111.231.139.30

基本信息:

城市(city): Beijing

省份(region): Beijing

国家(country): China

运营商(isp): Tencent Cloud Computing (Beijing) Co. Ltd.

主机名(hostname): unknown

机构(organization): Shenzhen Tencent Computer Systems Company Limited

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbotsspam	Cowrie Honeypot: 3 unauthorised SSH/Telnet login attempts between 2020-08-21T22:31:53Z and 2020-08-21T22:37:54Z	2020-08-22 06:44:20
attackspambots	Aug 4 05:16:41 game-panel sshd[7944]: Failed password for root from 111.231.139.30 port 33537 ssh2 Aug 4 05:20:47 game-panel sshd[8072]: Failed password for root from 111.231.139.30 port 58043 ssh2	2020-08-04 16:44:30
attackbots	DATE:2020-08-02 09:20:40,IP:111.231.139.30,MATCHES:10,PORT:ssh	2020-08-02 18:14:32
attackbots	Jul 28 22:17:53 santamaria sshd\[19274\]: Invalid user alias from 111.231.139.30 Jul 28 22:17:53 santamaria sshd\[19274\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.231.139.30 Jul 28 22:17:56 santamaria sshd\[19274\]: Failed password for invalid user alias from 111.231.139.30 port 56103 ssh2 ...	2020-07-29 04:51:38
attack	Jul 20 08:29:44 hosting sshd[25731]: Invalid user rw from 111.231.139.30 port 33542 ...	2020-07-20 13:37:17
attack	Jul 11 02:27:44 Tower sshd[24650]: Connection from 111.231.139.30 port 60892 on 192.168.10.220 port 22 rdomain "" Jul 11 02:27:46 Tower sshd[24650]: Invalid user imani from 111.231.139.30 port 60892 Jul 11 02:27:46 Tower sshd[24650]: error: Could not get shadow information for NOUSER Jul 11 02:27:46 Tower sshd[24650]: Failed password for invalid user imani from 111.231.139.30 port 60892 ssh2 Jul 11 02:27:46 Tower sshd[24650]: Received disconnect from 111.231.139.30 port 60892:11: Bye Bye [preauth] Jul 11 02:27:46 Tower sshd[24650]: Disconnected from invalid user imani 111.231.139.30 port 60892 [preauth]	2020-07-11 16:54:15
attackspambots	Jul 9 13:32:54 ws22vmsma01 sshd[198340]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.231.139.30 Jul 9 13:32:56 ws22vmsma01 sshd[198340]: Failed password for invalid user view from 111.231.139.30 port 34131 ssh2 ...	2020-07-10 02:00:13
attackbotsspam	Jun 22 23:39:01 ArkNodeAT sshd\[29693\]: Invalid user deploy from 111.231.139.30 Jun 22 23:39:01 ArkNodeAT sshd\[29693\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.231.139.30 Jun 22 23:39:03 ArkNodeAT sshd\[29693\]: Failed password for invalid user deploy from 111.231.139.30 port 48585 ssh2	2020-06-23 06:07:46
attackbotsspam	Jun 10 09:55:55 h1745522 sshd[18800]: Invalid user admin from 111.231.139.30 port 42372 Jun 10 09:55:55 h1745522 sshd[18800]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.231.139.30 Jun 10 09:55:55 h1745522 sshd[18800]: Invalid user admin from 111.231.139.30 port 42372 Jun 10 09:55:57 h1745522 sshd[18800]: Failed password for invalid user admin from 111.231.139.30 port 42372 ssh2 Jun 10 09:59:31 h1745522 sshd[19003]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.231.139.30 user=root Jun 10 09:59:33 h1745522 sshd[19003]: Failed password for root from 111.231.139.30 port 38938 ssh2 Jun 10 10:03:03 h1745522 sshd[19121]: Invalid user admin from 111.231.139.30 port 35498 Jun 10 10:03:03 h1745522 sshd[19121]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.231.139.30 Jun 10 10:03:03 h1745522 sshd[19121]: Invalid user admin from 111.231.139.30 port 35498 Ju ...	2020-06-10 16:15:55
attackbotsspam	SSH bruteforce	2020-06-07 18:27:30
attackbots	Failed password for invalid user debian from 111.231.139.30 port 51780 ssh2	2020-05-30 17:45:55
attack	May 22 07:57:06 nextcloud sshd\[22005\]: Invalid user ecz from 111.231.139.30 May 22 07:57:06 nextcloud sshd\[22005\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.231.139.30 May 22 07:57:07 nextcloud sshd\[22005\]: Failed password for invalid user ecz from 111.231.139.30 port 39437 ssh2	2020-05-22 17:02:44
attack	May 3 10:29:41 scw-6657dc sshd[1987]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.231.139.30 May 3 10:29:41 scw-6657dc sshd[1987]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.231.139.30 May 3 10:29:43 scw-6657dc sshd[1987]: Failed password for invalid user bruno from 111.231.139.30 port 35033 ssh2 ...	2020-05-03 19:21:58
attackbots	SSH Brute Force	2020-04-29 12:18:04
attackspam	Invalid user joerg from 111.231.139.30 port 38050	2020-04-29 06:12:30
attack	Fail2Ban - SSH Bruteforce Attempt	2020-04-26 04:10:49
attackspambots	Brute-force attempt banned	2020-03-28 01:04:30
attackspambots	Mar 27 05:56:01 gw1 sshd[21937]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.231.139.30 Mar 27 05:56:04 gw1 sshd[21937]: Failed password for invalid user tcu from 111.231.139.30 port 45412 ssh2 ...	2020-03-27 09:46:27
attack	B: Abusive ssh attack	2020-03-21 03:34:54
attackbots	Mar 12 07:41:34 DAAP sshd[13875]: Invalid user starmade from 111.231.139.30 port 44472 Mar 12 07:41:34 DAAP sshd[13875]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.231.139.30 Mar 12 07:41:34 DAAP sshd[13875]: Invalid user starmade from 111.231.139.30 port 44472 Mar 12 07:41:36 DAAP sshd[13875]: Failed password for invalid user starmade from 111.231.139.30 port 44472 ssh2 Mar 12 07:47:16 DAAP sshd[13930]: Invalid user admin from 111.231.139.30 port 38655 ...	2020-03-12 15:29:42
attackbots	Mar 10 00:14:22 v22018076622670303 sshd\[26529\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.231.139.30 user=root Mar 10 00:14:24 v22018076622670303 sshd\[26529\]: Failed password for root from 111.231.139.30 port 56972 ssh2 Mar 10 00:21:12 v22018076622670303 sshd\[26646\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.231.139.30 user=root ...	2020-03-10 08:16:41
attackspambots	Mar 8 10:28:22 vps647732 sshd[11701]: Failed password for root from 111.231.139.30 port 43443 ssh2 Mar 8 10:34:21 vps647732 sshd[11852]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.231.139.30 ...	2020-03-08 17:44:11
attackspam	Feb 19 05:25:33 php1 sshd\[10582\]: Invalid user confluence from 111.231.139.30 Feb 19 05:25:33 php1 sshd\[10582\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.231.139.30 Feb 19 05:25:35 php1 sshd\[10582\]: Failed password for invalid user confluence from 111.231.139.30 port 38506 ssh2 Feb 19 05:31:23 php1 sshd\[11779\]: Invalid user postgres from 111.231.139.30 Feb 19 05:31:23 php1 sshd\[11779\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.231.139.30	2020-02-20 00:17:46
attack	Feb 2 06:07:18 srv01 sshd[31794]: Invalid user oracles from 111.231.139.30 port 54720 Feb 2 06:07:18 srv01 sshd[31794]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.231.139.30 Feb 2 06:07:18 srv01 sshd[31794]: Invalid user oracles from 111.231.139.30 port 54720 Feb 2 06:07:20 srv01 sshd[31794]: Failed password for invalid user oracles from 111.231.139.30 port 54720 ssh2 Feb 2 06:10:48 srv01 sshd[32103]: Invalid user test from 111.231.139.30 port 37542 ...	2020-02-02 16:42:37
attackbots	Jan 30 14:11:31 game-panel sshd[14410]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.231.139.30 Jan 30 14:11:33 game-panel sshd[14410]: Failed password for invalid user ovi from 111.231.139.30 port 59287 ssh2 Jan 30 14:15:51 game-panel sshd[14641]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.231.139.30	2020-01-30 22:16:39
attack	Jan 23 09:36:34 lnxmail61 sshd[1775]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.231.139.30	2020-01-23 17:24:15
attackspambots	Jan 13 16:15:55 vmanager6029 sshd\[1769\]: Invalid user test from 111.231.139.30 port 51455 Jan 13 16:15:55 vmanager6029 sshd\[1769\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.231.139.30 Jan 13 16:15:57 vmanager6029 sshd\[1769\]: Failed password for invalid user test from 111.231.139.30 port 51455 ssh2	2020-01-14 00:04:23
attack	Dec 28 09:02:17 dedicated sshd[4663]: Invalid user cccccc from 111.231.139.30 port 39644	2019-12-28 16:43:31
attackbotsspam	Dec 16 00:49:29 vps691689 sshd[31361]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.231.139.30 Dec 16 00:49:30 vps691689 sshd[31361]: Failed password for invalid user spurway from 111.231.139.30 port 37194 ssh2 ...	2019-12-16 08:10:28
attackbots	Dec 14 07:21:28 minden010 sshd[22805]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.231.139.30 Dec 14 07:21:30 minden010 sshd[22805]: Failed password for invalid user crangle from 111.231.139.30 port 48665 ssh2 Dec 14 07:29:00 minden010 sshd[24397]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.231.139.30 ...	2019-12-14 15:36:40

相同子网IP讨论:

IP	类型	评论内容	时间
111.231.139.133	attack	MultiHost/MultiPort Probe, Scan, Hack -	2019-11-14 03:41:53

WHOIS信息:

DIG信息:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 111.231.139.30
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 2385
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;111.231.139.30.			IN	A

;; AUTHORITY SECTION:
.			3173	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019032901 1800 900 604800 86400

;; Query time: 0 msec
;; SERVER: 67.207.67.3#53(67.207.67.3)
;; WHEN: Sat Mar 30 12:54:39 +08 2019
;; MSG SIZE  rcvd: 118

HOST信息:

Host 30.139.231.111.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		67.207.67.3
Address:	67.207.67.3#53

** server can't find 30.139.231.111.in-addr.arpa: NXDOMAIN

IP	类型	评论内容	时间
118.192.66.52	attackbots	Jan 11 20:59:58 localhost sshd\[22220\]: Invalid user Inset from 118.192.66.52 Jan 11 20:59:58 localhost sshd\[22220\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.192.66.52 Jan 11 21:00:00 localhost sshd\[22220\]: Failed password for invalid user Inset from 118.192.66.52 port 50484 ssh2 Jan 11 21:02:31 localhost sshd\[22415\]: Invalid user guest5 from 118.192.66.52 Jan 11 21:02:31 localhost sshd\[22415\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.192.66.52 ...	2020-01-12 04:55:03
183.16.100.140	attackbots	port 0:65535	2020-01-12 05:14:24
79.182.119.216	attack	Honeypot attack, port: 81, PTR: bzq-79-182-119-216.red.bezeqint.net.	2020-01-12 05:15:59
118.24.153.230	attackbotsspam	Unauthorized connection attempt detected from IP address 118.24.153.230 to port 22	2020-01-12 04:52:48
63.143.124.239	attack	B: Magento admin pass test (wrong country)	2020-01-12 05:24:27
176.113.209.93	attack	Honeypot attack, port: 5555, PTR: 93-209-113-176.extratel.net.ua.	2020-01-12 05:08:42
117.255.216.106	attackbots	Jan 11 22:04:15 [host] sshd[13274]: Invalid user test1 from 117.255.216.106 Jan 11 22:04:15 [host] sshd[13274]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.255.216.106 Jan 11 22:04:18 [host] sshd[13274]: Failed password for invalid user test1 from 117.255.216.106 port 15523 ssh2	2020-01-12 05:07:27
222.186.175.183	attackbotsspam	Jan 11 21:52:18 mail sshd[22645]: Failed password for root from 222.186.175.183 port 21736 ssh2 Jan 11 21:52:24 mail sshd[22645]: Failed password for root from 222.186.175.183 port 21736 ssh2 Jan 11 21:52:29 mail sshd[22645]: Failed password for root from 222.186.175.183 port 21736 ssh2 Jan 11 21:52:33 mail sshd[22645]: Failed password for root from 222.186.175.183 port 21736 ssh2	2020-01-12 04:56:55
107.189.11.11	attackspambots	Jan 11 16:18:12 aragorn sshd[8742]: Invalid user fake from 107.189.11.11 Jan 11 16:18:14 aragorn sshd[8744]: Invalid user admin from 107.189.11.11 ...	2020-01-12 05:26:06
189.212.124.127	attackbots	Automatic report - Port Scan Attack	2020-01-12 05:00:12
208.180.71.202	attackspam	Honeypot attack, port: 81, PTR: cdm-208-180-71-202.cnrotx.suddenlink.net.	2020-01-12 05:23:03
118.24.23.216	attackspam	[portscan] Port scan	2020-01-12 04:51:38
117.247.5.143	attack	$f2bV_matches	2020-01-12 05:07:58
118.126.112.116	attackbots	$f2bV_matches	2020-01-12 04:57:28
118.24.116.145	attackbotsspam	Jan 11 21:25:56 pornomens sshd\[20991\]: Invalid user upload from 118.24.116.145 port 50612 Jan 11 21:25:56 pornomens sshd\[20991\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.24.116.145 Jan 11 21:25:59 pornomens sshd\[20991\]: Failed password for invalid user upload from 118.24.116.145 port 50612 ssh2 ...	2020-01-12 04:53:06

最近上报的IP列表

125.133.65.195	91.121.179.17	79.133.193.4	61.72.254.71
122.227.185.101	118.24.11.71	113.161.66.214	112.245.187.225
106.12.96.92	45.163.196.223	5.188.206.198	177.79.70.212
186.243.121.4	78.38.30.194	5.154.13.14	217.174.254.186
196.52.43.124	159.65.136.194	107.196.101.128	62.232.219.175