113.121.241.30

Basic Info

City: unknown

Region: Shandong

Country: China

Internet Service Provider: ChinaNet Shandong Province Network

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbots	Unauthorized connection attempt detected from IP address 113.121.241.30 to port 3389 [T]	2020-01-12 03:28:11

Comments on same subnet:

IP	Type	Details	Datetime
113.121.241.189	attackbots	SASL broute force	2019-12-29 21:59:03
113.121.241.179	attack	Dec 5 01:23:16 esmtp postfix/smtpd[21631]: lost connection after AUTH from unknown[113.121.241.179] Dec 5 01:23:22 esmtp postfix/smtpd[21636]: lost connection after AUTH from unknown[113.121.241.179] Dec 5 01:23:25 esmtp postfix/smtpd[21555]: lost connection after AUTH from unknown[113.121.241.179] Dec 5 01:23:29 esmtp postfix/smtpd[21631]: lost connection after AUTH from unknown[113.121.241.179] Dec 5 01:23:36 esmtp postfix/smtpd[21555]: lost connection after AUTH from unknown[113.121.241.179] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=113.121.241.179	2019-12-05 22:59:15
113.121.241.100	attackspambots	2019-07-12T01:56:11.435793mail01 postfix/smtpd[25264]: warning: unknown[113.121.241.100]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 2019-07-12T01:56:18.349792mail01 postfix/smtpd[4414]: warning: unknown[113.121.241.100]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 2019-07-12T01:56:29.305165mail01 postfix/smtpd[11248]: warning: unknown[113.121.241.100]: SASL LOGIN authentication failed: UGFzc3dvcmQ6	2019-07-12 15:10:29
113.121.241.252	attack	$f2bV_matches	2019-07-10 11:27:34

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 113.121.241.30
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 48300
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;113.121.241.30.			IN	A

;; AUTHORITY SECTION:
.			567	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020011100 1800 900 604800 86400

;; Query time: 96 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Jan 12 03:28:09 CST 2020
;; MSG SIZE  rcvd: 118

Host info

Host 30.241.121.113.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 30.241.121.113.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
185.66.213.64	attackspam	Dec 6 01:30:39 mail sshd\[43284\]: Invalid user sesso from 185.66.213.64 Dec 6 01:30:39 mail sshd\[43284\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=185.66.213.64 ...	2019-12-06 14:40:44
206.189.72.217	attack	Dec 6 07:30:35 ns41 sshd[5550]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=206.189.72.217	2019-12-06 14:47:13
112.230.253.198	attackbotsspam	Dec 6 07:22:23 mail kernel: [633088.872861] [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:3d:86:ee:00:08:e3:ff:fd:90:08:00 SRC=112.230.253.198 DST=91.205.173.180 LEN=52 TOS=0x00 PREC=0x00 TTL=112 ID=12431 DF PROTO=TCP SPT=33080 DPT=3389 WINDOW=8192 RES=0x00 SYN URGP=0 Dec 6 07:22:26 mail kernel: [633091.869655] [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:3d:86:ee:00:08:e3:ff:fd:90:08:00 SRC=112.230.253.198 DST=91.205.173.180 LEN=52 TOS=0x00 PREC=0x00 TTL=112 ID=13701 DF PROTO=TCP SPT=33080 DPT=3389 WINDOW=8192 RES=0x00 SYN URGP=0 Dec 6 07:30:02 mail kernel: [633548.586485] [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:3d:86:ee:00:08:e3:ff:fd:90:08:00 SRC=112.230.253.198 DST=91.205.173.180 LEN=52 TOS=0x08 PREC=0x20 TTL=112 ID=30344 DF PROTO=TCP SPT=12626 DPT=1433 WINDOW=8192 RES=0x00 SYN URGP=0	2019-12-06 15:10:27
142.44.157.222	attackbots	Brute force attack against VPN service	2019-12-06 14:29:31
94.191.40.166	attackspam	Dec 6 07:22:50 vps691689 sshd[1636]: Failed password for root from 94.191.40.166 port 39176 ssh2 Dec 6 07:30:18 vps691689 sshd[1822]: Failed password for root from 94.191.40.166 port 45850 ssh2 ...	2019-12-06 15:01:44
150.223.0.229	attackspam	Dec 6 01:24:53 linuxvps sshd\[40616\]: Invalid user fj from 150.223.0.229 Dec 6 01:24:53 linuxvps sshd\[40616\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=150.223.0.229 Dec 6 01:24:54 linuxvps sshd\[40616\]: Failed password for invalid user fj from 150.223.0.229 port 48065 ssh2 Dec 6 01:30:18 linuxvps sshd\[43653\]: Invalid user host from 150.223.0.229 Dec 6 01:30:18 linuxvps sshd\[43653\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=150.223.0.229	2019-12-06 14:51:56
140.143.73.184	attackbotsspam	Dec 5 20:23:18 web1 sshd\[1851\]: Invalid user www from 140.143.73.184 Dec 5 20:23:18 web1 sshd\[1851\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.143.73.184 Dec 5 20:23:20 web1 sshd\[1851\]: Failed password for invalid user www from 140.143.73.184 port 51068 ssh2 Dec 5 20:30:22 web1 sshd\[2526\]: Invalid user or from 140.143.73.184 Dec 5 20:30:22 web1 sshd\[2526\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.143.73.184	2019-12-06 14:53:50
157.245.201.255	attackbotsspam	Dec 6 01:09:36 ny01 sshd[16647]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.245.201.255 Dec 6 01:09:38 ny01 sshd[16647]: Failed password for invalid user shiny from 157.245.201.255 port 36806 ssh2 Dec 6 01:15:42 ny01 sshd[17324]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.245.201.255	2019-12-06 14:21:02
49.48.52.20	attackspambots	Portscan or hack attempt detected by psad/fwsnort	2019-12-06 15:07:50
222.186.175.217	attackspambots	Dec 6 07:41:01 MK-Soft-VM5 sshd[24745]: Failed password for root from 222.186.175.217 port 18980 ssh2 Dec 6 07:41:05 MK-Soft-VM5 sshd[24745]: Failed password for root from 222.186.175.217 port 18980 ssh2 ...	2019-12-06 14:43:52
115.165.166.172	attackbotsspam	Dec 5 20:23:20 auw2 sshd\[4778\]: Invalid user server from 115.165.166.172 Dec 5 20:23:20 auw2 sshd\[4778\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=115.165.166.172 Dec 5 20:23:21 auw2 sshd\[4778\]: Failed password for invalid user server from 115.165.166.172 port 56185 ssh2 Dec 5 20:30:03 auw2 sshd\[5438\]: Invalid user test from 115.165.166.172 Dec 5 20:30:03 auw2 sshd\[5438\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=115.165.166.172	2019-12-06 14:56:28
187.174.169.110	attackbots	SSH Bruteforce attempt	2019-12-06 14:40:24
140.143.236.227	attackspam	Dec 6 07:22:52 cp sshd[30277]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.143.236.227 Dec 6 07:22:54 cp sshd[30277]: Failed password for invalid user sierra from 140.143.236.227 port 41664 ssh2 Dec 6 07:30:24 cp sshd[2118]: Failed password for www-data from 140.143.236.227 port 39588 ssh2	2019-12-06 14:53:02
51.83.69.99	attack	51.83.69.99 - - [06/Dec/2019:10:30:23 +0400] "POST /GponForm/diag_Form?style/ HTTP/1.1" 502 157 "-" "curl/7.3.2" ...	2019-12-06 15:05:44
191.6.82.244	attackspambots	" "	2019-12-06 14:48:56

Recently Reported IPs

75.166.155.151	177.41.111.181	2.125.75.125	218.68.21.45
153.1.113.66	109.100.85.241	88.12.115.37	13.112.84.152
126.60.110.186	141.1.69.123	153.170.157.235	75.58.235.103
136.50.195.178	87.165.237.24	110.242.230.226	122.166.227.27
60.202.167.154	49.76.232.34	126.135.184.83	216.248.78.8