61.142.20.2 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: ChinaNet Guangdong Province Network

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Scanning	2019-12-26 19:39:45

Comments on same subnet:

IP	Type	Details	Datetime
61.142.20.29	attackspam	(ftpd) Failed FTP login from 61.142.20.29 (CN/China/-): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: Jun 8 08:47:08 ir1 pure-ftpd: (?@61.142.20.29) [WARNING] Authentication failed for user [anonymous]	2020-06-08 16:59:07
61.142.20.30	attackbots	Port scan on 1 port(s): 1433	2020-06-08 14:34:18
61.142.20.46	attackspambots	IP reached maximum auth failures	2020-06-08 13:21:11
61.142.20.34	attack	Brute forcing RDP port 3389	2020-05-13 12:59:00
61.142.208.100	attackbots	Unauthorized connection attempt from IP address 61.142.208.100 on Port 445(SMB)	2020-03-03 06:53:43
61.142.20.29	attack	1433/tcp 1433/tcp 1433/tcp... [2019-11-28/12-08]4pkt,1pt.(tcp)	2019-12-09 06:59:44
61.142.20.6	attackbotsspam	Automatic report - FTP Brute Force	2019-12-05 22:49:14
61.142.20.16	attackspam	Automatic report - Banned IP Access	2019-11-27 15:03:41
61.142.20.29	attackspambots	Automatic report - Port Scan Attack	2019-11-13 20:18:18

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 61.142.20.2
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 7636
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;61.142.20.2.			IN	A

;; AUTHORITY SECTION:
.			547	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019122600 1800 900 604800 86400

;; Query time: 95 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Dec 26 19:39:39 CST 2019
;; MSG SIZE  rcvd: 115

Host info

Host 2.20.142.61.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 2.20.142.61.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
52.188.206.241	attackspambots	2020-09-25T17:49:53.305484vps773228.ovh.net sshd[15217]: Failed password for invalid user civilpharma from 52.188.206.241 port 65198 ssh2 2020-09-25T19:25:39.722976vps773228.ovh.net sshd[16202]: Invalid user ipoint from 52.188.206.241 port 18338 2020-09-25T19:25:39.740342vps773228.ovh.net sshd[16202]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.188.206.241 2020-09-25T19:25:39.722976vps773228.ovh.net sshd[16202]: Invalid user ipoint from 52.188.206.241 port 18338 2020-09-25T19:25:41.361678vps773228.ovh.net sshd[16202]: Failed password for invalid user ipoint from 52.188.206.241 port 18338 ssh2 ...	2020-09-26 01:28:27
111.229.78.199	attack	Invalid user admin from 111.229.78.199 port 47988	2020-09-26 01:41:04
27.78.79.252	attackbots	TCP (SYN) 27.78.79.252:56501 -> port 23, len 44	2020-09-26 01:41:29
38.146.55.41	attackbots	Automatic report - XMLRPC Attack	2020-09-26 02:00:36
116.247.81.99	attackbots	Sep 25 10:06:07 mockhub sshd[583564]: Failed password for invalid user edwin from 116.247.81.99 port 49841 ssh2 Sep 25 10:12:30 mockhub sshd[583767]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.247.81.99 user=root Sep 25 10:12:32 mockhub sshd[583767]: Failed password for root from 116.247.81.99 port 32867 ssh2 ...	2020-09-26 01:22:49
142.11.192.246	attackbotsspam	lfd: (smtpauth) Failed SMTP AUTH login from 142.11.192.246 (client-142-11-192-246.hostwindsdns.com): 5 in the last 3600 secs - Mon Aug 27 13:24:44 2018	2020-09-26 01:49:19
186.90.160.89	attackbotsspam	Listed on zen-spamhaus also abuseat.org / proto=6 . srcport=35570 . dstport=5555 . (3621)	2020-09-26 01:48:26
128.199.123.87	attackspam	128.199.123.87 - - [25/Sep/2020:12:56:53 +0200] "GET /wp-login.php HTTP/1.1" 200 9184 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 128.199.123.87 - - [25/Sep/2020:12:56:55 +0200] "POST /wp-login.php HTTP/1.1" 200 9435 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 128.199.123.87 - - [25/Sep/2020:12:57:01 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-09-26 01:27:04
2.229.19.58	attackspambots	Port Scan: TCP/2323	2020-09-26 01:35:49
54.37.19.185	attack	54.37.19.185 - - [25/Sep/2020:16:01:59 +0200] "GET /wp-login.php HTTP/1.1" 200 9184 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 54.37.19.185 - - [25/Sep/2020:16:02:00 +0200] "POST /wp-login.php HTTP/1.1" 200 9435 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 54.37.19.185 - - [25/Sep/2020:16:02:01 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-09-26 01:54:49
191.237.251.241	attackspam	SSH invalid-user multiple login try	2020-09-26 01:42:18
112.226.57.12	attack	Automatic report - Port Scan Attack	2020-09-26 01:26:03
112.85.42.200	attackspambots	2020-09-25T19:20:12.828234ns386461 sshd\[30218\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.200 user=root 2020-09-25T19:20:14.224212ns386461 sshd\[30218\]: Failed password for root from 112.85.42.200 port 40103 ssh2 2020-09-25T19:20:17.440615ns386461 sshd\[30218\]: Failed password for root from 112.85.42.200 port 40103 ssh2 2020-09-25T19:20:20.734521ns386461 sshd\[30218\]: Failed password for root from 112.85.42.200 port 40103 ssh2 2020-09-25T19:20:24.246116ns386461 sshd\[30218\]: Failed password for root from 112.85.42.200 port 40103 ssh2 ...	2020-09-26 01:53:31
182.119.208.51	attackspam	Honeypot attack, port: 5555, PTR: hn.kd.ny.adsl.	2020-09-26 01:22:09
151.236.193.195	attackspam	(sshd) Failed SSH login from 151.236.193.195 (KZ/Kazakhstan/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Sep 25 12:44:33 optimus sshd[32388]: Invalid user daniel from 151.236.193.195 Sep 25 12:44:33 optimus sshd[32388]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=151.236.193.195 Sep 25 12:44:36 optimus sshd[32388]: Failed password for invalid user daniel from 151.236.193.195 port 64933 ssh2 Sep 25 13:01:59 optimus sshd[8443]: Invalid user servidor from 151.236.193.195 Sep 25 13:01:59 optimus sshd[8443]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=151.236.193.195	2020-09-26 01:48:58

Recently Reported IPs

79.37.107.88	176.103.56.66	30.180.169.38	103.74.111.65
1.28.204.134	124.172.192.239	106.12.144.3	223.118.153.208
150.175.106.138	175.188.102.7	134.192.43.10	114.237.109.232
84.84.214.55	203.195.150.227	243.219.131.82	62.210.222.3
53.221.21.86	117.176.240.100	183.82.127.10	36.71.233.203