61.157.138.80 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
61.157.138.117	attack	ET SCAN Suspicious inbound to mySQL port 3306 - port: 3306 proto: TCP cat: Potentially Bad Traffic	2020-05-12 08:47:37
61.157.138.117	attackbots	" "	2020-05-04 00:29:55
61.157.138.117	attackspambots	ET SCAN Suspicious inbound to MSSQL port 1433 - port: 1433 proto: TCP cat: Potentially Bad Traffic	2020-04-23 18:52:06

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 61.157.138.80
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 3108
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;61.157.138.80.			IN	A

;; AUTHORITY SECTION:
.			430	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022021300 1800 900 604800 86400

;; Query time: 64 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Feb 13 18:02:22 CST 2022
;; MSG SIZE  rcvd: 106

Host info

80.138.157.61.in-addr.arpa domain name pointer 80.138.157.61.dial.dy.sc.dynamic.163data.com.cn.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
80.138.157.61.in-addr.arpa	name = 80.138.157.61.dial.dy.sc.dynamic.163data.com.cn.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
207.180.236.126	attack	Splunk® : port scan detected: Jul 24 18:59:45 testbed kernel: Firewall: TCP_IN Blocked IN=eth0 OUT= MAC=82:c6:52:d1:6e:53:c0:42:d0:39:2c:30:08:00 SRC=207.180.236.126 DST=104.248.11.191 LEN=40 TOS=0x00 PREC=0x00 TTL=247 ID=17745 PROTO=TCP SPT=40078 DPT=5060 WINDOW=1024 RES=0x00 SYN URGP=0	2019-07-25 09:53:52
185.220.101.69	attack	Jul 24 18:26:43 xtremcommunity sshd\[5744\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=185.220.101.69 user=root Jul 24 18:26:44 xtremcommunity sshd\[5744\]: Failed password for root from 185.220.101.69 port 34175 ssh2 Jul 24 18:26:48 xtremcommunity sshd\[5744\]: Failed password for root from 185.220.101.69 port 34175 ssh2 Jul 24 18:26:51 xtremcommunity sshd\[5744\]: Failed password for root from 185.220.101.69 port 34175 ssh2 Jul 24 18:26:54 xtremcommunity sshd\[5744\]: Failed password for root from 185.220.101.69 port 34175 ssh2 ...	2019-07-25 10:09:07
46.166.139.1	attackbots	\[2019-07-24 21:06:10\] SECURITY\[20812\] res_security_log.c: SecurityEvent="FailedACL",EventTV="2019-07-24T21:06:10.315-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="9011441244739005",SessionID="0x7f06f83e80f8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/46.166.139.1/64553",ACLName="no_extension_match" \[2019-07-24 21:06:19\] SECURITY\[20812\] res_security_log.c: SecurityEvent="FailedACL",EventTV="2019-07-24T21:06:19.456-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="00441254929805",SessionID="0x7f06f82756a8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/46.166.139.1/49249",ACLName="no_extension_match" \[2019-07-24 21:06:19\] SECURITY\[20812\] res_security_log.c: SecurityEvent="FailedACL",EventTV="2019-07-24T21:06:19.765-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="00441294507632",SessionID="0x7f06f8018788",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/46.166.139.1/49748",ACLName="no_exte	2019-07-25 09:25:28
157.230.36.189	attack	Jul 25 01:51:18 MK-Soft-VM7 sshd\[537\]: Invalid user hadoop from 157.230.36.189 port 54256 Jul 25 01:51:18 MK-Soft-VM7 sshd\[537\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.230.36.189 Jul 25 01:51:20 MK-Soft-VM7 sshd\[537\]: Failed password for invalid user hadoop from 157.230.36.189 port 54256 ssh2 ...	2019-07-25 10:09:36
209.17.96.250	attackbots	port scan and connect, tcp 80 (http)	2019-07-25 09:35:40
34.201.89.198	attack	fail2ban honeypot	2019-07-25 09:43:02
2.82.246.7	attack	firewall-block, port(s): 22/tcp	2019-07-25 10:05:13
177.98.185.202	attackspambots	Automatic report - SSH Brute-Force Attack	2019-07-25 09:56:48
23.239.1.78	attackspambots	port scan and connect, tcp 443 (https)	2019-07-25 09:33:09
185.183.120.29	attackspambots	Jul 25 02:38:48 microserver sshd[59377]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=185.183.120.29 user=root Jul 25 02:38:50 microserver sshd[59377]: Failed password for root from 185.183.120.29 port 52536 ssh2 Jul 25 02:43:58 microserver sshd[60913]: Invalid user debian from 185.183.120.29 port 47558 Jul 25 02:43:58 microserver sshd[60913]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=185.183.120.29 Jul 25 02:44:00 microserver sshd[60913]: Failed password for invalid user debian from 185.183.120.29 port 47558 ssh2 Jul 25 02:54:10 microserver sshd[63892]: Invalid user ubuntu from 185.183.120.29 port 37606 Jul 25 02:54:10 microserver sshd[63892]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=185.183.120.29 Jul 25 02:54:12 microserver sshd[63892]: Failed password for invalid user ubuntu from 185.183.120.29 port 37606 ssh2 Jul 25 02:59:20 microserver sshd[65008]: Invalid user castis	2019-07-25 09:34:04
213.166.71.110	attackspam	Port scan on 27 port(s): 44801 44809 45472 46379 47937 48537 48942 49018 49309 49599 50003 50260 50410 51128 51735 51962 52131 53027 53787 54430 56431 56450 56612 57220 59236 59709 59827	2019-07-25 10:22:32
62.234.156.129	attackspam	Time: Wed Jul 24 13:16:28 2019 -0300 IP: 62.234.156.129 (CN/China/-) Failures: 15 (ftpd) Interval: 3600 seconds Blocked: Permanent Block	2019-07-25 09:24:54
88.28.207.148	attackspambots	Jul 24 18:30:29 mout sshd[11607]: Invalid user security from 88.28.207.148 port 55430 Jul 24 18:30:36 mout sshd[11607]: Failed password for invalid user security from 88.28.207.148 port 55430 ssh2 Jul 24 18:30:50 mout sshd[11607]: Connection closed by 88.28.207.148 port 55430 [preauth]	2019-07-25 09:42:40
154.8.138.184	attackbotsspam	Jul 25 03:47:13 SilenceServices sshd[13390]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=154.8.138.184 Jul 25 03:47:15 SilenceServices sshd[13390]: Failed password for invalid user camera from 154.8.138.184 port 53704 ssh2 Jul 25 03:49:38 SilenceServices sshd[15183]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=154.8.138.184	2019-07-25 09:50:07
185.244.25.107	attackbotsspam	Splunk® : port scan detected: Jul 24 22:11:03 testbed kernel: Firewall: TCP_IN Blocked IN=eth0 OUT= MAC=82:c6:52:d1:6e:53:64:c3:d6:0b:ef:f0:08:00 SRC=185.244.25.107 DST=104.248.11.191 LEN=40 TOS=0x00 PREC=0x00 TTL=241 ID=54321 PROTO=TCP SPT=52475 DPT=8088 WINDOW=65535 RES=0x00 SYN URGP=0	2019-07-25 10:41:02

Recently Reported IPs

61.156.139.72	61.155.161.73	61.157.29.138	61.158.148.28
61.158.152.35	61.159.181.208	61.158.152.11	61.153.141.94
61.157.43.149	61.159.238.37	61.159.238.102	61.159.238.174
61.159.238.23	61.159.238.103	61.159.82.11	61.159.238.51
61.159.244.186	61.16.140.106	61.161.170.19	61.159.238.60