JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 201.93.161.154

201.93.161.154 was found in our database!

This IP was reported 991 times. Confidence of Abuse is 100%: ?

100%

ISP	TELEFÔNICA BRASIL S.A
Usage Type	Fixed Line ISP
ASN	AS27699
Hostname(s)	201-93-161-154.dsl.telesp.net.br
Domain Name	telefonica.com.br
Country	🇧🇷 Brazil
City	Sao Paulo, Sao Paulo

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 201.93.161.154

Whois 201.93.161.154

IP Abuse Reports for 201.93.161.154:

This IP address has been reported a total of 991 times from 153 distinct sources. 201.93.161.154 was first reported on July 22nd 2025, and the most recent report was 5 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇧🇷 opastorello	2026-06-14 04:21:05 (5 hours ago)	T-Pot honeypot: 16 hits in 15min on port(s) 1433 (P0f/Suricata/Dionaea). Database attack/scan. Autom ... show more T-Pot honeypot: 16 hits in 15min on port(s) 1433 (P0f/Suricata/Dionaea). Database attack/scan. Automated report. show less	Port Scan Hacking
🇳🇱 donarev419	2026-06-14 04:15:01 (5 hours ago)	Connection to port 445 with data transfer. Data preview:	Port Scan Hacking
🇳🇱 knock	2026-06-13 18:57:48 (14 hours ago)	Knock-Knock honeypot brute-force: SMB (6 total hits)	Brute-Force
🇳🇱 Nerdscave Hosting	2026-06-13 08:58:20 (1 day ago)	[SMB Honeypot Report] Timestamp: 2026-06-13 08:58:19 UTC Port: 64896 Attempted credentials (Base64): ... show more [SMB Honeypot Report] Timestamp: 2026-06-13 08:58:19 UTC Port: 64896 Attempted credentials (Base64): L1NNQnJ8GAFIfHAZfAx8Ak5UIExNIDAuMTI= Attack Type: Unauthorized SMB connection attempt show less	Brute-Force Port Scan Hacking
🇫🇷 zulzeen	2026-06-13 01:34:36 (1 day ago)	[distribamap-0] Blocked by SysWarden Firewall [BLOCK] (Database/Cache Attack)	Hacking Brute-Force
🇺🇸 MPL	2026-06-12 17:17:17 (1 day ago)	tcp/445	Port Scan
🇺🇸 MPL	2026-06-12 16:08:27 (1 day ago)	tcp/445 (4 or more attempts)	Port Scan
🇬🇧 PeravixGroup	2026-06-12 01:32:34 (2 days ago)	Honeypot detection: SMB / Windows file sharing exploitation attempt on port 445. Severity: HIGH. Aar ... show more Honeypot detection: SMB / Windows file sharing exploitation attempt on port 445. Severity: HIGH. Aaran.cloud show less	Hacking Exploited Host
🇩🇪 Admins@FBN	2026-06-11 16:29:26 (2 days ago)	FW-PortScan: Traffic Blocked srcport=43855 dstport=1433	Port Scan Hacking SQL Injection
🇳🇱 StopAbuse	2026-06-11 04:14:24 (3 days ago)	tcp/1433	Port Scan
🇺🇸 MPL	2026-06-10 12:17:13 (3 days ago)	tcp/1433	Port Scan
🇫🇷 GoodOldTOS	2026-06-10 10:39:10 (3 days ago)	Connection to MSSQL honeypot	Hacking
🇺🇸 MPL	2026-06-10 08:40:57 (4 days ago)	tcp/1433 (2 or more attempts)	Port Scan
🇺🇸 Cyber Crusader	2026-06-10 05:12:42 (4 days ago)	Hundreds of Attempts (at least) to Connect to and Access Firewall Ports	Port Scan Hacking Brute-Force
🇳🇱 StopAbuse	2026-06-09 22:41:14 (4 days ago)	tcp/1433	Port Scan

Showing 1 to 15 of 991 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇫🇷 185.177.72.53

🇪🇸 185.62.20.170

🇺🇸 170.106.187.106

🇸🇳 41.83.111.191

🇺🇸 34.30.138.14

🇬🇧 213.166.84.60

🇲🇽 189.203.190.153

🇻🇳 116.110.26.155

🇩🇪 45.135.141.18

🇺🇸 2607:f8b0:4023:1004::125

🇬🇧 213.166.84.53

🇲🇽 187.191.48.24

🇳🇱 176.65.139.56

🇻🇳 171.231.196.215

🇰🇷 158.179.167.115

🇨🇳 125.38.12.235

🇫🇷 79.143.187.249

🇹🇿 41.59.45.153

🇬🇧 35.203.210.254

🇮🇳 34.93.128.179