148.234.93.58 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Mexico

Internet Service Provider: Universidad Autonoma de Nuevo Leon

Hostname: unknown

Organization: unknown

Usage Type: University/College/School

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Unauthorized connection attempt from IP address 148.234.93.58 on Port 445(SMB)	2019-07-25 08:03:35

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 148.234.93.58
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 56187
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;148.234.93.58.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019072401 1800 900 604800 86400

;; Query time: 3 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Thu Jul 25 08:03:28 CST 2019
;; MSG SIZE  rcvd: 117

Host info

Host 58.93.234.148.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 58.93.234.148.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
139.5.242.184	attackbotsspam	Dec 19 15:39:42 grey postfix/smtpd\[23398\]: NOQUEUE: reject: RCPT from unknown\[139.5.242.184\]: 554 5.7.1 Service unavailable\; Client host \[139.5.242.184\] blocked using truncate.gbudb.net\; http://www.gbudb.com/truncate/ \[139.5.242.184\]\; from=\ to=\ proto=ESMTP helo=\<\[139.5.242.184\]\> ...	2019-12-19 22:46:32
211.166.59.79	attackspam	Unauthorised access (Dec 19) SRC=211.166.59.79 LEN=40 TTL=242 ID=46494 TCP DPT=1433 WINDOW=1024 SYN	2019-12-19 22:47:43
1.54.203.46	attackbots	Dec 19 15:39:45 grey postfix/smtpd\[13196\]: NOQUEUE: reject: RCPT from unknown\[1.54.203.46\]: 554 5.7.1 Service unavailable\; Client host \[1.54.203.46\] blocked using cbl.abuseat.org\; Blocked - see http://www.abuseat.org/lookup.cgi\?ip=1.54.203.46\; from=\ to=\ proto=ESMTP helo=\<\[1.54.203.46\]\> ...	2019-12-19 22:45:02
106.13.234.197	attack	Dec 19 15:39:33 srv206 sshd[19235]: Invalid user larock from 106.13.234.197 ...	2019-12-19 22:55:23
49.235.49.150	attackbotsspam	Dec 19 15:57:28 legacy sshd[15429]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.235.49.150 Dec 19 15:57:30 legacy sshd[15429]: Failed password for invalid user Play@123 from 49.235.49.150 port 37496 ssh2 Dec 19 16:05:57 legacy sshd[15761]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.235.49.150 ...	2019-12-19 23:06:03
186.87.134.185	attackbotsspam	Brute force SMTP login attempts.	2019-12-19 22:40:49
103.23.100.87	attackbotsspam	Dec 19 15:19:24 serwer sshd\[12873\]: Invalid user borchert from 103.23.100.87 port 40748 Dec 19 15:19:24 serwer sshd\[12873\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.23.100.87 Dec 19 15:19:26 serwer sshd\[12873\]: Failed password for invalid user borchert from 103.23.100.87 port 40748 ssh2 ...	2019-12-19 22:36:26
122.51.167.47	attackbots	Dec 19 16:00:02 localhost sshd\[6498\]: Invalid user ssw from 122.51.167.47 port 41896 Dec 19 16:00:02 localhost sshd\[6498\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.51.167.47 Dec 19 16:00:03 localhost sshd\[6498\]: Failed password for invalid user ssw from 122.51.167.47 port 41896 ssh2	2019-12-19 23:03:13
113.160.241.173	attack	1576766389 - 12/19/2019 15:39:49 Host: 113.160.241.173/113.160.241.173 Port: 445 TCP Blocked	2019-12-19 22:41:25
95.155.58.52	attackspam	Dec 19 15:39:20 grey postfix/smtpd\[12011\]: NOQUEUE: reject: RCPT from unknown\[95.155.58.52\]: 554 5.7.1 Service unavailable\; Client host \[95.155.58.52\] blocked using bl.spamcop.net\; Blocked - see https://www.spamcop.net/bl.shtml\?95.155.58.52\; from=\ to=\ proto=ESMTP helo=\ ...	2019-12-19 23:05:25
36.112.137.21	attackbotsspam	Lines containing failures of 36.112.137.21 Dec 18 14:11:08 shared06 sshd[17189]: Invalid user josh from 36.112.137.21 port 22458 Dec 18 14:11:08 shared06 sshd[17189]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=36.112.137.21 Dec 18 14:11:10 shared06 sshd[17189]: Failed password for invalid user josh from 36.112.137.21 port 22458 ssh2 Dec 18 14:11:10 shared06 sshd[17189]: Received disconnect from 36.112.137.21 port 22458:11: Bye Bye [preauth] Dec 18 14:11:10 shared06 sshd[17189]: Disconnected from invalid user josh 36.112.137.21 port 22458 [preauth] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=36.112.137.21	2019-12-19 22:50:01
138.68.94.173	attackspam	Dec 19 13:15:41 vps647732 sshd[27297]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.94.173 Dec 19 13:15:43 vps647732 sshd[27297]: Failed password for invalid user mirinda from 138.68.94.173 port 38210 ssh2 ...	2019-12-19 22:32:18
202.105.96.91	attack	Dec 19 18:32:08 microserver sshd[25763]: Invalid user saaaa from 202.105.96.91 port 48698 Dec 19 18:32:08 microserver sshd[25763]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.105.96.91 Dec 19 18:32:10 microserver sshd[25763]: Failed password for invalid user saaaa from 202.105.96.91 port 48698 ssh2 Dec 19 18:39:37 microserver sshd[26637]: Invalid user 333333 from 202.105.96.91 port 45208 Dec 19 18:39:37 microserver sshd[26637]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.105.96.91	2019-12-19 22:51:01
203.114.102.69	attackspam	Dec 19 14:57:05 server sshd\[25055\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=203.114.102.69 user=root Dec 19 14:57:08 server sshd\[25055\]: Failed password for root from 203.114.102.69 port 34632 ssh2 Dec 19 15:07:05 server sshd\[27806\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=203.114.102.69 user=mysql Dec 19 15:07:07 server sshd\[27806\]: Failed password for mysql from 203.114.102.69 port 55938 ssh2 Dec 19 15:13:09 server sshd\[29279\]: Invalid user cradduck from 203.114.102.69 Dec 19 15:13:09 server sshd\[29279\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=203.114.102.69 ...	2019-12-19 22:28:34
217.182.48.214	attackbots	Dec 19 04:34:29 web1 sshd\[19192\]: Invalid user c114 from 217.182.48.214 Dec 19 04:34:29 web1 sshd\[19192\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=217.182.48.214 Dec 19 04:34:31 web1 sshd\[19192\]: Failed password for invalid user c114 from 217.182.48.214 port 41600 ssh2 Dec 19 04:39:41 web1 sshd\[19753\]: Invalid user dolar from 217.182.48.214 Dec 19 04:39:41 web1 sshd\[19753\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=217.182.48.214	2019-12-19 22:45:23

Recently Reported IPs

67.198.130.72	46.188.121.143	113.161.34.68	95.104.113.118
124.122.144.76	24.213.122.48	177.70.152.82	27.158.48.50
178.91.176.122	103.102.97.242	181.177.237.146	141.230.209.227
103.20.3.137	182.52.135.193	36.72.214.83	42.51.240.161
200.196.97.37	102.132.19.240	49.50.118.213	117.93.23.67