45.148.235.239

Basic Info

City: unknown

Region: unknown

Country: Russian Federation

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
45.148.235.131	attack	Chat Spam	2020-08-18 12:40:04
45.148.235.179	attackspambots	Ein möglicherweise gefährlicher Request.Form-Wert wurde vom Client (mp$ContentZone$TxtMessage="	2020-01-18 21:25:20
45.148.235.210	attackspam	Mail/25/465/587-993/995 Probe, Reject, BadAuth, Hack, SPAM -	2020-01-17 23:05:54
45.148.235.169	attackspambots	9.311.211,50-04/03 [bc18/m78] PostRequest-Spammer scoring: Durban02	2019-11-21 03:13:38
45.148.235.11	attackspambots	Ein möglicherweise gefährlicher Request.Form-Wert wurde vom Client (mp$ContentZone$TxtMessage="	2019-11-20 07:30:18
45.148.235.18	attackbotsspam	45.148.235.18 - - [20/Oct/2019:07:59:06 -0400] "GET /?page=../etc/passwd&action=view&manufacturerID=12&productID=973&linkID=15902 HTTP/1.1" 200 16389 "https://newportbrassfaucets.com/?page=../etc/passwd&action=view&manufacturerID=12&productID=973&linkID=15902" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/76.0.3809.132 Safari/537.36" ...	2019-10-21 01:37:49
45.148.235.108	attackbotsspam	45.148.235.108 - - [20/Oct/2019:08:02:29 -0400] "GET /?page=products&action=/etc/passwd%00&manufacturerID=12&productID=973&linkID=15902 HTTP/1.1" 200 17147 "https://newportbrassfaucets.com/?page=products&action=/etc/passwd%00&manufacturerID=12&productID=973&linkID=15902" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/76.0.3809.132 Safari/537.36" ...	2019-10-20 22:38:01
45.148.235.14	attackspambots	45.148.235.14 - - [20/Oct/2019:08:02:36 -0400] "GET /?page=products&action=%2fetc%2fpasswd%00&manufacturerID=12&productID=973&linkID=15902 HTTP/1.1" 200 17147 "https://newportbrassfaucets.com/?page=products&action=%2fetc%2fpasswd%00&manufacturerID=12&productID=973&linkID=15902" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/76.0.3809.132 Safari/537.36" ...	2019-10-20 22:32:23

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 45.148.235.239
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 53733
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;45.148.235.239.			IN	A

;; AUTHORITY SECTION:
.			450	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022020701 1800 900 604800 86400

;; Query time: 13 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Feb 08 03:22:56 CST 2022
;; MSG SIZE  rcvd: 107

Host info

Host 239.235.148.45.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 239.235.148.45.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
203.143.20.162	attackspambots	Jul 21 14:07:39 ns382633 sshd\[9672\]: Invalid user ts3 from 203.143.20.162 port 50068 Jul 21 14:07:39 ns382633 sshd\[9672\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=203.143.20.162 Jul 21 14:07:41 ns382633 sshd\[9672\]: Failed password for invalid user ts3 from 203.143.20.162 port 50068 ssh2 Jul 21 15:00:46 ns382633 sshd\[19611\]: Invalid user enlace from 203.143.20.162 port 60920 Jul 21 15:00:46 ns382633 sshd\[19611\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=203.143.20.162	2020-07-21 22:41:17
122.155.3.94	attack	122.155.3.94 - - [21/Jul/2020:15:00:46 +0200] "POST /xmlrpc.php HTTP/2.0" 403 1026 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36" 122.155.3.94 - - [21/Jul/2020:15:00:46 +0200] "POST /xmlrpc.php HTTP/2.0" 403 1026 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36" ...	2020-07-21 22:43:05
82.102.21.185	attackbots	Unauthorized IMAP connection attempt	2020-07-21 22:26:41
35.226.241.164	attackbotsspam	35.226.241.164 - - [21/Jul/2020:15:01:00 +0200] "POST /xmlrpc.php HTTP/1.1" 403 1026 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36" 35.226.241.164 - - [21/Jul/2020:15:01:00 +0200] "POST /xmlrpc.php HTTP/1.1" 403 1026 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36" ...	2020-07-21 22:25:34
188.162.201.59	attackbotsspam	Unauthorized connection attempt from IP address 188.162.201.59 on Port 445(SMB)	2020-07-21 22:35:51
2.249.168.27	attack	1595336468 - 07/21/2020 20:01:08 Host: 2-249-168-27-no2212.tbcn.telia.com/2.249.168.27 Port: 26 TCP Blocked ...	2020-07-21 22:16:51
143.107.38.44	attackspambots	Unauthorized IMAP connection attempt	2020-07-21 22:20:48
180.251.223.94	attackspambots	1595336444 - 07/21/2020 15:00:44 Host: 180.251.223.94/180.251.223.94 Port: 445 TCP Blocked	2020-07-21 22:45:52
213.152.161.69	attack	Unauthorized IMAP connection attempt	2020-07-21 22:21:40
200.219.243.150	attack	Unauthorized connection attempt from IP address 200.219.243.150 on Port 445(SMB)	2020-07-21 22:37:54
66.220.149.118	attackspambots	[Tue Jul 21 20:00:49.531939 2020] [:error] [pid 27371:tid 140185811801856] [client 66.220.149.118:49158] [client 66.220.149.118] ModSecurity: Access denied with code 403 (phase 2). Match of "eq 0" against "&REQUEST_HEADERS:Transfer-Encoding" required. [file "/etc/modsecurity/owasp-modsecurity-crs-3.2.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "202"] [id "920171"] [msg "GET or HEAD Request with Transfer-Encoding."] [data "1"] [severity "CRITICAL"] [ver "OWASP_CRS/3.2.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "OWASP_CRS"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/INVALID_HREQ"] [tag "CAPEC-272"] [hostname "karangploso.jatim.bmkg.go.id"] [uri "/images/Klimatologi/Prakiraan/02-Prakiraan-Dasarian/Prakiraan_Probabilistik_Curah_Hujan_Dasarian/Prakiraan_Probabilistik_Curah_Hujan_Dasarian_Provinsi_Jawa_Timur/2020/07_Juli_2020/Das-II/Peta_Prakiraan-Dasarian-Probabilistik_Curah_Hujan_Dasarian-III-JULI_2020_Provinsi_Jawa_Timur_Upda ...	2020-07-21 22:43:40
108.176.158.141	attack	Jul 21 16:00:50 server2 sshd\[28530\]: Invalid user admin from 108.176.158.141 Jul 21 16:00:51 server2 sshd\[28532\]: User root from cpe-108-176-158-141.nyc.res.rr.com not allowed because not listed in AllowUsers Jul 21 16:00:52 server2 sshd\[28534\]: Invalid user admin from 108.176.158.141 Jul 21 16:00:53 server2 sshd\[28538\]: Invalid user admin from 108.176.158.141 Jul 21 16:00:54 server2 sshd\[28542\]: Invalid user admin from 108.176.158.141 Jul 21 16:00:55 server2 sshd\[28545\]: User apache from cpe-108-176-158-141.nyc.res.rr.com not allowed because not listed in AllowUsers	2020-07-21 22:32:03
62.112.11.223	attackspam	Cowrie Honeypot: 10 unauthorised SSH/Telnet login attempts between 2020-07-21T12:45:29Z and 2020-07-21T13:00:50Z	2020-07-21 22:37:03
192.163.207.200	attack	192.163.207.200 - - [21/Jul/2020:16:12:50 +0200] "POST /xmlrpc.php HTTP/1.1" 403 146 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 192.163.207.200 - - [21/Jul/2020:16:13:26 +0200] "POST /xmlrpc.php HTTP/1.1" 403 146 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-07-21 22:17:15
51.15.240.140	attack	27 attempts against mh-misbehave-ban on sonic	2020-07-21 22:54:13

Recently Reported IPs

97.98.170.4	91.205.241.86	194.12.124.188	213.215.82.33
191.113.54.6	140.250.92.1	175.153.162.63	222.111.197.75
45.184.130.178	124.123.182.96	103.84.241.196	139.130.150.87
114.41.182.200	120.86.255.131	40.92.19.72	59.126.125.56
151.239.241.100	40.91.121.214	194.166.61.68	61.216.39.166