111.231.139.30

基本信息:

城市(city): Beijing

省份(region): Beijing

国家(country): China

运营商(isp): Tencent Cloud Computing (Beijing) Co. Ltd.

主机名(hostname): unknown

机构(organization): Shenzhen Tencent Computer Systems Company Limited

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbotsspam	Cowrie Honeypot: 3 unauthorised SSH/Telnet login attempts between 2020-08-21T22:31:53Z and 2020-08-21T22:37:54Z	2020-08-22 06:44:20
attackspambots	Aug 4 05:16:41 game-panel sshd[7944]: Failed password for root from 111.231.139.30 port 33537 ssh2 Aug 4 05:20:47 game-panel sshd[8072]: Failed password for root from 111.231.139.30 port 58043 ssh2	2020-08-04 16:44:30
attackbots	DATE:2020-08-02 09:20:40,IP:111.231.139.30,MATCHES:10,PORT:ssh	2020-08-02 18:14:32
attackbots	Jul 28 22:17:53 santamaria sshd\[19274\]: Invalid user alias from 111.231.139.30 Jul 28 22:17:53 santamaria sshd\[19274\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.231.139.30 Jul 28 22:17:56 santamaria sshd\[19274\]: Failed password for invalid user alias from 111.231.139.30 port 56103 ssh2 ...	2020-07-29 04:51:38
attack	Jul 20 08:29:44 hosting sshd[25731]: Invalid user rw from 111.231.139.30 port 33542 ...	2020-07-20 13:37:17
attack	Jul 11 02:27:44 Tower sshd[24650]: Connection from 111.231.139.30 port 60892 on 192.168.10.220 port 22 rdomain "" Jul 11 02:27:46 Tower sshd[24650]: Invalid user imani from 111.231.139.30 port 60892 Jul 11 02:27:46 Tower sshd[24650]: error: Could not get shadow information for NOUSER Jul 11 02:27:46 Tower sshd[24650]: Failed password for invalid user imani from 111.231.139.30 port 60892 ssh2 Jul 11 02:27:46 Tower sshd[24650]: Received disconnect from 111.231.139.30 port 60892:11: Bye Bye [preauth] Jul 11 02:27:46 Tower sshd[24650]: Disconnected from invalid user imani 111.231.139.30 port 60892 [preauth]	2020-07-11 16:54:15
attackspambots	Jul 9 13:32:54 ws22vmsma01 sshd[198340]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.231.139.30 Jul 9 13:32:56 ws22vmsma01 sshd[198340]: Failed password for invalid user view from 111.231.139.30 port 34131 ssh2 ...	2020-07-10 02:00:13
attackbotsspam	Jun 22 23:39:01 ArkNodeAT sshd\[29693\]: Invalid user deploy from 111.231.139.30 Jun 22 23:39:01 ArkNodeAT sshd\[29693\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.231.139.30 Jun 22 23:39:03 ArkNodeAT sshd\[29693\]: Failed password for invalid user deploy from 111.231.139.30 port 48585 ssh2	2020-06-23 06:07:46
attackbotsspam	Jun 10 09:55:55 h1745522 sshd[18800]: Invalid user admin from 111.231.139.30 port 42372 Jun 10 09:55:55 h1745522 sshd[18800]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.231.139.30 Jun 10 09:55:55 h1745522 sshd[18800]: Invalid user admin from 111.231.139.30 port 42372 Jun 10 09:55:57 h1745522 sshd[18800]: Failed password for invalid user admin from 111.231.139.30 port 42372 ssh2 Jun 10 09:59:31 h1745522 sshd[19003]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.231.139.30 user=root Jun 10 09:59:33 h1745522 sshd[19003]: Failed password for root from 111.231.139.30 port 38938 ssh2 Jun 10 10:03:03 h1745522 sshd[19121]: Invalid user admin from 111.231.139.30 port 35498 Jun 10 10:03:03 h1745522 sshd[19121]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.231.139.30 Jun 10 10:03:03 h1745522 sshd[19121]: Invalid user admin from 111.231.139.30 port 35498 Ju ...	2020-06-10 16:15:55
attackbotsspam	SSH bruteforce	2020-06-07 18:27:30
attackbots	Failed password for invalid user debian from 111.231.139.30 port 51780 ssh2	2020-05-30 17:45:55
attack	May 22 07:57:06 nextcloud sshd\[22005\]: Invalid user ecz from 111.231.139.30 May 22 07:57:06 nextcloud sshd\[22005\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.231.139.30 May 22 07:57:07 nextcloud sshd\[22005\]: Failed password for invalid user ecz from 111.231.139.30 port 39437 ssh2	2020-05-22 17:02:44
attack	May 3 10:29:41 scw-6657dc sshd[1987]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.231.139.30 May 3 10:29:41 scw-6657dc sshd[1987]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.231.139.30 May 3 10:29:43 scw-6657dc sshd[1987]: Failed password for invalid user bruno from 111.231.139.30 port 35033 ssh2 ...	2020-05-03 19:21:58
attackbots	SSH Brute Force	2020-04-29 12:18:04
attackspam	Invalid user joerg from 111.231.139.30 port 38050	2020-04-29 06:12:30
attack	Fail2Ban - SSH Bruteforce Attempt	2020-04-26 04:10:49
attackspambots	Brute-force attempt banned	2020-03-28 01:04:30
attackspambots	Mar 27 05:56:01 gw1 sshd[21937]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.231.139.30 Mar 27 05:56:04 gw1 sshd[21937]: Failed password for invalid user tcu from 111.231.139.30 port 45412 ssh2 ...	2020-03-27 09:46:27
attack	B: Abusive ssh attack	2020-03-21 03:34:54
attackbots	Mar 12 07:41:34 DAAP sshd[13875]: Invalid user starmade from 111.231.139.30 port 44472 Mar 12 07:41:34 DAAP sshd[13875]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.231.139.30 Mar 12 07:41:34 DAAP sshd[13875]: Invalid user starmade from 111.231.139.30 port 44472 Mar 12 07:41:36 DAAP sshd[13875]: Failed password for invalid user starmade from 111.231.139.30 port 44472 ssh2 Mar 12 07:47:16 DAAP sshd[13930]: Invalid user admin from 111.231.139.30 port 38655 ...	2020-03-12 15:29:42
attackbots	Mar 10 00:14:22 v22018076622670303 sshd\[26529\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.231.139.30 user=root Mar 10 00:14:24 v22018076622670303 sshd\[26529\]: Failed password for root from 111.231.139.30 port 56972 ssh2 Mar 10 00:21:12 v22018076622670303 sshd\[26646\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.231.139.30 user=root ...	2020-03-10 08:16:41
attackspambots	Mar 8 10:28:22 vps647732 sshd[11701]: Failed password for root from 111.231.139.30 port 43443 ssh2 Mar 8 10:34:21 vps647732 sshd[11852]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.231.139.30 ...	2020-03-08 17:44:11
attackspam	Feb 19 05:25:33 php1 sshd\[10582\]: Invalid user confluence from 111.231.139.30 Feb 19 05:25:33 php1 sshd\[10582\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.231.139.30 Feb 19 05:25:35 php1 sshd\[10582\]: Failed password for invalid user confluence from 111.231.139.30 port 38506 ssh2 Feb 19 05:31:23 php1 sshd\[11779\]: Invalid user postgres from 111.231.139.30 Feb 19 05:31:23 php1 sshd\[11779\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.231.139.30	2020-02-20 00:17:46
attack	Feb 2 06:07:18 srv01 sshd[31794]: Invalid user oracles from 111.231.139.30 port 54720 Feb 2 06:07:18 srv01 sshd[31794]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.231.139.30 Feb 2 06:07:18 srv01 sshd[31794]: Invalid user oracles from 111.231.139.30 port 54720 Feb 2 06:07:20 srv01 sshd[31794]: Failed password for invalid user oracles from 111.231.139.30 port 54720 ssh2 Feb 2 06:10:48 srv01 sshd[32103]: Invalid user test from 111.231.139.30 port 37542 ...	2020-02-02 16:42:37
attackbots	Jan 30 14:11:31 game-panel sshd[14410]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.231.139.30 Jan 30 14:11:33 game-panel sshd[14410]: Failed password for invalid user ovi from 111.231.139.30 port 59287 ssh2 Jan 30 14:15:51 game-panel sshd[14641]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.231.139.30	2020-01-30 22:16:39
attack	Jan 23 09:36:34 lnxmail61 sshd[1775]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.231.139.30	2020-01-23 17:24:15
attackspambots	Jan 13 16:15:55 vmanager6029 sshd\[1769\]: Invalid user test from 111.231.139.30 port 51455 Jan 13 16:15:55 vmanager6029 sshd\[1769\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.231.139.30 Jan 13 16:15:57 vmanager6029 sshd\[1769\]: Failed password for invalid user test from 111.231.139.30 port 51455 ssh2	2020-01-14 00:04:23
attack	Dec 28 09:02:17 dedicated sshd[4663]: Invalid user cccccc from 111.231.139.30 port 39644	2019-12-28 16:43:31
attackbotsspam	Dec 16 00:49:29 vps691689 sshd[31361]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.231.139.30 Dec 16 00:49:30 vps691689 sshd[31361]: Failed password for invalid user spurway from 111.231.139.30 port 37194 ssh2 ...	2019-12-16 08:10:28
attackbots	Dec 14 07:21:28 minden010 sshd[22805]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.231.139.30 Dec 14 07:21:30 minden010 sshd[22805]: Failed password for invalid user crangle from 111.231.139.30 port 48665 ssh2 Dec 14 07:29:00 minden010 sshd[24397]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.231.139.30 ...	2019-12-14 15:36:40

相同子网IP讨论:

IP	类型	评论内容	时间
111.231.139.133	attack	MultiHost/MultiPort Probe, Scan, Hack -	2019-11-14 03:41:53

WHOIS信息:

DIG信息:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 111.231.139.30
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 2385
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;111.231.139.30.			IN	A

;; AUTHORITY SECTION:
.			3173	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019032901 1800 900 604800 86400

;; Query time: 0 msec
;; SERVER: 67.207.67.3#53(67.207.67.3)
;; WHEN: Sat Mar 30 12:54:39 +08 2019
;; MSG SIZE  rcvd: 118

HOST信息:

Host 30.139.231.111.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		67.207.67.3
Address:	67.207.67.3#53

** server can't find 30.139.231.111.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
203.112.223.54	attackbots	23.11.2019 07:27:43 - RDP Login Fail Detected by https://www.elinox.de/RDP-Wächter	2019-11-23 16:36:30
103.90.156.234	attackspambots	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/103.90.156.234/ IN - 1H : (46) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : IN NAME ASN : ASN136364 IP : 103.90.156.234 CIDR : 103.90.156.0/24 PREFIX COUNT : 4 UNIQUE IP COUNT : 1024 ATTACKS DETECTED ASN136364 : 1H - 1 3H - 1 6H - 1 12H - 1 24H - 1 DateTime : 2019-11-23 07:27:06 INFO : Port Scan TELNET Detected and Blocked by ADMIN - data recovery	2019-11-23 16:56:55
221.204.170.238	attackbots	Nov 23 09:39:08 server sshd\[14026\]: Invalid user pal from 221.204.170.238 Nov 23 09:39:08 server sshd\[14026\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=221.204.170.238 Nov 23 09:39:10 server sshd\[14026\]: Failed password for invalid user pal from 221.204.170.238 port 47526 ssh2 Nov 23 09:52:02 server sshd\[17425\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=221.204.170.238 user=root Nov 23 09:52:03 server sshd\[17425\]: Failed password for root from 221.204.170.238 port 59029 ssh2 ...	2019-11-23 17:14:46
176.10.250.50	attackspambots	Lines containing failures of 176.10.250.50 Nov 20 21:54:08 dns01 sshd[19784]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=176.10.250.50 user=r.r Nov 20 21:54:11 dns01 sshd[19784]: Failed password for r.r from 176.10.250.50 port 44894 ssh2 Nov 20 21:54:11 dns01 sshd[19784]: Received disconnect from 176.10.250.50 port 44894:11: Bye Bye [preauth] Nov 20 21:54:11 dns01 sshd[19784]: Disconnected from authenticating user r.r 176.10.250.50 port 44894 [preauth] Nov 20 22:17:05 dns01 sshd[24403]: Invalid user zulmarie from 176.10.250.50 port 49692 Nov 20 22:17:05 dns01 sshd[24403]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=176.10.250.50 Nov 20 22:17:07 dns01 sshd[24403]: Failed password for invalid user zulmarie from 176.10.250.50 port 49692 ssh2 Nov 20 22:17:07 dns01 sshd[24403]: Received disconnect from 176.10.250.50 port 49692:11: Bye Bye [preauth] Nov 20 22:17:07 dns01 sshd[24403]: Disc........ ------------------------------	2019-11-23 16:54:07
78.128.113.123	attackspam	Nov 23 09:34:00 mail postfix/smtpd[14161]: warning: unknown[78.128.113.123]: SASL PLAIN authentication failed: Nov 23 09:34:07 mail postfix/smtpd[14161]: warning: unknown[78.128.113.123]: SASL PLAIN authentication failed: Nov 23 09:34:10 mail postfix/smtpd[15126]: warning: unknown[78.128.113.123]: SASL PLAIN authentication failed:	2019-11-23 16:43:35
138.94.112.14	attackbots	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/138.94.112.14/ BR - 1H : (152) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : BR NAME ASN : ASN52866 IP : 138.94.112.14 CIDR : 138.94.112.0/22 PREFIX COUNT : 7 UNIQUE IP COUNT : 5120 ATTACKS DETECTED ASN52866 : 1H - 1 3H - 1 6H - 1 12H - 1 24H - 1 DateTime : 2019-11-23 07:26:41 INFO : Port Scan TELNET Detected and Blocked by ADMIN - data recovery	2019-11-23 17:13:11
167.114.113.173	attack	$f2bV_matches	2019-11-23 17:12:43
171.232.248.89	attackspambots	2019-11-23T10:06:33.163937struts4.enskede.local sshd\[10864\]: Invalid user support from 171.232.248.89 port 17794 2019-11-23T10:06:36.160107struts4.enskede.local sshd\[10864\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=171.232.248.89 2019-11-23T10:06:39.514714struts4.enskede.local sshd\[10864\]: Failed password for invalid user support from 171.232.248.89 port 17794 ssh2 2019-11-23T10:07:39.284150struts4.enskede.local sshd\[10882\]: Invalid user admin from 171.232.248.89 port 45474 2019-11-23T10:07:39.572927struts4.enskede.local sshd\[10882\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=171.232.248.89 ...	2019-11-23 17:12:16
112.85.42.87	attackbots	Nov 22 22:43:42 sachi sshd\[29217\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.87 user=root Nov 22 22:43:44 sachi sshd\[29217\]: Failed password for root from 112.85.42.87 port 55250 ssh2 Nov 22 22:44:24 sachi sshd\[29260\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.87 user=root Nov 22 22:44:26 sachi sshd\[29260\]: Failed password for root from 112.85.42.87 port 41401 ssh2 Nov 22 22:45:05 sachi sshd\[29310\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.87 user=root	2019-11-23 16:50:07
87.236.95.206	attackspam	Lines containing failures of 87.236.95.206 Nov 21 00:29:20 own sshd[6384]: Invalid user test from 87.236.95.206 port 35865 Nov 21 00:29:20 own sshd[6384]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=87.236.95.206 Nov 21 00:29:22 own sshd[6384]: Failed password for invalid user test from 87.236.95.206 port 35865 ssh2 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=87.236.95.206	2019-11-23 17:00:47
62.173.149.58	attack	Nov 23 09:47:32 vps691689 sshd[12989]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=62.173.149.58 Nov 23 09:47:34 vps691689 sshd[12989]: Failed password for invalid user guest from 62.173.149.58 port 43852 ssh2 ...	2019-11-23 17:11:50
203.129.207.2	attackspambots	$f2bV_matches	2019-11-23 17:16:30
1.245.61.144	attackbotsspam	Nov 23 13:36:45 gw1 sshd[8357]: Failed password for root from 1.245.61.144 port 40612 ssh2 ...	2019-11-23 16:52:09
178.128.112.98	attackbots	Nov 23 09:07:11 XXX sshd[14267]: Invalid user ofsaa from 178.128.112.98 port 51403	2019-11-23 17:17:01
117.50.49.57	attackbots	Invalid user jira from 117.50.49.57 port 57732	2019-11-23 17:04:23

最近上报的IP列表

125.133.65.195	91.121.179.17	79.133.193.4	61.72.254.71
122.227.185.101	118.24.11.71	113.161.66.214	112.245.187.225
106.12.96.92	45.163.196.223	5.188.206.198	177.79.70.212
186.243.121.4	78.38.30.194	5.154.13.14	217.174.254.186
196.52.43.124	159.65.136.194	107.196.101.128	62.232.219.175