117.69.30.132 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): ChinaNet Anhui Province Network

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbotsspam	Oct 2 06:53:42 elektron postfix/smtpd\[24015\]: NOQUEUE: reject: RCPT from unknown\[117.69.30.132\]: 450 4.7.1 Client host rejected: cannot find your hostname, \[117.69.30.132\]\; from=\ to=\ proto=ESMTP helo=\ Oct 2 06:54:14 elektron postfix/smtpd\[25425\]: NOQUEUE: reject: RCPT from unknown\[117.69.30.132\]: 450 4.7.1 Client host rejected: cannot find your hostname, \[117.69.30.132\]\; from=\ to=\ proto=ESMTP helo=\ Oct 2 06:54:45 elektron postfix/smtpd\[21398\]: NOQUEUE: reject: RCPT from unknown\[117.69.30.132\]: 450 4.7.1 Client host rejected: cannot find your hostname, \[117.69.30.132\]\; from=\ to=\ proto=ESMTP helo=\	2019-10-02 12:58:14

类型

评论内容

时间

attackbotsspam

Oct  2 06:53:42 elektron postfix/smtpd\[24015\]: NOQUEUE: reject: RCPT from unknown\[117.69.30.132\]: 450 4.7.1 Client host rejected: cannot find your hostname, \[117.69.30.132\]\; from=\ to=\ proto=ESMTP helo=\
Oct  2 06:54:14 elektron postfix/smtpd\[25425\]: NOQUEUE: reject: RCPT from unknown\[117.69.30.132\]: 450 4.7.1 Client host rejected: cannot find your hostname, \[117.69.30.132\]\; from=\ to=\ proto=ESMTP helo=\
Oct  2 06:54:45 elektron postfix/smtpd\[21398\]: NOQUEUE: reject: RCPT from unknown\[117.69.30.132\]: 450 4.7.1 Client host rejected: cannot find your hostname, \[117.69.30.132\]\; from=\ to=\ proto=ESMTP helo=\

2019-10-02 12:58:14

相同子网IP讨论:

IP	类型	评论内容	时间
117.69.30.4	attackspam	Apr 13 06:53:37 elektron postfix/smtpd\[12073\]: NOQUEUE: reject: RCPT from unknown\[117.69.30.4\]: 450 4.7.1 Client host rejected: cannot find your hostname, \[117.69.30.4\]\; from=\ to=\ proto=ESMTP helo=\ Apr 13 06:54:10 elektron postfix/smtpd\[12822\]: NOQUEUE: reject: RCPT from unknown\[117.69.30.4\]: 450 4.7.1 Client host rejected: cannot find your hostname, \[117.69.30.4\]\; from=\ to=\ proto=ESMTP helo=\ Apr 13 06:54:47 elektron postfix/smtpd\[12822\]: NOQUEUE: reject: RCPT from unknown\[117.69.30.4\]: 450 4.7.1 Client host rejected: cannot find your hostname, \[117.69.30.4\]\; from=\ to=\ proto=ESMTP helo=\ Apr 13 06:55:20 elektron postfix/smtpd\[12073\]: NOQUEUE: reject: RCPT from unknown\[117.69.30.4\]: 450 4.7.1 Client host rejected: cannot find your hostname, \[117.69.30.4\]\; from=\ to=\ proto=ESMTP helo=\	2020-04-13 16:42:14
117.69.30.228	attack	Email spam message	2020-03-20 17:59:24
117.69.30.94	attackbots	IP: 117.69.30.94 Ports affected Simple Mail Transfer (25) Found in DNSBL('s) ASN Details AS4134 No.31 Jin-rong Street China (CN) CIDR 117.64.0.0/13 Log Date: 24/02/2020 12:46:14 PM UTC	2020-02-24 21:31:28
117.69.30.162	attack	Feb 9 05:56:49 grey postfix/smtpd\[27745\]: NOQUEUE: reject: RCPT from unknown\[117.69.30.162\]: 554 5.7.1 Service unavailable\; Client host \[117.69.30.162\] blocked using truncate.gbudb.net\; http://www.gbudb.com/truncate/ \[117.69.30.162\]\; from=\ to=\ proto=ESMTP helo=\ ...	2020-02-09 14:38:12
117.69.30.194	attackspambots	Jan 22 13:53:20 grey postfix/smtpd\[7299\]: NOQUEUE: reject: RCPT from unknown\[117.69.30.194\]: 554 5.7.1 Service unavailable\; Client host \[117.69.30.194\] blocked using truncate.gbudb.net\; http://www.gbudb.com/truncate/ \[117.69.30.194\]\; from=\ to=\ proto=ESMTP helo=\ ...	2020-01-22 23:05:02
117.69.30.65	attackbots	Email spam message	2020-01-13 22:05:58
117.69.30.210	attackspambots	Jan 9 14:07:48 grey postfix/smtpd\[21981\]: NOQUEUE: reject: RCPT from unknown\[117.69.30.210\]: 554 5.7.1 Service unavailable\; Client host \[117.69.30.210\] blocked using truncate.gbudb.net\; http://www.gbudb.com/truncate/ \[117.69.30.210\]\; from=\ to=\ proto=ESMTP helo=\ ...	2020-01-10 00:10:06
117.69.30.32	attackbots	Jan 2 07:30:34 grey postfix/smtpd\[16335\]: NOQUEUE: reject: RCPT from unknown\[117.69.30.32\]: 554 5.7.1 Service unavailable\; Client host \[117.69.30.32\] blocked using truncate.gbudb.net\; http://www.gbudb.com/truncate/ \[117.69.30.32\]\; from=\ to=\ proto=ESMTP helo=\ ...	2020-01-02 14:52:09
117.69.30.7	attack	Dec 14 15:45:03 grey postfix/smtpd\[16976\]: NOQUEUE: reject: RCPT from unknown\[117.69.30.7\]: 554 5.7.1 Service unavailable\; Client host \[117.69.30.7\] blocked using truncate.gbudb.net\; http://www.gbudb.com/truncate/ \[117.69.30.7\]\; from=\ to=\ proto=ESMTP helo=\ ...	2019-12-15 00:11:10
117.69.30.216	attackspambots	badbot	2019-11-24 02:43:21
117.69.30.240	attackspambots	Brute force SMTP login attempts.	2019-11-01 07:36:52
117.69.30.106	attack	Brute force SMTP login attempts.	2019-10-20 14:40:16
117.69.30.20	attackbotsspam	Brute force attempt	2019-09-11 17:21:09
117.69.30.219	attackspambots	Brute force SMTP login attempts.	2019-08-30 13:58:55
117.69.30.4	attackbots	Brute force attempt	2019-08-15 09:11:56

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 117.69.30.132
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 29988
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;117.69.30.132.			IN	A

;; AUTHORITY SECTION:
.			384	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019100102 1800 900 604800 86400

;; Query time: 115 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Oct 02 12:58:02 CST 2019
;; MSG SIZE  rcvd: 117

HOST信息:

Host 132.30.69.117.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 132.30.69.117.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
103.232.121.152	attack	Jan 8 22:08:07 srv01 proftpd[3329]: 0.0.0.0 (103.232.121.152[103.232.121.152]) - USER serverhosting: no such user found from 103.232.121.152 [103.232.121.152] to 85.114.141.118:21 Jan 8 22:08:10 srv01 proftpd[3333]: 0.0.0.0 (103.232.121.152[103.232.121.152]) - USER serverhosting: no such user found from 103.232.121.152 [103.232.121.152] to 85.114.141.118:21 Jan 8 22:08:12 srv01 proftpd[3334]: 0.0.0.0 (103.232.121.152[103.232.121.152]) - USER serverhosting: no such user found from 103.232.121.152 [103.232.121.152] to 85.114.141.118:21 ...	2020-01-09 08:01:28
192.99.70.208	attackbots	Jan 8 23:11:12 SilenceServices sshd[28634]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.99.70.208 Jan 8 23:11:14 SilenceServices sshd[28634]: Failed password for invalid user dtr from 192.99.70.208 port 42090 ssh2 Jan 8 23:14:00 SilenceServices sshd[30856]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.99.70.208	2020-01-09 07:52:35
222.186.175.23	attackspam	Jan 8 23:57:03 marvibiene sshd[7638]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.23 user=root Jan 8 23:57:05 marvibiene sshd[7638]: Failed password for root from 222.186.175.23 port 37168 ssh2 Jan 8 23:57:08 marvibiene sshd[7638]: Failed password for root from 222.186.175.23 port 37168 ssh2 Jan 8 23:57:03 marvibiene sshd[7638]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.23 user=root Jan 8 23:57:05 marvibiene sshd[7638]: Failed password for root from 222.186.175.23 port 37168 ssh2 Jan 8 23:57:08 marvibiene sshd[7638]: Failed password for root from 222.186.175.23 port 37168 ssh2 ...	2020-01-09 08:01:41
185.156.175.91	attack	B: Magento admin pass test (wrong country)	2020-01-09 07:54:12
201.174.182.159	attackspam	Jan 8 22:07:22 MK-Soft-Root2 sshd[12457]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=201.174.182.159 Jan 8 22:07:25 MK-Soft-Root2 sshd[12457]: Failed password for invalid user igp from 201.174.182.159 port 41842 ssh2 ...	2020-01-09 08:29:15
144.217.170.235	attack	2020-01-08T15:35:21.257449-07:00 suse-nuc sshd[14861]: Invalid user user from 144.217.170.235 port 51216 ...	2020-01-09 08:04:08
177.85.165.115	attackspambots	Unauthorized connection attempt detected from IP address 177.85.165.115 to port 445	2020-01-09 08:17:13
222.186.175.154	attack	Jan 9 01:15:33 MK-Soft-Root2 sshd[19085]: Failed password for root from 222.186.175.154 port 23708 ssh2 Jan 9 01:15:38 MK-Soft-Root2 sshd[19085]: Failed password for root from 222.186.175.154 port 23708 ssh2 ...	2020-01-09 08:16:48
104.211.216.173	attackbotsspam	[ssh] SSH attack	2020-01-09 08:19:33
222.186.180.130	attackbotsspam	Jan 9 00:51:43 dcd-gentoo sshd[31158]: User root from 222.186.180.130 not allowed because none of user's groups are listed in AllowGroups Jan 9 00:51:45 dcd-gentoo sshd[31158]: error: PAM: Authentication failure for illegal user root from 222.186.180.130 Jan 9 00:51:43 dcd-gentoo sshd[31158]: User root from 222.186.180.130 not allowed because none of user's groups are listed in AllowGroups Jan 9 00:51:45 dcd-gentoo sshd[31158]: error: PAM: Authentication failure for illegal user root from 222.186.180.130 Jan 9 00:51:43 dcd-gentoo sshd[31158]: User root from 222.186.180.130 not allowed because none of user's groups are listed in AllowGroups Jan 9 00:51:45 dcd-gentoo sshd[31158]: error: PAM: Authentication failure for illegal user root from 222.186.180.130 Jan 9 00:51:45 dcd-gentoo sshd[31158]: Failed keyboard-interactive/pam for invalid user root from 222.186.180.130 port 52076 ssh2 ...	2020-01-09 07:56:56
36.110.118.129	attack	Jan 8 18:08:00 ws22vmsma01 sshd[5709]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=36.110.118.129 Jan 8 18:08:02 ws22vmsma01 sshd[5709]: Failed password for invalid user cir from 36.110.118.129 port 48232 ssh2 ...	2020-01-09 08:05:59
191.189.30.241	attack	Jan 9 03:56:38 areeb-Workstation sshd[11175]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=191.189.30.241 Jan 9 03:56:40 areeb-Workstation sshd[11175]: Failed password for invalid user tinydns from 191.189.30.241 port 56224 ssh2 ...	2020-01-09 08:15:21
175.166.144.36	attackbots	Jan 9 00:39:59 163-172-32-151 proftpd[20490]: 0.0.0.0 (175.166.144.36[175.166.144.36]) - USER anonymous: no such user found from 175.166.144.36 [175.166.144.36] to 163.172.32.151:21 ...	2020-01-09 08:26:41
49.88.112.55	attackbots	Jan 9 01:09:21 MK-Soft-Root1 sshd[14202]: Failed password for root from 49.88.112.55 port 50342 ssh2 Jan 9 01:09:24 MK-Soft-Root1 sshd[14202]: Failed password for root from 49.88.112.55 port 50342 ssh2 ...	2020-01-09 08:09:42
120.35.189.225	attack	2020-01-08 15:07:11 dovecot_login authenticator failed for (eizsw) [120.35.189.225]:55186 I=[192.147.25.65]:25: 535 Incorrect authentication data (set_id=liujie@lerctr.org) 2020-01-08 15:07:18 dovecot_login authenticator failed for (gmzpz) [120.35.189.225]:55186 I=[192.147.25.65]:25: 535 Incorrect authentication data (set_id=liujie@lerctr.org) 2020-01-08 15:07:30 dovecot_login authenticator failed for (xnmub) [120.35.189.225]:55186 I=[192.147.25.65]:25: 535 Incorrect authentication data (set_id=liujie@lerctr.org) ...	2020-01-09 08:25:36

最近上报的IP列表

82.193.134.81	179.183.64.29	192.246.132.5	66.154.160.224
76.59.126.109	125.116.229.169	113.9.128.70	3.9.128.61
99.212.90.162	45.14.227.203	41.156.181.28	95.126.53.170
147.240.178.236	142.195.203.125	209.62.176.251	207.240.167.240
140.56.60.28	57.235.255.5	162.219.234.210	51.82.135.122