111.93.140.157

基本信息:

城市(city): Bengaluru

省份(region): Karnataka

国家(country): India

运营商(isp): Tata Teleservices Ltd

主机名(hostname): unknown

机构(organization): Tata Teleservices ISP AS

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbotsspam	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-09-21 12:29:04,542 INFO [shellcode_manager] (111.93.140.157) no match, writing hexdump (bf01703259f62b6448c2e9110329bb33 :2237967) - MS17010 (EternalBlue)	2019-09-22 03:23:34

类型

评论内容

时间

attackbotsspam

@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-09-21 12:29:04,542 INFO [shellcode_manager] (111.93.140.157) no match, writing hexdump (bf01703259f62b6448c2e9110329bb33 :2237967) - MS17010 (EternalBlue)

2019-09-22 03:23:34

相同子网IP讨论:

IP	类型	评论内容	时间
111.93.140.149	attack	Invalid user fff from 111.93.140.149 port 62908	2020-02-01 09:08:23
111.93.140.155	attack	Unauthorized connection attempt from IP address 111.93.140.155 on Port 445(SMB)	2019-09-13 22:35:35
111.93.140.158	attackbotsspam	Unauthorized connection attempt from IP address 111.93.140.158 on Port 445(SMB)	2019-09-01 05:51:23
111.93.140.158	attackspambots	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-08-08 21:47:04,542 INFO [amun_request_handler] PortScan Detected on Port: 445 (111.93.140.158)	2019-08-09 07:13:36
111.93.140.155	attackbotsspam	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-08-02 08:48:12,841 INFO [shellcode_manager] (111.93.140.155) no match, writing hexdump (35704429de1a799830ba341ec6e055d0 :132) - SMB (Unknown) Vulnerability	2019-08-02 19:25:05
111.93.140.155	attackspambots	445/tcp 445/tcp 445/tcp... [2019-05-29/07-29]16pkt,1pt.(tcp)	2019-07-30 19:36:28
111.93.140.156	attackspambots	Unauthorized connection attempt from IP address 111.93.140.156 on Port 445(SMB)	2019-07-09 12:42:56
111.93.140.155	attackspam	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-07-06 02:20:43,411 INFO [amun_request_handler] PortScan Detected on Port: 445 (111.93.140.155)	2019-07-06 11:31:44
111.93.140.155	attackbotsspam	[SMB remote code execution attempt: port tcp/445] *(RWIN=8192)(06211034)	2019-06-23 05:25:50

WHOIS信息:

DIG信息:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 111.93.140.157
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 23583
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;111.93.140.157.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019051900 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Sun May 19 21:56:03 CST 2019
;; MSG SIZE  rcvd: 118

HOST信息:

157.140.93.111.in-addr.arpa domain name pointer static-157.140.93.111-tataidc.co.in.

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
157.140.93.111.in-addr.arpa	name = static-157.140.93.111-tataidc.co.in.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
217.138.76.66	attack	Reported by AbuseIPDB proxy server.	2019-09-14 18:04:18
81.84.235.209	attackspam	Sep 14 12:03:14 dedicated sshd[24191]: Invalid user vagrant from 81.84.235.209 port 34930	2019-09-14 18:06:34
73.158.248.207	attackspambots	Automatic report - Banned IP Access	2019-09-14 17:52:26
186.194.201.79	attackspam	Automatic report - Port Scan Attack	2019-09-14 17:15:51
141.98.9.195	attack	Sep 14 12:35:55 relay postfix/smtpd\[2262\]: warning: unknown\[141.98.9.195\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 14 12:36:39 relay postfix/smtpd\[5887\]: warning: unknown\[141.98.9.195\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 14 12:36:50 relay postfix/smtpd\[5920\]: warning: unknown\[141.98.9.195\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 14 12:37:33 relay postfix/smtpd\[7309\]: warning: unknown\[141.98.9.195\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 14 12:37:42 relay postfix/smtpd\[5920\]: warning: unknown\[141.98.9.195\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2019-09-14 18:43:22
106.248.19.115	attackspam	Sep 13 23:17:20 lcprod sshd\[29697\]: Invalid user ww from 106.248.19.115 Sep 13 23:17:20 lcprod sshd\[29697\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.248.19.115 Sep 13 23:17:22 lcprod sshd\[29697\]: Failed password for invalid user ww from 106.248.19.115 port 50068 ssh2 Sep 13 23:22:20 lcprod sshd\[30144\]: Invalid user Eevi from 106.248.19.115 Sep 13 23:22:20 lcprod sshd\[30144\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.248.19.115	2019-09-14 17:26:51
45.136.109.227	attackbots	Port Scan: TCP/14249	2019-09-14 17:32:54
148.70.210.77	attackbotsspam	Sep 14 05:54:27 plusreed sshd[13754]: Invalid user barison from 148.70.210.77 ...	2019-09-14 18:14:09
202.51.74.189	attackspambots	Sep 14 08:59:21 MK-Soft-VM5 sshd\[29454\]: Invalid user lodwin from 202.51.74.189 port 32850 Sep 14 08:59:21 MK-Soft-VM5 sshd\[29454\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.51.74.189 Sep 14 08:59:22 MK-Soft-VM5 sshd\[29454\]: Failed password for invalid user lodwin from 202.51.74.189 port 32850 ssh2 ...	2019-09-14 17:15:13
195.58.123.109	attack	Sep 13 23:10:37 friendsofhawaii sshd\[17218\]: Invalid user phoenix1 from 195.58.123.109 Sep 13 23:10:37 friendsofhawaii sshd\[17218\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=host.195.58.123.109.bitcom.se Sep 13 23:10:39 friendsofhawaii sshd\[17218\]: Failed password for invalid user phoenix1 from 195.58.123.109 port 38984 ssh2 Sep 13 23:14:44 friendsofhawaii sshd\[17619\]: Invalid user wi123 from 195.58.123.109 Sep 13 23:14:44 friendsofhawaii sshd\[17619\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=host.195.58.123.109.bitcom.se	2019-09-14 17:24:59
42.200.154.50	attackspambots	2019-09-14T08:51:22.271139MailD postfix/smtpd[15282]: NOQUEUE: reject: RCPT from 42-200-154-50.static.imsbiz.com[42.200.154.50]: 554 5.7.1 Service unavailable; Client host [42.200.154.50] blocked using bl.spamcop.net; Blocked - see https://www.spamcop.net/bl.shtml?42.200.154.50; from= to= proto=ESMTP helo=<42-200-154-50.static.imsbiz.com> 2019-09-14T08:51:22.904344MailD postfix/smtpd[15282]: NOQUEUE: reject: RCPT from 42-200-154-50.static.imsbiz.com[42.200.154.50]: 554 5.7.1 Service unavailable; Client host [42.200.154.50] blocked using bl.spamcop.net; Blocked - see https://www.spamcop.net/bl.shtml?42.200.154.50; from= to= proto=ESMTP helo=<42-200-154-50.static.imsbiz.com> 2019-09-14T08:51:23.570841MailD postfix/smtpd[15282]: NOQUEUE: reject: RCPT from 42-200-154-50.static.imsbiz.com[42.200.154.50]: 554 5.7.1 Service unavailable; Client host [42.200.154.50] blocked using bl.spamcop.net; Blocked - see h	2019-09-14 17:26:05
167.71.215.72	attackbots	Sep 14 09:55:21 saschabauer sshd[15864]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.71.215.72 Sep 14 09:55:24 saschabauer sshd[15864]: Failed password for invalid user tp from 167.71.215.72 port 21769 ssh2	2019-09-14 17:37:09
169.1.10.180	attackspam	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-09-14 05:22:39,718 INFO [amun_request_handler] PortScan Detected on Port: 445 (169.1.10.180)	2019-09-14 17:34:58
146.196.52.47	attackbotsspam	Sep 14 05:48:23 xtremcommunity sshd\[70857\]: Invalid user kobis from 146.196.52.47 port 39660 Sep 14 05:48:23 xtremcommunity sshd\[70857\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=146.196.52.47 Sep 14 05:48:25 xtremcommunity sshd\[70857\]: Failed password for invalid user kobis from 146.196.52.47 port 39660 ssh2 Sep 14 05:52:41 xtremcommunity sshd\[70977\]: Invalid user ftp_user123 from 146.196.52.47 port 53500 Sep 14 05:52:41 xtremcommunity sshd\[70977\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=146.196.52.47 ...	2019-09-14 17:58:18
119.235.48.75	attackspam	[SMB remote code execution attempt: port tcp/445] *(RWIN=8192)(09141017)	2019-09-14 17:13:30

最近上报的IP列表

61.64.136.54	154.208.12.224	60.164.198.231	17.10.0.251
66.160.100.184	62.119.195.86	42.51.69.7	130.76.18.128
50.223.108.155	187.35.83.203	191.65.221.50	5.158.91.77
37.41.164.142	31.7.56.99	168.142.117.240	155.198.109.90
5.135.196.103	201.149.152.238	214.178.248.23	221.91.99.14