45.148.10.69 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Italy

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspam	Automatic report - Port Scan	2020-02-12 05:22:52
attackbots	failed_logins	2020-01-24 23:39:42
attack	Trying brute force access to mail accounts	2020-01-21 16:06:09
attackspambots	2019-11-0204:32:09dovecot_loginauthenticatorfailedfor\(ADMIN\)[45.148.10.69]:34474:535Incorrectauthenticationdata\(set_id=info@bestwaysagl.ch\)2019-11-0204:35:25dovecot_loginauthenticatorfailedfor\(ADMIN\)[45.148.10.69]:43934:535Incorrectauthenticationdata\(set_id=info@bestwaysagl.ch\)2019-11-0204:38:39dovecot_loginauthenticatorfailedfor\(ADMIN\)[45.148.10.69]:53370:535Incorrectauthenticationdata\(set_id=info@bestwaysagl.ch\)2019-11-0204:41:54dovecot_loginauthenticatorfailedfor\(ADMIN\)[45.148.10.69]:34604:535Incorrectauthenticationdata\(set_id=info@bestwaysagl.ch\)2019-11-0204:45:15dovecot_loginauthenticatorfailedfor\(ADMIN\)[45.148.10.69]:44058:535Incorrectauthenticationdata\(set_id=info@bestwaysagl.ch\)2019-11-0204:48:38dovecot_loginauthenticatorfailedfor\(ADMIN\)[45.148.10.69]:53526:535Incorrectauthenticationdata\(set_id=info@bestwaysagl.ch\)2019-11-0204:52:00dovecot_loginauthenticatorfailedfor\(ADMIN\)[45.148.10.69]:34758:535Incorrectauthenticationdata\(set_id=info@bestwaysagl.ch\)2019-11-0204:55:23dovec	2019-11-02 12:15:06
attack	Oct 20 22:43:10 lnxmail61 postfix/submission/smtpd[26663]: warning: unknown[45.148.10.69]: SASL LOGIN authentication failed: UGFzc3dvcmQ6	2019-10-21 07:07:20

Comments on same subnet:

IP	Type	Details	Datetime
45.148.10.241	attack	DDoS Inbound	2023-11-15 18:54:04
45.148.10.28	attackspam	Oct 13 20:18:40 sshgateway sshd\[2360\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.148.10.28 user=root Oct 13 20:18:43 sshgateway sshd\[2360\]: Failed password for root from 45.148.10.28 port 40178 ssh2 Oct 13 20:19:07 sshgateway sshd\[2364\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.148.10.28 user=root	2020-10-14 02:28:44
45.148.10.15	attackspambots	Bruteforce detected by fail2ban	2020-10-13 21:25:53
45.148.10.186	attackspam	Unable to negotiate with 45.148.10.186 port 47964: no matching key exchange method found. Their offer: diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1 [preauth]	2020-10-13 21:24:21
45.148.10.28	attackbotsspam	SSH Server Abuse (45.148.10.28 as ): ...	2020-10-13 17:43:00
45.148.10.15	attackbotsspam	Oct 13 05:18:03 server2 sshd\[31409\]: Invalid user user from 45.148.10.15 Oct 13 05:18:48 server2 sshd\[31424\]: Invalid user server from 45.148.10.15 Oct 13 05:19:33 server2 sshd\[31465\]: Invalid user steam from 45.148.10.15 Oct 13 05:20:17 server2 sshd\[31678\]: Invalid user vmware from 45.148.10.15 Oct 13 05:21:00 server2 sshd\[31685\]: Invalid user microsoft from 45.148.10.15 Oct 13 05:21:44 server2 sshd\[31730\]: Invalid user cloud from 45.148.10.15	2020-10-13 12:52:46
45.148.10.186	attackspam	Oct 13 05:33:03 ns308116 sshd[11001]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.148.10.186 user=root Oct 13 05:33:05 ns308116 sshd[11001]: Failed password for root from 45.148.10.186 port 41866 ssh2 Oct 13 05:33:38 ns308116 sshd[11016]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.148.10.186 user=root Oct 13 05:33:40 ns308116 sshd[11016]: Failed password for root from 45.148.10.186 port 39380 ssh2 Oct 13 05:34:15 ns308116 sshd[11027]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.148.10.186 user=root ...	2020-10-13 12:50:57
45.148.10.15	attack	Oct 12 23:36:06 srv-ubuntu-dev3 sshd[31523]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.148.10.15 Oct 12 23:36:06 srv-ubuntu-dev3 sshd[31523]: Invalid user user from 45.148.10.15 Oct 12 23:36:08 srv-ubuntu-dev3 sshd[31523]: Failed password for invalid user user from 45.148.10.15 port 40704 ssh2 Oct 12 23:36:38 srv-ubuntu-dev3 sshd[31590]: Invalid user 123Diego from 45.148.10.15 Oct 12 23:36:38 srv-ubuntu-dev3 sshd[31590]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.148.10.15 Oct 12 23:36:38 srv-ubuntu-dev3 sshd[31590]: Invalid user 123Diego from 45.148.10.15 Oct 12 23:36:40 srv-ubuntu-dev3 sshd[31590]: Failed password for invalid user 123Diego from 45.148.10.15 port 59760 ssh2 Oct 12 23:37:17 srv-ubuntu-dev3 sshd[31656]: Invalid user Alphanetworks from 45.148.10.15 Oct 12 23:37:17 srv-ubuntu-dev3 sshd[31656]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rh ...	2020-10-13 05:40:39
45.148.10.186	attack	Fail2Ban	2020-10-13 05:39:02
45.148.10.15	attackbotsspam	Fail2Ban	2020-10-12 05:52:51
45.148.10.65	attackbots	Invalid user ubuntu from 45.148.10.65 port 43138	2020-10-12 05:36:52
45.148.10.15	attack	Brute force attempt	2020-10-11 21:59:38
45.148.10.65	attackspam	Oct 01 10:49:15 host sshd[12378]: Invalid user ubuntu from 45.148.10.65 port 41060	2020-10-11 21:43:21
45.148.10.28	attack	Fail2Ban automatic report: SSH brute-force:	2020-10-11 21:05:28
45.148.10.15	attackspam	Cowrie Honeypot: 10 unauthorised SSH/Telnet login attempts between 2020-10-11T05:41:40Z and 2020-10-11T05:47:54Z	2020-10-11 13:57:38

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 45.148.10.69
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 24221
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;45.148.10.69.			IN	A

;; AUTHORITY SECTION:
.			165	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019102001 1800 900 604800 86400

;; Query time: 118 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Oct 21 07:07:17 CST 2019
;; MSG SIZE  rcvd: 116

Host info

Host 69.10.148.45.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 69.10.148.45.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
46.18.68.89	attackbotsspam	2020-02-18T17:09:13.395Z CLOSE host=46.18.68.89 port=62103 fd=5 time=20.007 bytes=25 ...	2020-03-13 03:50:43
46.249.32.135	attackspambots	2020-03-07T13:24:33.606Z CLOSE host=46.249.32.135 port=37462 fd=4 time=20.015 bytes=32 ...	2020-03-13 03:46:51
45.83.66.207	attackspambots	2020-01-10T21:05:20.012Z CLOSE host=45.83.66.207 port=49352 fd=4 time=20.017 bytes=26 ...	2020-03-13 03:57:08
46.21.209.191	attackspambots	2020-01-06T11:22:20.216Z CLOSE host=46.21.209.191 port=53843 fd=4 time=40.034 bytes=31 ...	2020-03-13 03:50:08
49.232.161.115	attack	suspicious action Thu, 12 Mar 2020 14:53:17 -0300	2020-03-13 03:32:28
45.77.88.37	attackbotsspam	2020-03-04T06:26:22.392Z CLOSE host=45.77.88.37 port=6666 fd=5 time=30.005 bytes=46 ...	2020-03-13 03:59:50
45.83.64.104	attack	2020-02-29T12:43:08.115Z CLOSE host=45.83.64.104 port=12014 fd=4 time=20.007 bytes=10 ...	2020-03-13 03:58:27
157.230.123.253	attackbotsspam	Mar 12 15:17:58 NPSTNNYC01T sshd[22463]: Failed password for root from 157.230.123.253 port 47738 ssh2 Mar 12 15:18:12 NPSTNNYC01T sshd[22470]: Failed password for root from 157.230.123.253 port 56212 ssh2 ...	2020-03-13 03:25:19
117.52.87.230	attackbots	SSH authentication failure x 6 reported by Fail2Ban ...	2020-03-13 03:53:48
220.202.15.68	attackspam	suspicious action Thu, 12 Mar 2020 09:28:43 -0300	2020-03-13 03:33:26
49.248.251.102	attackbots	2019-10-20T12:09:46.342Z CLOSE host=49.248.251.102 port=42757 fd=4 time=1030.731 bytes=1734 ...	2020-03-13 03:30:20
220.127.17.188	attack	Telnet/23 MH Probe, Scan, BF, Hack -	2020-03-13 04:00:48
80.211.225.143	attack	Mar 12 14:41:17 Tower sshd[31266]: Connection from 80.211.225.143 port 43722 on 192.168.10.220 port 22 rdomain "" Mar 12 14:41:19 Tower sshd[31266]: Invalid user ts3 from 80.211.225.143 port 43722 Mar 12 14:41:19 Tower sshd[31266]: error: Could not get shadow information for NOUSER Mar 12 14:41:19 Tower sshd[31266]: Failed password for invalid user ts3 from 80.211.225.143 port 43722 ssh2 Mar 12 14:41:19 Tower sshd[31266]: Received disconnect from 80.211.225.143 port 43722:11: Bye Bye [preauth] Mar 12 14:41:19 Tower sshd[31266]: Disconnected from invalid user ts3 80.211.225.143 port 43722 [preauth]	2020-03-13 03:54:10
49.145.229.205	attackbots	2020-02-10T06:51:23.702Z CLOSE host=49.145.229.205 port=51638 fd=4 time=20.011 bytes=29 ...	2020-03-13 03:38:03
97.123.24.35	attack	Telnet/23 MH Probe, Scan, BF, Hack -	2020-03-13 03:37:39

Recently Reported IPs

41.66.9.195	35.187.201.189	192.99.253.153	82.237.215.53
94.127.205.243	54.240.3.6	27.105.249.85	185.40.13.72
206.189.143.219	185.40.13.53	94.191.66.227	172.68.144.129
188.225.58.60	222.218.102.248	192.144.219.221	120.35.12.153
103.215.210.146	2.93.151.32	89.67.190.213	177.106.114.161