203.130.2.13 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Pakistan

运营商(isp): Supernet PDS Limited

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Port 1433 Scan	2020-02-03 06:02:42

相同子网IP讨论:

IP	类型	评论内容	时间
203.130.242.68	attackbots	(sshd) Failed SSH login from 203.130.242.68 (ID/Indonesia/ts14.techscape.co.id): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Oct 9 13:32:51 optimus sshd[4446]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=203.130.242.68 user=root Oct 9 13:32:53 optimus sshd[4446]: Failed password for root from 203.130.242.68 port 51000 ssh2 Oct 9 13:48:31 optimus sshd[9463]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=203.130.242.68 user=root Oct 9 13:48:33 optimus sshd[9463]: Failed password for root from 203.130.242.68 port 52387 ssh2 Oct 9 13:52:43 optimus sshd[10816]: Invalid user rpm from 203.130.242.68	2020-10-10 02:02:42
203.130.242.68	attackspambots	Oct 9 03:01:55 hidden sshd[32151]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=203.130.242.68 Oct 9 03:01:57 hidden sshd[32151]: Failed password for invalid user user from 203.130.242.68 port 59938 ssh2 Oct 9 03:20:42 hidden sshd[3131]: Invalid user sharon from 203.130.242.68 port 40489	2020-10-09 17:47:29
203.130.255.2	attackbots	Oct 6 09:18:52 pixelmemory sshd[1023256]: Failed password for root from 203.130.255.2 port 47262 ssh2 Oct 6 09:21:34 pixelmemory sshd[1345682]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=203.130.255.2 user=root Oct 6 09:21:36 pixelmemory sshd[1345682]: Failed password for root from 203.130.255.2 port 52860 ssh2 Oct 6 09:24:03 pixelmemory sshd[1651936]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=203.130.255.2 user=root Oct 6 09:24:06 pixelmemory sshd[1651936]: Failed password for root from 203.130.255.2 port 58456 ssh2 ...	2020-10-07 01:48:45
203.130.255.2	attack	Oct 6 11:50:15 ift sshd\[24810\]: Failed password for root from 203.130.255.2 port 45842 ssh2Oct 6 11:51:22 ift sshd\[24905\]: Failed password for root from 203.130.255.2 port 60608 ssh2Oct 6 11:52:32 ift sshd\[24990\]: Failed password for root from 203.130.255.2 port 47028 ssh2Oct 6 11:53:43 ift sshd\[25170\]: Failed password for root from 203.130.255.2 port 33448 ssh2Oct 6 11:54:50 ift sshd\[25369\]: Failed password for root from 203.130.255.2 port 48098 ssh2 ...	2020-10-06 17:43:36
203.130.242.68	attack	Sep 21 18:02:28 mythra sshd[31654]: Failed password for invalid user mysql from 203.130.242.68 port 49680 ssh2	2020-09-22 03:03:55
203.130.242.68	attack	Time: Mon Sep 21 12:43:22 2020 +0200 IP: 203.130.242.68 (ID/Indonesia/ts14.techscape.co.id) Failures: 5 (sshd) Interval: 3600 seconds Blocked: Permanent Block [LF_SSHD] Log entries: Sep 21 12:32:16 3-1 sshd[36694]: Invalid user deployment from 203.130.242.68 port 56018 Sep 21 12:32:18 3-1 sshd[36694]: Failed password for invalid user deployment from 203.130.242.68 port 56018 ssh2 Sep 21 12:38:55 3-1 sshd[36990]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=203.130.242.68 user=root Sep 21 12:38:57 3-1 sshd[36990]: Failed password for root from 203.130.242.68 port 44440 ssh2 Sep 21 12:43:19 3-1 sshd[37169]: Invalid user vncuser from 203.130.242.68 port 49859	2020-09-21 18:49:15
203.130.242.68	attackspambots	Sep 17 12:15:35 [host] sshd[8652]: pam_unix(sshd:a Sep 17 12:15:37 [host] sshd[8652]: Failed password Sep 17 12:17:43 [host] sshd[8683]: pam_unix(sshd:a	2020-09-17 18:28:42
203.130.242.68	attackspambots	Sep 16 21:25:12 ny01 sshd[15506]: Failed password for root from 203.130.242.68 port 59818 ssh2 Sep 16 21:29:54 ny01 sshd[16179]: Failed password for root from 203.130.242.68 port 36461 ssh2	2020-09-17 09:41:20
203.130.242.68	attackbotsspam	Sep 16 17:43:56 ajax sshd[16968]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=203.130.242.68 Sep 16 17:43:58 ajax sshd[16968]: Failed password for invalid user emp from 203.130.242.68 port 33445 ssh2	2020-09-17 00:49:30
203.130.242.68	attackspambots	(sshd) Failed SSH login from 203.130.242.68 (ID/Indonesia/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Sep 16 06:23:55 server sshd[16525]: Invalid user admin from 203.130.242.68 Sep 16 06:23:55 server sshd[16525]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=203.130.242.68 Sep 16 06:23:57 server sshd[16525]: Failed password for invalid user admin from 203.130.242.68 port 47272 ssh2 Sep 16 06:28:17 server sshd[17376]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=203.130.242.68 user=root Sep 16 06:28:19 server sshd[17376]: Failed password for root from 203.130.242.68 port 47277 ssh2	2020-09-16 17:04:08
203.130.242.68	attackbots	Sep 15 16:16:12 game-panel sshd[21604]: Failed password for root from 203.130.242.68 port 56829 ssh2 Sep 15 16:19:47 game-panel sshd[21704]: Failed password for root from 203.130.242.68 port 53372 ssh2	2020-09-16 00:42:07
203.130.242.68	attackbotsspam	2020-09-15T14:38:55.141345hostname sshd[91843]: Invalid user jeff from 203.130.242.68 port 39297 ...	2020-09-15 16:33:33
203.130.255.2	attackbots	$f2bV_matches	2020-09-14 20:10:26
203.130.255.2	attackbotsspam	Brute-force attempt banned	2020-09-14 12:03:33
203.130.255.2	attackspam	Sep 13 18:45:09 ns382633 sshd\[403\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=203.130.255.2 user=root Sep 13 18:45:11 ns382633 sshd\[403\]: Failed password for root from 203.130.255.2 port 48950 ssh2 Sep 13 18:54:54 ns382633 sshd\[1867\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=203.130.255.2 user=root Sep 13 18:54:56 ns382633 sshd\[1867\]: Failed password for root from 203.130.255.2 port 42642 ssh2 Sep 13 19:01:33 ns382633 sshd\[3350\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=203.130.255.2 user=root	2020-09-14 04:05:56

WHOIS信息:

DIG信息:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 203.130.2.13
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 58019
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;203.130.2.13.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019053101 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Sat Jun 01 09:20:54 CST 2019
;; MSG SIZE  rcvd: 116

HOST信息:

13.2.130.203.in-addr.arpa domain name pointer nms-data.super.net.pk.

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
13.2.130.203.in-addr.arpa	name = nms-data.super.net.pk.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
178.45.136.29	attackspam	3,12-03/24 [bc02/m13] PostRequest-Spammer scoring: Lusaka01	2020-03-31 00:46:46
180.76.171.53	attackspambots	SSH brute force attempt	2020-03-31 00:50:15
5.188.62.25	attackspam	5.188.62.25 - - [30/Mar/2020:17:19:02 +0200] "POST /xmlrpc.php HTTP/1.1" 200 429 "-" "Mozilla/5.0 (Windows NT 6.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2224.3 Safari/537.36" 5.188.62.25 - - [30/Mar/2020:17:52:49 +0200] "POST /xmlrpc.php HTTP/1.1" 200 429 "-" "Mozilla/5.0 (Windows NT 5.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2225.0 Safari/537.36" 5.188.62.25 - - [30/Mar/2020:17:58:40 +0200] "POST /xmlrpc.php HTTP/1.1" 200 429 "-" "Mozilla/5.0 (Windows NT 6.2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2226.0 Safari/537.36"	2020-03-31 00:14:09
136.60.234.116	attackspam	port	2020-03-31 00:12:43
223.66.214.118	attackspam	Brute force SMTP login attempted. ...	2020-03-31 00:27:59
175.6.77.131	attackbots	Mar 30 17:27:10 lock-38 sshd[345654]: Invalid user prasan from 175.6.77.131 port 52928 Mar 30 17:27:10 lock-38 sshd[345654]: Invalid user prasan from 175.6.77.131 port 52928 Mar 30 17:27:10 lock-38 sshd[345654]: Failed password for invalid user prasan from 175.6.77.131 port 52928 ssh2 Mar 30 17:34:25 lock-38 sshd[345862]: Failed password for root from 175.6.77.131 port 33384 ssh2 Mar 30 17:41:07 lock-38 sshd[346120]: Failed password for root from 175.6.77.131 port 42078 ssh2 ...	2020-03-31 00:35:43
51.68.190.214	attackspam	$f2bV_matches	2020-03-31 00:39:32
103.28.226.10	attackbotsspam	Honeypot attack, port: 445, PTR: ip-103-28-226-10.palapamedia.net.id.	2020-03-31 00:55:48
161.53.119.12	attack	Honeypot attack, port: 445, PTR: narcis.fsb.hr.	2020-03-31 01:13:47
119.6.225.19	attackbots	Too many connections or unauthorized access detected from Arctic banned ip	2020-03-31 00:32:24
45.125.65.42	attackbots	Mar 30 17:35:28 srv01 postfix/smtpd\[11442\]: warning: unknown\[45.125.65.42\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Mar 30 17:37:07 srv01 postfix/smtpd\[4338\]: warning: unknown\[45.125.65.42\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Mar 30 17:37:41 srv01 postfix/smtpd\[4338\]: warning: unknown\[45.125.65.42\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Mar 30 17:50:50 srv01 postfix/smtpd\[11608\]: warning: unknown\[45.125.65.42\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Mar 30 17:52:28 srv01 postfix/smtpd\[17688\]: warning: unknown\[45.125.65.42\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2020-03-31 00:15:47
114.252.230.245	attackbotsspam	Honeypot attack, port: 5555, PTR: PTR record not found	2020-03-31 00:27:19
177.56.86.54	attackspambots	Unauthorized connection attempt detected from IP address 177.56.86.54 to port 445	2020-03-31 00:41:20
223.4.70.106	attackspam	Brute force SMTP login attempted. ...	2020-03-31 00:28:40
223.72.225.194	attackbotsspam	Brute force SMTP login attempted. ...	2020-03-31 00:11:31

最近上报的IP列表

5.249.147.99	120.196.65.235	46.231.230.76	12.176.40.155
208.6.142.159	31.13.31.115	223.132.132.160	149.56.101.113
107.239.234.43	31.254.80.64	62.213.54.130	98.68.152.194
60.157.25.84	50.72.146.89	226.82.29.50	0.239.132.60
14.161.14.123	31.243.160.228	82.233.52.221	94.226.159.46