103.93.136.244

Basic Info

City: unknown

Region: unknown

Country: India

Internet Service Provider: Syntego Technologies India Private Limited

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspam	IP 103.93.136.244 attacked honeypot on port: 81 at 6/24/2020 8:46:58 PM	2020-06-25 20:05:33

Comments on same subnet:

IP	Type	Details	Datetime
103.93.136.242	attackspambots	webserver:80 [28/Jun/2020] "GET /admin/login.asp HTTP/1.1" 400 0	2020-07-01 12:45:19
103.93.136.29	attackbots	Unauthorised access (Mar 2) SRC=103.93.136.29 LEN=52 TTL=118 ID=31663 DF TCP DPT=445 WINDOW=8192 SYN	2020-03-03 05:22:40
103.93.136.8	attackbotsspam	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/103.93.136.8/ IN - 1H : (55) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : IN NAME ASN : ASN135826 IP : 103.93.136.8 CIDR : 103.93.136.0/24 PREFIX COUNT : 4 UNIQUE IP COUNT : 1024 ATTACKS DETECTED ASN135826 : 1H - 1 3H - 1 6H - 1 12H - 1 24H - 1 DateTime : 2019-10-20 05:46:11 INFO : Server 301 - Looking for resource vulnerabilities Detected and Blocked by ADMIN - data recovery	2019-10-20 19:08:39

Type

Details

Datetime

103.93.136.242

attackspambots

webserver:80 [28/Jun/2020]  "GET /admin/login.asp HTTP/1.1" 400 0

2020-07-01 12:45:19

103.93.136.29

attackbots

Unauthorised access (Mar  2) SRC=103.93.136.29 LEN=52 TTL=118 ID=31663 DF TCP DPT=445 WINDOW=8192 SYN

2020-03-03 05:22:40

103.93.136.8

attackbotsspam

IP Ban Report :  
 https://help-dysk.pl/wordpress-firewall-plugins/ip/103.93.136.8/ 
 
 IN - 1H : (55)  
 Protection Against DDoS WordPress plugin :  
 "odzyskiwanie danych help-dysk" 
 IP Address Ranges by Country : IN 
 NAME ASN : ASN135826 
 
 IP : 103.93.136.8 
 
 CIDR : 103.93.136.0/24 
 
 PREFIX COUNT : 4 
 
 UNIQUE IP COUNT : 1024 
 
 
 ATTACKS DETECTED ASN135826 :  
  1H - 1 
  3H - 1 
  6H - 1 
 12H - 1 
 24H - 1 
 
 DateTime : 2019-10-20 05:46:11 
 
 INFO : Server 301 - Looking for resource vulnerabilities Detected and Blocked by ADMIN  - data recovery

2019-10-20 19:08:39

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 103.93.136.244
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 60672
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;103.93.136.244.			IN	A

;; AUTHORITY SECTION:
.			547	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020062500 1800 900 604800 86400

;; Query time: 63 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Jun 25 20:05:26 CST 2020
;; MSG SIZE  rcvd: 118

Host info

Host 244.136.93.103.in-addr.arpa not found: 2(SERVFAIL)

Nslookup info:

;; Got SERVFAIL reply from 183.60.83.19, trying next server
Server:		183.60.82.98
Address:	183.60.82.98#53

** server can't find 244.136.93.103.in-addr.arpa: SERVFAIL

Related IP info:

Related comments:

IP	Type	Details	Datetime
118.114.241.104	attack	Aug 3 07:16:06 mail sshd\[7363\]: Failed password for invalid user redis2 from 118.114.241.104 port 44459 ssh2 Aug 3 07:32:06 mail sshd\[7492\]: Invalid user user1 from 118.114.241.104 port 46370 Aug 3 07:32:06 mail sshd\[7492\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.114.241.104 ...	2019-08-03 14:32:26
211.233.66.61	attackspambots	Unauthorised access (Aug 3) SRC=211.233.66.61 LEN=44 TTL=235 ID=19142 TCP DPT=445 WINDOW=1024 SYN	2019-08-03 13:47:02
220.134.154.230	attackspam	Aug 3 06:52:34 ns3367391 sshd\[28204\]: Invalid user zhong from 220.134.154.230 port 55482 Aug 3 06:52:35 ns3367391 sshd\[28204\]: Failed password for invalid user zhong from 220.134.154.230 port 55482 ssh2 ...	2019-08-03 13:52:41
195.64.213.136	attackspambots	[portscan] Port scan	2019-08-03 14:33:16
191.53.196.76	attackspambots	Aug 2 23:51:55 mailman postfix/smtpd[14502]: warning: unknown[191.53.196.76]: SASL PLAIN authentication failed: authentication failure	2019-08-03 14:15:12
185.175.93.105	attack	Port scan: Attacks repeated for a week	2019-08-03 14:28:46
196.54.65.37	attack	A spam received from this SMTP server at 2019/06/23 (JST). The spammer used NS1.PROPORTION-ADMINISTER.NET and NS2 as the name servers for URLs, and NS1.S-P-F2.JP and NS2 as the name servers for mail addresses.	2019-08-03 13:56:54
180.159.3.46	attackbotsspam	Aug 2 21:16:01 fv15 sshd[19510]: Failed password for invalid user toshi from 180.159.3.46 port 54716 ssh2 Aug 2 21:16:01 fv15 sshd[19510]: Received disconnect from 180.159.3.46: 11: Bye Bye [preauth] Aug 2 21:52:03 fv15 sshd[7669]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.159.3.46 user=r.r Aug 2 21:52:05 fv15 sshd[7669]: Failed password for r.r from 180.159.3.46 port 41518 ssh2 Aug 2 21:52:05 fv15 sshd[7669]: Received disconnect from 180.159.3.46: 11: Bye Bye [preauth] Aug 2 21:57:39 fv15 sshd[16899]: Failed password for invalid user usuario from 180.159.3.46 port 53878 ssh2 Aug 2 21:57:39 fv15 sshd[16899]: Received disconnect from 180.159.3.46: 11: Bye Bye [preauth] Aug 2 22:01:39 fv15 sshd[1170]: Failed password for invalid user gus from 180.159.3.46 port 37958 ssh2 Aug 2 22:01:39 fv15 sshd[1170]: Received disconnect from 180.159.3.46: 11: Bye Bye [preauth] Aug 2 22:05:30 fv15 sshd[1500]: Failed password fo........ -------------------------------	2019-08-03 14:13:58
191.53.249.209	attackspambots	Aug 2 23:52:00 mailman postfix/smtpd[14502]: warning: unknown[191.53.249.209]: SASL PLAIN authentication failed: authentication failure	2019-08-03 14:10:02
95.91.201.123	attack	Chat Spam	2019-08-03 14:47:41
192.254.143.9	attackbots	WordPress login Brute force / Web App Attack on client site.	2019-08-03 14:48:49
80.53.7.213	attack	Aug 3 01:41:21 xtremcommunity sshd\[23700\]: Invalid user hastings from 80.53.7.213 port 35145 Aug 3 01:41:21 xtremcommunity sshd\[23700\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.53.7.213 Aug 3 01:41:23 xtremcommunity sshd\[23700\]: Failed password for invalid user hastings from 80.53.7.213 port 35145 ssh2 Aug 3 01:45:44 xtremcommunity sshd\[23813\]: Invalid user adam from 80.53.7.213 port 60457 Aug 3 01:45:44 xtremcommunity sshd\[23813\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.53.7.213 ...	2019-08-03 13:53:02
12.34.56.18	attackspam	Aug 3 06:52:43 cp sshd[31796]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=12.34.56.18 Aug 3 06:52:43 cp sshd[31796]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=12.34.56.18	2019-08-03 13:48:56
5.62.41.134	attackbotsspam	\[2019-08-03 02:12:06\] NOTICE\[2288\] chan_sip.c: Registration from '\' failed for '5.62.41.134:12332' - Wrong password \[2019-08-03 02:12:06\] SECURITY\[2326\] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2019-08-03T02:12:06.012-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="29188",SessionID="0x7ff4d07952f8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/5.62.41.134/60558",Challenge="6d27ca27",ReceivedChallenge="6d27ca27",ReceivedHash="dc5ac1545e5c8ce1a0731d1d4cd9b34b" \[2019-08-03 02:12:55\] NOTICE\[2288\] chan_sip.c: Registration from '\' failed for '5.62.41.134:12337' - Wrong password \[2019-08-03 02:12:55\] SECURITY\[2326\] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2019-08-03T02:12:55.523-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="47914",SessionID="0x7ff4d05ad438",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/5.62.41.134	2019-08-03 14:32:53
91.215.199.97	attackbotsspam	[portscan] Port scan	2019-08-03 14:06:12

Recently Reported IPs

120.92.102.30	14.187.33.30	116.118.112.85	211.225.174.94
24.1.38.16	14.178.221.85	177.155.36.211	233.43.4.11
14.227.59.51	110.78.181.153	91.84.15.131	69.6.43.78
27.72.113.41	13.70.2.48	100.176.50.30	172.81.211.47
238.110.5.169	195.149.46.162	230.254.74.160	121.126.220.15