61.180.94.131 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: ChinaNet Jiangxi Province Network

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/61.180.94.131/ CN - 1H : (695) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : CN NAME ASN : ASN4134 IP : 61.180.94.131 CIDR : 61.180.0.0/17 PREFIX COUNT : 5430 UNIQUE IP COUNT : 106919680 ATTACKS DETECTED ASN4134 : 1H - 14 3H - 41 6H - 88 12H - 161 24H - 304 DateTime : 2019-10-31 04:52:56 INFO : Port Scan TELNET Detected and Blocked by ADMIN - data recovery	2019-10-31 14:47:10

Type

Details

Datetime

attack

IP Ban Report :  
 https://help-dysk.pl/wordpress-firewall-plugins/ip/61.180.94.131/ 
 
 CN - 1H : (695)  
 Protection Against DDoS WordPress plugin :  
 "odzyskiwanie danych help-dysk" 
 IP Address Ranges by Country : CN 
 NAME ASN : ASN4134 
 
 IP : 61.180.94.131 
 
 CIDR : 61.180.0.0/17 
 
 PREFIX COUNT : 5430 
 
 UNIQUE IP COUNT : 106919680 
 
 
 ATTACKS DETECTED ASN4134 :  
  1H - 14 
  3H - 41 
  6H - 88 
 12H - 161 
 24H - 304 
 
 DateTime : 2019-10-31 04:52:56 
 
 INFO : Port Scan TELNET Detected and Blocked by ADMIN  - data recovery

2019-10-31 14:47:10

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 61.180.94.131
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 35316
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;61.180.94.131.			IN	A

;; AUTHORITY SECTION:
.			598	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019103100 1800 900 604800 86400

;; Query time: 108 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Oct 31 14:47:07 CST 2019
;; MSG SIZE  rcvd: 117

Host info

131.94.180.61.in-addr.arpa domain name pointer 131.94.65.218.broad.nc.jx.dynamic.163data.com.cn.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
131.94.180.61.in-addr.arpa	name = 131.94.65.218.broad.nc.jx.dynamic.163data.com.cn.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
71.6.232.4	attackspam	Unauthorized connection attempt detected from IP address 71.6.232.4 to port 21	2020-06-19 14:04:24
180.249.180.206	attackspambots	Jun 19 05:50:52 roki-contabo sshd\[9715\]: Invalid user shree from 180.249.180.206 Jun 19 05:50:52 roki-contabo sshd\[9715\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.249.180.206 Jun 19 05:50:54 roki-contabo sshd\[9715\]: Failed password for invalid user shree from 180.249.180.206 port 49163 ssh2 Jun 19 05:56:52 roki-contabo sshd\[9813\]: Invalid user deploy from 180.249.180.206 Jun 19 05:56:52 roki-contabo sshd\[9813\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.249.180.206 ...	2020-06-19 14:16:44
45.95.168.139	attackspam	SSH login attempts.	2020-06-19 14:37:03
154.16.47.72	attackbots	Detected By Fail2ban	2020-06-19 14:00:16
115.165.166.193	attack	Jun 19 04:37:58 ns3033917 sshd[5668]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=115.165.166.193 user=root Jun 19 04:38:00 ns3033917 sshd[5668]: Failed password for root from 115.165.166.193 port 58280 ssh2 Jun 19 04:42:40 ns3033917 sshd[5855]: Invalid user fp from 115.165.166.193 port 58604 ...	2020-06-19 14:29:05
180.76.242.171	attack	Invalid user l from 180.76.242.171 port 40146	2020-06-19 14:14:21
102.39.151.220	attackspambots	SSH login attempts.	2020-06-19 14:23:37
172.255.81.233	attack	Detected By Fail2ban	2020-06-19 14:19:33
49.12.78.73	attack	$f2bV_matches	2020-06-19 14:34:06
219.152.16.234	attack	SSH login attempts.	2020-06-19 13:58:38
106.52.42.153	attackspambots	Jun 19 08:03:06 minden010 sshd[10268]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.42.153 Jun 19 08:03:08 minden010 sshd[10268]: Failed password for invalid user admin from 106.52.42.153 port 48384 ssh2 Jun 19 08:04:52 minden010 sshd[10510]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.42.153 ...	2020-06-19 14:23:17
185.143.72.16	attack	Jun 19 07:59:19 mail postfix/smtpd\[23042\]: warning: unknown\[185.143.72.16\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\ Jun 19 08:29:35 mail postfix/smtpd\[23600\]: warning: unknown\[185.143.72.16\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\ Jun 19 08:31:04 mail postfix/smtpd\[23969\]: warning: unknown\[185.143.72.16\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\ Jun 19 08:32:36 mail postfix/smtpd\[23969\]: warning: unknown\[185.143.72.16\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\	2020-06-19 14:35:26
120.131.3.91	attackbots	Invalid user userftp from 120.131.3.91 port 15522	2020-06-19 13:59:21
106.53.20.226	attackspambots	Invalid user admin from 106.53.20.226 port 59080	2020-06-19 14:13:38
59.174.94.17	attackspambots	Unauthorized connection attempt detected from IP address 59.174.94.17 to port 23	2020-06-19 14:31:55

Recently Reported IPs

160.183.103.99	86.50.24.253	96.104.69.126	152.136.249.126
28.39.192.179	118.7.82.40	215.183.166.15	32.43.158.106
189.207.16.46	240.186.140.70	187.63.173.16	206.143.198.74
182.97.146.136	170.110.251.125	202.133.201.231	178.48.157.53
170.75.54.255	158.245.109.230	45.220.25.231	249.1.13.109