220.130.10.13 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Taiwan, Province of China

运营商(isp): Chunghwa Telecom Co. Ltd.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	SSH login attempts.	2020-10-13 21:03:44
attackspambots	2020-10-13T06:25:11.316425n23.at sshd[1556927]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=220.130.10.13 2020-10-13T06:25:11.308324n23.at sshd[1556927]: Invalid user arts from 220.130.10.13 port 45992 2020-10-13T06:25:13.477045n23.at sshd[1556927]: Failed password for invalid user arts from 220.130.10.13 port 45992 ssh2 ...	2020-10-13 12:31:26
attackspambots	SSH Brute Force	2020-10-13 05:20:49
attackbots	Sep 19 16:52:09 ns382633 sshd\[25287\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=220.130.10.13 user=root Sep 19 16:52:11 ns382633 sshd\[25287\]: Failed password for root from 220.130.10.13 port 55104 ssh2 Sep 19 16:55:42 ns382633 sshd\[25998\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=220.130.10.13 user=root Sep 19 16:55:45 ns382633 sshd\[25998\]: Failed password for root from 220.130.10.13 port 48878 ssh2 Sep 19 16:58:26 ns382633 sshd\[26301\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=220.130.10.13 user=root	2020-09-20 02:42:09
attackspambots	Sep 19 02:51:08 dignus sshd[3420]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=220.130.10.13 user=root Sep 19 02:51:09 dignus sshd[3420]: Failed password for root from 220.130.10.13 port 40758 ssh2 Sep 19 02:55:08 dignus sshd[3881]: Invalid user minecraft from 220.130.10.13 port 49590 Sep 19 02:55:08 dignus sshd[3881]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=220.130.10.13 Sep 19 02:55:10 dignus sshd[3881]: Failed password for invalid user minecraft from 220.130.10.13 port 49590 ssh2 ...	2020-09-19 18:38:51
attackbots	(sshd) Failed SSH login from 220.130.10.13 (TW/Taiwan/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Sep 3 10:23:44 vps sshd[28134]: Failed password for root from 220.130.10.13 port 49116 ssh2 Sep 3 10:29:21 vps sshd[30857]: Invalid user cui from 220.130.10.13 port 53392 Sep 3 10:29:23 vps sshd[30857]: Failed password for invalid user cui from 220.130.10.13 port 53392 ssh2 Sep 3 10:30:39 vps sshd[31343]: Invalid user anisa from 220.130.10.13 port 44146 Sep 3 10:30:41 vps sshd[31343]: Failed password for invalid user anisa from 220.130.10.13 port 44146 ssh2	2020-09-03 20:26:09
attackbots	Sep 3 06:10:24 haigwepa sshd[21514]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=220.130.10.13 Sep 3 06:10:26 haigwepa sshd[21514]: Failed password for invalid user ftpuser from 220.130.10.13 port 58384 ssh2 ...	2020-09-03 12:11:02
attackspam	Sep 2 20:36:33 electroncash sshd[43522]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=220.130.10.13 Sep 2 20:36:33 electroncash sshd[43522]: Invalid user cactiuser from 220.130.10.13 port 49684 Sep 2 20:36:35 electroncash sshd[43522]: Failed password for invalid user cactiuser from 220.130.10.13 port 49684 ssh2 Sep 2 20:40:18 electroncash sshd[44513]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=220.130.10.13 user=root Sep 2 20:40:20 electroncash sshd[44513]: Failed password for root from 220.130.10.13 port 54456 ssh2 ...	2020-09-03 04:30:10
attack	Aug 28 20:17:56 meumeu sshd[527652]: Invalid user nominatim from 220.130.10.13 port 33172 Aug 28 20:17:56 meumeu sshd[527652]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=220.130.10.13 Aug 28 20:17:56 meumeu sshd[527652]: Invalid user nominatim from 220.130.10.13 port 33172 Aug 28 20:17:58 meumeu sshd[527652]: Failed password for invalid user nominatim from 220.130.10.13 port 33172 ssh2 Aug 28 20:21:26 meumeu sshd[527845]: Invalid user daf from 220.130.10.13 port 34912 Aug 28 20:21:26 meumeu sshd[527845]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=220.130.10.13 Aug 28 20:21:26 meumeu sshd[527845]: Invalid user daf from 220.130.10.13 port 34912 Aug 28 20:21:27 meumeu sshd[527845]: Failed password for invalid user daf from 220.130.10.13 port 34912 ssh2 Aug 28 20:24:48 meumeu sshd[528014]: Invalid user aneta from 220.130.10.13 port 36652 ...	2020-08-29 02:39:08
attackbots	Aug 26 23:53:17 ns3033917 sshd[31436]: Invalid user ryp from 220.130.10.13 port 46158 Aug 26 23:53:19 ns3033917 sshd[31436]: Failed password for invalid user ryp from 220.130.10.13 port 46158 ssh2 Aug 27 00:01:53 ns3033917 sshd[31481]: Invalid user pim from 220.130.10.13 port 34624 ...	2020-08-27 09:24:29
attack	Aug 25 14:28:57 sip sshd[1419743]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=220.130.10.13 Aug 25 14:28:57 sip sshd[1419743]: Invalid user admin from 220.130.10.13 port 32796 Aug 25 14:28:59 sip sshd[1419743]: Failed password for invalid user admin from 220.130.10.13 port 32796 ssh2 ...	2020-08-26 03:32:07
attackspambots	Aug 23 18:57:46 db sshd[23371]: Invalid user rakesh from 220.130.10.13 port 47288 ...	2020-08-24 00:59:03
attack	$f2bV_matches	2020-08-18 19:07:29
attackbots	Aug 17 15:24:33 vps639187 sshd\[25677\]: Invalid user hyperic from 220.130.10.13 port 43472 Aug 17 15:24:33 vps639187 sshd\[25677\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=220.130.10.13 Aug 17 15:24:35 vps639187 sshd\[25677\]: Failed password for invalid user hyperic from 220.130.10.13 port 43472 ssh2 ...	2020-08-17 21:46:51
attackspambots	Aug 16 07:08:02 lnxded63 sshd[27785]: Failed password for root from 220.130.10.13 port 45304 ssh2 Aug 16 07:13:01 lnxded63 sshd[28243]: Failed password for root from 220.130.10.13 port 45026 ssh2	2020-08-16 13:30:37
attack	2020-08-14T11:42:37.261938+02:00 sshd[24332]: Failed password for root from 220.130.10.13 port 50010 ssh2	2020-08-14 18:10:59
attackspam	Aug 10 17:07:18 gw1 sshd[30977]: Failed password for root from 220.130.10.13 port 47382 ssh2 ...	2020-08-10 20:24:01
attack	SSH brutforce	2020-08-09 05:53:37
attackbotsspam	$f2bV_matches	2020-08-08 08:12:27
attack	Aug 1 13:45:22 vserver sshd\[30488\]: Failed password for root from 220.130.10.13 port 48400 ssh2Aug 1 13:45:45 vserver sshd\[30496\]: Failed password for root from 220.130.10.13 port 41066 ssh2Aug 1 13:52:34 vserver sshd\[30619\]: Failed password for root from 220.130.10.13 port 43096 ssh2Aug 1 13:52:48 vserver sshd\[30624\]: Failed password for root from 220.130.10.13 port 53558 ssh2 ...	2020-08-01 19:58:55
attack	Jul 31 18:55:16 eventyay sshd[10639]: Failed password for root from 220.130.10.13 port 32944 ssh2 Jul 31 19:00:28 eventyay sshd[10872]: Failed password for root from 220.130.10.13 port 55670 ssh2 ...	2020-08-01 02:22:44
attackbots	Too many connections or unauthorized access detected from Arctic banned ip	2020-07-31 04:47:35
attack	2020-07-27T08:13:22.136260server.mjenks.net sshd[3822320]: Invalid user edy from 220.130.10.13 port 60304 2020-07-27T08:13:22.142038server.mjenks.net sshd[3822320]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=220.130.10.13 2020-07-27T08:13:22.136260server.mjenks.net sshd[3822320]: Invalid user edy from 220.130.10.13 port 60304 2020-07-27T08:13:23.803607server.mjenks.net sshd[3822320]: Failed password for invalid user edy from 220.130.10.13 port 60304 ssh2 2020-07-27T08:18:07.982286server.mjenks.net sshd[3822756]: Invalid user ibmadm from 220.130.10.13 port 54922 ...	2020-07-27 22:35:53
attackbotsspam	2020-07-25 03:51:37 server sshd[54720]: Failed password for invalid user lachlan from 220.130.10.13 port 38720 ssh2	2020-07-27 01:28:32
attack	$f2bV_matches	2020-07-25 17:07:44
attack	Invalid user vtl from 220.130.10.13 port 36910	2020-07-20 13:03:16
attackbotsspam	Jul 18 19:50:07 serwer sshd\[8867\]: Invalid user exit from 220.130.10.13 port 36606 Jul 18 19:50:07 serwer sshd\[8867\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=220.130.10.13 Jul 18 19:50:09 serwer sshd\[8867\]: Failed password for invalid user exit from 220.130.10.13 port 36606 ssh2 ...	2020-07-19 03:14:24
attack	Jul 16 01:54:38 itv-usvr-02 sshd[1258]: Invalid user black from 220.130.10.13 port 40302 Jul 16 01:54:38 itv-usvr-02 sshd[1258]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=220.130.10.13 Jul 16 01:54:38 itv-usvr-02 sshd[1258]: Invalid user black from 220.130.10.13 port 40302 Jul 16 01:54:41 itv-usvr-02 sshd[1258]: Failed password for invalid user black from 220.130.10.13 port 40302 ssh2 Jul 16 02:00:40 itv-usvr-02 sshd[1491]: Invalid user cust from 220.130.10.13 port 35842	2020-07-16 03:15:18
attack	Jul 12 01:13:26 firewall sshd[15841]: Invalid user silver from 220.130.10.13 Jul 12 01:13:28 firewall sshd[15841]: Failed password for invalid user silver from 220.130.10.13 port 46008 ssh2 Jul 12 01:17:33 firewall sshd[15961]: Invalid user gitlab-runner from 220.130.10.13 ...	2020-07-12 12:20:05
attackspambots	Repeated brute force against a port	2020-07-12 02:54:48

相同子网IP讨论:

IP	类型	评论内容	时间
220.130.108.212	attack	220.130.108.212 - - [19/Jul/2020:18:18:25 +0100] "POST /xmlrpc.php HTTP/1.1" 503 18211 "-" "Mozilla/5.0 (X11; Linux i686; rv:2.0.1) Gecko/20100101 Firefox/4.0.1" 220.130.108.212 - - [19/Jul/2020:18:18:27 +0100] "POST /wp-login.php HTTP/1.1" 503 18036 "-" "Mozilla/5.0 (X11; Linux i686; rv:2.0.1) Gecko/20100101 Firefox/4.0.1" 220.130.108.212 - - [19/Jul/2020:18:32:09 +0100] "POST /xmlrpc.php HTTP/1.1" 503 18270 "-" "Mozilla/5.0 (X11; Linux i686; rv:2.0.1) Gecko/20100101 Firefox/4.0.1" ...	2020-07-20 01:37:10
220.130.108.212	attackbots	220.130.108.212 - - [17/Jul/2020:09:49:40 +0100] "POST /xmlrpc.php HTTP/1.1" 503 18027 "-" "Mozilla/5.0 (X11; Linux i686; rv:2.0.1) Gecko/20100101 Firefox/4.0.1" 220.130.108.212 - - [17/Jul/2020:09:49:41 +0100] "POST /wp-login.php HTTP/1.1" 503 18027 "-" "Mozilla/5.0 (X11; Linux i686; rv:2.0.1) Gecko/20100101 Firefox/4.0.1" 220.130.108.212 - - [17/Jul/2020:10:02:59 +0100] "POST /xmlrpc.php HTTP/1.1" 503 18209 "-" "Mozilla/5.0 (X11; Linux i686; rv:2.0.1) Gecko/20100101 Firefox/4.0.1" ...	2020-07-17 17:40:57
220.130.103.13	attackspambots	TCP (SYN) 220.130.103.13:63848 -> port 23, len 40	2020-05-20 05:59:38
220.130.10.217	attack	Spam Timestamp : 18-Nov-19 06:34 BlockList Provider combined abuse (222)	2019-11-18 15:24:14
220.130.10.217	attack	Spam Timestamp : 08-Aug-19 02:49 _ BlockList Provider combined abuse _ (91)	2019-08-08 18:52:02

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 220.130.10.13
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 46044
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;220.130.10.13.			IN	A

;; AUTHORITY SECTION:
.			543	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019102100 1800 900 604800 86400

;; Query time: 52 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Oct 21 15:05:11 CST 2019
;; MSG SIZE  rcvd: 117

HOST信息:

13.10.130.220.in-addr.arpa domain name pointer 220-130-10-13.HINET-IP.hinet.net.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
13.10.130.220.in-addr.arpa	name = 220-130-10-13.HINET-IP.hinet.net.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
77.89.228.66	attack	Automatic report - Banned IP Access	2020-02-03 09:58:54
222.80.125.103	attack	Unauthorized connection attempt detected from IP address 222.80.125.103 to port 3389 [T]	2020-02-03 10:04:56
49.235.93.192	attackbots	Unauthorized connection attempt detected from IP address 49.235.93.192 to port 2220 [J]	2020-02-03 10:29:42
35.240.190.190	attackbots	WordPress login Brute force / Web App Attack on client site.	2020-02-03 10:21:09
168.90.199.248	attack	Unauthorized access detected from black listed ip!	2020-02-03 10:24:52
210.77.68.221	attackspam	Feb 3 03:18:40 sd-53420 sshd\[9774\]: User root from 210.77.68.221 not allowed because none of user's groups are listed in AllowGroups Feb 3 03:18:40 sd-53420 sshd\[9774\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=210.77.68.221 user=root Feb 3 03:18:41 sd-53420 sshd\[9774\]: Failed password for invalid user root from 210.77.68.221 port 63988 ssh2 Feb 3 03:22:23 sd-53420 sshd\[10238\]: Invalid user mckenzie from 210.77.68.221 Feb 3 03:22:23 sd-53420 sshd\[10238\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=210.77.68.221 ...	2020-02-03 10:26:07
222.187.200.229	attackspam	Feb 2 22:51:49 marvibiene sshd[24275]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.187.200.229 user=root Feb 2 22:51:50 marvibiene sshd[24275]: Failed password for root from 222.187.200.229 port 49328 ssh2 Feb 2 23:27:56 marvibiene sshd[24687]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.187.200.229 user=root Feb 2 23:27:58 marvibiene sshd[24687]: Failed password for root from 222.187.200.229 port 55804 ssh2 ...	2020-02-03 10:01:08
51.77.200.101	attack	Unauthorized connection attempt detected from IP address 51.77.200.101 to port 2220 [J]	2020-02-03 10:20:02
185.175.93.101	attackspam	Feb 3 03:09:03 debian-2gb-nbg1-2 kernel: \[2954996.304489\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=185.175.93.101 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=247 ID=9949 PROTO=TCP SPT=45007 DPT=5911 WINDOW=1024 RES=0x00 SYN URGP=0	2020-02-03 10:27:19
45.143.223.134	attack	Jan 30 05:50:46 garuda postfix/smtpd[3709]: connect from unknown[45.143.223.134] Jan 30 05:50:46 garuda postfix/smtpd[3709]: connect from unknown[45.143.223.134] Jan 30 05:50:46 garuda postfix/smtpd[3709]: warning: unknown[45.143.223.134]: SASL LOGIN authentication failed: generic failure Jan 30 05:50:46 garuda postfix/smtpd[3709]: warning: unknown[45.143.223.134]: SASL LOGIN authentication failed: generic failure Jan 30 05:50:46 garuda postfix/smtpd[3709]: lost connection after AUTH from unknown[45.143.223.134] Jan 30 05:50:46 garuda postfix/smtpd[3709]: lost connection after AUTH from unknown[45.143.223.134] Jan 30 05:50:46 garuda postfix/smtpd[3709]: disconnect from unknown[45.143.223.134] ehlo=1 auth=0/1 commands=1/2 Jan 30 05:50:46 garuda postfix/smtpd[3709]: disconnect from unknown[45.143.223.134] ehlo=1 auth=0/1 commands=1/2 Jan 30 05:50:46 garuda postfix/smtpd[3709]: connect from unknown[45.143.223.134] Jan 30 05:50:46 garuda postfix/smtpd[3709]: connect from un........ -------------------------------	2020-02-03 10:15:32
106.12.159.207	attackbotsspam	Unauthorized connection attempt detected from IP address 106.12.159.207 to port 2220 [J]	2020-02-03 10:07:27
157.230.251.115	attackspam	Unauthorized connection attempt detected from IP address 157.230.251.115 to port 2220 [J]	2020-02-03 10:36:34
81.36.9.94	attack	Lines containing failures of 81.36.9.94 Jan 28 15:38:43 s390x sshd[881]: Connection from 81.36.9.94 port 50398 on 10.42.2.18 port 22 Jan 28 15:38:43 s390x sshd[880]: Connection from 81.36.9.94 port 50392 on 10.42.2.18 port 22 Jan 28 15:38:45 s390x sshd[881]: Invalid user pi from 81.36.9.94 port 50398 Jan 28 15:38:45 s390x sshd[880]: Invalid user pi from 81.36.9.94 port 50392 Jan 28 15:38:45 s390x sshd[881]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=81.36.9.94 Jan 28 15:38:45 s390x sshd[880]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=81.36.9.94 Jan 28 15:38:47 s390x sshd[881]: Failed password for invalid user pi from 81.36.9.94 port 50398 ssh2 Jan 28 15:38:47 s390x sshd[880]: Failed password for invalid user pi from 81.36.9.94 port 50392 ssh2 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=81.36.9.94	2020-02-03 10:26:28
111.231.94.138	attackspambots	Unauthorized connection attempt detected from IP address 111.231.94.138 to port 2220 [J]	2020-02-03 10:09:46
124.230.43.78	attack	Web App Attack	2020-02-03 10:33:40

最近上报的IP列表

58.69.180.201	104.224.71.136	49.206.201.111	124.70.65.42
247.150.148.190	155.94.90.157	39.40.37.103	36.81.213.243
36.81.129.17	189.148.169.8	36.80.220.208	36.76.246.9
180.254.52.217	14.239.130.179	14.207.137.59	123.27.147.243
123.22.236.147	14.162.216.203	211.248.69.29	113.186.209.90