103.242.13.70 - IPInfo

基本信息:

城市(city): Phnom Penh

省份(region): Phnom Penh

国家(country): Cambodia

运营商(isp): Cambodian Singmeng Telemedia Co. Ltd.

主机名(hostname): unknown

机构(organization): CAMBODIAN SINGMENG TELEMEDIA CO., LTD

使用类型(Usage Type): Fixed Line ISP

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	SSH Brute Force	2020-04-29 13:54:22
attackbotsspam	Invalid user pyke from 103.242.13.70 port 42668	2019-12-21 14:03:24
attackspam	Dec 11 02:38:36 web1 sshd\[18708\]: Invalid user terry1 from 103.242.13.70 Dec 11 02:38:36 web1 sshd\[18708\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.242.13.70 Dec 11 02:38:37 web1 sshd\[18708\]: Failed password for invalid user terry1 from 103.242.13.70 port 59780 ssh2 Dec 11 02:45:21 web1 sshd\[19407\]: Invalid user sammy@123 from 103.242.13.70 Dec 11 02:45:21 web1 sshd\[19407\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.242.13.70	2019-12-11 20:49:18
attackspambots	Automatic report - Banned IP Access	2019-11-13 02:33:44
attack	pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.242.13.70 user=root Failed password for root from 103.242.13.70 port 37324 ssh2 pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.242.13.70 user=root Failed password for root from 103.242.13.70 port 47646 ssh2 Invalid user Kaisu from 103.242.13.70 port 57988	2019-11-09 23:17:07
attackbots	Nov 3 06:46:23 apollo sshd\[21832\]: Invalid user complex from 103.242.13.70Nov 3 06:46:25 apollo sshd\[21832\]: Failed password for invalid user complex from 103.242.13.70 port 51744 ssh2Nov 3 06:51:42 apollo sshd\[21874\]: Failed password for root from 103.242.13.70 port 39910 ssh2 ...	2019-11-03 17:24:56
attackspam	SSH Brute Force	2019-11-01 12:18:04
attackbots	Oct 29 21:01:13 fr01 sshd[7513]: Invalid user admin from 103.242.13.70 Oct 29 21:01:13 fr01 sshd[7513]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.242.13.70 Oct 29 21:01:13 fr01 sshd[7513]: Invalid user admin from 103.242.13.70 Oct 29 21:01:15 fr01 sshd[7513]: Failed password for invalid user admin from 103.242.13.70 port 52624 ssh2 ...	2019-10-30 06:08:43
attackspam	pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.242.13.70 Failed password for invalid user passw0rd from 103.242.13.70 port 50496 ssh2 Invalid user Quake3arena from 103.242.13.70 port 35428 pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.242.13.70 Failed password for invalid user Quake3arena from 103.242.13.70 port 35428 ssh2	2019-10-29 04:06:20
attackspam	Oct 23 11:06:32 php1 sshd\[12686\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.242.13.70 user=root Oct 23 11:06:34 php1 sshd\[12686\]: Failed password for root from 103.242.13.70 port 58614 ssh2 Oct 23 11:11:12 php1 sshd\[13152\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.242.13.70 user=root Oct 23 11:11:15 php1 sshd\[13152\]: Failed password for root from 103.242.13.70 port 43208 ssh2 Oct 23 11:15:46 php1 sshd\[13482\]: Invalid user mailer from 103.242.13.70	2019-10-24 05:19:15
attackbotsspam	Oct 8 14:58:45 MK-Soft-Root2 sshd[6459]: Failed password for root from 103.242.13.70 port 48998 ssh2 ...	2019-10-08 21:19:09
attackbotsspam	Oct 1 18:00:53 TORMINT sshd\[1529\]: Invalid user Salomo from 103.242.13.70 Oct 1 18:00:53 TORMINT sshd\[1529\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.242.13.70 Oct 1 18:00:55 TORMINT sshd\[1529\]: Failed password for invalid user Salomo from 103.242.13.70 port 52318 ssh2 ...	2019-10-02 06:53:34
attack	Sep 27 00:08:33 hcbbdb sshd\[17103\]: Invalid user paraccel from 103.242.13.70 Sep 27 00:08:33 hcbbdb sshd\[17103\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.242.13.70 Sep 27 00:08:35 hcbbdb sshd\[17103\]: Failed password for invalid user paraccel from 103.242.13.70 port 38382 ssh2 Sep 27 00:13:34 hcbbdb sshd\[17705\]: Invalid user team from 103.242.13.70 Sep 27 00:13:34 hcbbdb sshd\[17705\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.242.13.70	2019-09-27 08:29:10
attackbots	Sep 14 22:24:46 cp sshd[2918]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.242.13.70	2019-09-15 06:37:09
attack	Sep 9 06:22:22 hcbb sshd\[6533\]: Invalid user nagios from 103.242.13.70 Sep 9 06:22:22 hcbb sshd\[6533\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.242.13.70 Sep 9 06:22:23 hcbb sshd\[6533\]: Failed password for invalid user nagios from 103.242.13.70 port 58516 ssh2 Sep 9 06:29:30 hcbb sshd\[8016\]: Invalid user ftpuser from 103.242.13.70 Sep 9 06:29:30 hcbb sshd\[8016\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.242.13.70	2019-09-10 00:37:13
attackbotsspam	Sep 9 02:33:35 areeb-Workstation sshd[1736]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.242.13.70 Sep 9 02:33:37 areeb-Workstation sshd[1736]: Failed password for invalid user ftp123 from 103.242.13.70 port 37216 ssh2 ...	2019-09-09 05:12:34
attackbots	Sep 5 01:59:41 web1 sshd\[884\]: Invalid user vbox from 103.242.13.70 Sep 5 01:59:41 web1 sshd\[884\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.242.13.70 Sep 5 01:59:43 web1 sshd\[884\]: Failed password for invalid user vbox from 103.242.13.70 port 39468 ssh2 Sep 5 02:06:27 web1 sshd\[1525\]: Invalid user testuser from 103.242.13.70 Sep 5 02:06:27 web1 sshd\[1525\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.242.13.70	2019-09-06 01:40:53
attackbots	Aug 20 01:22:08 h2177944 sshd\[9459\]: Invalid user steam from 103.242.13.70 port 50580 Aug 20 01:22:08 h2177944 sshd\[9459\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.242.13.70 Aug 20 01:22:10 h2177944 sshd\[9459\]: Failed password for invalid user steam from 103.242.13.70 port 50580 ssh2 Aug 20 01:27:05 h2177944 sshd\[9644\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.242.13.70 user=root ...	2019-08-20 11:05:09
attack	Aug 14 21:40:44 * sshd[19497]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.242.13.70 Aug 14 21:40:46 * sshd[19497]: Failed password for invalid user uftp from 103.242.13.70 port 49194 ssh2	2019-08-15 04:09:50
attackbots	2019-07-31T21:27:58.592270abusebot-8.cloudsearch.cf sshd\[14530\]: Invalid user fr from 103.242.13.70 port 57404	2019-08-01 06:17:13
attackbotsspam	Jul 10 19:07:48 animalibera sshd[23556]: Failed password for root from 103.242.13.70 port 42152 ssh2 Jul 10 19:09:32 animalibera sshd[23982]: Invalid user maria from 103.242.13.70 port 59150 Jul 10 19:09:32 animalibera sshd[23982]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.242.13.70 Jul 10 19:09:32 animalibera sshd[23982]: Invalid user maria from 103.242.13.70 port 59150 Jul 10 19:09:34 animalibera sshd[23982]: Failed password for invalid user maria from 103.242.13.70 port 59150 ssh2 ...	2019-07-11 03:38:05
attackbots	Invalid user ethos from 103.242.13.70 port 35064	2019-06-30 01:08:06

相同子网IP讨论:

IP	类型	评论内容	时间
103.242.134.56	attack	212.218.19.43 103.242.134.56 [25/May/2020:22:19:50 +0200] "GET /scripts/setup.php HTTP/1.1" 301 546 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/64.0.3282.140 Safari/537.36" 212.218.19.43 103.242.134.56 [25/May/2020:22:19:50 +0200] "GET /phpmyadmin/scripts/setup.php HTTP/1.1" 301 568 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/64.0.3282.140 Safari/537.36" 212.218.19.43 103.242.134.56 [25/May/2020:22:19:50 +0200] "GET /phpMyAdmin/scripts/setup.php HTTP/1.1" 301 568 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/64.0.3282.140 Safari/537.36"	2020-05-26 05:24:22

类型

评论内容

时间

103.242.134.56

attack

212.218.19.43 103.242.134.56 [25/May/2020:22:19:50 +0200] "GET /scripts/setup.php HTTP/1.1" 301 546 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/64.0.3282.140 Safari/537.36"
212.218.19.43 103.242.134.56 [25/May/2020:22:19:50 +0200] "GET /phpmyadmin/scripts/setup.php HTTP/1.1" 301 568 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/64.0.3282.140 Safari/537.36"
212.218.19.43 103.242.134.56 [25/May/2020:22:19:50 +0200] "GET /phpMyAdmin/scripts/setup.php HTTP/1.1" 301 568 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/64.0.3282.140 Safari/537.36"

2020-05-26 05:24:22

WHOIS信息:

DIG信息:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 103.242.13.70
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 3583
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;103.242.13.70.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019041201 1800 900 604800 86400

;; Query time: 12 msec
;; SERVER: 67.207.67.3#53(67.207.67.3)
;; WHEN: Sat Apr 13 10:22:12 +08 2019
;; MSG SIZE  rcvd: 117

HOST信息:

Host 70.13.242.103.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 70.13.242.103.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
89.205.124.43	attack	WP sniffing	2019-09-04 16:11:16
35.225.122.90	attack	Sep 3 20:12:34 web1 sshd\[23778\]: Invalid user qiang from 35.225.122.90 Sep 3 20:12:34 web1 sshd\[23778\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=35.225.122.90 Sep 3 20:12:36 web1 sshd\[23778\]: Failed password for invalid user qiang from 35.225.122.90 port 33344 ssh2 Sep 3 20:16:35 web1 sshd\[24141\]: Invalid user etownsley from 35.225.122.90 Sep 3 20:16:35 web1 sshd\[24141\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=35.225.122.90	2019-09-04 16:00:09
106.12.88.32	attackspam	Sep 4 09:20:43 vps691689 sshd[27451]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.88.32 Sep 4 09:20:45 vps691689 sshd[27451]: Failed password for invalid user developer from 106.12.88.32 port 46338 ssh2 Sep 4 09:25:45 vps691689 sshd[27526]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.88.32 ...	2019-09-04 15:29:19
183.88.225.4	attackbotsspam	3389/tcp 3389/tcp [2019-07-25/09-04]2pkt	2019-09-04 15:45:55
51.68.123.198	attackbotsspam	Sep 4 01:26:34 ny01 sshd[17252]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.68.123.198 Sep 4 01:26:35 ny01 sshd[17252]: Failed password for invalid user zonaWifi from 51.68.123.198 port 51370 ssh2 Sep 4 01:30:51 ny01 sshd[18098]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.68.123.198	2019-09-04 15:47:35
181.30.27.11	attackbots	Sep 4 06:44:46 www2 sshd\[25464\]: Failed password for root from 181.30.27.11 port 52108 ssh2Sep 4 06:50:53 www2 sshd\[26526\]: Invalid user postgres from 181.30.27.11Sep 4 06:50:55 www2 sshd\[26526\]: Failed password for invalid user postgres from 181.30.27.11 port 46494 ssh2 ...	2019-09-04 15:36:46
114.33.154.237	attackspam	23/tcp 23/tcp 23/tcp [2019-07-21/09-04]3pkt	2019-09-04 15:40:51
188.131.228.31	attackspambots	Sep 3 21:31:01 web9 sshd\[17129\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=188.131.228.31 user=root Sep 3 21:31:03 web9 sshd\[17129\]: Failed password for root from 188.131.228.31 port 60658 ssh2 Sep 3 21:38:03 web9 sshd\[18614\]: Invalid user kms from 188.131.228.31 Sep 3 21:38:03 web9 sshd\[18614\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=188.131.228.31 Sep 3 21:38:05 web9 sshd\[18614\]: Failed password for invalid user kms from 188.131.228.31 port 48948 ssh2	2019-09-04 15:53:03
142.44.146.140	attackspambots	B: /wp-login.php attack	2019-09-04 15:52:03
134.175.154.93	attackspambots	Sep 3 21:53:20 wbs sshd\[9180\]: Invalid user decker from 134.175.154.93 Sep 3 21:53:20 wbs sshd\[9180\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.175.154.93 Sep 3 21:53:22 wbs sshd\[9180\]: Failed password for invalid user decker from 134.175.154.93 port 35216 ssh2 Sep 3 21:58:43 wbs sshd\[9643\]: Invalid user file from 134.175.154.93 Sep 3 21:58:43 wbs sshd\[9643\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.175.154.93	2019-09-04 16:15:10
67.207.86.134	attack	Sep 3 20:36:35 eddieflores sshd\[7475\]: Invalid user soporte from 67.207.86.134 Sep 3 20:36:35 eddieflores sshd\[7475\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=67.207.86.134 Sep 3 20:36:37 eddieflores sshd\[7475\]: Failed password for invalid user soporte from 67.207.86.134 port 40604 ssh2 Sep 3 20:40:33 eddieflores sshd\[7975\]: Invalid user cloud from 67.207.86.134 Sep 3 20:40:33 eddieflores sshd\[7975\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=67.207.86.134	2019-09-04 15:59:12
18.27.197.252	attack	Sep 3 22:00:55 web9 sshd\[23325\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=18.27.197.252 user=root Sep 3 22:00:58 web9 sshd\[23325\]: Failed password for root from 18.27.197.252 port 37806 ssh2 Sep 3 22:01:00 web9 sshd\[23325\]: Failed password for root from 18.27.197.252 port 37806 ssh2 Sep 3 22:01:03 web9 sshd\[23325\]: Failed password for root from 18.27.197.252 port 37806 ssh2 Sep 3 22:01:05 web9 sshd\[23325\]: Failed password for root from 18.27.197.252 port 37806 ssh2	2019-09-04 16:12:47
91.225.122.58	attackspam	Sep 4 06:36:41 markkoudstaal sshd[12797]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=91.225.122.58 Sep 4 06:36:43 markkoudstaal sshd[12797]: Failed password for invalid user ts2 from 91.225.122.58 port 48536 ssh2 Sep 4 06:41:28 markkoudstaal sshd[13324]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=91.225.122.58	2019-09-04 16:16:53
185.220.102.8	attackbots	Sep 4 09:43:57 icinga sshd[12799]: Failed password for root from 185.220.102.8 port 37959 ssh2 Sep 4 09:44:09 icinga sshd[12799]: error: maximum authentication attempts exceeded for root from 185.220.102.8 port 37959 ssh2 [preauth] ...	2019-09-04 15:56:58
80.82.65.105	attack	Port Scan detected from 80.82.65.105 (NL/Netherlands/no-reverse-dns-configured.com). 4 hits in the last 70 seconds	2019-09-04 15:54:35

最近上报的IP列表

111.119.217.74	73.93.102.54	58.87.72.113	75.128.209.158
190.186.55.91	18.188.141.38	217.41.31.72	178.128.214.174
162.243.158.198	139.162.111.98	118.24.157.127	51.77.148.140
182.162.143.236	68.183.231.174	115.47.160.19	49.88.160.164
181.28.244.92	218.88.22.112	80.211.3.119	71.6.142.85