119.132.4.230 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): ChinaNet Guangdong Province Network

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Unauthorized connection attempt detected from IP address 119.132.4.230 to port 6656 [T]	2020-01-29 17:16:45

相同子网IP讨论:

IP	类型	评论内容	时间
119.132.40.22	attackspambots	Unauthorized connection attempt detected from IP address 119.132.40.22 to port 6656 [T]	2020-01-30 14:15:14
119.132.47.75	attackbotsspam	Aug 31 23:30:28 georgia postfix/smtpd[14488]: connect from unknown[119.132.47.75] Aug 31 23:30:29 georgia postfix/smtpd[14488]: warning: unknown[119.132.47.75]: SASL LOGIN authentication failed: authentication failure Aug 31 23:30:29 georgia postfix/smtpd[14488]: lost connection after AUTH from unknown[119.132.47.75] Aug 31 23:30:29 georgia postfix/smtpd[14488]: disconnect from unknown[119.132.47.75] ehlo=1 auth=0/1 commands=1/2 Aug 31 23:30:29 georgia postfix/smtpd[14488]: connect from unknown[119.132.47.75] Aug 31 23:30:30 georgia postfix/smtpd[14488]: warning: unknown[119.132.47.75]: SASL LOGIN authentication failed: authentication failure Aug 31 23:30:31 georgia postfix/smtpd[14488]: lost connection after AUTH from unknown[119.132.47.75] Aug 31 23:30:31 georgia postfix/smtpd[14488]: disconnect from unknown[119.132.47.75] ehlo=1 auth=0/1 commands=1/2 Aug 31 23:30:31 georgia postfix/smtpd[14488]: connect from unknown[119.132.47.75] Aug 31 23:30:32 georgia postfix/smtp........ -------------------------------	2019-09-01 11:25:34
119.132.46.251	attack	smtp brute force login	2019-08-08 09:14:54

类型

评论内容

时间

119.132.40.22

attackspambots

Unauthorized connection attempt detected from IP address 119.132.40.22 to port 6656 [T]

2020-01-30 14:15:14

119.132.47.75

attackbotsspam

Aug 31 23:30:28 georgia postfix/smtpd[14488]: connect from unknown[119.132.47.75]
Aug 31 23:30:29 georgia postfix/smtpd[14488]: warning: unknown[119.132.47.75]: SASL LOGIN authentication failed: authentication failure
Aug 31 23:30:29 georgia postfix/smtpd[14488]: lost connection after AUTH from unknown[119.132.47.75]
Aug 31 23:30:29 georgia postfix/smtpd[14488]: disconnect from unknown[119.132.47.75] ehlo=1 auth=0/1 commands=1/2
Aug 31 23:30:29 georgia postfix/smtpd[14488]: connect from unknown[119.132.47.75]
Aug 31 23:30:30 georgia postfix/smtpd[14488]: warning: unknown[119.132.47.75]: SASL LOGIN authentication failed: authentication failure
Aug 31 23:30:31 georgia postfix/smtpd[14488]: lost connection after AUTH from unknown[119.132.47.75]
Aug 31 23:30:31 georgia postfix/smtpd[14488]: disconnect from unknown[119.132.47.75] ehlo=1 auth=0/1 commands=1/2
Aug 31 23:30:31 georgia postfix/smtpd[14488]: connect from unknown[119.132.47.75]
Aug 31 23:30:32 georgia postfix/smtp........
-------------------------------

2019-09-01 11:25:34

119.132.46.251

attack

smtp brute force login

2019-08-08 09:14:54

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 119.132.4.230
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 46533
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;119.132.4.230.			IN	A

;; AUTHORITY SECTION:
.			495	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020012900 1800 900 604800 86400

;; Query time: 112 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Jan 29 17:16:41 CST 2020
;; MSG SIZE  rcvd: 117

HOST信息:

Host 230.4.132.119.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 230.4.132.119.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
192.3.183.130	attack	Multiport scan : 43 ports scanned 224 259 402 465 754 808 911 999 1004 1036 1761 2004 2017 2082 2370 4418 4492 4493 4494 4500 4550 5005 5554 6112 7005 7831 8002 8294 8443 8877 9900 9988 14004 22666 23389 30900 33921 43000 50005 51000 55444 55555 56789	2020-03-02 08:37:01
190.54.116.42	attackbotsspam	Scanning random ports - tries to find possible vulnerable services	2020-03-02 08:47:59
192.241.210.120	attack	Scanning random ports - tries to find possible vulnerable services	2020-03-02 08:27:30
192.82.65.72	attackspam	Scanning random ports - tries to find possible vulnerable services	2020-03-02 08:36:17
190.187.44.66	attackbotsspam	Scanning random ports - tries to find possible vulnerable services	2020-03-02 08:43:21
192.241.198.223	attack	Unauthorized connection attempt detected from IP address 192.241.198.223 to port 587 [J]	2020-03-02 08:32:29
192.241.212.138	attackspam	Honeypot hit: misc	2020-03-02 08:23:10
192.241.197.196	attackbotsspam	Scanning random ports - tries to find possible vulnerable services	2020-03-02 08:32:44
190.72.16.44	attackspam	Scanning random ports - tries to find possible vulnerable services	2020-03-02 08:47:21
192.241.209.194	attackspambots	Scanning random ports - tries to find possible vulnerable services	2020-03-02 08:28:12
192.241.219.232	attack	Scanning random ports - tries to find possible vulnerable services	2020-03-02 08:17:07
192.241.212.225	attackbots	firewall-block, port(s): 465/tcp	2020-03-02 08:21:43
190.26.192.50	attack	Scanning random ports - tries to find possible vulnerable services	2020-03-02 08:49:05
192.241.223.249	attack	Scanning random ports - tries to find possible vulnerable services	2020-03-02 08:11:49
192.241.224.245	attackspambots	Scan or attack attempt on email service.	2020-03-02 08:09:47

最近上报的IP列表

111.75.117.194	207.255.166.144	111.21.200.185	89.112.152.138
106.57.161.135	106.6.233.225	106.6.233.94	180.1.34.46
106.6.233.24	60.188.33.171	60.19.171.21	59.62.215.107
58.252.200.228	49.86.180.211	49.84.54.209	42.119.60.83
39.66.112.134	223.240.220.135	223.166.74.104	183.150.71.240