117.69.30.132 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): ChinaNet Anhui Province Network

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbotsspam	Oct 2 06:53:42 elektron postfix/smtpd\[24015\]: NOQUEUE: reject: RCPT from unknown\[117.69.30.132\]: 450 4.7.1 Client host rejected: cannot find your hostname, \[117.69.30.132\]\; from=\ to=\ proto=ESMTP helo=\ Oct 2 06:54:14 elektron postfix/smtpd\[25425\]: NOQUEUE: reject: RCPT from unknown\[117.69.30.132\]: 450 4.7.1 Client host rejected: cannot find your hostname, \[117.69.30.132\]\; from=\ to=\ proto=ESMTP helo=\ Oct 2 06:54:45 elektron postfix/smtpd\[21398\]: NOQUEUE: reject: RCPT from unknown\[117.69.30.132\]: 450 4.7.1 Client host rejected: cannot find your hostname, \[117.69.30.132\]\; from=\ to=\ proto=ESMTP helo=\	2019-10-02 12:58:14

类型

评论内容

时间

attackbotsspam

Oct  2 06:53:42 elektron postfix/smtpd\[24015\]: NOQUEUE: reject: RCPT from unknown\[117.69.30.132\]: 450 4.7.1 Client host rejected: cannot find your hostname, \[117.69.30.132\]\; from=\ to=\ proto=ESMTP helo=\
Oct  2 06:54:14 elektron postfix/smtpd\[25425\]: NOQUEUE: reject: RCPT from unknown\[117.69.30.132\]: 450 4.7.1 Client host rejected: cannot find your hostname, \[117.69.30.132\]\; from=\ to=\ proto=ESMTP helo=\
Oct  2 06:54:45 elektron postfix/smtpd\[21398\]: NOQUEUE: reject: RCPT from unknown\[117.69.30.132\]: 450 4.7.1 Client host rejected: cannot find your hostname, \[117.69.30.132\]\; from=\ to=\ proto=ESMTP helo=\

2019-10-02 12:58:14

相同子网IP讨论:

IP	类型	评论内容	时间
117.69.30.4	attackspam	Apr 13 06:53:37 elektron postfix/smtpd\[12073\]: NOQUEUE: reject: RCPT from unknown\[117.69.30.4\]: 450 4.7.1 Client host rejected: cannot find your hostname, \[117.69.30.4\]\; from=\ to=\ proto=ESMTP helo=\ Apr 13 06:54:10 elektron postfix/smtpd\[12822\]: NOQUEUE: reject: RCPT from unknown\[117.69.30.4\]: 450 4.7.1 Client host rejected: cannot find your hostname, \[117.69.30.4\]\; from=\ to=\ proto=ESMTP helo=\ Apr 13 06:54:47 elektron postfix/smtpd\[12822\]: NOQUEUE: reject: RCPT from unknown\[117.69.30.4\]: 450 4.7.1 Client host rejected: cannot find your hostname, \[117.69.30.4\]\; from=\ to=\ proto=ESMTP helo=\ Apr 13 06:55:20 elektron postfix/smtpd\[12073\]: NOQUEUE: reject: RCPT from unknown\[117.69.30.4\]: 450 4.7.1 Client host rejected: cannot find your hostname, \[117.69.30.4\]\; from=\ to=\ proto=ESMTP helo=\	2020-04-13 16:42:14
117.69.30.228	attack	Email spam message	2020-03-20 17:59:24
117.69.30.94	attackbots	IP: 117.69.30.94 Ports affected Simple Mail Transfer (25) Found in DNSBL('s) ASN Details AS4134 No.31 Jin-rong Street China (CN) CIDR 117.64.0.0/13 Log Date: 24/02/2020 12:46:14 PM UTC	2020-02-24 21:31:28
117.69.30.162	attack	Feb 9 05:56:49 grey postfix/smtpd\[27745\]: NOQUEUE: reject: RCPT from unknown\[117.69.30.162\]: 554 5.7.1 Service unavailable\; Client host \[117.69.30.162\] blocked using truncate.gbudb.net\; http://www.gbudb.com/truncate/ \[117.69.30.162\]\; from=\ to=\ proto=ESMTP helo=\ ...	2020-02-09 14:38:12
117.69.30.194	attackspambots	Jan 22 13:53:20 grey postfix/smtpd\[7299\]: NOQUEUE: reject: RCPT from unknown\[117.69.30.194\]: 554 5.7.1 Service unavailable\; Client host \[117.69.30.194\] blocked using truncate.gbudb.net\; http://www.gbudb.com/truncate/ \[117.69.30.194\]\; from=\ to=\ proto=ESMTP helo=\ ...	2020-01-22 23:05:02
117.69.30.65	attackbots	Email spam message	2020-01-13 22:05:58
117.69.30.210	attackspambots	Jan 9 14:07:48 grey postfix/smtpd\[21981\]: NOQUEUE: reject: RCPT from unknown\[117.69.30.210\]: 554 5.7.1 Service unavailable\; Client host \[117.69.30.210\] blocked using truncate.gbudb.net\; http://www.gbudb.com/truncate/ \[117.69.30.210\]\; from=\ to=\ proto=ESMTP helo=\ ...	2020-01-10 00:10:06
117.69.30.32	attackbots	Jan 2 07:30:34 grey postfix/smtpd\[16335\]: NOQUEUE: reject: RCPT from unknown\[117.69.30.32\]: 554 5.7.1 Service unavailable\; Client host \[117.69.30.32\] blocked using truncate.gbudb.net\; http://www.gbudb.com/truncate/ \[117.69.30.32\]\; from=\ to=\ proto=ESMTP helo=\ ...	2020-01-02 14:52:09
117.69.30.7	attack	Dec 14 15:45:03 grey postfix/smtpd\[16976\]: NOQUEUE: reject: RCPT from unknown\[117.69.30.7\]: 554 5.7.1 Service unavailable\; Client host \[117.69.30.7\] blocked using truncate.gbudb.net\; http://www.gbudb.com/truncate/ \[117.69.30.7\]\; from=\ to=\ proto=ESMTP helo=\ ...	2019-12-15 00:11:10
117.69.30.216	attackspambots	badbot	2019-11-24 02:43:21
117.69.30.240	attackspambots	Brute force SMTP login attempts.	2019-11-01 07:36:52
117.69.30.106	attack	Brute force SMTP login attempts.	2019-10-20 14:40:16
117.69.30.20	attackbotsspam	Brute force attempt	2019-09-11 17:21:09
117.69.30.219	attackspambots	Brute force SMTP login attempts.	2019-08-30 13:58:55
117.69.30.4	attackbots	Brute force attempt	2019-08-15 09:11:56

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 117.69.30.132
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 29988
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;117.69.30.132.			IN	A

;; AUTHORITY SECTION:
.			384	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019100102 1800 900 604800 86400

;; Query time: 115 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Oct 02 12:58:02 CST 2019
;; MSG SIZE  rcvd: 117

HOST信息:

Host 132.30.69.117.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 132.30.69.117.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
49.88.112.112	attack	February 05 2020, 22:45:30 [sshd] - Banned from the Cipher Host hosting platform by Fail2ban.	2020-02-06 06:58:41
86.177.195.145	attack	Feb 5 12:23:47 hpm sshd\[11910\]: Invalid user jcb from 86.177.195.145 Feb 5 12:23:47 hpm sshd\[11910\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=host86-177-195-145.range86-177.btcentralplus.com Feb 5 12:23:48 hpm sshd\[11910\]: Failed password for invalid user jcb from 86.177.195.145 port 47366 ssh2 Feb 5 12:26:26 hpm sshd\[12242\]: Invalid user tak from 86.177.195.145 Feb 5 12:26:26 hpm sshd\[12242\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=host86-177-195-145.range86-177.btcentralplus.com	2020-02-06 06:38:26
93.174.93.231	attackbots	Feb 5 23:30:50 debian-2gb-nbg1-2 kernel: \[3201096.148304\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=93.174.93.231 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=247 ID=15626 PROTO=TCP SPT=42544 DPT=29468 WINDOW=1024 RES=0x00 SYN URGP=0	2020-02-06 06:50:49
178.165.56.235	attackbots	Faked Googlebot	2020-02-06 06:27:10
114.33.1.251	attackspam	Unauthorized connection attempt detected from IP address 114.33.1.251 to port 81 [J]	2020-02-06 06:25:48
177.125.207.151	attackbots	Brute force attempt	2020-02-06 06:52:40
188.214.133.166	attack	Feb 5 22:21:06 mercury sshd[9789]: Invalid user bdos from 188.214.133.166 port 37436 Feb 5 22:22:59 mercury sshd[9796]: Invalid user es from 188.214.133.166 port 40242 Feb 5 22:24:44 mercury sshd[9807]: Invalid user es from 188.214.133.166 port 43042 Feb 5 22:26:24 mercury sshd[9837]: Invalid user es from 188.214.133.166 port 45846 Feb 5 22:28:10 mercury sshd[9842]: Invalid user es from 188.214.133.166 port 48666 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=188.214.133.166	2020-02-06 07:02:36
65.151.176.53	attackspambots	Feb 4 10:45:27 josie sshd[30737]: Invalid user nina from 65.151.176.53 Feb 4 10:45:27 josie sshd[30737]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=65.151.176.53 Feb 4 10:45:29 josie sshd[30737]: Failed password for invalid user nina from 65.151.176.53 port 48628 ssh2 Feb 4 10:45:29 josie sshd[30738]: Received disconnect from 65.151.176.53: 11: Bye Bye Feb 4 10:46:37 josie sshd[31936]: Invalid user lysenko from 65.151.176.53 Feb 4 10:46:37 josie sshd[31936]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=65.151.176.53 Feb 4 10:46:39 josie sshd[31936]: Failed password for invalid user lysenko from 65.151.176.53 port 56702 ssh2 Feb 4 10:46:39 josie sshd[31941]: Received disconnect from 65.151.176.53: 11: Bye Bye Feb 4 10:49:42 josie sshd[4138]: Invalid user cedric from 65.151.176.53 Feb 4 10:49:42 josie sshd[4138]: pam_unix(sshd:auth): authentication failure; logname= uid=0 e........ -------------------------------	2020-02-06 06:37:08
120.78.184.189	attackbots	Unauthorized connection attempt detected from IP address 120.78.184.189 to port 7001 [J]	2020-02-06 06:23:39
216.244.66.203	attackbotsspam	Forbidden directory scan :: 2020/02/05 22:26:06 [error] 1025#1025: *147088 access forbidden by rule, client: 216.244.66.203, server: [censored_1], request: "GET /knowledge-base/%ht_kb_category%/google-custom-search-not-showing-all-results/ HTTP/1.1", host: "www.[censored_1]"	2020-02-06 06:56:15
70.185.95.162	attackbots	Automatic report - XMLRPC Attack	2020-02-06 06:27:40
3.12.25.115	attackbots	Automatic report - XMLRPC Attack	2020-02-06 06:50:22
188.166.229.205	attackspam	Feb 6 01:04:12 server sshd\[30724\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=188.166.229.205 user=root Feb 6 01:04:14 server sshd\[30724\]: Failed password for root from 188.166.229.205 port 10352 ssh2 Feb 6 01:26:29 server sshd\[2574\]: Invalid user test from 188.166.229.205 Feb 6 01:26:29 server sshd\[2574\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=188.166.229.205 Feb 6 01:26:32 server sshd\[2574\]: Failed password for invalid user test from 188.166.229.205 port 24408 ssh2 ...	2020-02-06 06:33:14
49.88.112.75	attack	Feb 6 03:36:13 gw1 sshd[8094]: Failed password for root from 49.88.112.75 port 14150 ssh2 ...	2020-02-06 06:59:03
165.227.58.61	attackspambots	Feb 3 00:57:42 v2hgb sshd[12480]: Invalid user deb from 165.227.58.61 port 50408 Feb 3 00:57:42 v2hgb sshd[12480]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=165.227.58.61 Feb 3 00:57:44 v2hgb sshd[12480]: Failed password for invalid user deb from 165.227.58.61 port 50408 ssh2 Feb 3 00:57:46 v2hgb sshd[12480]: Received disconnect from 165.227.58.61 port 50408:11: Bye Bye [preauth] Feb 3 00:57:46 v2hgb sshd[12480]: Disconnected from invalid user deb 165.227.58.61 port 50408 [preauth] Feb 5 22:52:47 v2hgb sshd[17418]: Invalid user kqg from 165.227.58.61 port 57880 Feb 5 22:52:47 v2hgb sshd[17418]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=165.227.58.61 Feb 5 22:52:50 v2hgb sshd[17418]: Failed password for invalid user kqg from 165.227.58.61 port 57880 ssh2 Feb 5 22:52:51 v2hgb sshd[17418]: Received disconnect from 165.227.58.61 port 57880:11: Bye Bye [preauth] Feb 5 22:5........ -------------------------------	2020-02-06 07:05:23

最近上报的IP列表

82.193.134.81	179.183.64.29	192.246.132.5	66.154.160.224
76.59.126.109	125.116.229.169	113.9.128.70	3.9.128.61
99.212.90.162	45.14.227.203	41.156.181.28	95.126.53.170
147.240.178.236	142.195.203.125	209.62.176.251	207.240.167.240
140.56.60.28	57.235.255.5	162.219.234.210	51.82.135.122