203.130.2.13 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Pakistan

运营商(isp): Supernet PDS Limited

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Port 1433 Scan	2020-02-03 06:02:42

相同子网IP讨论:

IP	类型	评论内容	时间
203.130.242.68	attackbots	(sshd) Failed SSH login from 203.130.242.68 (ID/Indonesia/ts14.techscape.co.id): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Oct 9 13:32:51 optimus sshd[4446]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=203.130.242.68 user=root Oct 9 13:32:53 optimus sshd[4446]: Failed password for root from 203.130.242.68 port 51000 ssh2 Oct 9 13:48:31 optimus sshd[9463]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=203.130.242.68 user=root Oct 9 13:48:33 optimus sshd[9463]: Failed password for root from 203.130.242.68 port 52387 ssh2 Oct 9 13:52:43 optimus sshd[10816]: Invalid user rpm from 203.130.242.68	2020-10-10 02:02:42
203.130.242.68	attackspambots	Oct 9 03:01:55 hidden sshd[32151]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=203.130.242.68 Oct 9 03:01:57 hidden sshd[32151]: Failed password for invalid user user from 203.130.242.68 port 59938 ssh2 Oct 9 03:20:42 hidden sshd[3131]: Invalid user sharon from 203.130.242.68 port 40489	2020-10-09 17:47:29
203.130.255.2	attackbots	Oct 6 09:18:52 pixelmemory sshd[1023256]: Failed password for root from 203.130.255.2 port 47262 ssh2 Oct 6 09:21:34 pixelmemory sshd[1345682]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=203.130.255.2 user=root Oct 6 09:21:36 pixelmemory sshd[1345682]: Failed password for root from 203.130.255.2 port 52860 ssh2 Oct 6 09:24:03 pixelmemory sshd[1651936]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=203.130.255.2 user=root Oct 6 09:24:06 pixelmemory sshd[1651936]: Failed password for root from 203.130.255.2 port 58456 ssh2 ...	2020-10-07 01:48:45
203.130.255.2	attack	Oct 6 11:50:15 ift sshd\[24810\]: Failed password for root from 203.130.255.2 port 45842 ssh2Oct 6 11:51:22 ift sshd\[24905\]: Failed password for root from 203.130.255.2 port 60608 ssh2Oct 6 11:52:32 ift sshd\[24990\]: Failed password for root from 203.130.255.2 port 47028 ssh2Oct 6 11:53:43 ift sshd\[25170\]: Failed password for root from 203.130.255.2 port 33448 ssh2Oct 6 11:54:50 ift sshd\[25369\]: Failed password for root from 203.130.255.2 port 48098 ssh2 ...	2020-10-06 17:43:36
203.130.242.68	attack	Sep 21 18:02:28 mythra sshd[31654]: Failed password for invalid user mysql from 203.130.242.68 port 49680 ssh2	2020-09-22 03:03:55
203.130.242.68	attack	Time: Mon Sep 21 12:43:22 2020 +0200 IP: 203.130.242.68 (ID/Indonesia/ts14.techscape.co.id) Failures: 5 (sshd) Interval: 3600 seconds Blocked: Permanent Block [LF_SSHD] Log entries: Sep 21 12:32:16 3-1 sshd[36694]: Invalid user deployment from 203.130.242.68 port 56018 Sep 21 12:32:18 3-1 sshd[36694]: Failed password for invalid user deployment from 203.130.242.68 port 56018 ssh2 Sep 21 12:38:55 3-1 sshd[36990]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=203.130.242.68 user=root Sep 21 12:38:57 3-1 sshd[36990]: Failed password for root from 203.130.242.68 port 44440 ssh2 Sep 21 12:43:19 3-1 sshd[37169]: Invalid user vncuser from 203.130.242.68 port 49859	2020-09-21 18:49:15
203.130.242.68	attackspambots	Sep 17 12:15:35 [host] sshd[8652]: pam_unix(sshd:a Sep 17 12:15:37 [host] sshd[8652]: Failed password Sep 17 12:17:43 [host] sshd[8683]: pam_unix(sshd:a	2020-09-17 18:28:42
203.130.242.68	attackspambots	Sep 16 21:25:12 ny01 sshd[15506]: Failed password for root from 203.130.242.68 port 59818 ssh2 Sep 16 21:29:54 ny01 sshd[16179]: Failed password for root from 203.130.242.68 port 36461 ssh2	2020-09-17 09:41:20
203.130.242.68	attackbotsspam	Sep 16 17:43:56 ajax sshd[16968]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=203.130.242.68 Sep 16 17:43:58 ajax sshd[16968]: Failed password for invalid user emp from 203.130.242.68 port 33445 ssh2	2020-09-17 00:49:30
203.130.242.68	attackspambots	(sshd) Failed SSH login from 203.130.242.68 (ID/Indonesia/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Sep 16 06:23:55 server sshd[16525]: Invalid user admin from 203.130.242.68 Sep 16 06:23:55 server sshd[16525]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=203.130.242.68 Sep 16 06:23:57 server sshd[16525]: Failed password for invalid user admin from 203.130.242.68 port 47272 ssh2 Sep 16 06:28:17 server sshd[17376]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=203.130.242.68 user=root Sep 16 06:28:19 server sshd[17376]: Failed password for root from 203.130.242.68 port 47277 ssh2	2020-09-16 17:04:08
203.130.242.68	attackbots	Sep 15 16:16:12 game-panel sshd[21604]: Failed password for root from 203.130.242.68 port 56829 ssh2 Sep 15 16:19:47 game-panel sshd[21704]: Failed password for root from 203.130.242.68 port 53372 ssh2	2020-09-16 00:42:07
203.130.242.68	attackbotsspam	2020-09-15T14:38:55.141345hostname sshd[91843]: Invalid user jeff from 203.130.242.68 port 39297 ...	2020-09-15 16:33:33
203.130.255.2	attackbots	$f2bV_matches	2020-09-14 20:10:26
203.130.255.2	attackbotsspam	Brute-force attempt banned	2020-09-14 12:03:33
203.130.255.2	attackspam	Sep 13 18:45:09 ns382633 sshd\[403\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=203.130.255.2 user=root Sep 13 18:45:11 ns382633 sshd\[403\]: Failed password for root from 203.130.255.2 port 48950 ssh2 Sep 13 18:54:54 ns382633 sshd\[1867\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=203.130.255.2 user=root Sep 13 18:54:56 ns382633 sshd\[1867\]: Failed password for root from 203.130.255.2 port 42642 ssh2 Sep 13 19:01:33 ns382633 sshd\[3350\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=203.130.255.2 user=root	2020-09-14 04:05:56

WHOIS信息:

DIG信息:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 203.130.2.13
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 58019
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;203.130.2.13.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019053101 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Sat Jun 01 09:20:54 CST 2019
;; MSG SIZE  rcvd: 116

HOST信息:

13.2.130.203.in-addr.arpa domain name pointer nms-data.super.net.pk.

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
13.2.130.203.in-addr.arpa	name = nms-data.super.net.pk.

Authoritative answers can be found from:

IP	类型	评论内容	时间
195.24.207.199	attackbotsspam	Invalid user zhangzhitong from 195.24.207.199 port 54998	2020-02-28 10:13:41
46.17.47.122	attackspambots	SASL PLAIN auth failed: ruser=...	2020-02-28 10:07:34
222.99.52.216	attackbots	SASL PLAIN auth failed: ruser=...	2020-02-28 10:10:36
206.72.197.226	attack	exploit netcore router back door access	2020-02-28 10:34:29
104.238.103.16	attackbots	Automatic report - WordPress Brute Force	2020-02-28 13:03:02
175.138.108.78	attack	Feb 28 02:32:07 vpn01 sshd[2126]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=175.138.108.78 Feb 28 02:32:09 vpn01 sshd[2126]: Failed password for invalid user csr1dev from 175.138.108.78 port 55782 ssh2 ...	2020-02-28 10:18:12
106.12.59.49	attack	Feb 28 02:23:44 vps647732 sshd[16052]: Failed password for man from 106.12.59.49 port 37008 ssh2 Feb 28 02:30:24 vps647732 sshd[16321]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.59.49 ...	2020-02-28 10:00:07
123.23.229.74	attack	Automatic report - Port Scan Attack	2020-02-28 13:04:45
220.167.161.200	attackbotsspam	Invalid user ldapuser from 220.167.161.200 port 49542	2020-02-28 10:11:00
210.138.183.45	attack	Feb 28 01:53:45 XXX sshd[64520]: Invalid user weichanghe from 210.138.183.45 port 48688	2020-02-28 10:12:51
175.201.64.30	attackspambots	Honeypot attack, port: 81, PTR: PTR record not found	2020-02-28 13:02:35
77.2.39.133	attack	SSH Bruteforce attack	2020-02-28 13:01:27
92.118.37.53	attackbotsspam	Feb 28 05:57:14 debian-2gb-nbg1-2 kernel: \[5125026.268654\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=92.118.37.53 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=247 ID=42581 PROTO=TCP SPT=46983 DPT=55105 WINDOW=1024 RES=0x00 SYN URGP=0	2020-02-28 13:08:55
206.189.146.13	attack	Feb 27 23:54:44 NPSTNNYC01T sshd[30493]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=206.189.146.13 Feb 27 23:54:45 NPSTNNYC01T sshd[30493]: Failed password for invalid user prueba from 206.189.146.13 port 50459 ssh2 Feb 27 23:57:16 NPSTNNYC01T sshd[30677]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=206.189.146.13 ...	2020-02-28 13:07:37
219.239.47.66	attackspam	Invalid user www from 219.239.47.66 port 42482	2020-02-28 10:11:51

最近上报的IP列表

5.249.147.99	120.196.65.235	46.231.230.76	12.176.40.155
208.6.142.159	31.13.31.115	223.132.132.160	149.56.101.113
107.239.234.43	31.254.80.64	62.213.54.130	98.68.152.194
60.157.25.84	50.72.146.89	226.82.29.50	0.239.132.60
14.161.14.123	31.243.160.228	82.233.52.221	94.226.159.46