61.140.94.50 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: ChinaNet Guangdong Province Network

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspambots	Lines containing failures of 61.140.94.50 Nov 25 11:19:56 mx-in-01 sshd[4550]: Invalid user tomcat from 61.140.94.50 port 39614 Nov 25 11:19:56 mx-in-01 sshd[4550]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.140.94.50 Nov 25 11:19:58 mx-in-01 sshd[4550]: Failed password for invalid user tomcat from 61.140.94.50 port 39614 ssh2 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=61.140.94.50	2019-11-27 00:40:57
attackspambots	Nov 26 08:08:48 sso sshd[11310]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.140.94.50 Nov 26 08:08:49 sso sshd[11310]: Failed password for invalid user cacti from 61.140.94.50 port 37079 ssh2 ...	2019-11-26 16:56:14

Type

Details

Datetime

attackspambots

Lines containing failures of 61.140.94.50
Nov 25 11:19:56 mx-in-01 sshd[4550]: Invalid user tomcat from 61.140.94.50 port 39614
Nov 25 11:19:56 mx-in-01 sshd[4550]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.140.94.50 
Nov 25 11:19:58 mx-in-01 sshd[4550]: Failed password for invalid user tomcat from 61.140.94.50 port 39614 ssh2


........
-----------------------------------------------
https://www.blocklist.de/en/view.html?ip=61.140.94.50

2019-11-27 00:40:57

attackspambots

Nov 26 08:08:48 sso sshd[11310]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.140.94.50
Nov 26 08:08:49 sso sshd[11310]: Failed password for invalid user cacti from 61.140.94.50 port 37079 ssh2
...

2019-11-26 16:56:14

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 61.140.94.50
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 56581
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;61.140.94.50.			IN	A

;; AUTHORITY SECTION:
.			478	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019112600 1800 900 604800 86400

;; Query time: 120 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Nov 26 16:56:10 CST 2019
;; MSG SIZE  rcvd: 116

Host info

Host 50.94.140.61.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 50.94.140.61.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
66.113.195.23	attack	Unauthorized connection attempt from IP address 66.113.195.23 on Port 445(SMB)	2019-07-31 19:50:12
195.135.215.42	attack	Jul 31 12:09:32 ubuntu-2gb-nbg1-dc3-1 sshd[10365]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=195.135.215.42 Jul 31 12:09:34 ubuntu-2gb-nbg1-dc3-1 sshd[10365]: Failed password for invalid user cl from 195.135.215.42 port 14232 ssh2 ...	2019-07-31 20:15:21
104.248.174.126	attackbots	May 16 01:45:20 ubuntu sshd[31484]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.174.126 May 16 01:45:21 ubuntu sshd[31484]: Failed password for invalid user webmaster from 104.248.174.126 port 60658 ssh2 May 16 01:49:19 ubuntu sshd[31596]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.174.126 May 16 01:49:22 ubuntu sshd[31596]: Failed password for invalid user dg from 104.248.174.126 port 47349 ssh2	2019-07-31 20:03:15
125.161.129.236	attack	[Aegis] @ 2019-07-31 09:06:59 0100 -> SSH insecure connection attempt (scan).	2019-07-31 19:44:36
67.227.213.20	attackbots	WordPress install sniffing: 67.227.213.20 - - [30/Jul/2019:20:00:05 +0100] "GET /staging/wp-includes/wlwmanifest.xml HTTP/1.1" 404 272 "-" "-"	2019-07-31 20:23:20
180.152.20.157	attack	Unauthorized connection attempt from IP address 180.152.20.157 on Port 445(SMB)	2019-07-31 20:42:18
182.61.46.62	attackspam	Jul 31 09:39:10 server sshd[31149]: Failed password for invalid user student from 182.61.46.62 port 36042 ssh2 Jul 31 10:03:34 server sshd[33209]: Failed password for invalid user test from 182.61.46.62 port 60214 ssh2 Jul 31 10:06:40 server sshd[33526]: Failed password for invalid user ericsson from 182.61.46.62 port 59826 ssh2	2019-07-31 20:08:25
107.170.235.19	attackbots	Invalid user nagios from 107.170.235.19 port 41496	2019-07-31 20:13:04
104.248.175.98	attackspambots	Apr 20 08:15:02 ubuntu sshd[9025]: Failed password for invalid user nemesis from 104.248.175.98 port 47834 ssh2 Apr 20 08:17:54 ubuntu sshd[9382]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.175.98 Apr 20 08:17:56 ubuntu sshd[9382]: Failed password for invalid user guest from 104.248.175.98 port 44818 ssh2 Apr 20 08:20:42 ubuntu sshd[9758]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.175.98	2019-07-31 19:54:42
220.134.144.96	attackbotsspam	Jul 31 18:07:57 lcl-usvr-01 sshd[22244]: Invalid user kara from 220.134.144.96 Jul 31 18:07:57 lcl-usvr-01 sshd[22244]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=220.134.144.96 Jul 31 18:07:57 lcl-usvr-01 sshd[22244]: Invalid user kara from 220.134.144.96 Jul 31 18:07:58 lcl-usvr-01 sshd[22244]: Failed password for invalid user kara from 220.134.144.96 port 52196 ssh2 Jul 31 18:13:04 lcl-usvr-01 sshd[24024]: Invalid user test from 220.134.144.96	2019-07-31 20:27:06
101.99.13.45	attack	Unauthorized connection attempt from IP address 101.99.13.45 on Port 445(SMB)	2019-07-31 20:36:15
113.170.126.49	attackbotsspam	Unauthorized connection attempt from IP address 113.170.126.49 on Port 445(SMB)	2019-07-31 20:08:54
107.175.156.171	attack	Subject: *INFECTED* Quotation Request RFQ#20190729NEW SUPPLIER Received: from [107.175.156.171] (account tergros@colocrossing.com HELO coaf.it) by colocrossing.com (CommuniGate Pro SMTP 6.2.13 _community_) with ESMTPA id 684039 for xxxxx; Tue, 30 Jul 2019 14:21:33 -0700	2019-07-31 20:19:44
77.75.77.32	attackbots	Automatic report - Banned IP Access	2019-07-31 20:43:20
5.62.41.172	attackspam	\[2019-07-31 08:17:35\] NOTICE\[2288\] chan_sip.c: Registration from '\' failed for '5.62.41.172:7671' - Wrong password \[2019-07-31 08:17:35\] SECURITY\[2326\] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2019-07-31T08:17:35.883-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="82807",SessionID="0x7ff4d0411568",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/5.62.41.172/54179",Challenge="3a880c3a",ReceivedChallenge="3a880c3a",ReceivedHash="f2fd2bedacf011f928f8cc898efaa4c0" \[2019-07-31 08:18:26\] NOTICE\[2288\] chan_sip.c: Registration from '\' failed for '5.62.41.172:7771' - Wrong password \[2019-07-31 08:18:26\] SECURITY\[2326\] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2019-07-31T08:18:26.292-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="80895",SessionID="0x7ff4d0411568",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/5.62.41.172/5	2019-07-31 20:35:40

Recently Reported IPs

78.179.87.156	111.1.111.230	183.89.230.249	89.218.156.38
77.42.85.204	186.1.183.123	217.69.22.161	177.190.76.98
42.113.105.208	124.226.192.197	185.156.177.61	122.51.75.219
176.21.14.23	207.180.201.204	144.91.80.178	10.211.198.92
209.150.76.87	200.194.30.170	195.154.114.189	94.176.216.22