauthorised SSH/Telnet login attempts between 2020-10-11T05:41:40Z and 2020-10-11T05:47:54Z |
2020-10-11 13:57:38 |
b; <<>> DiG 9.10.3-P4-Ubuntu <<>> 45.148.10.40
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 60270
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;45.148.10.40. IN A
;; AUTHORITY SECTION:
. 258 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2019092300 1800 900 604800 86400
;; Query time: 53 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Sep 23 21:52:22 CST 2019
;; MSG SIZE rcvd: 116Host 40.10.148.45.in-addr.arpa. not found: 3(NXDOMAIN)Server: 183.60.83.19
Address: 183.60.83.19#53
** server can't find 40.10.148.45.in-addr.arpa: NXDOMAIN| IP | Type | Details | Datetime |
|---|---|---|---|
| 128.199.157.63 | attackbotsspam | 2020-07-06T17:24:23.411890hostname sshd[109965]: Failed password for invalid user magda from 128.199.157.63 port 53304 ssh2 ... |
2020-07-06 18:32:36 |
| 192.160.102.164 | attackbotsspam | Unauthorized connection attempt detected from IP address 192.160.102.164 to port 143 |
2020-07-06 18:13:22 |
| 124.156.55.99 | attackbots | Tried our host z. |
2020-07-06 18:36:47 |
| 222.186.30.167 | attackbots | Jul 6 05:59:34 ny01 sshd[23713]: Failed password for root from 222.186.30.167 port 61689 ssh2 Jul 6 05:59:54 ny01 sshd[23756]: Failed password for root from 222.186.30.167 port 25633 ssh2 Jul 6 05:59:57 ny01 sshd[23756]: Failed password for root from 222.186.30.167 port 25633 ssh2 |
2020-07-06 18:11:25 |
| 212.69.160.58 | attack | port scan and connect, tcp 1433 (ms-sql-s) |
2020-07-06 18:57:19 |
| 101.36.177.240 | attack | Jul 6 14:18:20 itv-usvr-01 sshd[9154]: Invalid user clj from 101.36.177.240 Jul 6 14:18:20 itv-usvr-01 sshd[9154]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=101.36.177.240 Jul 6 14:18:20 itv-usvr-01 sshd[9154]: Invalid user clj from 101.36.177.240 Jul 6 14:18:22 itv-usvr-01 sshd[9154]: Failed password for invalid user clj from 101.36.177.240 port 52476 ssh2 Jul 6 14:19:54 itv-usvr-01 sshd[9214]: Invalid user netflix from 101.36.177.240 |
2020-07-06 18:45:49 |
| 222.186.180.130 | attackbotsspam | 07/06/2020-06:52:15.078683 222.186.180.130 Protocol: 6 ET SCAN Potential SSH Scan |
2020-07-06 18:56:03 |
| 45.121.104.220 | attackbots | Scan |
2020-07-06 18:33:19 |
| 35.224.204.56 | attackbots | 2020-07-06T04:27:23.916060abusebot-3.cloudsearch.cf sshd[17271]: Invalid user ankit from 35.224.204.56 port 52648 2020-07-06T04:27:23.923890abusebot-3.cloudsearch.cf sshd[17271]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=56.204.224.35.bc.googleusercontent.com 2020-07-06T04:27:23.916060abusebot-3.cloudsearch.cf sshd[17271]: Invalid user ankit from 35.224.204.56 port 52648 2020-07-06T04:27:26.462038abusebot-3.cloudsearch.cf sshd[17271]: Failed password for invalid user ankit from 35.224.204.56 port 52648 ssh2 2020-07-06T04:32:43.474170abusebot-3.cloudsearch.cf sshd[17276]: Invalid user ca from 35.224.204.56 port 44870 2020-07-06T04:32:43.481204abusebot-3.cloudsearch.cf sshd[17276]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=56.204.224.35.bc.googleusercontent.com 2020-07-06T04:32:43.474170abusebot-3.cloudsearch.cf sshd[17276]: Invalid user ca from 35.224.204.56 port 44870 2020-07-06T04:32:45.055964a ... |
2020-07-06 18:24:34 |
| 200.73.128.148 | attackspam | bruteforce detected |
2020-07-06 18:27:19 |
| 104.236.228.46 | attackspam |
|
2020-07-06 18:15:42 |
| 183.89.181.21 | attackspambots | Icarus honeypot on github |
2020-07-06 18:17:20 |
| 141.98.81.207 | attackspambots | $f2bV_matches |
2020-07-06 18:57:49 |
| 141.98.81.210 | attack | $f2bV_matches |
2020-07-06 18:51:18 |
| 103.145.12.171 | attackbots | [2020-07-06 00:09:21] NOTICE[1197][C-000020cd] chan_sip.c: Call from '' (103.145.12.171:65442) to extension '00046520458231' rejected because extension not found in context 'public'. [2020-07-06 00:09:21] SECURITY[1214] res_security_log.c: SecurityEvent="FailedACL",EventTV="2020-07-06T00:09:21.269-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="00046520458231",SessionID="0x7f6d2833d578",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/103.145.12.171/65442",ACLName="no_extension_match" [2020-07-06 00:09:21] NOTICE[1197][C-000020ce] chan_sip.c: Call from '' (103.145.12.171:51795) to extension '0046441408573' rejected because extension not found in context 'public'. [2020-07-06 00:09:21] SECURITY[1214] res_security_log.c: SecurityEvent="FailedACL",EventTV="2020-07-06T00:09:21.779-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="0046441408573",SessionID="0x7f6d286efd48",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/103 ... |
2020-07-06 18:18:27 |