220.130.10.13 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Taiwan, Province of China

运营商(isp): Chunghwa Telecom Co. Ltd.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	SSH login attempts.	2020-10-13 21:03:44
attackspambots	2020-10-13T06:25:11.316425n23.at sshd[1556927]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=220.130.10.13 2020-10-13T06:25:11.308324n23.at sshd[1556927]: Invalid user arts from 220.130.10.13 port 45992 2020-10-13T06:25:13.477045n23.at sshd[1556927]: Failed password for invalid user arts from 220.130.10.13 port 45992 ssh2 ...	2020-10-13 12:31:26
attackspambots	SSH Brute Force	2020-10-13 05:20:49
attackbots	Sep 19 16:52:09 ns382633 sshd\[25287\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=220.130.10.13 user=root Sep 19 16:52:11 ns382633 sshd\[25287\]: Failed password for root from 220.130.10.13 port 55104 ssh2 Sep 19 16:55:42 ns382633 sshd\[25998\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=220.130.10.13 user=root Sep 19 16:55:45 ns382633 sshd\[25998\]: Failed password for root from 220.130.10.13 port 48878 ssh2 Sep 19 16:58:26 ns382633 sshd\[26301\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=220.130.10.13 user=root	2020-09-20 02:42:09
attackspambots	Sep 19 02:51:08 dignus sshd[3420]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=220.130.10.13 user=root Sep 19 02:51:09 dignus sshd[3420]: Failed password for root from 220.130.10.13 port 40758 ssh2 Sep 19 02:55:08 dignus sshd[3881]: Invalid user minecraft from 220.130.10.13 port 49590 Sep 19 02:55:08 dignus sshd[3881]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=220.130.10.13 Sep 19 02:55:10 dignus sshd[3881]: Failed password for invalid user minecraft from 220.130.10.13 port 49590 ssh2 ...	2020-09-19 18:38:51
attackbots	(sshd) Failed SSH login from 220.130.10.13 (TW/Taiwan/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Sep 3 10:23:44 vps sshd[28134]: Failed password for root from 220.130.10.13 port 49116 ssh2 Sep 3 10:29:21 vps sshd[30857]: Invalid user cui from 220.130.10.13 port 53392 Sep 3 10:29:23 vps sshd[30857]: Failed password for invalid user cui from 220.130.10.13 port 53392 ssh2 Sep 3 10:30:39 vps sshd[31343]: Invalid user anisa from 220.130.10.13 port 44146 Sep 3 10:30:41 vps sshd[31343]: Failed password for invalid user anisa from 220.130.10.13 port 44146 ssh2	2020-09-03 20:26:09
attackbots	Sep 3 06:10:24 haigwepa sshd[21514]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=220.130.10.13 Sep 3 06:10:26 haigwepa sshd[21514]: Failed password for invalid user ftpuser from 220.130.10.13 port 58384 ssh2 ...	2020-09-03 12:11:02
attackspam	Sep 2 20:36:33 electroncash sshd[43522]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=220.130.10.13 Sep 2 20:36:33 electroncash sshd[43522]: Invalid user cactiuser from 220.130.10.13 port 49684 Sep 2 20:36:35 electroncash sshd[43522]: Failed password for invalid user cactiuser from 220.130.10.13 port 49684 ssh2 Sep 2 20:40:18 electroncash sshd[44513]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=220.130.10.13 user=root Sep 2 20:40:20 electroncash sshd[44513]: Failed password for root from 220.130.10.13 port 54456 ssh2 ...	2020-09-03 04:30:10
attack	Aug 28 20:17:56 meumeu sshd[527652]: Invalid user nominatim from 220.130.10.13 port 33172 Aug 28 20:17:56 meumeu sshd[527652]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=220.130.10.13 Aug 28 20:17:56 meumeu sshd[527652]: Invalid user nominatim from 220.130.10.13 port 33172 Aug 28 20:17:58 meumeu sshd[527652]: Failed password for invalid user nominatim from 220.130.10.13 port 33172 ssh2 Aug 28 20:21:26 meumeu sshd[527845]: Invalid user daf from 220.130.10.13 port 34912 Aug 28 20:21:26 meumeu sshd[527845]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=220.130.10.13 Aug 28 20:21:26 meumeu sshd[527845]: Invalid user daf from 220.130.10.13 port 34912 Aug 28 20:21:27 meumeu sshd[527845]: Failed password for invalid user daf from 220.130.10.13 port 34912 ssh2 Aug 28 20:24:48 meumeu sshd[528014]: Invalid user aneta from 220.130.10.13 port 36652 ...	2020-08-29 02:39:08
attackbots	Aug 26 23:53:17 ns3033917 sshd[31436]: Invalid user ryp from 220.130.10.13 port 46158 Aug 26 23:53:19 ns3033917 sshd[31436]: Failed password for invalid user ryp from 220.130.10.13 port 46158 ssh2 Aug 27 00:01:53 ns3033917 sshd[31481]: Invalid user pim from 220.130.10.13 port 34624 ...	2020-08-27 09:24:29
attack	Aug 25 14:28:57 sip sshd[1419743]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=220.130.10.13 Aug 25 14:28:57 sip sshd[1419743]: Invalid user admin from 220.130.10.13 port 32796 Aug 25 14:28:59 sip sshd[1419743]: Failed password for invalid user admin from 220.130.10.13 port 32796 ssh2 ...	2020-08-26 03:32:07
attackspambots	Aug 23 18:57:46 db sshd[23371]: Invalid user rakesh from 220.130.10.13 port 47288 ...	2020-08-24 00:59:03
attack	$f2bV_matches	2020-08-18 19:07:29
attackbots	Aug 17 15:24:33 vps639187 sshd\[25677\]: Invalid user hyperic from 220.130.10.13 port 43472 Aug 17 15:24:33 vps639187 sshd\[25677\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=220.130.10.13 Aug 17 15:24:35 vps639187 sshd\[25677\]: Failed password for invalid user hyperic from 220.130.10.13 port 43472 ssh2 ...	2020-08-17 21:46:51
attackspambots	Aug 16 07:08:02 lnxded63 sshd[27785]: Failed password for root from 220.130.10.13 port 45304 ssh2 Aug 16 07:13:01 lnxded63 sshd[28243]: Failed password for root from 220.130.10.13 port 45026 ssh2	2020-08-16 13:30:37
attack	2020-08-14T11:42:37.261938+02:00 sshd[24332]: Failed password for root from 220.130.10.13 port 50010 ssh2	2020-08-14 18:10:59
attackspam	Aug 10 17:07:18 gw1 sshd[30977]: Failed password for root from 220.130.10.13 port 47382 ssh2 ...	2020-08-10 20:24:01
attack	SSH brutforce	2020-08-09 05:53:37
attackbotsspam	$f2bV_matches	2020-08-08 08:12:27
attack	Aug 1 13:45:22 vserver sshd\[30488\]: Failed password for root from 220.130.10.13 port 48400 ssh2Aug 1 13:45:45 vserver sshd\[30496\]: Failed password for root from 220.130.10.13 port 41066 ssh2Aug 1 13:52:34 vserver sshd\[30619\]: Failed password for root from 220.130.10.13 port 43096 ssh2Aug 1 13:52:48 vserver sshd\[30624\]: Failed password for root from 220.130.10.13 port 53558 ssh2 ...	2020-08-01 19:58:55
attack	Jul 31 18:55:16 eventyay sshd[10639]: Failed password for root from 220.130.10.13 port 32944 ssh2 Jul 31 19:00:28 eventyay sshd[10872]: Failed password for root from 220.130.10.13 port 55670 ssh2 ...	2020-08-01 02:22:44
attackbots	Too many connections or unauthorized access detected from Arctic banned ip	2020-07-31 04:47:35
attack	2020-07-27T08:13:22.136260server.mjenks.net sshd[3822320]: Invalid user edy from 220.130.10.13 port 60304 2020-07-27T08:13:22.142038server.mjenks.net sshd[3822320]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=220.130.10.13 2020-07-27T08:13:22.136260server.mjenks.net sshd[3822320]: Invalid user edy from 220.130.10.13 port 60304 2020-07-27T08:13:23.803607server.mjenks.net sshd[3822320]: Failed password for invalid user edy from 220.130.10.13 port 60304 ssh2 2020-07-27T08:18:07.982286server.mjenks.net sshd[3822756]: Invalid user ibmadm from 220.130.10.13 port 54922 ...	2020-07-27 22:35:53
attackbotsspam	2020-07-25 03:51:37 server sshd[54720]: Failed password for invalid user lachlan from 220.130.10.13 port 38720 ssh2	2020-07-27 01:28:32
attack	$f2bV_matches	2020-07-25 17:07:44
attack	Invalid user vtl from 220.130.10.13 port 36910	2020-07-20 13:03:16
attackbotsspam	Jul 18 19:50:07 serwer sshd\[8867\]: Invalid user exit from 220.130.10.13 port 36606 Jul 18 19:50:07 serwer sshd\[8867\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=220.130.10.13 Jul 18 19:50:09 serwer sshd\[8867\]: Failed password for invalid user exit from 220.130.10.13 port 36606 ssh2 ...	2020-07-19 03:14:24
attack	Jul 16 01:54:38 itv-usvr-02 sshd[1258]: Invalid user black from 220.130.10.13 port 40302 Jul 16 01:54:38 itv-usvr-02 sshd[1258]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=220.130.10.13 Jul 16 01:54:38 itv-usvr-02 sshd[1258]: Invalid user black from 220.130.10.13 port 40302 Jul 16 01:54:41 itv-usvr-02 sshd[1258]: Failed password for invalid user black from 220.130.10.13 port 40302 ssh2 Jul 16 02:00:40 itv-usvr-02 sshd[1491]: Invalid user cust from 220.130.10.13 port 35842	2020-07-16 03:15:18
attack	Jul 12 01:13:26 firewall sshd[15841]: Invalid user silver from 220.130.10.13 Jul 12 01:13:28 firewall sshd[15841]: Failed password for invalid user silver from 220.130.10.13 port 46008 ssh2 Jul 12 01:17:33 firewall sshd[15961]: Invalid user gitlab-runner from 220.130.10.13 ...	2020-07-12 12:20:05
attackspambots	Repeated brute force against a port	2020-07-12 02:54:48

相同子网IP讨论:

IP	类型	评论内容	时间
220.130.108.212	attack	220.130.108.212 - - [19/Jul/2020:18:18:25 +0100] "POST /xmlrpc.php HTTP/1.1" 503 18211 "-" "Mozilla/5.0 (X11; Linux i686; rv:2.0.1) Gecko/20100101 Firefox/4.0.1" 220.130.108.212 - - [19/Jul/2020:18:18:27 +0100] "POST /wp-login.php HTTP/1.1" 503 18036 "-" "Mozilla/5.0 (X11; Linux i686; rv:2.0.1) Gecko/20100101 Firefox/4.0.1" 220.130.108.212 - - [19/Jul/2020:18:32:09 +0100] "POST /xmlrpc.php HTTP/1.1" 503 18270 "-" "Mozilla/5.0 (X11; Linux i686; rv:2.0.1) Gecko/20100101 Firefox/4.0.1" ...	2020-07-20 01:37:10
220.130.108.212	attackbots	220.130.108.212 - - [17/Jul/2020:09:49:40 +0100] "POST /xmlrpc.php HTTP/1.1" 503 18027 "-" "Mozilla/5.0 (X11; Linux i686; rv:2.0.1) Gecko/20100101 Firefox/4.0.1" 220.130.108.212 - - [17/Jul/2020:09:49:41 +0100] "POST /wp-login.php HTTP/1.1" 503 18027 "-" "Mozilla/5.0 (X11; Linux i686; rv:2.0.1) Gecko/20100101 Firefox/4.0.1" 220.130.108.212 - - [17/Jul/2020:10:02:59 +0100] "POST /xmlrpc.php HTTP/1.1" 503 18209 "-" "Mozilla/5.0 (X11; Linux i686; rv:2.0.1) Gecko/20100101 Firefox/4.0.1" ...	2020-07-17 17:40:57
220.130.103.13	attackspambots	TCP (SYN) 220.130.103.13:63848 -> port 23, len 40	2020-05-20 05:59:38
220.130.10.217	attack	Spam Timestamp : 18-Nov-19 06:34 BlockList Provider combined abuse (222)	2019-11-18 15:24:14
220.130.10.217	attack	Spam Timestamp : 08-Aug-19 02:49 _ BlockList Provider combined abuse _ (91)	2019-08-08 18:52:02

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 220.130.10.13
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 46044
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;220.130.10.13.			IN	A

;; AUTHORITY SECTION:
.			543	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019102100 1800 900 604800 86400

;; Query time: 52 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Oct 21 15:05:11 CST 2019
;; MSG SIZE  rcvd: 117

HOST信息:

13.10.130.220.in-addr.arpa domain name pointer 220-130-10-13.HINET-IP.hinet.net.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
13.10.130.220.in-addr.arpa	name = 220-130-10-13.HINET-IP.hinet.net.

Authoritative answers can be found from:

IP	类型	评论内容	时间
83.12.171.68	attack	Jun 20 14:52:18 buvik sshd[8521]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=83.12.171.68 user=root Jun 20 14:52:21 buvik sshd[8521]: Failed password for root from 83.12.171.68 port 59658 ssh2 Jun 20 14:56:04 buvik sshd[9077]: Invalid user ivan from 83.12.171.68 ...	2020-06-20 20:57:49
175.24.14.72	attackbots	Jun 20 12:20:38 *** sshd[8448]: Invalid user ubuntu from 175.24.14.72	2020-06-20 20:44:51
185.232.65.105	attackbotsspam	Unauthorized connection attempt detected from IP address 185.232.65.105 to port 81	2020-06-20 21:10:55
222.186.173.226	attackspambots	Jun 20 14:26:33 sso sshd[19274]: Failed password for root from 222.186.173.226 port 1253 ssh2 Jun 20 14:26:37 sso sshd[19274]: Failed password for root from 222.186.173.226 port 1253 ssh2 ...	2020-06-20 20:52:09
49.86.183.103	attack	(smtpauth) Failed SMTP AUTH login from 49.86.183.103 (CN/China/-): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: 2020-06-20 16:50:05 login authenticator failed for (zpVAZ6h) [49.86.183.103]: 535 Incorrect authentication data (set_id=info)	2020-06-20 21:12:53
58.87.120.53	attackspam	SSH Brute Force	2020-06-20 21:13:47
196.52.43.103	attack	firewall-block, port(s): 1234/tcp	2020-06-20 21:05:38
138.68.242.220	attackbotsspam	Jun 20 14:12:56 minden010 sshd[31141]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.242.220 Jun 20 14:12:57 minden010 sshd[31141]: Failed password for invalid user db2inst1 from 138.68.242.220 port 52626 ssh2 Jun 20 14:20:33 minden010 sshd[3064]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.242.220 ...	2020-06-20 20:52:47
54.38.65.215	attackspambots	fail2ban	2020-06-20 20:45:12
177.177.125.63	attackbotsspam	Jun 18 23:11:42 cumulus sshd[13953]: Invalid user partner from 177.177.125.63 port 52737 Jun 18 23:11:42 cumulus sshd[13953]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=177.177.125.63 Jun 18 23:11:44 cumulus sshd[13953]: Failed password for invalid user partner from 177.177.125.63 port 52737 ssh2 Jun 18 23:11:45 cumulus sshd[13953]: Received disconnect from 177.177.125.63 port 52737:11: Bye Bye [preauth] Jun 18 23:11:45 cumulus sshd[13953]: Disconnected from 177.177.125.63 port 52737 [preauth] Jun 18 23:13:36 cumulus sshd[14105]: Invalid user hlab from 177.177.125.63 port 60001 Jun 18 23:13:36 cumulus sshd[14105]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=177.177.125.63 Jun 18 23:13:38 cumulus sshd[14105]: Failed password for invalid user hlab from 177.177.125.63 port 60001 ssh2 Jun 18 23:13:38 cumulus sshd[14105]: Received disconnect from 177.177.125.63 port 60001:11: Bye Bye [pr........ -------------------------------	2020-06-20 21:09:03
37.104.137.109	attackbotsspam	Email rejected due to spam filtering	2020-06-20 21:02:59
193.176.86.146	attackspambots	1 attempts against mh-modsecurity-ban on pluto	2020-06-20 20:57:25
45.55.177.214	attackbots	prod8 ...	2020-06-20 21:10:32
211.239.124.246	attackbotsspam	Banned for a week because repeated abuses, for example SSH, but not only	2020-06-20 20:38:04
185.143.72.27	attackspambots	2020-06-20T06:43:56.883305linuxbox-skyline auth[30196]: pam_unix(dovecot:auth): authentication failure; logname= uid=0 euid=0 tty=dovecot ruser=joann rhost=185.143.72.27 ...	2020-06-20 20:44:21

最近上报的IP列表

58.69.180.201	104.224.71.136	49.206.201.111	124.70.65.42
247.150.148.190	155.94.90.157	39.40.37.103	36.81.213.243
36.81.129.17	189.148.169.8	36.80.220.208	36.76.246.9
180.254.52.217	14.239.130.179	14.207.137.59	123.27.147.243
123.22.236.147	14.162.216.203	211.248.69.29	113.186.209.90