45.148.120.136

Basic Info

City: unknown

Region: unknown

Country: Netherlands

Internet Service Provider: Sijmen Klaas Bakker

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
45.148.120.150	attackspambots	[Tue Apr 07 00:48:43.054737 2020] [:error] [pid 135802] [client 45.148.120.150:55588] [client 45.148.120.150] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:anomaly_score. [file "/usr/share/modsecurity-crs/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "91"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 18)"] [severity "CRITICAL"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [hostname "127.0.0.1"] [uri "/cgi-bin/ViewLog.asp"] [unique_id "Xov4GsTCSdcWHEV@F8KFXAAAAB8"] ...	2020-04-07 17:53:09
45.148.120.105	attackspambots	SSH login attempts.	2020-03-20 13:29:32

Type

Details

Datetime

45.148.120.150

attackspambots

[Tue Apr 07 00:48:43.054737 2020] [:error] [pid 135802] [client 45.148.120.150:55588] [client 45.148.120.150] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:anomaly_score. [file "/usr/share/modsecurity-crs/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "91"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 18)"] [severity "CRITICAL"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [hostname "127.0.0.1"] [uri "/cgi-bin/ViewLog.asp"] [unique_id "Xov4GsTCSdcWHEV@F8KFXAAAAB8"]
...

2020-04-07 17:53:09

45.148.120.105

attackspambots

SSH login attempts.

2020-03-20 13:29:32

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 45.148.120.136
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 11270
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;45.148.120.136.			IN	A

;; AUTHORITY SECTION:
.			543	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020061000 1800 900 604800 86400

;; Query time: 83 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Jun 10 16:07:04 CST 2020
;; MSG SIZE  rcvd: 118

Host info

Host 136.120.148.45.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 136.120.148.45.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
102.68.110.108	attackspambots	Jul 14 20:24:46 mellenthin postfix/smtpd[15429]: NOQUEUE: reject: RCPT from unknown[102.68.110.108]: 554 5.7.1 Service unavailable; Client host [102.68.110.108] blocked using zen.spamhaus.org; https://www.spamhaus.org/query/ip/102.68.110.108 / https://www.spamhaus.org/sbl/query/SBLCSS; from= to= proto=ESMTP helo=<[102.68.110.108]>	2020-07-15 07:57:58
152.136.152.45	attackbots	Jul 14 22:00:20 vm1 sshd[5724]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=152.136.152.45 Jul 14 22:00:22 vm1 sshd[5724]: Failed password for invalid user gsq from 152.136.152.45 port 9304 ssh2 ...	2020-07-15 08:03:20
37.187.7.95	attackspam	Jul 15 02:08:59 mellenthin sshd[7157]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=37.187.7.95 Jul 15 02:09:01 mellenthin sshd[7157]: Failed password for invalid user postgres from 37.187.7.95 port 42022 ssh2	2020-07-15 08:14:22
222.186.42.136	attack	Jul 15 02:10:59 piServer sshd[26617]: Failed password for root from 222.186.42.136 port 28004 ssh2 Jul 15 02:11:02 piServer sshd[26617]: Failed password for root from 222.186.42.136 port 28004 ssh2 Jul 15 02:11:13 piServer sshd[26630]: Failed password for root from 222.186.42.136 port 27366 ssh2 ...	2020-07-15 08:19:28
123.207.92.183	attack	Jul 14 23:05:57 ns392434 sshd[18544]: Invalid user omm from 123.207.92.183 port 38550 Jul 14 23:05:57 ns392434 sshd[18544]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.207.92.183 Jul 14 23:05:57 ns392434 sshd[18544]: Invalid user omm from 123.207.92.183 port 38550 Jul 14 23:05:58 ns392434 sshd[18544]: Failed password for invalid user omm from 123.207.92.183 port 38550 ssh2 Jul 14 23:30:35 ns392434 sshd[19425]: Invalid user guest3 from 123.207.92.183 port 34068 Jul 14 23:30:35 ns392434 sshd[19425]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.207.92.183 Jul 14 23:30:35 ns392434 sshd[19425]: Invalid user guest3 from 123.207.92.183 port 34068 Jul 14 23:30:38 ns392434 sshd[19425]: Failed password for invalid user guest3 from 123.207.92.183 port 34068 ssh2 Jul 14 23:51:19 ns392434 sshd[20084]: Invalid user sam from 123.207.92.183 port 56100	2020-07-15 07:54:44
24.145.138.131	attack	[DoS attack: LAND] attack packets in last 20 sec from ip [24.145.138.131], Tuesday, Jul 14,2020 12:04:38 [DoS attack: LAND] attack packets in last 20 sec from ip [24.145.138.131], Tuesday, Jul 14,2020 12:03:26 [DoS attack: LAND] attack packets in last 20 sec from ip [24.145.138.131], Tuesday, Jul 14,2020 12:00:18 [DoS attack: LAND] attack packets in last 20 sec from ip [24.145.138.131], Tuesday, Jul 14,2020 10:45:05	2020-07-15 07:55:00
222.186.173.142	attackbotsspam	Jul 14 08:48:29 hidden sshd[48417]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.173.142 user=root	2020-07-15 07:55:22
111.251.76.85	attack	Port probing on unauthorized port 445	2020-07-15 07:50:45
188.165.232.202	attack	fake user registration/login attempts	2020-07-15 07:48:55
115.146.126.209	attack	Jul 15 02:07:47 v22019038103785759 sshd\[8599\]: Invalid user piotr from 115.146.126.209 port 33482 Jul 15 02:07:47 v22019038103785759 sshd\[8599\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=115.146.126.209 Jul 15 02:07:50 v22019038103785759 sshd\[8599\]: Failed password for invalid user piotr from 115.146.126.209 port 33482 ssh2 Jul 15 02:17:19 v22019038103785759 sshd\[8987\]: Invalid user demo from 115.146.126.209 port 47032 Jul 15 02:17:19 v22019038103785759 sshd\[8987\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=115.146.126.209 ...	2020-07-15 08:21:44
112.3.30.83	attack	Jul 13 04:16:48 hidden sshd[19059]: Failed password for invalid user developer from 112.3.30.83 port 42998 ssh2	2020-07-15 07:56:04
124.105.173.17	attackspam	Jul 15 06:57:29 webhost01 sshd[20207]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.105.173.17 Jul 15 06:57:31 webhost01 sshd[20207]: Failed password for invalid user alex from 124.105.173.17 port 58397 ssh2 ...	2020-07-15 08:23:51
149.56.12.88	attackbotsspam	300. On Jul 14 2020 experienced a Brute Force SSH login attempt -> 54 unique times by 149.56.12.88.	2020-07-15 08:21:07
85.209.48.228	attackspam	(sshd) Failed SSH login from 85.209.48.228 (DE/Germany/knr-party.de): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Jul 15 02:16:35 s1 sshd[32258]: Invalid user matt from 85.209.48.228 port 47742 Jul 15 02:16:37 s1 sshd[32258]: Failed password for invalid user matt from 85.209.48.228 port 47742 ssh2 Jul 15 02:44:51 s1 sshd[839]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=85.209.48.228 user=ftp Jul 15 02:44:52 s1 sshd[839]: Failed password for ftp from 85.209.48.228 port 36494 ssh2 Jul 15 02:59:11 s1 sshd[1278]: Invalid user postgres from 85.209.48.228 port 42620	2020-07-15 08:02:06
14.161.242.223	attackspambots	Honeypot attack, port: 445, PTR: static.vnpt.vn.	2020-07-15 08:23:26

Recently Reported IPs

117.206.154.162	115.79.213.242	128.199.220.215	74.142.206.151
210.245.110.254	173.221.249.137	186.54.20.119	45.9.148.91
41.60.232.131	192.35.168.212	168.246.184.223	2.47.91.234
185.181.60.131	33.118.236.195	49.149.225.49	119.152.141.207
191.53.249.236	119.42.67.237	191.53.249.246	113.109.114.20