Attempted Chinese hack?

2025-03-29

I started working on setting up my first Website, virtually hosted, about a week ago. I've been playing with CPanel daily and noticed yesterday that I had a visitor from 61.133.102.XXX. I checked their IP on ARIN and got this info...

inetnum 61.133.102.128 - 61.133.102.255
netname SD160
descr Shandong Telecom 160 Info. Station
country CN
admin-c DS95-AP, inverse
tech-c DS95-AP, inverse
mnt-by MAINT-ZXF, inverse
changed zxf@sdinfo.net 20010319
source APNIC

person Data Communication Bureau Shandong, inverse
address No.77 Jingsan Road,Jinan,Shandong,P.R.China
country CN
phone +86-531-6052163
fax-no +86-531-6052245
e-mail http://www.apnic.net/apnic-bin/whois...%40sdinfo.net, inverse
nic-hdl DS95-AP, inverse
mnt-by MAINT-ZXF, inverse
changed zxf@sdinfo.net 20010206
source APNIC

The weird thing is that I haven't given the domain out to anybody expect the person setting it up with me. I know it's public record and all, but yesterday's visitor is the only one who's been to the site beside me and the other person.

I thought the Chinese hacker attacks we'd been hearing about were just overblown hype from the press and China itself. But now I'm wondering if this is what this was. I know nothing about the service provider above and am not intending to impute their name. It's just kinda weird. Whoever it was, they got an Error 400. I wonder what's the most likely reason why...