93.118.104.149

Basic Info

City: Tehran

Region: Ostan-e Tehran

Country: Iran

Internet Service Provider: Telecommunication Company of Tehran

Hostname: unknown

Organization: Information Technology Company (ITC)

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	SpamReport	2019-11-05 15:07:52
attackspam	postfix (unknown user, SPF fail or relay access denied)	2019-09-17 04:51:05
attackspambots	Jun 19 12:07:07 our-server-hostname postfix/smtpd[5618]: connect from unknown[93.118.104.149] Jun x@x Jun 19 12:07:10 our-server-hostname postfix/smtpd[5618]: lost connection after RCPT from unknown[93.118.104.149] Jun 19 12:07:10 our-server-hostname postfix/smtpd[5618]: disconnect from unknown[93.118.104.149] Jun 19 12:39:24 our-server-hostname postfix/smtpd[16176]: connect from unknown[93.118.104.149] Jun x@x Jun x@x Jun x@x Jun 19 12:39:29 our-server-hostname postfix/smtpd[16176]: lost connection after RCPT from unknown[93.118.104.149] Jun 19 12:39:29 our-server-hostname postfix/smtpd[16176]: disconnect from unknown[93.118.104.149] Jun 19 12:52:13 our-server-hostname postfix/smtpd[24174]: connect from unknown[93.118.104.149] Jun 19 12:52:17 our-server-hostname postfix/smtpd[24044]: connect from unknown[93.118.104.149] Jun x@x Jun x@x Jun x@x Jun x@x Jun x@x Jun x@x Jun x@x Jun x@x Jun x@x Jun x@x Jun 19 12:52:30 our-server-hostname postfix/smtpd[24174]: lost connecti........ -------------------------------	2019-06-23 07:54:16
attack	Jun 19 12:07:07 our-server-hostname postfix/smtpd[5618]: connect from unknown[93.118.104.149] Jun x@x Jun 19 12:07:10 our-server-hostname postfix/smtpd[5618]: lost connection after RCPT from unknown[93.118.104.149] Jun 19 12:07:10 our-server-hostname postfix/smtpd[5618]: disconnect from unknown[93.118.104.149] Jun 19 12:39:24 our-server-hostname postfix/smtpd[16176]: connect from unknown[93.118.104.149] Jun x@x Jun x@x Jun x@x Jun 19 12:39:29 our-server-hostname postfix/smtpd[16176]: lost connection after RCPT from unknown[93.118.104.149] Jun 19 12:39:29 our-server-hostname postfix/smtpd[16176]: disconnect from unknown[93.118.104.149] Jun 19 12:52:13 our-server-hostname postfix/smtpd[24174]: connect from unknown[93.118.104.149] Jun 19 12:52:17 our-server-hostname postfix/smtpd[24044]: connect from unknown[93.118.104.149] Jun x@x Jun x@x Jun x@x Jun x@x Jun x@x Jun x@x Jun x@x Jun x@x Jun x@x Jun x@x Jun 19 12:52:30 our-server-hostname postfix/smtpd[24174]: lost connecti........ -------------------------------	2019-06-22 17:56:24

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 93.118.104.149
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 64362
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;93.118.104.149.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019061901 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Thu Jun 20 15:41:26 CST 2019
;; MSG SIZE  rcvd: 118

Host info

Host 149.104.118.93.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 149.104.118.93.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
106.13.47.19	attack	May 8 05:54:52 inter-technics sshd[4918]: Invalid user hz from 106.13.47.19 port 35504 May 8 05:54:52 inter-technics sshd[4918]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.47.19 May 8 05:54:52 inter-technics sshd[4918]: Invalid user hz from 106.13.47.19 port 35504 May 8 05:54:54 inter-technics sshd[4918]: Failed password for invalid user hz from 106.13.47.19 port 35504 ssh2 May 8 05:58:54 inter-technics sshd[5341]: Invalid user www from 106.13.47.19 port 33486 ...	2020-05-08 12:08:34
212.64.58.58	attack	May 8 03:58:34 scw-6657dc sshd[31703]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=212.64.58.58 May 8 03:58:34 scw-6657dc sshd[31703]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=212.64.58.58 May 8 03:58:36 scw-6657dc sshd[31703]: Failed password for invalid user marvin from 212.64.58.58 port 41896 ssh2 ...	2020-05-08 12:22:29
77.42.92.56	attackbots	Automatic report - Port Scan Attack	2020-05-08 12:05:17
49.233.77.87	attackspambots	May 8 10:58:35 webhost01 sshd[596]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.233.77.87 May 8 10:58:37 webhost01 sshd[596]: Failed password for invalid user jose from 49.233.77.87 port 54806 ssh2 ...	2020-05-08 12:21:33
187.189.230.106	attackbotsspam	Dovecot Invalid User Login Attempt.	2020-05-08 12:15:59
178.32.218.192	attackspam	May 8 13:48:19 web1 sshd[12869]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.32.218.192 user=root May 8 13:48:21 web1 sshd[12869]: Failed password for root from 178.32.218.192 port 59192 ssh2 May 8 13:58:13 web1 sshd[15290]: Invalid user neeraj from 178.32.218.192 port 44246 May 8 13:58:13 web1 sshd[15290]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.32.218.192 May 8 13:58:13 web1 sshd[15290]: Invalid user neeraj from 178.32.218.192 port 44246 May 8 13:58:15 web1 sshd[15290]: Failed password for invalid user neeraj from 178.32.218.192 port 44246 ssh2 May 8 14:01:45 web1 sshd[16204]: Invalid user prateek from 178.32.218.192 port 49435 May 8 14:01:45 web1 sshd[16204]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.32.218.192 May 8 14:01:45 web1 sshd[16204]: Invalid user prateek from 178.32.218.192 port 49435 May 8 14:01:47 web1 sshd[16204 ...	2020-05-08 12:39:01
122.180.48.29	attack	May 8 05:52:08 ns382633 sshd\[15876\]: Invalid user 34.244.44.255 from 122.180.48.29 port 47981 May 8 05:52:08 ns382633 sshd\[15876\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.180.48.29 May 8 05:52:09 ns382633 sshd\[15876\]: Failed password for invalid user 34.244.44.255 from 122.180.48.29 port 47981 ssh2 May 8 05:58:33 ns382633 sshd\[16922\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.180.48.29 user=root May 8 05:58:35 ns382633 sshd\[16922\]: Failed password for root from 122.180.48.29 port 47835 ssh2	2020-05-08 12:23:32
49.88.112.115	attackbotsspam	20/5/8@00:07:22: FAIL: Alarm-SSH address from=49.88.112.115 ...	2020-05-08 12:25:44
222.186.175.212	attackspam	Wordpress malicious attack:[sshd]	2020-05-08 12:18:04
114.67.110.126	attackspambots	DATE:2020-05-08 06:06:31, IP:114.67.110.126, PORT:ssh SSH brute force auth (docker-dc)	2020-05-08 12:11:54
189.209.26.122	attackspambots	Automatic report - Port Scan Attack	2020-05-08 12:09:49
58.210.219.4	attack	Helo	2020-05-08 12:24:22
186.227.55.62	attackspambots	Unauthorised access (May 8) SRC=186.227.55.62 LEN=52 TTL=115 ID=16974 DF TCP DPT=445 WINDOW=8192 SYN	2020-05-08 12:00:51
139.155.20.146	attackspam	May 8 06:21:39 mout sshd[18041]: Invalid user postgres from 139.155.20.146 port 32880	2020-05-08 12:26:35
62.210.104.83	attack	www.geburtshaus-fulda.de 62.210.104.83 [08/May/2020:05:58:33 +0200] "POST /wp-login.php HTTP/1.1" 200 6083 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" www.geburtshaus-fulda.de 62.210.104.83 [08/May/2020:05:58:34 +0200] "POST /wp-login.php HTTP/1.1" 200 6084 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-05-08 12:27:51

Recently Reported IPs

156.155.160.134	60.187.162.37	159.100.190.79	23.57.191.192
36.199.101.60	163.15.245.204	94.244.162.112	123.130.132.60
113.120.96.180	219.214.20.114	154.16.144.89	94.23.35.54
45.67.14.194	114.5.70.243	187.177.77.80	138.167.139.147
93.30.181.108	85.34.254.166	62.98.43.128	161.119.247.8