111.231.139.30

基本信息:

城市(city): Beijing

省份(region): Beijing

国家(country): China

运营商(isp): Tencent Cloud Computing (Beijing) Co. Ltd.

主机名(hostname): unknown

机构(organization): Shenzhen Tencent Computer Systems Company Limited

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbotsspam	Cowrie Honeypot: 3 unauthorised SSH/Telnet login attempts between 2020-08-21T22:31:53Z and 2020-08-21T22:37:54Z	2020-08-22 06:44:20
attackspambots	Aug 4 05:16:41 game-panel sshd[7944]: Failed password for root from 111.231.139.30 port 33537 ssh2 Aug 4 05:20:47 game-panel sshd[8072]: Failed password for root from 111.231.139.30 port 58043 ssh2	2020-08-04 16:44:30
attackbots	DATE:2020-08-02 09:20:40,IP:111.231.139.30,MATCHES:10,PORT:ssh	2020-08-02 18:14:32
attackbots	Jul 28 22:17:53 santamaria sshd\[19274\]: Invalid user alias from 111.231.139.30 Jul 28 22:17:53 santamaria sshd\[19274\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.231.139.30 Jul 28 22:17:56 santamaria sshd\[19274\]: Failed password for invalid user alias from 111.231.139.30 port 56103 ssh2 ...	2020-07-29 04:51:38
attack	Jul 20 08:29:44 hosting sshd[25731]: Invalid user rw from 111.231.139.30 port 33542 ...	2020-07-20 13:37:17
attack	Jul 11 02:27:44 Tower sshd[24650]: Connection from 111.231.139.30 port 60892 on 192.168.10.220 port 22 rdomain "" Jul 11 02:27:46 Tower sshd[24650]: Invalid user imani from 111.231.139.30 port 60892 Jul 11 02:27:46 Tower sshd[24650]: error: Could not get shadow information for NOUSER Jul 11 02:27:46 Tower sshd[24650]: Failed password for invalid user imani from 111.231.139.30 port 60892 ssh2 Jul 11 02:27:46 Tower sshd[24650]: Received disconnect from 111.231.139.30 port 60892:11: Bye Bye [preauth] Jul 11 02:27:46 Tower sshd[24650]: Disconnected from invalid user imani 111.231.139.30 port 60892 [preauth]	2020-07-11 16:54:15
attackspambots	Jul 9 13:32:54 ws22vmsma01 sshd[198340]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.231.139.30 Jul 9 13:32:56 ws22vmsma01 sshd[198340]: Failed password for invalid user view from 111.231.139.30 port 34131 ssh2 ...	2020-07-10 02:00:13
attackbotsspam	Jun 22 23:39:01 ArkNodeAT sshd\[29693\]: Invalid user deploy from 111.231.139.30 Jun 22 23:39:01 ArkNodeAT sshd\[29693\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.231.139.30 Jun 22 23:39:03 ArkNodeAT sshd\[29693\]: Failed password for invalid user deploy from 111.231.139.30 port 48585 ssh2	2020-06-23 06:07:46
attackbotsspam	Jun 10 09:55:55 h1745522 sshd[18800]: Invalid user admin from 111.231.139.30 port 42372 Jun 10 09:55:55 h1745522 sshd[18800]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.231.139.30 Jun 10 09:55:55 h1745522 sshd[18800]: Invalid user admin from 111.231.139.30 port 42372 Jun 10 09:55:57 h1745522 sshd[18800]: Failed password for invalid user admin from 111.231.139.30 port 42372 ssh2 Jun 10 09:59:31 h1745522 sshd[19003]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.231.139.30 user=root Jun 10 09:59:33 h1745522 sshd[19003]: Failed password for root from 111.231.139.30 port 38938 ssh2 Jun 10 10:03:03 h1745522 sshd[19121]: Invalid user admin from 111.231.139.30 port 35498 Jun 10 10:03:03 h1745522 sshd[19121]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.231.139.30 Jun 10 10:03:03 h1745522 sshd[19121]: Invalid user admin from 111.231.139.30 port 35498 Ju ...	2020-06-10 16:15:55
attackbotsspam	SSH bruteforce	2020-06-07 18:27:30
attackbots	Failed password for invalid user debian from 111.231.139.30 port 51780 ssh2	2020-05-30 17:45:55
attack	May 22 07:57:06 nextcloud sshd\[22005\]: Invalid user ecz from 111.231.139.30 May 22 07:57:06 nextcloud sshd\[22005\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.231.139.30 May 22 07:57:07 nextcloud sshd\[22005\]: Failed password for invalid user ecz from 111.231.139.30 port 39437 ssh2	2020-05-22 17:02:44
attack	May 3 10:29:41 scw-6657dc sshd[1987]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.231.139.30 May 3 10:29:41 scw-6657dc sshd[1987]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.231.139.30 May 3 10:29:43 scw-6657dc sshd[1987]: Failed password for invalid user bruno from 111.231.139.30 port 35033 ssh2 ...	2020-05-03 19:21:58
attackbots	SSH Brute Force	2020-04-29 12:18:04
attackspam	Invalid user joerg from 111.231.139.30 port 38050	2020-04-29 06:12:30
attack	Fail2Ban - SSH Bruteforce Attempt	2020-04-26 04:10:49
attackspambots	Brute-force attempt banned	2020-03-28 01:04:30
attackspambots	Mar 27 05:56:01 gw1 sshd[21937]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.231.139.30 Mar 27 05:56:04 gw1 sshd[21937]: Failed password for invalid user tcu from 111.231.139.30 port 45412 ssh2 ...	2020-03-27 09:46:27
attack	B: Abusive ssh attack	2020-03-21 03:34:54
attackbots	Mar 12 07:41:34 DAAP sshd[13875]: Invalid user starmade from 111.231.139.30 port 44472 Mar 12 07:41:34 DAAP sshd[13875]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.231.139.30 Mar 12 07:41:34 DAAP sshd[13875]: Invalid user starmade from 111.231.139.30 port 44472 Mar 12 07:41:36 DAAP sshd[13875]: Failed password for invalid user starmade from 111.231.139.30 port 44472 ssh2 Mar 12 07:47:16 DAAP sshd[13930]: Invalid user admin from 111.231.139.30 port 38655 ...	2020-03-12 15:29:42
attackbots	Mar 10 00:14:22 v22018076622670303 sshd\[26529\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.231.139.30 user=root Mar 10 00:14:24 v22018076622670303 sshd\[26529\]: Failed password for root from 111.231.139.30 port 56972 ssh2 Mar 10 00:21:12 v22018076622670303 sshd\[26646\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.231.139.30 user=root ...	2020-03-10 08:16:41
attackspambots	Mar 8 10:28:22 vps647732 sshd[11701]: Failed password for root from 111.231.139.30 port 43443 ssh2 Mar 8 10:34:21 vps647732 sshd[11852]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.231.139.30 ...	2020-03-08 17:44:11
attackspam	Feb 19 05:25:33 php1 sshd\[10582\]: Invalid user confluence from 111.231.139.30 Feb 19 05:25:33 php1 sshd\[10582\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.231.139.30 Feb 19 05:25:35 php1 sshd\[10582\]: Failed password for invalid user confluence from 111.231.139.30 port 38506 ssh2 Feb 19 05:31:23 php1 sshd\[11779\]: Invalid user postgres from 111.231.139.30 Feb 19 05:31:23 php1 sshd\[11779\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.231.139.30	2020-02-20 00:17:46
attack	Feb 2 06:07:18 srv01 sshd[31794]: Invalid user oracles from 111.231.139.30 port 54720 Feb 2 06:07:18 srv01 sshd[31794]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.231.139.30 Feb 2 06:07:18 srv01 sshd[31794]: Invalid user oracles from 111.231.139.30 port 54720 Feb 2 06:07:20 srv01 sshd[31794]: Failed password for invalid user oracles from 111.231.139.30 port 54720 ssh2 Feb 2 06:10:48 srv01 sshd[32103]: Invalid user test from 111.231.139.30 port 37542 ...	2020-02-02 16:42:37
attackbots	Jan 30 14:11:31 game-panel sshd[14410]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.231.139.30 Jan 30 14:11:33 game-panel sshd[14410]: Failed password for invalid user ovi from 111.231.139.30 port 59287 ssh2 Jan 30 14:15:51 game-panel sshd[14641]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.231.139.30	2020-01-30 22:16:39
attack	Jan 23 09:36:34 lnxmail61 sshd[1775]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.231.139.30	2020-01-23 17:24:15
attackspambots	Jan 13 16:15:55 vmanager6029 sshd\[1769\]: Invalid user test from 111.231.139.30 port 51455 Jan 13 16:15:55 vmanager6029 sshd\[1769\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.231.139.30 Jan 13 16:15:57 vmanager6029 sshd\[1769\]: Failed password for invalid user test from 111.231.139.30 port 51455 ssh2	2020-01-14 00:04:23
attack	Dec 28 09:02:17 dedicated sshd[4663]: Invalid user cccccc from 111.231.139.30 port 39644	2019-12-28 16:43:31
attackbotsspam	Dec 16 00:49:29 vps691689 sshd[31361]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.231.139.30 Dec 16 00:49:30 vps691689 sshd[31361]: Failed password for invalid user spurway from 111.231.139.30 port 37194 ssh2 ...	2019-12-16 08:10:28
attackbots	Dec 14 07:21:28 minden010 sshd[22805]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.231.139.30 Dec 14 07:21:30 minden010 sshd[22805]: Failed password for invalid user crangle from 111.231.139.30 port 48665 ssh2 Dec 14 07:29:00 minden010 sshd[24397]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.231.139.30 ...	2019-12-14 15:36:40

相同子网IP讨论:

IP	类型	评论内容	时间
111.231.139.133	attack	MultiHost/MultiPort Probe, Scan, Hack -	2019-11-14 03:41:53

WHOIS信息:

DIG信息:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 111.231.139.30
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 2385
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;111.231.139.30.			IN	A

;; AUTHORITY SECTION:
.			3173	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019032901 1800 900 604800 86400

;; Query time: 0 msec
;; SERVER: 67.207.67.3#53(67.207.67.3)
;; WHEN: Sat Mar 30 12:54:39 +08 2019
;; MSG SIZE  rcvd: 118

HOST信息:

Host 30.139.231.111.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		67.207.67.3
Address:	67.207.67.3#53

** server can't find 30.139.231.111.in-addr.arpa: NXDOMAIN

IP	类型	评论内容	时间
218.92.0.133	attackspambots	Oct 5 10:59:56 ny01 sshd[21807]: Failed password for root from 218.92.0.133 port 33219 ssh2 Oct 5 10:59:59 ny01 sshd[21807]: Failed password for root from 218.92.0.133 port 33219 ssh2 Oct 5 11:00:02 ny01 sshd[21807]: Failed password for root from 218.92.0.133 port 33219 ssh2 Oct 5 11:00:05 ny01 sshd[21807]: Failed password for root from 218.92.0.133 port 33219 ssh2	2020-10-05 23:18:29
91.93.1.204	attackbots	445/tcp 445/tcp [2020-10-04]2pkt	2020-10-05 22:59:38
111.240.120.49	attack	TCP (SYN) 111.240.120.49:62627 -> port 445, len 52	2020-10-05 22:45:24
61.230.4.152	attackspam	445/tcp 445/tcp [2020-10-04]2pkt	2020-10-05 23:19:41
124.193.142.2	attack	sshd: Failed password for .... from 124.193.142.2 port 43194 ssh2 (2 attempts)	2020-10-05 23:15:57
162.243.128.160	attack	Port scan denied	2020-10-05 23:20:54
112.85.42.238	attackbots	Oct 5 16:11:18 router sshd[7857]: Failed password for root from 112.85.42.238 port 62357 ssh2 Oct 5 16:12:18 router sshd[7859]: Failed password for root from 112.85.42.238 port 42569 ssh2 ...	2020-10-05 23:11:05
185.200.118.42	attackbotsspam	scans once in preceeding hours on the ports (in chronological order) 1194 resulting in total of 5 scans from 185.200.118.0/24 block.	2020-10-05 23:19:09
106.13.47.6	attackbots	2020-10-05T08:29:13.399774randservbullet-proofcloud-66.localdomain sshd[30320]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.47.6 user=root 2020-10-05T08:29:15.596777randservbullet-proofcloud-66.localdomain sshd[30320]: Failed password for root from 106.13.47.6 port 33816 ssh2 2020-10-05T08:32:44.715852randservbullet-proofcloud-66.localdomain sshd[30341]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.47.6 user=root 2020-10-05T08:32:47.213717randservbullet-proofcloud-66.localdomain sshd[30341]: Failed password for root from 106.13.47.6 port 42472 ssh2 ...	2020-10-05 22:41:42
140.143.195.181	attack	Connection to SSH Honeypot - Detected by HoneypotDB	2020-10-05 23:02:02
86.123.15.121	attack	5555/tcp [2020-10-04]1pkt	2020-10-05 23:15:16
138.68.80.235	attack	138.68.80.235 - - [05/Oct/2020:07:51:33 -0700] "GET /wp-login.php HTTP/1.1" 301 561 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-10-05 22:52:10
195.223.211.242	attackspambots	Oct 5 14:02:29 buvik sshd[27176]: Failed password for root from 195.223.211.242 port 50262 ssh2 Oct 5 14:04:20 buvik sshd[27411]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=195.223.211.242 user=root Oct 5 14:04:21 buvik sshd[27411]: Failed password for root from 195.223.211.242 port 50512 ssh2 ...	2020-10-05 23:14:36
178.164.190.69	attackspam	5555/tcp [2020-10-04]1pkt	2020-10-05 22:40:42
59.92.215.45	attackbotsspam	Port probing on unauthorized port 23	2020-10-05 22:47:20

最近上报的IP列表

125.133.65.195	91.121.179.17	79.133.193.4	61.72.254.71
122.227.185.101	118.24.11.71	113.161.66.214	112.245.187.225
106.12.96.92	45.163.196.223	5.188.206.198	177.79.70.212
186.243.121.4	78.38.30.194	5.154.13.14	217.174.254.186
196.52.43.124	159.65.136.194	107.196.101.128	62.232.219.175