45.148.120.105

Basic Info

City: unknown

Region: unknown

Country: Netherlands

Internet Service Provider: Sijmen Klaas Bakker

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspambots	SSH login attempts.	2020-03-20 13:29:32

Comments on same subnet:

IP	Type	Details	Datetime
45.148.120.150	attackspambots	[Tue Apr 07 00:48:43.054737 2020] [:error] [pid 135802] [client 45.148.120.150:55588] [client 45.148.120.150] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:anomaly_score. [file "/usr/share/modsecurity-crs/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "91"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 18)"] [severity "CRITICAL"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [hostname "127.0.0.1"] [uri "/cgi-bin/ViewLog.asp"] [unique_id "Xov4GsTCSdcWHEV@F8KFXAAAAB8"] ...	2020-04-07 17:53:09

Type

Details

Datetime

45.148.120.150

attackspambots

[Tue Apr 07 00:48:43.054737 2020] [:error] [pid 135802] [client 45.148.120.150:55588] [client 45.148.120.150] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:anomaly_score. [file "/usr/share/modsecurity-crs/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "91"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 18)"] [severity "CRITICAL"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [hostname "127.0.0.1"] [uri "/cgi-bin/ViewLog.asp"] [unique_id "Xov4GsTCSdcWHEV@F8KFXAAAAB8"]
...

2020-04-07 17:53:09

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 45.148.120.105
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 44975
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;45.148.120.105.			IN	A

;; AUTHORITY SECTION:
.			592	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020032000 1800 900 604800 86400

;; Query time: 97 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Mar 20 13:29:15 CST 2020
;; MSG SIZE  rcvd: 118

Host info

Host 105.120.148.45.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 105.120.148.45.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
37.49.226.115	attack	MultiHost/MultiPort Probe, Scan, Hack -	2020-04-17 22:17:06
212.237.34.156	attackbots	Found by fail2ban	2020-04-17 22:21:11
180.76.150.238	attack	Invalid user pdx from 180.76.150.238 port 33548	2020-04-17 21:44:44
185.110.136.23	attack	Automatic report - Banned IP Access	2020-04-17 21:40:25
180.183.123.195	attack	Bruteforce detected by fail2ban	2020-04-17 22:04:51
199.188.200.224	attackbotsspam	Automatic report - XMLRPC Attack	2020-04-17 21:44:13
68.183.22.85	attack	Apr 17 13:05:04 eventyay sshd[12152]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=68.183.22.85 Apr 17 13:05:06 eventyay sshd[12152]: Failed password for invalid user teste from 68.183.22.85 port 56480 ssh2 Apr 17 13:08:33 eventyay sshd[12250]: Failed password for root from 68.183.22.85 port 37572 ssh2 ...	2020-04-17 21:43:16
45.141.150.246	attackspam	SpamScore above: 10.0	2020-04-17 22:18:43
93.171.5.244	attack	Apr 17 15:08:20 debian-2gb-nbg1-2 kernel: \[9387876.395625\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=93.171.5.244 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=247 ID=44024 PROTO=TCP SPT=54054 DPT=14765 WINDOW=1024 RES=0x00 SYN URGP=0	2020-04-17 21:41:48
45.14.151.246	attackspambots	45.14.151.246 - - \[17/Apr/2020:10:16:12 +0000\] "GET http://51.144.0.117/pass HTTP/1.1" 404 136 "-" "Go-http-client/1.1" 45.14.151.246 - - \[17/Apr/2020:10:16:12 +0000\] "GET http://51.144.0.117/pass HTTP/1.1" 404 136 "-" "Go-http-client/1.1" ...	2020-04-17 22:23:07
45.134.145.128	attackspambots	Unauthorized connection attempt detected from IP address 45.134.145.128 to port 5900	2020-04-17 22:10:30
190.64.131.155	attackbots	Apr 17 14:04:48 host sshd[13397]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=r190-64-131-155.su-static.adinet.com.uy user=root Apr 17 14:04:50 host sshd[13397]: Failed password for root from 190.64.131.155 port 43426 ssh2 ...	2020-04-17 21:42:10
2.57.207.110	attackbots	Telnet/23 MH Probe, Scan, BF, Hack -	2020-04-17 22:12:49
177.149.146.48	attack	1587120961 - 04/17/2020 12:56:01 Host: 177.149.146.48/177.149.146.48 Port: 445 TCP Blocked	2020-04-17 21:49:03
106.54.44.202	attack	2020-04-17T11:21:39.499921abusebot-5.cloudsearch.cf sshd[22583]: Invalid user admin from 106.54.44.202 port 38204 2020-04-17T11:21:39.505570abusebot-5.cloudsearch.cf sshd[22583]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.44.202 2020-04-17T11:21:39.499921abusebot-5.cloudsearch.cf sshd[22583]: Invalid user admin from 106.54.44.202 port 38204 2020-04-17T11:21:41.228759abusebot-5.cloudsearch.cf sshd[22583]: Failed password for invalid user admin from 106.54.44.202 port 38204 ssh2 2020-04-17T11:25:33.070087abusebot-5.cloudsearch.cf sshd[22589]: Invalid user bm from 106.54.44.202 port 38960 2020-04-17T11:25:33.080516abusebot-5.cloudsearch.cf sshd[22589]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.44.202 2020-04-17T11:25:33.070087abusebot-5.cloudsearch.cf sshd[22589]: Invalid user bm from 106.54.44.202 port 38960 2020-04-17T11:25:35.260594abusebot-5.cloudsearch.cf sshd[22589]: Failed passw ...	2020-04-17 21:47:23

Recently Reported IPs

116.72.10.237	93.174.93.143	197.60.16.233	198.46.205.89
178.164.154.6	173.235.122.54	142.93.133.83	103.112.191.100
30.236.213.227	153.123.161.15	36.104.144.12	134.175.92.233
129.211.60.4	27.83.170.191	100.244.185.67	46.41.139.155
48.129.136.43	45.14.150.140	61.213.207.126	95.202.174.175