JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 37.148.104.92

37.148.104.92 was found in our database!

This IP was reported 43 times. Confidence of Abuse is 100%: ?

100%

ISP	SHTL-NET
Usage Type	Fixed Line ISP
ASN	AS34369
Hostname(s)	37-148-104-92.shatel.ir
Domain Name	rasana.net
Country	🇮🇷 Iran (Islamic Republic of)
City	Tehran, Tehran

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 37.148.104.92

Whois 37.148.104.92

IP Abuse Reports for 37.148.104.92:

This IP address has been reported a total of 43 times from 37 distinct sources. 37.148.104.92 was first reported on June 3rd 2026, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 RAP	2026-06-06 19:00:55 (1 week ago)	2026-06-06 19:00:55 UTC Unauthorized activity to TCP port 22. SSH	SSH
🇺🇸 COMPLEX	2026-06-06 18:06:42 (1 week ago)	Banned by Multi Agent · node …i27s · attempts=5 · SSH brute-force / scan	Brute-Force SSH
🇨🇦 polycoda	2026-06-06 17:37:00 (1 week ago)	📡 Port scan	Hacking Web App Attack
🇺🇸 MPL	2026-06-06 16:54:00 (1 week ago)	tcp/80 (2 or more attempts)	Port Scan
🇺🇸 bigscoots.com	2026-06-06 16:24:55 (1 week ago)	(sshd) Failed SSH login from 37.148.104.92 (IR/Iran/37-148-104-92.shatel.ir): 5 in the last 3600 sec ... show more (sshd) Failed SSH login from 37.148.104.92 (IR/Iran/37-148-104-92.shatel.ir): 5 in the last 3600 secs; Ports: *; Direction: 1; Trigger: LF_SSHD; Logs: Jun 6 11:23:31 14107 sshd[7508]: Invalid user admin from 37.148.104.92 port 45538 Jun 6 11:23:34 14107 sshd[7508]: Failed password for invalid user admin from 37.148.104.92 port 45538 ssh2 Jun 6 11:24:06 14107 sshd[7909]: Invalid user orangepi from 37.148.104.92 port 36598 Jun 6 11:24:08 14107 sshd[7909]: Failed password for invalid user orangepi from 37.148.104.92 port 36598 ssh2 Jun 6 11:24:40 14107 sshd[8070]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=37.148.104.92 user=root show less	Brute-Force SSH
Anonymous	2026-06-06 16:21:53 (1 week ago)	Jun 6 16:21:21 f2b auth.info sshd[962151]: Invalid user admin from 37.148.104.92 port 42700 Jun 6 ... show more Jun 6 16:21:21 f2b auth.info sshd[962151]: Invalid user admin from 37.148.104.92 port 42700 Jun 6 16:21:21 f2b auth.info sshd[962151]: Failed password for invalid user admin from 37.148.104.92 port 42700 ssh2 Jun 6 16:21:52 f2b auth.info sshd[962153]: Invalid user orangepi from 37.148.104.92 port 34696 ... show less	Brute-Force SSH
🇳🇱 U.N.Owen	2026-06-06 15:56:12 (1 week ago)	37.148.104.92 - - [06/Jun/2026:18:56:08 +0300] "GET /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin. ... show more 37.148.104.92 - - [06/Jun/2026:18:56:08 +0300] "GET /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1" 404 146 "-" "libredtail-http" "-" 37.148.104.92 - - [06/Jun/2026:18:56:08 +0300] "GET /vendor/phpunit/phpunit/Util/PHP/eval-stdin.php HTTP/1.1" 404 146 "-" "libredtail-http" "-" 37.148.104.92 - - [06/Jun/2026:18:56:08 +0300] "GET /vendor/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1" 404 146 "-" "libredtail-http" "-" 37.148.104.92 - - [06/Jun/2026:18:56:09 +0300] "GET /vendor/phpunit/Util/PHP/eval-stdin.php HTTP/1.1" 404 146 "-" "libredtail-http" "-" 37.148.104.92 - - [06/Jun/2026:18:56:09 +0300] "GET /vendor/phpunit/phpunit/LICENSE/eval-stdin.php HTTP/1.1" 404 146 "-" "libredtail-http" "-" 37.148.104.92 - - [06/Jun/2026:18:56:09 +0300] "GET /vendor/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1" 404 146 "-" "libredtail-http" "-" 37.148.104.92 - - [06/Jun/2026:18:56:09 +0300] "GET /phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1" 404 146 "-" "libredtail-htt ... show less	Hacking Web App Attack
🇫🇷 tecnicorioja	2026-06-06 14:00:12 (1 week ago)	Failed password for invalid user Jun 06 15:35:50 port 51104	Brute-Force SSH
🇩🇪 psauxit	2026-06-06 06:46:51 (1 week ago)	Fail2Ban - NGINX bad requests 400-401-403-404-444, high level vulnerability scanning, commonly xmlrp ... show more Fail2Ban - NGINX bad requests 400-401-403-404-444, high level vulnerability scanning, commonly xmlrpc_attack, wp-login brute force, excessive crawling/scraping show less	Web App Attack Hacking
🇨🇿 plzenskypruvodce.cz	2026-06-06 06:28:41 (1 week ago)	2026-06-06T08:28:10.165729+02:00 proxy sshd[3161526]: Invalid user admin from 37.148.104.92 port 579 ... show more 2026-06-06T08:28:10.165729+02:00 proxy sshd[3161526]: Invalid user admin from 37.148.104.92 port 57950 2026-06-06T08:28:41.171618+02:00 proxy sshd[3161569]: Invalid user orangepi from 37.148.104.92 port 47592 ... show less	Web App Attack
🇺🇸 cwytech	2026-06-06 06:10:55 (1 week ago)	Fleet-wide ban from the Ghostfleet 👻. Triggered by scenario: cwy/web-asn-lockdown-high.	Bad Web Bot Web App Attack
🇩🇪 _ArminS_	2026-06-06 06:07:42 (1 week ago)	SP-Scan 54740:2222 detected 2026.06.06 08:07:42 blocked until 2026.07.26 01:10:29	Port Scan
🇩🇪 Nightreaver	2026-06-06 05:50:06 (1 week ago)	37.148.104.92 - - [06/Jun/2026:07:50:04 0200] "GET / HTTP/1.0" 400 625 "-" "-" 37.148.104.92 - - [0 ... show more 37.148.104.92 - - [06/Jun/2026:07:50:04 0200] "GET / HTTP/1.0" 400 625 "-" "-" 37.148.104.92 - - [06/Jun/2026:07:50:04 0200] "GET / HTTP/1.0" 400 625 "-" "-" 37.148.104.92 - - [06/Jun/2026:07:50:04 0200] "GET / HTTP/1.0" 400 625 "-" "-" 37.148.104.92 - - [06/Jun/2026:07:50:05 0200] "GET / HTTP/1.0" 400 625 "-" "-" 37.148.104.92 - - [06/Jun/2026:07:50:05 0200] "GET / HTTP/1.0" 400 625 "-" "-"[...] show less	Bad Web Bot Web App Attack
🇬🇧 PeravixGroup	2026-06-06 05:08:29 (1 week ago)	Honeypot detection: Telnet / IoT device brute-force or exploitation attempt on port 23. Severity: ME ... show more Honeypot detection: Telnet / IoT device brute-force or exploitation attempt on port 23. Severity: MEDIUM. Aaran.cloud show less	IoT Targeted Brute-Force
🇦🇹 urnilxfgbez	2026-06-05 22:45:00 (1 week ago)	Last 24 Hours suspicious: (DPT=445\|DPT=3389\|DPT=22\|DPT=3306\|DPT=8080\|DPT=23\|DPT=5900\|DPT=1433)	Port Scan

Showing 1 to 15 of 43 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇿🇦 2c0f:fb50:4001:5::12e

🇺🇸 170.106.193.108

🇫🇷 152.228.217.126

🇺🇸 65.49.1.88

🇺🇸 216.73.160.168

🇷🇺 185.93.108.40

🇭🇰 122.10.115.18

🇻🇳 103.60.242.169

🇺🇸 74.7.241.31

🇩🇪 69.5.169.235

🇩🇪 69.5.169.204

🇺🇸 47.77.199.120

🇳🇱 45.148.10.147

🇸🇬 43.173.132.95

🇳🇱 2a00:1450:4013:c14::122

🇬🇧 195.96.139.43

🇬🇧 172.98.190.132

🇺🇸 129.80.200.33

🇨🇳 117.50.118.246

🇸🇬 114.119.133.125