JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 202.61.130.107

202.61.130.107 was found in our database!

This IP was reported 47 times. Confidence of Abuse is 41%: ?

41%

ISP	CTG Server Ltd.
Usage Type	Data Center/Web Hosting/Transit
ASN	AS152194
Domain Name	rackip.com
Country	🇯🇵 Japan
City	Asagaya-minami, Tokyo

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 202.61.130.107

Whois 202.61.130.107

IP Abuse Reports for 202.61.130.107:

This IP address has been reported a total of 47 times from 24 distinct sources. 202.61.130.107 was first reported on November 20th 2025, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇬🇧 PeravixGroup	2026-06-06 14:58:51 (1 week ago)	Honeypot detection: Jenkins CI unauthorized access / script console abuse attempt (CVE-2024-23897) o ... show more Honeypot detection: Jenkins CI unauthorized access / script console abuse attempt (CVE-2024-23897) on port 50000. Severity: CRITICAL. Aaran.cloud show less	Hacking Exploited Host
🇬🇧 PeravixGroup	2026-06-03 05:05:35 (2 weeks ago)	Honeypot detection: Jenkins CI unauthorized access / script console abuse attempt (CVE-2024-23897) o ... show more Honeypot detection: Jenkins CI unauthorized access / script console abuse attempt (CVE-2024-23897) on port 50000. Severity: MEDIUM. Aaran.cloud show less	Hacking Exploited Host
🇧🇪 cmbplf	2026-05-27 05:08:24 (3 weeks ago)	6.225 4xx requests in 1 hour (2w3d10h)	Brute-Force Bad Web Bot
🇺🇸 Matthew Ping	2026-05-25 02:30:22 (3 weeks ago)	cPanel/WHM brute force blocked by CSF/LFD on d865.	Web App Attack Brute-Force
🇩🇪 robinwolff	2026-05-23 08:23:41 (3 weeks ago)		Web App Attack Hacking
🇬🇧 PeravixGroup	2026-05-22 00:21:04 (4 weeks ago)	Honeypot detection: Jenkins CI unauthorized access / script console abuse attempt (CVE-2024-23897) o ... show more Honeypot detection: Jenkins CI unauthorized access / script console abuse attempt (CVE-2024-23897) on port 50000. Severity: MEDIUM. Aaran.cloud show less	Hacking Exploited Host
🇬🇧 PeravixGroup	2026-05-20 00:20:48 (4 weeks ago)	Honeypot detection: Jenkins CI unauthorized access / script console abuse attempt (CVE-2024-23897) o ... show more Honeypot detection: Jenkins CI unauthorized access / script console abuse attempt (CVE-2024-23897) on port 50000. Severity: MEDIUM. Aaran.cloud show less	Hacking Exploited Host
🇩🇪 robinwolff	2026-05-19 12:17:19 (1 month ago)		Web App Attack Hacking
🇬🇧 PeravixGroup	2026-05-19 00:20:46 (1 month ago)	Honeypot detection: Jenkins CI unauthorized access / script console abuse attempt (CVE-2024-23897) o ... show more Honeypot detection: Jenkins CI unauthorized access / script console abuse attempt (CVE-2024-23897) on port 50000. Severity: MEDIUM. Aaran.cloud show less	Hacking Exploited Host
🇫🇮 as211431.net	2026-05-18 07:10:39 (1 month ago)	Triggered Cloudflare WAF (firewallCustom) from JP. Action taken: MANAGED_CHALLENGE Protocol: HTTP/1. ... show more Triggered Cloudflare WAF (firewallCustom) from JP. Action taken: MANAGED_CHALLENGE Protocol: HTTP/1.1 (GET method) Endpoint: / UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.79 Safari/537.36 This report was generated by: https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
🇺🇸 vertali	2026-05-17 14:02:18 (1 month ago)	CSF/LFD blocked 202.61.130.107; trigger=LF_CPANEL; direction=inout; ports=; permanent=1; timeout=1; ... show more CSF/LFD blocked 202.61.130.107; trigger=LF_CPANEL; direction=inout; ports=; permanent=1; timeout=1; reason=(cpanel) Failed cPanel login from 202.61.130.107 (JP/Japan/-): 5 in the last 3600 secs; logs=[2026-05-17 08:56:49 -0500] info [whostmgrd] 202.61.130.107 - root "POST /login/?login_only=1 HTTP/1.1" FAILED LOGIN whostmgrd: user password incorrect [2026-05-17 08:57:30 -0500] info [whostmgrd] 202.61.130.107 - root "GET /cpsess8444658375/json-api/version HTTP/1.1" FAILED LOGIN whostmgrd: user password incorrect [2026-05-17 09:01:30 -0500] info [whostmgrd] 202.61.130.107 - root "POST /login/?login_only=1 HTTP/1.1" FAILED LOGIN whostmgrd: user password incorrect [2026-05-17 09:01:36 -0500] inf show less	Brute-Force Web App Attack SSH
🇫🇷 ISPLtd	2026-05-15 07:16:48 (1 month ago)	May 15 04:16:44 202.61.130.107 TCP SPT=50580 DPT=3000 SYN May 15 04:16:45 202.61.130.107 TCP SPT=505 ... show more May 15 04:16:44 202.61.130.107 TCP SPT=50580 DPT=3000 SYN May 15 04:16:45 202.61.130.107 TCP SPT=50580 DPT=3000 SYN May 15 04:16:47 202.61.130.107 TCP SPT=50580 DPT=3000 ... show less	Port Scan
🇩🇪 ValtonTahiri	2026-05-13 11:29:18 (1 month ago)	UFW blocked a suspicious connection attempt to a closed or denied port. This activity is commonly as ... show more UFW blocked a suspicious connection attempt to a closed or denied port. This activity is commonly associated with port scanning, service discovery, or automated internet probing. Technical: source_ip=202.61.130.107; proto=TCP; source_port=48318; target_port=3000; flags=SYN show less	Port Scan
Anonymous	2026-05-13 08:18:25 (1 month ago)	202.61.130.107 (SG/Singapore/-), 5 distributed cpanel attacks on account [root] in the last 600 secs ... show more 202.61.130.107 (SG/Singapore/-), 5 distributed cpanel attacks on account [root] in the last 600 secs; Ports: *; Direction: inout; Trigger: LF_DISTATTACK; Logs: [2026-05-13 02:18:17 -0600] info [whostmgrd] 202.61.130.107 - root "POST /login/?login_only=1 HTTP/1.1" FAILED LOGIN whostmgrd: user password incorrect [2026-05-13 02:18:19 -0600] info [whostmgrd] 202.61.130.107 - root "POST /login/?login_only=1 HTTP/1.1" FAILED LOGIN whostmgrd: user password incorrect [2026-05-13 02:18:20 -0600] info [whostmgrd] 202.61.130.107 - root "POST /login/?login_only=1 HTTP/1.1" FAILED LOGIN whostmgrd: user password incorrect [2026-05-13 02:18:21 -0600] info [whostmgrd] 202.61.130.107 - root "POST /login/?login_only=1 HTTP/1.1" FAILED LOGIN whostmgrd: user password incorrect [2026-05-13 02:10:52 -0600] info [cpaneld] 205.185.113.241 - root "POST /login/?login_only=1 HTTP/1.1" FAILED LOGIN cpaneld: root login is not permitted to cpaneld IP Addresses Blocked: show less	Port Scan
Anonymous	2026-05-13 07:57:29 (1 month ago)	202.61.130.107 (JP/Japan/-)	Brute-Force

Showing 1 to 15 of 47 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 222.86.168.224

🇹🇼 198.235.24.15

🇻🇳 160.30.136.41

🇨🇦 104.234.135.32

🇳🇱 45.148.10.147

🇨🇳 14.103.127.3

🇨🇳 175.4.104.50

🇨🇳 101.96.200.79

🇺🇸 100.25.217.185

🇨🇳 81.70.231.23

🇳🇱 81.19.216.93

🇺🇸 65.110.40.13

🇸🇬 43.159.51.254

🇧🇪 34.156.163.45

🇺🇸 20.184.175.6

🇩🇪 185.242.3.226

🇨🇳 182.121.78.108

🇺🇸 162.216.150.241

🇹🇭 103.206.205.73

🇮🇳 103.205.142.244