61.64.2.134 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Taiwan, China

Internet Service Provider: TFN Media Co. Ltd.

Hostname: unknown

Organization: unknown

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	SMB Server BruteForce Attack	2020-05-04 04:15:27

Comments on same subnet:

IP	Type	Details	Datetime
61.64.211.72	attackbotsspam	1596319659 - 08/02/2020 00:07:39 Host: 61.64.211.72/61.64.211.72 Port: 445 TCP Blocked	2020-08-02 08:24:30
61.64.208.103	attack	1590292590 - 05/24/2020 05:56:30 Host: 61.64.208.103/61.64.208.103 Port: 445 TCP Blocked	2020-05-24 12:03:02
61.64.20.62	attackbotsspam	unauthorized connection attempt	2020-01-12 20:52:55

Type

Details

Datetime

61.64.211.72

attackbotsspam

1596319659 - 08/02/2020 00:07:39 Host: 61.64.211.72/61.64.211.72 Port: 445 TCP Blocked

2020-08-02 08:24:30

61.64.208.103

attack

1590292590 - 05/24/2020 05:56:30 Host: 61.64.208.103/61.64.208.103 Port: 445 TCP Blocked

2020-05-24 12:03:02

61.64.20.62

attackbotsspam

unauthorized connection attempt

2020-01-12 20:52:55

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 61.64.2.134
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 65194
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;61.64.2.134.			IN	A

;; AUTHORITY SECTION:
.			444	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020050301 1800 900 604800 86400

;; Query time: 87 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon May 04 04:15:23 CST 2020
;; MSG SIZE  rcvd: 115

Host info

Host 134.2.64.61.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 134.2.64.61.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
182.141.184.154	attackspam	Jun 25 14:24:42 havingfunrightnow sshd[21167]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.141.184.154 Jun 25 14:24:45 havingfunrightnow sshd[21167]: Failed password for invalid user cftp from 182.141.184.154 port 44344 ssh2 Jun 25 14:27:33 havingfunrightnow sshd[21233]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.141.184.154 ...	2020-06-25 21:39:40
129.211.49.17	attack	Jun 25 14:09:39 h2646465 sshd[16624]: Invalid user foswiki from 129.211.49.17 Jun 25 14:09:39 h2646465 sshd[16624]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.211.49.17 Jun 25 14:09:39 h2646465 sshd[16624]: Invalid user foswiki from 129.211.49.17 Jun 25 14:09:41 h2646465 sshd[16624]: Failed password for invalid user foswiki from 129.211.49.17 port 44616 ssh2 Jun 25 14:18:57 h2646465 sshd[17175]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.211.49.17 user=mysql Jun 25 14:18:59 h2646465 sshd[17175]: Failed password for mysql from 129.211.49.17 port 58302 ssh2 Jun 25 14:23:18 h2646465 sshd[17460]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.211.49.17 user=root Jun 25 14:23:20 h2646465 sshd[17460]: Failed password for root from 129.211.49.17 port 56710 ssh2 Jun 25 14:27:28 h2646465 sshd[17715]: Invalid user fxy from 129.211.49.17 ...	2020-06-25 21:43:45
185.143.75.81	attack	Jun 25 15:07:24 relay postfix/smtpd\[4074\]: warning: unknown\[185.143.75.81\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jun 25 15:08:01 relay postfix/smtpd\[10078\]: warning: unknown\[185.143.75.81\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jun 25 15:08:15 relay postfix/smtpd\[24122\]: warning: unknown\[185.143.75.81\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jun 25 15:08:50 relay postfix/smtpd\[10076\]: warning: unknown\[185.143.75.81\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jun 25 15:09:04 relay postfix/smtpd\[14237\]: warning: unknown\[185.143.75.81\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2020-06-25 21:23:35
36.72.213.242	attackbots	1593088081 - 06/25/2020 14:28:01 Host: 36.72.213.242/36.72.213.242 Port: 445 TCP Blocked	2020-06-25 21:17:14
124.239.168.74	attackbots	Jun 25 15:38:05 rotator sshd\[12601\]: Invalid user blue from 124.239.168.74Jun 25 15:38:07 rotator sshd\[12601\]: Failed password for invalid user blue from 124.239.168.74 port 54434 ssh2Jun 25 15:41:37 rotator sshd\[13403\]: Invalid user tir from 124.239.168.74Jun 25 15:41:39 rotator sshd\[13403\]: Failed password for invalid user tir from 124.239.168.74 port 37870 ssh2Jun 25 15:45:19 rotator sshd\[14117\]: Invalid user admin from 124.239.168.74Jun 25 15:45:21 rotator sshd\[14117\]: Failed password for invalid user admin from 124.239.168.74 port 49542 ssh2 ...	2020-06-25 21:51:54
106.12.191.143	attackspambots	3x Failed Password	2020-06-25 21:29:21
35.202.176.9	attackspam	frenzy	2020-06-25 21:33:52
51.91.14.55	attackspambots	51.91.14.55 - - [25/Jun/2020:13:50:22 +0100] "POST /wp-login.php HTTP/1.1" 200 2006 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 51.91.14.55 - - [25/Jun/2020:13:50:23 +0100] "POST /wp-login.php HTTP/1.1" 200 1973 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 51.91.14.55 - - [25/Jun/2020:13:50:23 +0100] "POST /xmlrpc.php HTTP/1.1" 403 219 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-06-25 21:16:42
192.241.238.94	attack	Port 22 Scan, PTR: None	2020-06-25 21:26:02
95.173.161.167	attack	WordPress login Brute force / Web App Attack on client site.	2020-06-25 21:17:54
49.233.148.2	attackbots	Jun 25 05:39:57 dignus sshd[14790]: Failed password for invalid user pont from 49.233.148.2 port 58456 ssh2 Jun 25 05:42:53 dignus sshd[15093]: Invalid user mc2 from 49.233.148.2 port 36406 Jun 25 05:42:53 dignus sshd[15093]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.233.148.2 Jun 25 05:42:55 dignus sshd[15093]: Failed password for invalid user mc2 from 49.233.148.2 port 36406 ssh2 Jun 25 05:45:56 dignus sshd[15358]: Invalid user admin from 49.233.148.2 port 42596 ...	2020-06-25 21:28:43
222.186.42.136	attack	Jun 25 23:41:39 localhost sshd[1995504]: Disconnected from 222.186.42.136 port 62750 [preauth] ...	2020-06-25 21:42:18
13.90.200.181	attackspam	Jun 25 15:19:16 vmd48417 sshd[2117]: Failed password for root from 13.90.200.181 port 33600 ssh2	2020-06-25 21:39:25
62.234.59.145	attackspambots	$f2bV_matches	2020-06-25 21:41:11
185.11.224.100	attackbotsspam	25-6-2020 14:27:38 Unauthorized connection attempt (Brute-Force). 25-6-2020 14:27:38 Connection from IP address: 185.11.224.100 on port: 993 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=185.11.224.100	2020-06-25 21:37:31

Recently Reported IPs

218.25.171.125	37.187.18.95	149.202.75.199	118.24.72.100
46.99.139.71	187.134.163.223	186.50.144.240	52.200.80.202
3.87.46.206	110.158.243.255	20.185.239.81	134.209.157.167
104.199.35.65	214.11.98.121	2804:14d:5c5b:41bc:1ca2:ff9d:371f:6b74	129.205.167.59
53.219.175.163	194.44.96.61	124.41.243.22	201.242.122.160