103.242.13.70 - IPInfo

基本信息:

城市(city): Phnom Penh

省份(region): Phnom Penh

国家(country): Cambodia

运营商(isp): Cambodian Singmeng Telemedia Co. Ltd.

主机名(hostname): unknown

机构(organization): CAMBODIAN SINGMENG TELEMEDIA CO., LTD

使用类型(Usage Type): Fixed Line ISP

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	SSH Brute Force	2020-04-29 13:54:22
attackbotsspam	Invalid user pyke from 103.242.13.70 port 42668	2019-12-21 14:03:24
attackspam	Dec 11 02:38:36 web1 sshd\[18708\]: Invalid user terry1 from 103.242.13.70 Dec 11 02:38:36 web1 sshd\[18708\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.242.13.70 Dec 11 02:38:37 web1 sshd\[18708\]: Failed password for invalid user terry1 from 103.242.13.70 port 59780 ssh2 Dec 11 02:45:21 web1 sshd\[19407\]: Invalid user sammy@123 from 103.242.13.70 Dec 11 02:45:21 web1 sshd\[19407\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.242.13.70	2019-12-11 20:49:18
attackspambots	Automatic report - Banned IP Access	2019-11-13 02:33:44
attack	pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.242.13.70 user=root Failed password for root from 103.242.13.70 port 37324 ssh2 pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.242.13.70 user=root Failed password for root from 103.242.13.70 port 47646 ssh2 Invalid user Kaisu from 103.242.13.70 port 57988	2019-11-09 23:17:07
attackbots	Nov 3 06:46:23 apollo sshd\[21832\]: Invalid user complex from 103.242.13.70Nov 3 06:46:25 apollo sshd\[21832\]: Failed password for invalid user complex from 103.242.13.70 port 51744 ssh2Nov 3 06:51:42 apollo sshd\[21874\]: Failed password for root from 103.242.13.70 port 39910 ssh2 ...	2019-11-03 17:24:56
attackspam	SSH Brute Force	2019-11-01 12:18:04
attackbots	Oct 29 21:01:13 fr01 sshd[7513]: Invalid user admin from 103.242.13.70 Oct 29 21:01:13 fr01 sshd[7513]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.242.13.70 Oct 29 21:01:13 fr01 sshd[7513]: Invalid user admin from 103.242.13.70 Oct 29 21:01:15 fr01 sshd[7513]: Failed password for invalid user admin from 103.242.13.70 port 52624 ssh2 ...	2019-10-30 06:08:43
attackspam	pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.242.13.70 Failed password for invalid user passw0rd from 103.242.13.70 port 50496 ssh2 Invalid user Quake3arena from 103.242.13.70 port 35428 pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.242.13.70 Failed password for invalid user Quake3arena from 103.242.13.70 port 35428 ssh2	2019-10-29 04:06:20
attackspam	Oct 23 11:06:32 php1 sshd\[12686\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.242.13.70 user=root Oct 23 11:06:34 php1 sshd\[12686\]: Failed password for root from 103.242.13.70 port 58614 ssh2 Oct 23 11:11:12 php1 sshd\[13152\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.242.13.70 user=root Oct 23 11:11:15 php1 sshd\[13152\]: Failed password for root from 103.242.13.70 port 43208 ssh2 Oct 23 11:15:46 php1 sshd\[13482\]: Invalid user mailer from 103.242.13.70	2019-10-24 05:19:15
attackbotsspam	Oct 8 14:58:45 MK-Soft-Root2 sshd[6459]: Failed password for root from 103.242.13.70 port 48998 ssh2 ...	2019-10-08 21:19:09
attackbotsspam	Oct 1 18:00:53 TORMINT sshd\[1529\]: Invalid user Salomo from 103.242.13.70 Oct 1 18:00:53 TORMINT sshd\[1529\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.242.13.70 Oct 1 18:00:55 TORMINT sshd\[1529\]: Failed password for invalid user Salomo from 103.242.13.70 port 52318 ssh2 ...	2019-10-02 06:53:34
attack	Sep 27 00:08:33 hcbbdb sshd\[17103\]: Invalid user paraccel from 103.242.13.70 Sep 27 00:08:33 hcbbdb sshd\[17103\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.242.13.70 Sep 27 00:08:35 hcbbdb sshd\[17103\]: Failed password for invalid user paraccel from 103.242.13.70 port 38382 ssh2 Sep 27 00:13:34 hcbbdb sshd\[17705\]: Invalid user team from 103.242.13.70 Sep 27 00:13:34 hcbbdb sshd\[17705\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.242.13.70	2019-09-27 08:29:10
attackbots	Sep 14 22:24:46 cp sshd[2918]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.242.13.70	2019-09-15 06:37:09
attack	Sep 9 06:22:22 hcbb sshd\[6533\]: Invalid user nagios from 103.242.13.70 Sep 9 06:22:22 hcbb sshd\[6533\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.242.13.70 Sep 9 06:22:23 hcbb sshd\[6533\]: Failed password for invalid user nagios from 103.242.13.70 port 58516 ssh2 Sep 9 06:29:30 hcbb sshd\[8016\]: Invalid user ftpuser from 103.242.13.70 Sep 9 06:29:30 hcbb sshd\[8016\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.242.13.70	2019-09-10 00:37:13
attackbotsspam	Sep 9 02:33:35 areeb-Workstation sshd[1736]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.242.13.70 Sep 9 02:33:37 areeb-Workstation sshd[1736]: Failed password for invalid user ftp123 from 103.242.13.70 port 37216 ssh2 ...	2019-09-09 05:12:34
attackbots	Sep 5 01:59:41 web1 sshd\[884\]: Invalid user vbox from 103.242.13.70 Sep 5 01:59:41 web1 sshd\[884\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.242.13.70 Sep 5 01:59:43 web1 sshd\[884\]: Failed password for invalid user vbox from 103.242.13.70 port 39468 ssh2 Sep 5 02:06:27 web1 sshd\[1525\]: Invalid user testuser from 103.242.13.70 Sep 5 02:06:27 web1 sshd\[1525\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.242.13.70	2019-09-06 01:40:53
attackbots	Aug 20 01:22:08 h2177944 sshd\[9459\]: Invalid user steam from 103.242.13.70 port 50580 Aug 20 01:22:08 h2177944 sshd\[9459\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.242.13.70 Aug 20 01:22:10 h2177944 sshd\[9459\]: Failed password for invalid user steam from 103.242.13.70 port 50580 ssh2 Aug 20 01:27:05 h2177944 sshd\[9644\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.242.13.70 user=root ...	2019-08-20 11:05:09
attack	Aug 14 21:40:44 * sshd[19497]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.242.13.70 Aug 14 21:40:46 * sshd[19497]: Failed password for invalid user uftp from 103.242.13.70 port 49194 ssh2	2019-08-15 04:09:50
attackbots	2019-07-31T21:27:58.592270abusebot-8.cloudsearch.cf sshd\[14530\]: Invalid user fr from 103.242.13.70 port 57404	2019-08-01 06:17:13
attackbotsspam	Jul 10 19:07:48 animalibera sshd[23556]: Failed password for root from 103.242.13.70 port 42152 ssh2 Jul 10 19:09:32 animalibera sshd[23982]: Invalid user maria from 103.242.13.70 port 59150 Jul 10 19:09:32 animalibera sshd[23982]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.242.13.70 Jul 10 19:09:32 animalibera sshd[23982]: Invalid user maria from 103.242.13.70 port 59150 Jul 10 19:09:34 animalibera sshd[23982]: Failed password for invalid user maria from 103.242.13.70 port 59150 ssh2 ...	2019-07-11 03:38:05
attackbots	Invalid user ethos from 103.242.13.70 port 35064	2019-06-30 01:08:06

相同子网IP讨论:

IP	类型	评论内容	时间
103.242.134.56	attack	212.218.19.43 103.242.134.56 [25/May/2020:22:19:50 +0200] "GET /scripts/setup.php HTTP/1.1" 301 546 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/64.0.3282.140 Safari/537.36" 212.218.19.43 103.242.134.56 [25/May/2020:22:19:50 +0200] "GET /phpmyadmin/scripts/setup.php HTTP/1.1" 301 568 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/64.0.3282.140 Safari/537.36" 212.218.19.43 103.242.134.56 [25/May/2020:22:19:50 +0200] "GET /phpMyAdmin/scripts/setup.php HTTP/1.1" 301 568 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/64.0.3282.140 Safari/537.36"	2020-05-26 05:24:22

类型

评论内容

时间

103.242.134.56

attack

212.218.19.43 103.242.134.56 [25/May/2020:22:19:50 +0200] "GET /scripts/setup.php HTTP/1.1" 301 546 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/64.0.3282.140 Safari/537.36"
212.218.19.43 103.242.134.56 [25/May/2020:22:19:50 +0200] "GET /phpmyadmin/scripts/setup.php HTTP/1.1" 301 568 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/64.0.3282.140 Safari/537.36"
212.218.19.43 103.242.134.56 [25/May/2020:22:19:50 +0200] "GET /phpMyAdmin/scripts/setup.php HTTP/1.1" 301 568 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/64.0.3282.140 Safari/537.36"

2020-05-26 05:24:22

WHOIS信息:

DIG信息:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 103.242.13.70
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 3583
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;103.242.13.70.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019041201 1800 900 604800 86400

;; Query time: 12 msec
;; SERVER: 67.207.67.3#53(67.207.67.3)
;; WHEN: Sat Apr 13 10:22:12 +08 2019
;; MSG SIZE  rcvd: 117

HOST信息:

Host 70.13.242.103.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 70.13.242.103.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
36.80.87.212	attackspam	Attempt to attack host OS, exploiting network vulnerabilities, on 11-10-2019 04:55:26.	2019-10-11 14:27:40
213.207.196.50	attack	Attempt to attack host OS, exploiting network vulnerabilities, on 11-10-2019 04:55:25.	2019-10-11 14:28:56
212.174.63.4	attack	Automatic report - Port Scan Attack	2019-10-11 14:08:04
121.16.210.211	attack	Unauthorised access (Oct 11) SRC=121.16.210.211 LEN=40 TTL=49 ID=38993 TCP DPT=8080 WINDOW=9424 SYN Unauthorised access (Oct 10) SRC=121.16.210.211 LEN=40 TTL=49 ID=51866 TCP DPT=8080 WINDOW=5115 SYN Unauthorised access (Oct 9) SRC=121.16.210.211 LEN=40 TTL=49 ID=10899 TCP DPT=8080 WINDOW=5115 SYN Unauthorised access (Oct 7) SRC=121.16.210.211 LEN=40 TTL=49 ID=35193 TCP DPT=8080 WINDOW=36404 SYN Unauthorised access (Oct 6) SRC=121.16.210.211 LEN=40 TTL=49 ID=21551 TCP DPT=8080 WINDOW=8341 SYN	2019-10-11 14:12:59
66.57.55.210	attackspam	Unauthorised access (Oct 11) SRC=66.57.55.210 LEN=44 PREC=0x20 TTL=236 ID=59342 DF TCP DPT=23 WINDOW=14600 SYN	2019-10-11 14:12:01
45.115.99.38	attackspambots	Oct 11 05:51:20 vmanager6029 sshd\[31955\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.115.99.38 user=root Oct 11 05:51:22 vmanager6029 sshd\[31955\]: Failed password for root from 45.115.99.38 port 37932 ssh2 Oct 11 05:56:00 vmanager6029 sshd\[32005\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.115.99.38 user=root	2019-10-11 14:01:24
111.231.110.80	attack	Oct 11 05:32:11 localhost sshd\[33737\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.231.110.80 user=root Oct 11 05:32:13 localhost sshd\[33737\]: Failed password for root from 111.231.110.80 port 4858 ssh2 Oct 11 05:36:35 localhost sshd\[33996\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.231.110.80 user=root Oct 11 05:36:37 localhost sshd\[33996\]: Failed password for root from 111.231.110.80 port 40378 ssh2 Oct 11 05:41:05 localhost sshd\[34256\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.231.110.80 user=root ...	2019-10-11 14:20:00
202.131.150.255	attack	Attempt to attack host OS, exploiting network vulnerabilities, on 11-10-2019 04:55:24.	2019-10-11 14:30:00
106.7.196.37	attackbotsspam	37215/tcp [2019-10-11]1pkt	2019-10-11 13:59:52
193.112.113.228	attack	Oct 11 08:01:01 vmanager6029 sshd\[2298\]: Invalid user P@rola123456 from 193.112.113.228 port 41364 Oct 11 08:01:01 vmanager6029 sshd\[2298\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=193.112.113.228 Oct 11 08:01:03 vmanager6029 sshd\[2298\]: Failed password for invalid user P@rola123456 from 193.112.113.228 port 41364 ssh2	2019-10-11 14:19:09
106.12.74.222	attackspambots	Oct 11 06:47:28 www sshd\[21991\]: Failed password for root from 106.12.74.222 port 43970 ssh2Oct 11 06:51:38 www sshd\[22168\]: Failed password for root from 106.12.74.222 port 49062 ssh2Oct 11 06:55:39 www sshd\[22325\]: Failed password for root from 106.12.74.222 port 54134 ssh2 ...	2019-10-11 14:18:48
36.79.103.37	attack	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/36.79.103.37/ ID - 1H : (27) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : ID NAME ASN : ASN7713 IP : 36.79.103.37 CIDR : 36.79.96.0/19 PREFIX COUNT : 2255 UNIQUE IP COUNT : 2765312 WYKRYTE ATAKI Z ASN7713 : 1H - 1 3H - 3 6H - 4 12H - 7 24H - 12 DateTime : 2019-10-11 05:55:39 INFO : Port Scan TELNET Detected and Blocked by ADMIN - data recovery	2019-10-11 14:18:14
188.166.117.213	attack	Oct 11 05:35:31 ncomp sshd[12279]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=188.166.117.213 user=root Oct 11 05:35:33 ncomp sshd[12279]: Failed password for root from 188.166.117.213 port 37114 ssh2 Oct 11 05:55:31 ncomp sshd[12528]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=188.166.117.213 user=root Oct 11 05:55:33 ncomp sshd[12528]: Failed password for root from 188.166.117.213 port 52892 ssh2	2019-10-11 14:21:50
35.244.2.177	attack	fail2ban honeypot	2019-10-11 14:19:32
46.166.187.141	attack	\[2019-10-11 02:08:13\] SECURITY\[1898\] res_security_log.c: SecurityEvent="FailedACL",EventTV="2019-10-11T02:08:13.626-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="0015013994810",SessionID="0x7fc3acc3d768",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/46.166.187.141/62427",ACLName="no_extension_match" \[2019-10-11 02:08:29\] SECURITY\[1898\] res_security_log.c: SecurityEvent="FailedACL",EventTV="2019-10-11T02:08:29.578-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="0012566496141",SessionID="0x7fc3ac92d138",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/46.166.187.141/54048",ACLName="no_extension_match" \[2019-10-11 02:08:30\] SECURITY\[1898\] res_security_log.c: SecurityEvent="FailedACL",EventTV="2019-10-11T02:08:30.030-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="01115013994810",SessionID="0x7fc3ac636978",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/46.166.187.141/54817",ACLName="no_exten	2019-10-11 14:09:39

最近上报的IP列表

111.119.217.74	73.93.102.54	58.87.72.113	75.128.209.158
190.186.55.91	18.188.141.38	217.41.31.72	178.128.214.174
162.243.158.198	139.162.111.98	118.24.157.127	51.77.148.140
182.162.143.236	68.183.231.174	115.47.160.19	49.88.160.164
181.28.244.92	218.88.22.112	80.211.3.119	71.6.142.85