111.231.139.133

基本信息:

城市(city): Beijing

省份(region): Beijing

国家(country): China

运营商(isp): Beijing Faster Internet Technology Co. Ltd

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Fixed Line ISP

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	MultiHost/MultiPort Probe, Scan, Hack -	2019-11-14 03:41:53

相同子网IP讨论:

IP	类型	评论内容	时间
111.231.139.30	attackbotsspam	Cowrie Honeypot: 3 unauthorised SSH/Telnet login attempts between 2020-08-21T22:31:53Z and 2020-08-21T22:37:54Z	2020-08-22 06:44:20
111.231.139.30	attackspambots	Aug 4 05:16:41 game-panel sshd[7944]: Failed password for root from 111.231.139.30 port 33537 ssh2 Aug 4 05:20:47 game-panel sshd[8072]: Failed password for root from 111.231.139.30 port 58043 ssh2	2020-08-04 16:44:30
111.231.139.30	attackbots	DATE:2020-08-02 09:20:40,IP:111.231.139.30,MATCHES:10,PORT:ssh	2020-08-02 18:14:32
111.231.139.30	attackbots	Jul 28 22:17:53 santamaria sshd\[19274\]: Invalid user alias from 111.231.139.30 Jul 28 22:17:53 santamaria sshd\[19274\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.231.139.30 Jul 28 22:17:56 santamaria sshd\[19274\]: Failed password for invalid user alias from 111.231.139.30 port 56103 ssh2 ...	2020-07-29 04:51:38
111.231.139.30	attack	Jul 20 08:29:44 hosting sshd[25731]: Invalid user rw from 111.231.139.30 port 33542 ...	2020-07-20 13:37:17
111.231.139.30	attack	Jul 11 02:27:44 Tower sshd[24650]: Connection from 111.231.139.30 port 60892 on 192.168.10.220 port 22 rdomain "" Jul 11 02:27:46 Tower sshd[24650]: Invalid user imani from 111.231.139.30 port 60892 Jul 11 02:27:46 Tower sshd[24650]: error: Could not get shadow information for NOUSER Jul 11 02:27:46 Tower sshd[24650]: Failed password for invalid user imani from 111.231.139.30 port 60892 ssh2 Jul 11 02:27:46 Tower sshd[24650]: Received disconnect from 111.231.139.30 port 60892:11: Bye Bye [preauth] Jul 11 02:27:46 Tower sshd[24650]: Disconnected from invalid user imani 111.231.139.30 port 60892 [preauth]	2020-07-11 16:54:15
111.231.139.30	attackspambots	Jul 9 13:32:54 ws22vmsma01 sshd[198340]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.231.139.30 Jul 9 13:32:56 ws22vmsma01 sshd[198340]: Failed password for invalid user view from 111.231.139.30 port 34131 ssh2 ...	2020-07-10 02:00:13
111.231.139.30	attackbotsspam	Jun 22 23:39:01 ArkNodeAT sshd\[29693\]: Invalid user deploy from 111.231.139.30 Jun 22 23:39:01 ArkNodeAT sshd\[29693\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.231.139.30 Jun 22 23:39:03 ArkNodeAT sshd\[29693\]: Failed password for invalid user deploy from 111.231.139.30 port 48585 ssh2	2020-06-23 06:07:46
111.231.139.30	attackbotsspam	Jun 10 09:55:55 h1745522 sshd[18800]: Invalid user admin from 111.231.139.30 port 42372 Jun 10 09:55:55 h1745522 sshd[18800]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.231.139.30 Jun 10 09:55:55 h1745522 sshd[18800]: Invalid user admin from 111.231.139.30 port 42372 Jun 10 09:55:57 h1745522 sshd[18800]: Failed password for invalid user admin from 111.231.139.30 port 42372 ssh2 Jun 10 09:59:31 h1745522 sshd[19003]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.231.139.30 user=root Jun 10 09:59:33 h1745522 sshd[19003]: Failed password for root from 111.231.139.30 port 38938 ssh2 Jun 10 10:03:03 h1745522 sshd[19121]: Invalid user admin from 111.231.139.30 port 35498 Jun 10 10:03:03 h1745522 sshd[19121]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.231.139.30 Jun 10 10:03:03 h1745522 sshd[19121]: Invalid user admin from 111.231.139.30 port 35498 Ju ...	2020-06-10 16:15:55
111.231.139.30	attackbotsspam	SSH bruteforce	2020-06-07 18:27:30
111.231.139.30	attackbots	Failed password for invalid user debian from 111.231.139.30 port 51780 ssh2	2020-05-30 17:45:55
111.231.139.30	attack	May 22 07:57:06 nextcloud sshd\[22005\]: Invalid user ecz from 111.231.139.30 May 22 07:57:06 nextcloud sshd\[22005\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.231.139.30 May 22 07:57:07 nextcloud sshd\[22005\]: Failed password for invalid user ecz from 111.231.139.30 port 39437 ssh2	2020-05-22 17:02:44
111.231.139.30	attack	May 3 10:29:41 scw-6657dc sshd[1987]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.231.139.30 May 3 10:29:41 scw-6657dc sshd[1987]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.231.139.30 May 3 10:29:43 scw-6657dc sshd[1987]: Failed password for invalid user bruno from 111.231.139.30 port 35033 ssh2 ...	2020-05-03 19:21:58
111.231.139.30	attackbots	SSH Brute Force	2020-04-29 12:18:04
111.231.139.30	attackspam	Invalid user joerg from 111.231.139.30 port 38050	2020-04-29 06:12:30

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 111.231.139.133
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 42230
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;111.231.139.133.		IN	A

;; AUTHORITY SECTION:
.			269	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019111301 1800 900 604800 86400

;; Query time: 96 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Nov 14 03:41:50 CST 2019
;; MSG SIZE  rcvd: 119

HOST信息:

Host 133.139.231.111.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 133.139.231.111.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
123.10.46.92	attackspam	Unauthorised access (Sep 17) SRC=123.10.46.92 LEN=40 TTL=49 ID=13239 TCP DPT=8080 WINDOW=45187 SYN	2019-09-17 22:35:28
129.204.182.170	attack	2019-09-17T15:28:34.094361lon01.zurich-datacenter.net sshd\[4890\]: Invalid user exam2 from 129.204.182.170 port 57076 2019-09-17T15:28:34.104416lon01.zurich-datacenter.net sshd\[4890\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.204.182.170 2019-09-17T15:28:36.394477lon01.zurich-datacenter.net sshd\[4890\]: Failed password for invalid user exam2 from 129.204.182.170 port 57076 ssh2 2019-09-17T15:35:47.991485lon01.zurich-datacenter.net sshd\[5048\]: Invalid user admin from 129.204.182.170 port 36556 2019-09-17T15:35:48.001059lon01.zurich-datacenter.net sshd\[5048\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.204.182.170 ...	2019-09-17 21:52:21
180.126.50.121	attackspam	Automated reporting of SSH Vulnerability scanning	2019-09-17 21:34:53
178.128.100.244	attackspam	Sep 17 15:31:06 lnxweb62 sshd[22603]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.128.100.244 Sep 17 15:31:08 lnxweb62 sshd[22603]: Failed password for invalid user test from 178.128.100.244 port 47796 ssh2 Sep 17 15:35:58 lnxweb62 sshd[25315]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.128.100.244	2019-09-17 21:40:11
193.232.45.186	attack	k+ssh-bruteforce	2019-09-17 22:05:30
54.39.44.47	attackbotsspam	Sep 17 03:30:46 auw2 sshd\[14444\]: Invalid user ubuntu from 54.39.44.47 Sep 17 03:30:46 auw2 sshd\[14444\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=biznessexperts.net Sep 17 03:30:47 auw2 sshd\[14444\]: Failed password for invalid user ubuntu from 54.39.44.47 port 51892 ssh2 Sep 17 03:35:26 auw2 sshd\[14786\]: Invalid user login from 54.39.44.47 Sep 17 03:35:26 auw2 sshd\[14786\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=biznessexperts.net	2019-09-17 22:16:13
185.176.27.114	attackbotsspam	firewall-block, port(s): 1955/tcp	2019-09-17 22:18:21
217.76.117.131	attackspambots	3389BruteforceFW21	2019-09-17 22:04:51
104.155.91.177	attackbotsspam	Sep 17 09:31:48 ny01 sshd[8206]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.155.91.177 Sep 17 09:31:49 ny01 sshd[8206]: Failed password for invalid user Mainio from 104.155.91.177 port 60984 ssh2 Sep 17 09:35:59 ny01 sshd[8973]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.155.91.177	2019-09-17 21:38:43
45.236.129.90	attack	Sep 17 15:35:02 vps01 sshd[6013]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.236.129.90 Sep 17 15:35:04 vps01 sshd[6013]: Failed password for invalid user kui from 45.236.129.90 port 55768 ssh2	2019-09-17 22:39:09
45.33.109.12	attackbotsspam	09/17/2019-10:15:22.630030 45.33.109.12 Protocol: 6 ET SCAN NMAP -sS window 1024	2019-09-17 22:22:13
111.207.49.186	attackspambots	Sep 17 14:57:04 microserver sshd[64035]: Invalid user mf from 111.207.49.186 port 59128 Sep 17 14:57:04 microserver sshd[64035]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.207.49.186 Sep 17 14:57:06 microserver sshd[64035]: Failed password for invalid user mf from 111.207.49.186 port 59128 ssh2 Sep 17 15:00:51 microserver sshd[64657]: Invalid user user from 111.207.49.186 port 34990 Sep 17 15:00:51 microserver sshd[64657]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.207.49.186 Sep 17 15:12:55 microserver sshd[996]: Invalid user deploy from 111.207.49.186 port 47646 Sep 17 15:12:55 microserver sshd[996]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.207.49.186 Sep 17 15:12:57 microserver sshd[996]: Failed password for invalid user deploy from 111.207.49.186 port 47646 ssh2 Sep 17 15:16:56 microserver sshd[1646]: Invalid user dstat from 111.207.49.186 port 51670 Sep 17 1	2019-09-17 21:48:19
41.203.76.251	attackspam	Sep 17 15:35:24 novum-srv2 sshd[8686]: Invalid user ts3 from 41.203.76.251 port 41334 Sep 17 15:35:33 novum-srv2 sshd[8690]: Invalid user judge from 41.203.76.251 port 35008 Sep 17 15:35:41 novum-srv2 sshd[8696]: Invalid user minerhub from 41.203.76.251 port 56912 ...	2019-09-17 21:57:37
96.78.222.147	attackbots	96.78.222.147 - - [17/Sep/2019:15:34:54 +0200] "GET /wp-login.php HTTP/1.1" 200 1122 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 96.78.222.147 - - [17/Sep/2019:15:34:55 +0200] "POST /wp-login.php HTTP/1.1" 200 1503 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 96.78.222.147 - - [17/Sep/2019:15:34:55 +0200] "GET /wp-login.php HTTP/1.1" 200 1122 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 96.78.222.147 - - [17/Sep/2019:15:34:56 +0200] "POST /wp-login.php HTTP/1.1" 200 1489 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 96.78.222.147 - - [17/Sep/2019:15:34:56 +0200] "GET /wp-login.php HTTP/1.1" 200 1122 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 96.78.222.147 - - [17/Sep/2019:15:34:57 +0200] "POST /wp-login.php HTTP/1.1" 200 1491 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2019-09-17 22:46:44
187.226.12.21	attackspam	Brute forcing RDP port 3389	2019-09-17 21:59:30

最近上报的IP列表

18.208.103.205	119.171.148.36	108.82.229.113	171.15.2.252
83.18.193.105	95.52.161.11	111.225.216.67	128.196.182.250
102.83.82.60	60.111.129.200	81.88.86.130	3.104.178.187
95.216.212.165	70.141.17.98	179.108.254.128	1.123.219.26
77.178.243.142	221.82.85.205	162.166.196.225	90.229.79.125