94.74.148.2 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Iran (ISLAMIC Republic Of)

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
94.74.148.17	attack	Sep 12 18:09:19 mail.srvfarm.net postfix/smtpd[534038]: warning: unknown[94.74.148.17]: SASL PLAIN authentication failed: Sep 12 18:09:19 mail.srvfarm.net postfix/smtpd[534038]: lost connection after AUTH from unknown[94.74.148.17] Sep 12 18:14:16 mail.srvfarm.net postfix/smtpd[533998]: warning: unknown[94.74.148.17]: SASL PLAIN authentication failed: Sep 12 18:14:16 mail.srvfarm.net postfix/smtpd[533998]: lost connection after AUTH from unknown[94.74.148.17] Sep 12 18:19:04 mail.srvfarm.net postfix/smtpd[533956]: warning: unknown[94.74.148.17]: SASL PLAIN authentication failed:	2020-09-14 01:43:38
94.74.148.17	attack	Sep 12 18:09:19 mail.srvfarm.net postfix/smtpd[534038]: warning: unknown[94.74.148.17]: SASL PLAIN authentication failed: Sep 12 18:09:19 mail.srvfarm.net postfix/smtpd[534038]: lost connection after AUTH from unknown[94.74.148.17] Sep 12 18:14:16 mail.srvfarm.net postfix/smtpd[533998]: warning: unknown[94.74.148.17]: SASL PLAIN authentication failed: Sep 12 18:14:16 mail.srvfarm.net postfix/smtpd[533998]: lost connection after AUTH from unknown[94.74.148.17] Sep 12 18:19:04 mail.srvfarm.net postfix/smtpd[533956]: warning: unknown[94.74.148.17]: SASL PLAIN authentication failed:	2020-09-13 17:39:58
94.74.148.120	attack	Jul 5 13:34:53 mailman postfix/smtpd[12455]: warning: unknown[94.74.148.120]: SASL PLAIN authentication failed: authentication failure	2020-07-06 04:46:39
94.74.148.73	attackspam	Jul 14 12:16:52 rigel postfix/smtpd[30023]: connect from unknown[94.74.148.73] Jul 14 12:16:53 rigel postfix/smtpd[30023]: warning: unknown[94.74.148.73]: SASL CRAM-MD5 authentication failed: authentication failure Jul 14 12:16:53 rigel postfix/smtpd[30023]: warning: unknown[94.74.148.73]: SASL PLAIN authentication failed: authentication failure Jul 14 12:16:54 rigel postfix/smtpd[30023]: warning: unknown[94.74.148.73]: SASL LOGIN authentication failed: authentication failure ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=94.74.148.73	2019-07-15 04:31:04
94.74.148.85	attack	imap. Unknown user	2019-06-26 05:23:25

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 94.74.148.2
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 39931
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;94.74.148.2.			IN	A

;; AUTHORITY SECTION:
.			600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022020701 1800 900 604800 86400

;; Query time: 17 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Feb 08 02:35:05 CST 2022
;; MSG SIZE  rcvd: 104

Host info

Host 2.148.74.94.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 2.148.74.94.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
1.52.39.206	attack	TCP port 445 (SMB) attempt blocked by firewall. [2019-06-25 19:20:51]	2019-06-26 03:06:56
58.62.55.130	attack	Jun 25 16:59:24 h1655903 dovecot: imap-login: Disconnected \(auth failed, 1 attempts in 6 secs\): user=\, method=PLAIN, rip=58.62.55.130, lip=85.214.28.7, session=\ Jun 25 18:20:53 h1655903 dovecot: imap-login: Disconnected \(auth failed, 1 attempts in 6 secs\): user=\, method=PLAIN, rip=58.62.55.130, lip=85.214.28.7, session=\ Jun 25 19:21:02 h1655903 dovecot: imap-login: Disconnected \(auth failed, 1 attempts in 6 secs\): user=\, method=PLAIN, rip=58.62.55.130, lip=85.214.28.7, session=\ ...	2019-06-26 03:17:34
157.230.140.180	attackbots	Jun 25 19:22:30 lnxweb61 sshd[20873]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.230.140.180 Jun 25 19:22:30 lnxweb61 sshd[20873]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.230.140.180	2019-06-26 02:48:44
49.67.69.80	attack	2019-06-25T13:47:26.245520 X postfix/smtpd[4416]: warning: unknown[49.67.69.80]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 2019-06-25T17:47:07.317431 X postfix/smtpd[36763]: warning: unknown[49.67.69.80]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 2019-06-25T19:22:25.192755 X postfix/smtpd[49565]: warning: unknown[49.67.69.80]: SASL LOGIN authentication failed: UGFzc3dvcmQ6	2019-06-26 02:51:14
118.25.128.19	attackspambots	Jun 25 17:21:05 MK-Soft-VM4 sshd\[3545\]: Invalid user git11 from 118.25.128.19 port 33384 Jun 25 17:21:05 MK-Soft-VM4 sshd\[3545\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.25.128.19 Jun 25 17:21:07 MK-Soft-VM4 sshd\[3545\]: Failed password for invalid user git11 from 118.25.128.19 port 33384 ssh2 ...	2019-06-26 03:17:19
2.184.57.204	attackspambots	DATE:2019-06-25_19:20:43, IP:2.184.57.204, PORT:telnet Telnet brute force auth on honeypot server (honey-neo-dc)	2019-06-26 03:25:46
92.57.75.112	attackspambots	TCP Port: 25 _ invalid blocked abuseat-org spamcop _ _ _ _ (1246)	2019-06-26 02:47:41
167.250.96.151	attackspambots	Jun 25 12:20:38 mailman postfix/smtpd[19890]: warning: unknown[167.250.96.151]: SASL PLAIN authentication failed: authentication failure	2019-06-26 03:26:43
159.89.13.0	attackspambots	Jun 25 19:20:42 nextcloud sshd\[31981\]: Invalid user teamspeak3 from 159.89.13.0 Jun 25 19:20:42 nextcloud sshd\[31981\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.89.13.0 Jun 25 19:20:44 nextcloud sshd\[31981\]: Failed password for invalid user teamspeak3 from 159.89.13.0 port 57922 ssh2 ...	2019-06-26 03:23:36
121.49.99.12	attack	2019-06-25T19:42:37.359813test01.cajus.name sshd\[15034\]: Invalid user guest from 121.49.99.12 port 37244 2019-06-25T19:42:37.377529test01.cajus.name sshd\[15034\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.49.99.12 2019-06-25T19:42:39.193944test01.cajus.name sshd\[15034\]: Failed password for invalid user guest from 121.49.99.12 port 37244 ssh2	2019-06-26 03:18:46
92.63.194.115	attackbotsspam	¯\_(ツ)_/¯	2019-06-26 02:55:51
178.32.46.62	attack	Brute forcing Wordpress login	2019-06-26 03:16:22
31.1.62.102	attack	TCP Port: 25 _ invalid blocked abuseat-org barracudacentral _ _ _ _ (1244)	2019-06-26 03:12:06
191.32.78.179	attackbotsspam	Jun 25 18:17:00 collab sshd[30901]: Did not receive identification string from 191.32.78.179 Jun 25 18:27:10 collab sshd[31317]: Received disconnect from 191.32.78.179: 11: Bye Bye [preauth] Jun 25 18:30:33 collab sshd[31483]: reveeclipse mapping checking getaddrinfo for 191.32.78.179.dynamic.adsl.gvt.net.br [191.32.78.179] failed - POSSIBLE BREAK-IN ATTEMPT! Jun 25 18:30:33 collab sshd[31483]: Invalid user admin from 191.32.78.179 Jun 25 18:30:33 collab sshd[31483]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=191.32.78.179 Jun 25 18:30:35 collab sshd[31483]: Failed password for invalid user admin from 191.32.78.179 port 36826 ssh2 Jun 25 18:30:35 collab sshd[31483]: Received disconnect from 191.32.78.179: 11: Bye Bye [preauth] Jun 25 18:33:09 collab sshd[31608]: reveeclipse mapping checking getaddrinfo for 191.32.78.179.dynamic.adsl.gvt.net.br [191.32.78.179] failed - POSSIBLE BREAK-IN ATTEMPT! Jun 25 18:33:09 collab sshd[31........ -------------------------------	2019-06-26 02:56:26
97.93.250.114	attack	port scan and connect, tcp 23 (telnet)	2019-06-26 03:08:22

Recently Reported IPs

94.74.75.246	200.56.75.242	201.170.10.180	103.79.233.51
123.113.109.238	213.166.76.102	178.176.41.40	187.226.12.56
162.241.203.97	110.86.177.88	59.89.97.17	89.203.96.154
72.186.36.141	185.136.204.159	172.115.213.197	185.139.27.220
34.92.108.250	14.139.238.124	171.37.173.82	175.178.67.24