61.154.64.52 - IPInfo

Basic Info

City: Zhangzhou

Region: Fujian

Country: China

Internet Service Provider: ChinaNet Fujian Province Network

Hostname: unknown

Organization: No.31,Jin-rong Street

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Jul 29 19:24:20 admin sendmail[29054]: x6THOIrl029054: 52.64.154.61.broad.zz.fj.dynamic.163data.com.cn [61.154.64.52] (may be forged) did not issue MAIL/EXPN/VRFY/ETRN during connection to MTA Jul 29 19:24:21 admin sendmail[29055]: x6THOK2o029055: 52.64.154.61.broad.zz.fj.dynamic.163data.com.cn [61.154.64.52] (may be forged) did not issue MAIL/EXPN/VRFY/ETRN during connection to MTA Jul 29 19:24:22 admin sendmail[29057]: x6THOLdj029057: 52.64.154.61.broad.zz.fj.dynamic.163data.com.cn [61.154.64.52] (may be forged) did not issue MAIL/EXPN/VRFY/ETRN during connection to MTA Jul 29 19:24:23 admin sendmail[29058]: x6THOMYb029058: 52.64.154.61.broad.zz.fj.dynamic.163data.com.cn [61.154.64.52] (may be forged) did not issue MAIL/EXPN/VRFY/ETRN during connection to MTA ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=61.154.64.52	2019-07-30 02:34:24

Type

Details

Datetime

attack

Jul 29 19:24:20 admin sendmail[29054]: x6THOIrl029054: 52.64.154.61.broad.zz.fj.dynamic.163data.com.cn [61.154.64.52] (may be forged) did not issue MAIL/EXPN/VRFY/ETRN during connection to MTA
Jul 29 19:24:21 admin sendmail[29055]: x6THOK2o029055: 52.64.154.61.broad.zz.fj.dynamic.163data.com.cn [61.154.64.52] (may be forged) did not issue MAIL/EXPN/VRFY/ETRN during connection to MTA
Jul 29 19:24:22 admin sendmail[29057]: x6THOLdj029057: 52.64.154.61.broad.zz.fj.dynamic.163data.com.cn [61.154.64.52] (may be forged) did not issue MAIL/EXPN/VRFY/ETRN during connection to MTA
Jul 29 19:24:23 admin sendmail[29058]: x6THOMYb029058: 52.64.154.61.broad.zz.fj.dynamic.163data.com.cn [61.154.64.52] (may be forged) did not issue MAIL/EXPN/VRFY/ETRN during connection to MTA


........
-----------------------------------------------
https://www.blocklist.de/en/view.html?ip=61.154.64.52

2019-07-30 02:34:24

Comments on same subnet:

IP	Type	Details	Datetime
61.154.64.155	attack	Brute force attempt	2020-07-18 02:47:22
61.154.64.57	attackbots	Brute force attempt	2020-07-14 18:12:12
61.154.64.222	attack	Brute force attempt	2020-07-08 14:18:49
61.154.64.15	attackspambots	2020-01-10 22:46:06 dovecot_login authenticator failed for (mifig) [61.154.64.15]:59050 I=[192.147.25.65]:25: 535 Incorrect authentication data (set_id=liushan@lerctr.org) 2020-01-10 22:46:13 dovecot_login authenticator failed for (gatuv) [61.154.64.15]:59050 I=[192.147.25.65]:25: 535 Incorrect authentication data (set_id=liushan@lerctr.org) 2020-01-10 22:46:24 dovecot_login authenticator failed for (ldcnt) [61.154.64.15]:59050 I=[192.147.25.65]:25: 535 Incorrect authentication data (set_id=liushan@lerctr.org) ...	2020-01-11 21:11:38
61.154.64.231	attack	2020-01-09 22:50:22 dovecot_login authenticator failed for (sitek) [61.154.64.231]:53244 I=[192.147.25.65]:25: 535 Incorrect authentication data (set_id=liuqian@lerctr.org) 2020-01-09 22:50:29 dovecot_login authenticator failed for (vjwsv) [61.154.64.231]:53244 I=[192.147.25.65]:25: 535 Incorrect authentication data (set_id=liuqian@lerctr.org) 2020-01-09 22:50:41 dovecot_login authenticator failed for (mmpzn) [61.154.64.231]:53244 I=[192.147.25.65]:25: 535 Incorrect authentication data (set_id=liuqian@lerctr.org) ...	2020-01-10 18:06:14
61.154.64.76	attackbotsspam	2020-01-09 07:07:27 dovecot_login authenticator failed for (orecp) [61.154.64.76]:57496 I=[192.147.25.65]:25: 535 Incorrect authentication data (set_id=zhangliang@lerctr.org) 2020-01-09 07:07:36 dovecot_login authenticator failed for (kgnlm) [61.154.64.76]:57496 I=[192.147.25.65]:25: 535 Incorrect authentication data (set_id=zhangliang@lerctr.org) 2020-01-09 07:07:47 dovecot_login authenticator failed for (dkjsp) [61.154.64.76]:57496 I=[192.147.25.65]:25: 535 Incorrect authentication data (set_id=zhangliang@lerctr.org) ...	2020-01-10 00:12:13
61.154.64.30	attackspambots	2020-01-07 15:19:37 dovecot_login authenticator failed for (tidmx) [61.154.64.30]:63187 I=[192.147.25.65]:25: 535 Incorrect authentication data (set_id=zhangjianjun@lerctr.org) 2020-01-07 15:19:44 dovecot_login authenticator failed for (nrtzr) [61.154.64.30]:63187 I=[192.147.25.65]:25: 535 Incorrect authentication data (set_id=zhangjianjun@lerctr.org) 2020-01-07 15:19:55 dovecot_login authenticator failed for (fzftl) [61.154.64.30]:63187 I=[192.147.25.65]:25: 535 Incorrect authentication data (set_id=zhangjianjun@lerctr.org) ...	2020-01-08 06:12:38
61.154.64.163	attackspambots	2019-12-25T07:20:25.337105 X postfix/smtpd[54540]: lost connection after AUTH from unknown[61.154.64.163] 2019-12-25T07:20:25.998047 X postfix/smtpd[58357]: lost connection after AUTH from unknown[61.154.64.163] 2019-12-25T07:20:26.183369 X postfix/smtpd[54540]: lost connection after AUTH from unknown[61.154.64.163]	2019-12-25 20:51:18
61.154.64.254	attackspam	Bad Postfix AUTH attempts ...	2019-08-27 17:20:28
61.154.64.102	attackspam	Aug 26 17:49:54 localhost postfix/smtpd\[23221\]: warning: unknown\[61.154.64.102\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Aug 26 17:50:04 localhost postfix/smtpd\[23328\]: warning: unknown\[61.154.64.102\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Aug 26 17:50:16 localhost postfix/smtpd\[23217\]: warning: unknown\[61.154.64.102\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Aug 26 17:50:49 localhost postfix/smtpd\[23329\]: warning: unknown\[61.154.64.102\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Aug 26 17:51:00 localhost postfix/smtpd\[23329\]: warning: unknown\[61.154.64.102\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2019-08-27 07:13:25
61.154.64.254	attackbots	2019-07-18T03:44:06.286620mail01 postfix/smtpd[7214]: warning: unknown[61.154.64.254]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 2019-07-18T03:44:28.037965mail01 postfix/smtpd[9718]: warning: unknown[61.154.64.254]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 2019-07-18T03:44:44.375661mail01 postfix/smtpd[32137]: warning: unknown[61.154.64.254]: SASL LOGIN authentication failed: UGFzc3dvcmQ6	2019-07-18 12:55:53

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 61.154.64.52
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 53649
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;61.154.64.52.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019072901 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Tue Jul 30 02:34:19 CST 2019
;; MSG SIZE  rcvd: 116

Host info

52.64.154.61.in-addr.arpa domain name pointer 52.64.154.61.broad.zz.fj.dynamic.163data.com.cn.

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
52.64.154.61.in-addr.arpa	name = 52.64.154.61.broad.zz.fj.dynamic.163data.com.cn.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
212.47.250.93	attackbots	SSH invalid-user multiple login attempts	2019-12-19 08:57:29
151.80.61.103	attackspambots	Dec 19 00:14:56 MainVPS sshd[3520]: Invalid user pezzano from 151.80.61.103 port 38662 Dec 19 00:14:56 MainVPS sshd[3520]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=151.80.61.103 Dec 19 00:14:56 MainVPS sshd[3520]: Invalid user pezzano from 151.80.61.103 port 38662 Dec 19 00:14:58 MainVPS sshd[3520]: Failed password for invalid user pezzano from 151.80.61.103 port 38662 ssh2 Dec 19 00:21:05 MainVPS sshd[15520]: Invalid user dbus from 151.80.61.103 port 55476 ...	2019-12-19 08:59:43
77.138.40.240	attackbotsspam	Telnet Server BruteForce Attack	2019-12-19 08:58:50
193.254.135.252	attackspambots	Dec 19 09:51:04 gw1 sshd[29816]: Failed password for root from 193.254.135.252 port 37590 ssh2 ...	2019-12-19 13:02:13
95.167.39.12	attack	Dec 19 01:26:04 sd-53420 sshd\[12839\]: Invalid user rootramona from 95.167.39.12 Dec 19 01:26:04 sd-53420 sshd\[12839\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=95.167.39.12 Dec 19 01:26:06 sd-53420 sshd\[12839\]: Failed password for invalid user rootramona from 95.167.39.12 port 47486 ssh2 Dec 19 01:31:14 sd-53420 sshd\[14704\]: Invalid user Circus-123 from 95.167.39.12 Dec 19 01:31:14 sd-53420 sshd\[14704\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=95.167.39.12 ...	2019-12-19 08:35:05
41.139.132.119	attack	Dec 18 14:36:27 tdfoods sshd\[32036\]: Invalid user server from 41.139.132.119 Dec 18 14:36:27 tdfoods sshd\[32036\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=41-139-132-119.safaricombusiness.co.ke Dec 18 14:36:29 tdfoods sshd\[32036\]: Failed password for invalid user server from 41.139.132.119 port 34772 ssh2 Dec 18 14:43:36 tdfoods sshd\[327\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=41-139-132-119.safaricombusiness.co.ke user=root Dec 18 14:43:37 tdfoods sshd\[327\]: Failed password for root from 41.139.132.119 port 47572 ssh2	2019-12-19 08:50:41
187.178.74.209	attack	Automatic report - Port Scan Attack	2019-12-19 08:43:24
124.206.188.50	attackspam	Dec 19 01:34:57 vps691689 sshd[2625]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.206.188.50 Dec 19 01:34:59 vps691689 sshd[2625]: Failed password for invalid user password12345677 from 124.206.188.50 port 11816 ssh2 ...	2019-12-19 08:41:04
49.231.201.242	attackbotsspam	Dec 18 19:40:33 ny01 sshd[25023]: Failed password for root from 49.231.201.242 port 36054 ssh2 Dec 18 19:46:48 ny01 sshd[25655]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.231.201.242 Dec 18 19:46:50 ny01 sshd[25655]: Failed password for invalid user import from 49.231.201.242 port 39130 ssh2	2019-12-19 08:53:25
51.75.133.167	attack	Brute-force attempt banned	2019-12-19 08:50:27
106.52.24.184	attackspambots	Dec 18 14:18:01 hpm sshd\[32709\]: Invalid user ferwerda from 106.52.24.184 Dec 18 14:18:01 hpm sshd\[32709\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.24.184 Dec 18 14:18:03 hpm sshd\[32709\]: Failed password for invalid user ferwerda from 106.52.24.184 port 60586 ssh2 Dec 18 14:22:24 hpm sshd\[712\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.24.184 user=root Dec 18 14:22:26 hpm sshd\[712\]: Failed password for root from 106.52.24.184 port 51400 ssh2	2019-12-19 08:38:40
144.76.186.38	attackspam	Automatic report - Banned IP Access	2019-12-19 08:51:15
188.254.0.160	attack	Dec 19 01:20:33 [host] sshd[29467]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=188.254.0.160 user=root Dec 19 01:20:35 [host] sshd[29467]: Failed password for root from 188.254.0.160 port 53706 ssh2 Dec 19 01:25:42 [host] sshd[29576]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=188.254.0.160 user=games	2019-12-19 08:42:11
103.87.171.252	attackspam	Cluster member 192.168.0.31 (-) said, DENY 103.87.171.252, Reason:[(imapd) Failed IMAP login from 103.87.171.252 (IN/India/-): 1 in the last 3600 secs]	2019-12-19 09:05:31
45.67.14.153	attackspam	Invalid user postgres from 45.67.14.153 port 42300	2019-12-19 08:37:37

Recently Reported IPs

22.148.241.91	165.22.238.97	144.38.213.155	185.251.165.200
176.72.53.144	16.172.248.54	42.105.180.130	155.115.123.16
49.69.152.161	139.225.241.64	66.249.79.141	109.98.134.129
31.10.38.170	139.119.247.212	86.69.158.132	156.206.236.161
98.81.212.208	104.76.157.156	183.36.226.181	35.189.235.245