61.54.1.31 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
61.54.189.57	attack	DATE:2020-10-12 22:39:49, IP:61.54.189.57, PORT:telnet Telnet brute force auth on honeypot server (epe-honey1-hq)	2020-10-14 04:47:16
61.54.189.57	attackspam	DATE:2020-10-12 22:39:49, IP:61.54.189.57, PORT:telnet Telnet brute force auth on honeypot server (epe-honey1-hq)	2020-10-13 20:17:43
61.54.192.79	attackbots	D-Link DAP-1860 Remote Command Injection Vulnerability, PTR: hn.kd.dhcp.	2020-10-05 02:36:52
61.54.192.79	attack	D-Link DAP-1860 Remote Command Injection Vulnerability, PTR: hn.kd.dhcp.	2020-10-04 18:19:47
61.54.110.124	attack	Aug 3 23:55:15 mail sshd\[24997\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.54.110.124 user=root ...	2020-08-04 14:58:14
61.54.107.171	attackspam	Unauthorized connection attempt detected from IP address 61.54.107.171 to port 22	2020-05-31 23:40:33
61.54.107.171	attack	Unauthorized connection attempt detected from IP address 61.54.107.171 to port 22 [T]	2020-05-20 13:48:40
61.54.172.71	attack	Telnet/23 MH Probe, Scan, BF, Hack -	2020-04-17 20:07:43
61.54.107.171	attackbots	2019-11-27T13:27:53.918Z CLOSE host=61.54.107.171 port=54336 fd=4 time=50.039 bytes=49 ...	2020-03-13 02:33:22
61.54.184.18	attackbotsspam	Telnet Server BruteForce Attack	2020-03-08 06:55:22
61.54.107.171	attackbots	Unauthorized connection attempt detected from IP address 61.54.107.171 to port 22 [T]	2020-01-30 14:56:10
61.54.107.171	attack	2019-11-27T13:27:53.918Z CLOSE host=61.54.107.171 port=54336 fd=4 time=50.039 bytes=49 ...	2020-01-29 18:50:22
61.54.107.171	attackbots	Unauthorized connection attempt detected from IP address 61.54.107.171 to port 22 [T]	2020-01-27 06:47:54
61.54.171.134	attackbots	Unauthorized connection attempt detected from IP address 61.54.171.134 to port 23 [J]	2020-01-16 22:40:52
61.54.184.98	attack	Oct 20 22:28:21 mc1 kernel: \[2889657.230678\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:11:a9:7b:d2:74:7f:6e:37:e3:08:00 SRC=61.54.184.98 DST=159.69.205.51 LEN=60 TOS=0x00 PREC=0x00 TTL=43 ID=36993 DF PROTO=TCP SPT=38719 DPT=81 WINDOW=29040 RES=0x00 SYN URGP=0 Oct 20 22:28:22 mc1 kernel: \[2889658.226671\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:11:a9:7b:d2:74:7f:6e:37:e3:08:00 SRC=61.54.184.98 DST=159.69.205.51 LEN=60 TOS=0x00 PREC=0x00 TTL=43 ID=36994 DF PROTO=TCP SPT=38719 DPT=81 WINDOW=29040 RES=0x00 SYN URGP=0 Oct 20 22:28:24 mc1 kernel: \[2889660.225556\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:11:a9:7b:d2:74:7f:6e:37:e3:08:00 SRC=61.54.184.98 DST=159.69.205.51 LEN=60 TOS=0x00 PREC=0x00 TTL=43 ID=36995 DF PROTO=TCP SPT=38719 DPT=81 WINDOW=29040 RES=0x00 SYN URGP=0 ...	2019-10-21 04:35:11

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 61.54.1.31
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 11749
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;61.54.1.31.			IN	A

;; AUTHORITY SECTION:
.			30	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2025021102 1800 900 604800 86400

;; Query time: 32 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Feb 12 12:30:13 CST 2025
;; MSG SIZE  rcvd: 103

Host info

31.1.54.61.in-addr.arpa domain name pointer hn.kd.dhcp.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
31.1.54.61.in-addr.arpa	name = hn.kd.dhcp.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
45.143.222.185	attackspambots	Brute forcing email accounts	2020-02-22 07:54:53
46.147.96.193	attack	Automatic report - Port Scan Attack	2020-02-22 08:12:39
45.148.10.143	attack	SSH-bruteforce attempts	2020-02-22 08:14:59
159.89.181.213	attack	Invalid user oracle from 159.89.181.213 port 48818	2020-02-22 08:05:30
106.12.80.138	attackspambots	Feb 22 00:37:24 [host] sshd[25493]: Invalid user s Feb 22 00:37:24 [host] sshd[25493]: pam_unix(sshd: Feb 22 00:37:26 [host] sshd[25493]: Failed passwor	2020-02-22 07:59:36
149.202.59.85	attackbots	$f2bV_matches	2020-02-22 08:05:55
193.31.24.113	attackbotsspam	02/22/2020-01:15:46.927620 193.31.24.113 Protocol: 6 SURICATA TLS invalid record/traffic	2020-02-22 08:28:03
78.124.108.212	attackspam	Unauthorized connection attempt detected from IP address 78.124.108.212 to port 85	2020-02-22 07:52:54
181.52.251.209	attackbotsspam	Feb 21 19:13:48 plusreed sshd[13549]: Invalid user robertparker from 181.52.251.209 ...	2020-02-22 08:15:24
190.128.230.14	attackspam	Feb 21 23:42:24 web8 sshd\[26405\]: Invalid user admin from 190.128.230.14 Feb 21 23:42:24 web8 sshd\[26405\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.128.230.14 Feb 21 23:42:26 web8 sshd\[26405\]: Failed password for invalid user admin from 190.128.230.14 port 58349 ssh2 Feb 21 23:47:24 web8 sshd\[29227\]: Invalid user admin from 190.128.230.14 Feb 21 23:47:24 web8 sshd\[29227\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.128.230.14	2020-02-22 08:02:17
112.85.42.89	attack	Feb 22 01:14:47 ns381471 sshd[14330]: Failed password for root from 112.85.42.89 port 55481 ssh2	2020-02-22 08:18:13
111.229.34.230	attackspambots	Invalid user mailman from 111.229.34.230 port 57452	2020-02-22 08:24:40
51.77.140.111	attackbotsspam	Invalid user richard from 51.77.140.111 port 58120	2020-02-22 07:59:52
222.186.180.9	attackbotsspam	Feb 22 00:54:49 silence02 sshd[16925]: Failed password for root from 222.186.180.9 port 17540 ssh2 Feb 22 00:55:02 silence02 sshd[16925]: Failed password for root from 222.186.180.9 port 17540 ssh2 Feb 22 00:55:02 silence02 sshd[16925]: error: maximum authentication attempts exceeded for root from 222.186.180.9 port 17540 ssh2 [preauth]	2020-02-22 07:55:58
37.114.140.213	attackspambots	Lines containing failures of 37.114.140.213 Feb 21 21:20:36 supported sshd[6793]: Invalid user admin from 37.114.140.213 port 51714 Feb 21 21:20:36 supported sshd[6793]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=37.114.140.213 Feb 21 21:20:38 supported sshd[6793]: Failed password for invalid user admin from 37.114.140.213 port 51714 ssh2 Feb 21 21:20:39 supported sshd[6793]: Connection closed by invalid user admin 37.114.140.213 port 51714 [preauth] Feb 21 21:20:42 supported sshd[6804]: Invalid user admin from 37.114.140.213 port 51735 Feb 21 21:20:42 supported sshd[6804]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=37.114.140.213 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=37.114.140.213	2020-02-22 08:18:46

Recently Reported IPs

178.96.241.234	5.109.59.120	44.166.182.167	63.156.79.49
226.203.75.48	169.21.189.107	35.49.47.107	37.86.47.70
80.100.155.212	182.201.128.233	25.249.146.202	95.105.63.105
98.55.144.224	208.235.178.179	189.217.73.207	70.153.36.6
229.68.52.44	8.52.218.151	186.185.178.149	182.115.136.145