61.130.20.2 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: Ningbo Jili Chuanqi Car Mold Co. Ltd.

Hostname: unknown

Organization: unknown

Usage Type: Commercial

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Unauthorized connection attempt detected from IP address 61.130.20.2 to port 1433	2019-12-31 20:41:17

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 61.130.20.2
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 12146
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;61.130.20.2.			IN	A

;; AUTHORITY SECTION:
.			429	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019123100 1800 900 604800 86400

;; Query time: 114 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Dec 31 20:41:13 CST 2019
;; MSG SIZE  rcvd: 115

Host info

Host 2.20.130.61.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 2.20.130.61.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
134.122.19.151	attack	Seems to be part of a bot attack on login	2020-07-18 07:06:01
125.214.249.53	attack	Unauthorized connection attempt from IP address 125.214.249.53 on Port 445(SMB)	2020-07-18 07:15:13
222.186.173.226	attackbots	Jul 18 02:24:09 ift sshd\[1761\]: Failed password for root from 222.186.173.226 port 48293 ssh2Jul 18 02:24:24 ift sshd\[1761\]: Failed password for root from 222.186.173.226 port 48293 ssh2Jul 18 02:24:39 ift sshd\[1803\]: Failed password for root from 222.186.173.226 port 29571 ssh2Jul 18 02:24:53 ift sshd\[1803\]: Failed password for root from 222.186.173.226 port 29571 ssh2Jul 18 02:24:56 ift sshd\[1803\]: Failed password for root from 222.186.173.226 port 29571 ssh2 ...	2020-07-18 07:35:51
46.38.150.72	attackbots	Jul 18 00:55:58 web02.agentur-b-2.de postfix/smtpd[1850254]: warning: unknown[46.38.150.72]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jul 18 00:56:27 web02.agentur-b-2.de postfix/smtpd[1849413]: warning: unknown[46.38.150.72]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jul 18 00:56:52 web02.agentur-b-2.de postfix/smtpd[1849413]: warning: unknown[46.38.150.72]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jul 18 00:57:22 web02.agentur-b-2.de postfix/smtpd[1850254]: warning: unknown[46.38.150.72]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jul 18 00:57:52 web02.agentur-b-2.de postfix/smtpd[1850340]: warning: unknown[46.38.150.72]: SASL LOGIN authentication failed: UGFzc3dvcmQ6	2020-07-18 07:05:57
218.92.0.191	attackspam	Jul 18 00:29:06 dcd-gentoo sshd[15284]: User root from 218.92.0.191 not allowed because none of user's groups are listed in AllowGroups Jul 18 00:29:08 dcd-gentoo sshd[15284]: error: PAM: Authentication failure for illegal user root from 218.92.0.191 Jul 18 00:29:08 dcd-gentoo sshd[15284]: Failed keyboard-interactive/pam for invalid user root from 218.92.0.191 port 16919 ssh2 ...	2020-07-18 07:30:22
190.255.45.5	attackbots	Unauthorized connection attempt from IP address 190.255.45.5 on Port 445(SMB)	2020-07-18 07:34:39
176.32.134.65	attackspambots	TCP (SYN) 176.32.134.65:40581 -> port 23, len 44	2020-07-18 07:31:40
77.30.5.169	attackbotsspam	Unauthorized connection attempt from IP address 77.30.5.169 on Port 445(SMB)	2020-07-18 07:32:35
106.13.128.71	attackspam	SSH brute force attempt	2020-07-18 07:13:18
49.233.185.63	attackbotsspam	Jul 17 23:32:14 vm0 sshd[3043]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.233.185.63 Jul 17 23:32:16 vm0 sshd[3043]: Failed password for invalid user azar from 49.233.185.63 port 39748 ssh2 ...	2020-07-18 07:03:39
47.91.44.93	attackbotsspam	Fail2Ban Ban Triggered	2020-07-18 07:29:58
71.45.233.98	attack	Jul 18 01:09:54 sip sshd[985626]: Invalid user qq from 71.45.233.98 port 23437 Jul 18 01:09:56 sip sshd[985626]: Failed password for invalid user qq from 71.45.233.98 port 23437 ssh2 Jul 18 01:17:48 sip sshd[985703]: Invalid user ubuntu from 71.45.233.98 port 45211 ...	2020-07-18 07:33:14
138.122.5.70	attackspambots	Unauthorized connection attempt from IP address 138.122.5.70 on Port 445(SMB)	2020-07-18 07:33:45
193.112.138.148	attackspam	Jul 17 22:59:38 vps-51d81928 sshd[34900]: Invalid user xwj from 193.112.138.148 port 46082 Jul 17 22:59:38 vps-51d81928 sshd[34900]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=193.112.138.148 Jul 17 22:59:38 vps-51d81928 sshd[34900]: Invalid user xwj from 193.112.138.148 port 46082 Jul 17 22:59:40 vps-51d81928 sshd[34900]: Failed password for invalid user xwj from 193.112.138.148 port 46082 ssh2 Jul 17 23:04:22 vps-51d81928 sshd[35007]: Invalid user bruno from 193.112.138.148 port 58728 ...	2020-07-18 07:11:58
92.62.131.106	attackbots	Jul 17 22:32:51 jumpserver sshd[109769]: Invalid user vivek from 92.62.131.106 port 41196 Jul 17 22:32:53 jumpserver sshd[109769]: Failed password for invalid user vivek from 92.62.131.106 port 41196 ssh2 Jul 17 22:37:18 jumpserver sshd[109895]: Invalid user ubuntu from 92.62.131.106 port 49634 ...	2020-07-18 07:35:00

Recently Reported IPs

27.50.59.31	14.212.13.119	1.53.224.198	1.53.18.185
223.155.46.13	222.244.182.124	222.203.17.150	222.187.237.15
222.79.8.25	222.66.149.90	218.87.54.32	218.1.39.66
197.248.79.46	183.238.198.88	183.142.113.186	180.176.177.241
180.137.9.23	180.104.7.198	176.226.143.177	113.169.241.67