111.231.139.30

基本信息:

城市(city): Beijing

省份(region): Beijing

国家(country): China

运营商(isp): Tencent Cloud Computing (Beijing) Co. Ltd.

主机名(hostname): unknown

机构(organization): Shenzhen Tencent Computer Systems Company Limited

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbotsspam	Cowrie Honeypot: 3 unauthorised SSH/Telnet login attempts between 2020-08-21T22:31:53Z and 2020-08-21T22:37:54Z	2020-08-22 06:44:20
attackspambots	Aug 4 05:16:41 game-panel sshd[7944]: Failed password for root from 111.231.139.30 port 33537 ssh2 Aug 4 05:20:47 game-panel sshd[8072]: Failed password for root from 111.231.139.30 port 58043 ssh2	2020-08-04 16:44:30
attackbots	DATE:2020-08-02 09:20:40,IP:111.231.139.30,MATCHES:10,PORT:ssh	2020-08-02 18:14:32
attackbots	Jul 28 22:17:53 santamaria sshd\[19274\]: Invalid user alias from 111.231.139.30 Jul 28 22:17:53 santamaria sshd\[19274\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.231.139.30 Jul 28 22:17:56 santamaria sshd\[19274\]: Failed password for invalid user alias from 111.231.139.30 port 56103 ssh2 ...	2020-07-29 04:51:38
attack	Jul 20 08:29:44 hosting sshd[25731]: Invalid user rw from 111.231.139.30 port 33542 ...	2020-07-20 13:37:17
attack	Jul 11 02:27:44 Tower sshd[24650]: Connection from 111.231.139.30 port 60892 on 192.168.10.220 port 22 rdomain "" Jul 11 02:27:46 Tower sshd[24650]: Invalid user imani from 111.231.139.30 port 60892 Jul 11 02:27:46 Tower sshd[24650]: error: Could not get shadow information for NOUSER Jul 11 02:27:46 Tower sshd[24650]: Failed password for invalid user imani from 111.231.139.30 port 60892 ssh2 Jul 11 02:27:46 Tower sshd[24650]: Received disconnect from 111.231.139.30 port 60892:11: Bye Bye [preauth] Jul 11 02:27:46 Tower sshd[24650]: Disconnected from invalid user imani 111.231.139.30 port 60892 [preauth]	2020-07-11 16:54:15
attackspambots	Jul 9 13:32:54 ws22vmsma01 sshd[198340]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.231.139.30 Jul 9 13:32:56 ws22vmsma01 sshd[198340]: Failed password for invalid user view from 111.231.139.30 port 34131 ssh2 ...	2020-07-10 02:00:13
attackbotsspam	Jun 22 23:39:01 ArkNodeAT sshd\[29693\]: Invalid user deploy from 111.231.139.30 Jun 22 23:39:01 ArkNodeAT sshd\[29693\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.231.139.30 Jun 22 23:39:03 ArkNodeAT sshd\[29693\]: Failed password for invalid user deploy from 111.231.139.30 port 48585 ssh2	2020-06-23 06:07:46
attackbotsspam	Jun 10 09:55:55 h1745522 sshd[18800]: Invalid user admin from 111.231.139.30 port 42372 Jun 10 09:55:55 h1745522 sshd[18800]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.231.139.30 Jun 10 09:55:55 h1745522 sshd[18800]: Invalid user admin from 111.231.139.30 port 42372 Jun 10 09:55:57 h1745522 sshd[18800]: Failed password for invalid user admin from 111.231.139.30 port 42372 ssh2 Jun 10 09:59:31 h1745522 sshd[19003]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.231.139.30 user=root Jun 10 09:59:33 h1745522 sshd[19003]: Failed password for root from 111.231.139.30 port 38938 ssh2 Jun 10 10:03:03 h1745522 sshd[19121]: Invalid user admin from 111.231.139.30 port 35498 Jun 10 10:03:03 h1745522 sshd[19121]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.231.139.30 Jun 10 10:03:03 h1745522 sshd[19121]: Invalid user admin from 111.231.139.30 port 35498 Ju ...	2020-06-10 16:15:55
attackbotsspam	SSH bruteforce	2020-06-07 18:27:30
attackbots	Failed password for invalid user debian from 111.231.139.30 port 51780 ssh2	2020-05-30 17:45:55
attack	May 22 07:57:06 nextcloud sshd\[22005\]: Invalid user ecz from 111.231.139.30 May 22 07:57:06 nextcloud sshd\[22005\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.231.139.30 May 22 07:57:07 nextcloud sshd\[22005\]: Failed password for invalid user ecz from 111.231.139.30 port 39437 ssh2	2020-05-22 17:02:44
attack	May 3 10:29:41 scw-6657dc sshd[1987]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.231.139.30 May 3 10:29:41 scw-6657dc sshd[1987]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.231.139.30 May 3 10:29:43 scw-6657dc sshd[1987]: Failed password for invalid user bruno from 111.231.139.30 port 35033 ssh2 ...	2020-05-03 19:21:58
attackbots	SSH Brute Force	2020-04-29 12:18:04
attackspam	Invalid user joerg from 111.231.139.30 port 38050	2020-04-29 06:12:30
attack	Fail2Ban - SSH Bruteforce Attempt	2020-04-26 04:10:49
attackspambots	Brute-force attempt banned	2020-03-28 01:04:30
attackspambots	Mar 27 05:56:01 gw1 sshd[21937]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.231.139.30 Mar 27 05:56:04 gw1 sshd[21937]: Failed password for invalid user tcu from 111.231.139.30 port 45412 ssh2 ...	2020-03-27 09:46:27
attack	B: Abusive ssh attack	2020-03-21 03:34:54
attackbots	Mar 12 07:41:34 DAAP sshd[13875]: Invalid user starmade from 111.231.139.30 port 44472 Mar 12 07:41:34 DAAP sshd[13875]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.231.139.30 Mar 12 07:41:34 DAAP sshd[13875]: Invalid user starmade from 111.231.139.30 port 44472 Mar 12 07:41:36 DAAP sshd[13875]: Failed password for invalid user starmade from 111.231.139.30 port 44472 ssh2 Mar 12 07:47:16 DAAP sshd[13930]: Invalid user admin from 111.231.139.30 port 38655 ...	2020-03-12 15:29:42
attackbots	Mar 10 00:14:22 v22018076622670303 sshd\[26529\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.231.139.30 user=root Mar 10 00:14:24 v22018076622670303 sshd\[26529\]: Failed password for root from 111.231.139.30 port 56972 ssh2 Mar 10 00:21:12 v22018076622670303 sshd\[26646\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.231.139.30 user=root ...	2020-03-10 08:16:41
attackspambots	Mar 8 10:28:22 vps647732 sshd[11701]: Failed password for root from 111.231.139.30 port 43443 ssh2 Mar 8 10:34:21 vps647732 sshd[11852]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.231.139.30 ...	2020-03-08 17:44:11
attackspam	Feb 19 05:25:33 php1 sshd\[10582\]: Invalid user confluence from 111.231.139.30 Feb 19 05:25:33 php1 sshd\[10582\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.231.139.30 Feb 19 05:25:35 php1 sshd\[10582\]: Failed password for invalid user confluence from 111.231.139.30 port 38506 ssh2 Feb 19 05:31:23 php1 sshd\[11779\]: Invalid user postgres from 111.231.139.30 Feb 19 05:31:23 php1 sshd\[11779\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.231.139.30	2020-02-20 00:17:46
attack	Feb 2 06:07:18 srv01 sshd[31794]: Invalid user oracles from 111.231.139.30 port 54720 Feb 2 06:07:18 srv01 sshd[31794]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.231.139.30 Feb 2 06:07:18 srv01 sshd[31794]: Invalid user oracles from 111.231.139.30 port 54720 Feb 2 06:07:20 srv01 sshd[31794]: Failed password for invalid user oracles from 111.231.139.30 port 54720 ssh2 Feb 2 06:10:48 srv01 sshd[32103]: Invalid user test from 111.231.139.30 port 37542 ...	2020-02-02 16:42:37
attackbots	Jan 30 14:11:31 game-panel sshd[14410]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.231.139.30 Jan 30 14:11:33 game-panel sshd[14410]: Failed password for invalid user ovi from 111.231.139.30 port 59287 ssh2 Jan 30 14:15:51 game-panel sshd[14641]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.231.139.30	2020-01-30 22:16:39
attack	Jan 23 09:36:34 lnxmail61 sshd[1775]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.231.139.30	2020-01-23 17:24:15
attackspambots	Jan 13 16:15:55 vmanager6029 sshd\[1769\]: Invalid user test from 111.231.139.30 port 51455 Jan 13 16:15:55 vmanager6029 sshd\[1769\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.231.139.30 Jan 13 16:15:57 vmanager6029 sshd\[1769\]: Failed password for invalid user test from 111.231.139.30 port 51455 ssh2	2020-01-14 00:04:23
attack	Dec 28 09:02:17 dedicated sshd[4663]: Invalid user cccccc from 111.231.139.30 port 39644	2019-12-28 16:43:31
attackbotsspam	Dec 16 00:49:29 vps691689 sshd[31361]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.231.139.30 Dec 16 00:49:30 vps691689 sshd[31361]: Failed password for invalid user spurway from 111.231.139.30 port 37194 ssh2 ...	2019-12-16 08:10:28
attackbots	Dec 14 07:21:28 minden010 sshd[22805]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.231.139.30 Dec 14 07:21:30 minden010 sshd[22805]: Failed password for invalid user crangle from 111.231.139.30 port 48665 ssh2 Dec 14 07:29:00 minden010 sshd[24397]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.231.139.30 ...	2019-12-14 15:36:40

相同子网IP讨论:

IP	类型	评论内容	时间
111.231.139.133	attack	MultiHost/MultiPort Probe, Scan, Hack -	2019-11-14 03:41:53

WHOIS信息:

DIG信息:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 111.231.139.30
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 2385
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;111.231.139.30.			IN	A

;; AUTHORITY SECTION:
.			3173	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019032901 1800 900 604800 86400

;; Query time: 0 msec
;; SERVER: 67.207.67.3#53(67.207.67.3)
;; WHEN: Sat Mar 30 12:54:39 +08 2019
;; MSG SIZE  rcvd: 118

HOST信息:

Host 30.139.231.111.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		67.207.67.3
Address:	67.207.67.3#53

** server can't find 30.139.231.111.in-addr.arpa: NXDOMAIN

IP	类型	评论内容	时间
117.2.159.18	attackbots	Unauthorized connection attempt from IP address 117.2.159.18 on Port 445(SMB)	2020-07-01 13:34:18
51.91.250.49	attack	$f2bV_matches	2020-07-01 13:39:41
106.104.169.249	attackspambots	TCP (SYN) 106.104.169.249:11046 -> port 23, len 44	2020-07-01 13:29:46
223.83.138.104	attack	" "	2020-07-01 13:01:01
88.214.26.92	attack	Cowrie Honeypot: 10 unauthorised SSH/Telnet login attempts between 2020-06-30T15:35:36Z and 2020-06-30T17:05:18Z	2020-07-01 13:48:43
165.227.182.180	attackbotsspam	165.227.182.180 - - [30/Jun/2020:07:50:09 -0600] "GET /wp-login.php HTTP/1.1" 301 470 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-07-01 13:36:32
201.170.111.2	attack	Port probing on unauthorized port 23	2020-07-01 13:10:30
168.0.129.44	attackspambots	23/tcp [2020-06-30]1pkt	2020-07-01 13:09:00
66.249.75.105	attack	port scan and connect, tcp 80 (http)	2020-07-01 13:04:50
183.152.173.128	attackbots	Unauthorized connection attempt detected from IP address 183.152.173.128 to port 23	2020-07-01 13:10:56
123.110.170.217	attackspambots	1593428803 - 06/29/2020 18:06:43 Host: 123-110-170-217.best.dy.tbcnet.net.tw/123.110.170.217 Port: 23 TCP Blocked ...	2020-07-01 13:24:38
179.191.123.46	attackbots	" "	2020-07-01 13:43:01
132.232.47.59	attackspambots	Jun 30 12:09:35 vmd17057 sshd[7795]: Failed password for www-data from 132.232.47.59 port 58336 ssh2 Jun 30 12:14:58 vmd17057 sshd[8063]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=132.232.47.59 ...	2020-07-01 13:20:14
186.215.235.9	attackspambots	SSH Brute-Force. Ports scanning.	2020-07-01 13:38:15
119.96.157.188	attack	...	2020-07-01 13:33:49

最近上报的IP列表

125.133.65.195	91.121.179.17	79.133.193.4	61.72.254.71
122.227.185.101	118.24.11.71	113.161.66.214	112.245.187.225
106.12.96.92	45.163.196.223	5.188.206.198	177.79.70.212
186.243.121.4	78.38.30.194	5.154.13.14	217.174.254.186
196.52.43.124	159.65.136.194	107.196.101.128	62.232.219.175