130.61.61.82 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Germany

Internet Service Provider: Oracle Public Cloud

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspam	2020-04-20T06:37:31.565Z CLOSE host=130.61.61.82 port=39688 fd=4 time=30.028 bytes=51 ...	2020-06-19 03:23:18

Comments on same subnet:

IP	Type	Details	Datetime
130.61.61.133	attackspam	2020-04-19T17:03:42.778Z CLOSE host=130.61.61.133 port=50952 fd=4 time=20.012 bytes=13 ...	2020-06-19 03:25:11
130.61.61.147	attackbots	130.61.61.147 - - \[26/Nov/2019:07:27:12 +0100\] "GET /scripts/setup.php HTTP/1.1" 404 162 "-" "Mozilla/5.0 $Windows NT 10.0\; Win64\; x64\; rv:57.0$ Gecko/20100101 Firefox/57.0" 130.61.61.147 - - \[26/Nov/2019:07:27:12 +0100\] "GET /MyAdmin/scripts/setup.php HTTP/1.1" 404 162 "-" "Mozilla/5.0 $Windows NT 10.0\; Win64\; x64\; rv:57.0$ Gecko/20100101 Firefox/57.0" 130.61.61.147 - - \[26/Nov/2019:07:27:12 +0100\] "GET /mysql/scripts/setup.php HTTP/1.1" 404 162 "-" "Mozilla/5.0 $Windows NT 10.0\; Win64\; x64\; rv:57.0$ Gecko/20100101 Firefox/57.0" 130.61.61.147 - - \[26/Nov/2019:07:27:12 +0100\] "GET /phpmyadmin/scripts/_setup.php HTTP/1.1" 404 162 "-" "Mozilla/5.0 $Windows NT 10.0\; Win64\; x64\; rv:57.0$ Gecko/20100101 Firefox/57.0" 130.61.61.147 - - \[26/Nov/2019:07:27:12 +0100\] "GET /pma/scripts/setup.php HTTP/1.1" 404 162 "-" "Mozilla/5.0 $Windows NT 10.0\; Win64\; x64\; rv:57.0$ Gecko/20100101 Firefox/57.0" ...	2019-11-26 17:02:35
130.61.61.147	attack	php WP PHPmyadamin ABUSE blocked for 12h	2019-11-25 07:28:03
130.61.61.147	attack	130.61.61.147 - - [19/Nov/2019:07:13:51 +0100] "GET /phpmyadmin/scripts/setup.php HTTP/1.1" 404 226 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:57.0) Gecko/20100101 Firefox/57.0"	2019-11-19 16:21:16
130.61.61.147	attack	SS1,DEF GET /phpMyAdmin/scripts/setup.php GET /phpmyadmin/scripts/setup.php	2019-11-19 14:07:28

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 130.61.61.82
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 55370
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;130.61.61.82.			IN	A

;; AUTHORITY SECTION:
.			157	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020061801 1800 900 604800 86400

;; Query time: 135 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Jun 19 03:23:14 CST 2020
;; MSG SIZE  rcvd: 116

Host info

Host 82.61.61.130.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 82.61.61.130.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
209.17.96.234	attackspam	mozilla/5.0+(compatible;+nimbostratus-bot/v1.3.2;+http://cloudsystemnetworks.com)	2020-05-25 00:31:58
37.187.5.137	attackbotsspam	Repeated brute force against a port	2020-05-25 00:18:47
13.233.227.242	attack	Wordpress attack	2020-05-25 00:25:23
157.245.40.65	attackbotsspam	2020-05-24T13:04:23.648498shield sshd\[29758\]: Invalid user mahim from 157.245.40.65 port 58778 2020-05-24T13:04:23.652181shield sshd\[29758\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.245.40.65 2020-05-24T13:04:25.880936shield sshd\[29758\]: Failed password for invalid user mahim from 157.245.40.65 port 58778 ssh2 2020-05-24T13:07:59.747570shield sshd\[30576\]: Invalid user wka from 157.245.40.65 port 35524 2020-05-24T13:07:59.751322shield sshd\[30576\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.245.40.65	2020-05-25 00:06:57
45.55.170.59	attackbots	xmlrpc attack	2020-05-25 00:29:38
139.199.45.89	attackbotsspam	(sshd) Failed SSH login from 139.199.45.89 (CN/China/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: May 24 14:54:14 srv sshd[32584]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.45.89 user=root May 24 14:54:16 srv sshd[32584]: Failed password for root from 139.199.45.89 port 57340 ssh2 May 24 15:08:31 srv sshd[586]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.45.89 user=root May 24 15:08:33 srv sshd[586]: Failed password for root from 139.199.45.89 port 33864 ssh2 May 24 15:11:31 srv sshd[671]: Invalid user lizette from 139.199.45.89 port 38856	2020-05-25 00:14:43
123.30.149.92	attackbotsspam	May 24 16:23:43 game-panel sshd[1019]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.30.149.92 May 24 16:23:45 game-panel sshd[1019]: Failed password for invalid user zhouxia from 123.30.149.92 port 13880 ssh2 May 24 16:23:47 game-panel sshd[1019]: Failed password for invalid user zhouxia from 123.30.149.92 port 13880 ssh2 May 24 16:23:49 game-panel sshd[1019]: Failed password for invalid user zhouxia from 123.30.149.92 port 13880 ssh2	2020-05-25 00:34:57
174.138.44.201	attackbots	174.138.44.201 - - [24/May/2020:15:03:53 +0200] "GET /wp-login.php HTTP/1.1" 200 5865 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 174.138.44.201 - - [24/May/2020:15:03:57 +0200] "POST /wp-login.php HTTP/1.1" 200 6116 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 174.138.44.201 - - [24/May/2020:15:03:59 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-05-25 00:27:47
91.121.177.192	attack	May 24 17:12:09 sso sshd[6332]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=91.121.177.192 May 24 17:12:11 sso sshd[6332]: Failed password for invalid user rabbitmq from 91.121.177.192 port 44668 ssh2 ...	2020-05-25 00:04:32
14.215.44.9	attackbotsspam	May 24 14:06:48 melroy-server sshd[14954]: Failed password for root from 14.215.44.9 port 55132 ssh2 May 24 14:11:55 melroy-server sshd[15966]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.215.44.9 ...	2020-05-25 00:00:05
34.73.39.215	attackspam	$f2bV_matches	2020-05-25 00:22:11
5.101.0.209	attack	port	2020-05-25 00:11:05
104.18.30.4	attack	"MarketingPromoSystems, 8 The Green Suite #5828 Dover DE" 185.230.46.95 - phishing redirect www.starvingbarber.com	2020-05-25 00:12:42
106.54.184.153	attack	Brute force SMTP login attempted. ...	2020-05-25 00:38:48
2.135.132.171	attack	Email rejected due to spam filtering	2020-05-25 00:10:03

Recently Reported IPs

105.247.93.202	116.202.42.117	94.40.82.58	49.12.0.2
196.38.172.62	46.21.209.217	203.205.195.86	197.240.156.178
195.226.207.168	186.250.200.93	138.118.185.134	103.93.107.53
95.38.202.54	89.107.154.52	82.177.80.54	77.45.84.109
37.239.32.106	197.19.219.237	130.61.121.191	130.61.21.255