103.242.13.70 - IPInfo

基本信息:

城市(city): Phnom Penh

省份(region): Phnom Penh

国家(country): Cambodia

运营商(isp): Cambodian Singmeng Telemedia Co. Ltd.

主机名(hostname): unknown

机构(organization): CAMBODIAN SINGMENG TELEMEDIA CO., LTD

使用类型(Usage Type): Fixed Line ISP

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	SSH Brute Force	2020-04-29 13:54:22
attackbotsspam	Invalid user pyke from 103.242.13.70 port 42668	2019-12-21 14:03:24
attackspam	Dec 11 02:38:36 web1 sshd\[18708\]: Invalid user terry1 from 103.242.13.70 Dec 11 02:38:36 web1 sshd\[18708\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.242.13.70 Dec 11 02:38:37 web1 sshd\[18708\]: Failed password for invalid user terry1 from 103.242.13.70 port 59780 ssh2 Dec 11 02:45:21 web1 sshd\[19407\]: Invalid user sammy@123 from 103.242.13.70 Dec 11 02:45:21 web1 sshd\[19407\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.242.13.70	2019-12-11 20:49:18
attackspambots	Automatic report - Banned IP Access	2019-11-13 02:33:44
attack	pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.242.13.70 user=root Failed password for root from 103.242.13.70 port 37324 ssh2 pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.242.13.70 user=root Failed password for root from 103.242.13.70 port 47646 ssh2 Invalid user Kaisu from 103.242.13.70 port 57988	2019-11-09 23:17:07
attackbots	Nov 3 06:46:23 apollo sshd\[21832\]: Invalid user complex from 103.242.13.70Nov 3 06:46:25 apollo sshd\[21832\]: Failed password for invalid user complex from 103.242.13.70 port 51744 ssh2Nov 3 06:51:42 apollo sshd\[21874\]: Failed password for root from 103.242.13.70 port 39910 ssh2 ...	2019-11-03 17:24:56
attackspam	SSH Brute Force	2019-11-01 12:18:04
attackbots	Oct 29 21:01:13 fr01 sshd[7513]: Invalid user admin from 103.242.13.70 Oct 29 21:01:13 fr01 sshd[7513]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.242.13.70 Oct 29 21:01:13 fr01 sshd[7513]: Invalid user admin from 103.242.13.70 Oct 29 21:01:15 fr01 sshd[7513]: Failed password for invalid user admin from 103.242.13.70 port 52624 ssh2 ...	2019-10-30 06:08:43
attackspam	pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.242.13.70 Failed password for invalid user passw0rd from 103.242.13.70 port 50496 ssh2 Invalid user Quake3arena from 103.242.13.70 port 35428 pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.242.13.70 Failed password for invalid user Quake3arena from 103.242.13.70 port 35428 ssh2	2019-10-29 04:06:20
attackspam	Oct 23 11:06:32 php1 sshd\[12686\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.242.13.70 user=root Oct 23 11:06:34 php1 sshd\[12686\]: Failed password for root from 103.242.13.70 port 58614 ssh2 Oct 23 11:11:12 php1 sshd\[13152\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.242.13.70 user=root Oct 23 11:11:15 php1 sshd\[13152\]: Failed password for root from 103.242.13.70 port 43208 ssh2 Oct 23 11:15:46 php1 sshd\[13482\]: Invalid user mailer from 103.242.13.70	2019-10-24 05:19:15
attackbotsspam	Oct 8 14:58:45 MK-Soft-Root2 sshd[6459]: Failed password for root from 103.242.13.70 port 48998 ssh2 ...	2019-10-08 21:19:09
attackbotsspam	Oct 1 18:00:53 TORMINT sshd\[1529\]: Invalid user Salomo from 103.242.13.70 Oct 1 18:00:53 TORMINT sshd\[1529\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.242.13.70 Oct 1 18:00:55 TORMINT sshd\[1529\]: Failed password for invalid user Salomo from 103.242.13.70 port 52318 ssh2 ...	2019-10-02 06:53:34
attack	Sep 27 00:08:33 hcbbdb sshd\[17103\]: Invalid user paraccel from 103.242.13.70 Sep 27 00:08:33 hcbbdb sshd\[17103\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.242.13.70 Sep 27 00:08:35 hcbbdb sshd\[17103\]: Failed password for invalid user paraccel from 103.242.13.70 port 38382 ssh2 Sep 27 00:13:34 hcbbdb sshd\[17705\]: Invalid user team from 103.242.13.70 Sep 27 00:13:34 hcbbdb sshd\[17705\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.242.13.70	2019-09-27 08:29:10
attackbots	Sep 14 22:24:46 cp sshd[2918]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.242.13.70	2019-09-15 06:37:09
attack	Sep 9 06:22:22 hcbb sshd\[6533\]: Invalid user nagios from 103.242.13.70 Sep 9 06:22:22 hcbb sshd\[6533\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.242.13.70 Sep 9 06:22:23 hcbb sshd\[6533\]: Failed password for invalid user nagios from 103.242.13.70 port 58516 ssh2 Sep 9 06:29:30 hcbb sshd\[8016\]: Invalid user ftpuser from 103.242.13.70 Sep 9 06:29:30 hcbb sshd\[8016\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.242.13.70	2019-09-10 00:37:13
attackbotsspam	Sep 9 02:33:35 areeb-Workstation sshd[1736]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.242.13.70 Sep 9 02:33:37 areeb-Workstation sshd[1736]: Failed password for invalid user ftp123 from 103.242.13.70 port 37216 ssh2 ...	2019-09-09 05:12:34
attackbots	Sep 5 01:59:41 web1 sshd\[884\]: Invalid user vbox from 103.242.13.70 Sep 5 01:59:41 web1 sshd\[884\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.242.13.70 Sep 5 01:59:43 web1 sshd\[884\]: Failed password for invalid user vbox from 103.242.13.70 port 39468 ssh2 Sep 5 02:06:27 web1 sshd\[1525\]: Invalid user testuser from 103.242.13.70 Sep 5 02:06:27 web1 sshd\[1525\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.242.13.70	2019-09-06 01:40:53
attackbots	Aug 20 01:22:08 h2177944 sshd\[9459\]: Invalid user steam from 103.242.13.70 port 50580 Aug 20 01:22:08 h2177944 sshd\[9459\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.242.13.70 Aug 20 01:22:10 h2177944 sshd\[9459\]: Failed password for invalid user steam from 103.242.13.70 port 50580 ssh2 Aug 20 01:27:05 h2177944 sshd\[9644\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.242.13.70 user=root ...	2019-08-20 11:05:09
attack	Aug 14 21:40:44 * sshd[19497]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.242.13.70 Aug 14 21:40:46 * sshd[19497]: Failed password for invalid user uftp from 103.242.13.70 port 49194 ssh2	2019-08-15 04:09:50
attackbots	2019-07-31T21:27:58.592270abusebot-8.cloudsearch.cf sshd\[14530\]: Invalid user fr from 103.242.13.70 port 57404	2019-08-01 06:17:13
attackbotsspam	Jul 10 19:07:48 animalibera sshd[23556]: Failed password for root from 103.242.13.70 port 42152 ssh2 Jul 10 19:09:32 animalibera sshd[23982]: Invalid user maria from 103.242.13.70 port 59150 Jul 10 19:09:32 animalibera sshd[23982]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.242.13.70 Jul 10 19:09:32 animalibera sshd[23982]: Invalid user maria from 103.242.13.70 port 59150 Jul 10 19:09:34 animalibera sshd[23982]: Failed password for invalid user maria from 103.242.13.70 port 59150 ssh2 ...	2019-07-11 03:38:05
attackbots	Invalid user ethos from 103.242.13.70 port 35064	2019-06-30 01:08:06

相同子网IP讨论:

IP	类型	评论内容	时间
103.242.134.56	attack	212.218.19.43 103.242.134.56 [25/May/2020:22:19:50 +0200] "GET /scripts/setup.php HTTP/1.1" 301 546 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/64.0.3282.140 Safari/537.36" 212.218.19.43 103.242.134.56 [25/May/2020:22:19:50 +0200] "GET /phpmyadmin/scripts/setup.php HTTP/1.1" 301 568 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/64.0.3282.140 Safari/537.36" 212.218.19.43 103.242.134.56 [25/May/2020:22:19:50 +0200] "GET /phpMyAdmin/scripts/setup.php HTTP/1.1" 301 568 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/64.0.3282.140 Safari/537.36"	2020-05-26 05:24:22

类型

评论内容

时间

103.242.134.56

attack

212.218.19.43 103.242.134.56 [25/May/2020:22:19:50 +0200] "GET /scripts/setup.php HTTP/1.1" 301 546 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/64.0.3282.140 Safari/537.36"
212.218.19.43 103.242.134.56 [25/May/2020:22:19:50 +0200] "GET /phpmyadmin/scripts/setup.php HTTP/1.1" 301 568 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/64.0.3282.140 Safari/537.36"
212.218.19.43 103.242.134.56 [25/May/2020:22:19:50 +0200] "GET /phpMyAdmin/scripts/setup.php HTTP/1.1" 301 568 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/64.0.3282.140 Safari/537.36"

2020-05-26 05:24:22

WHOIS信息:

DIG信息:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 103.242.13.70
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 3583
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;103.242.13.70.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019041201 1800 900 604800 86400

;; Query time: 12 msec
;; SERVER: 67.207.67.3#53(67.207.67.3)
;; WHEN: Sat Apr 13 10:22:12 +08 2019
;; MSG SIZE  rcvd: 117

HOST信息:

Host 70.13.242.103.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 70.13.242.103.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
46.101.27.6	attackbotsspam	Oct 1 08:08:05 work-partkepr sshd\[18816\]: Invalid user oracle from 46.101.27.6 port 40642 Oct 1 08:08:05 work-partkepr sshd\[18816\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=46.101.27.6 ...	2019-10-01 16:18:45
92.222.34.211	attackspam	Oct 1 10:48:01 lnxweb61 sshd[18190]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=92.222.34.211	2019-10-01 16:57:58
126.4.113.186	attack	Unauthorised access (Oct 1) SRC=126.4.113.186 LEN=40 TTL=52 ID=40309 TCP DPT=8080 WINDOW=53349 SYN Unauthorised access (Oct 1) SRC=126.4.113.186 LEN=40 TTL=52 ID=61450 TCP DPT=8080 WINDOW=53349 SYN Unauthorised access (Sep 30) SRC=126.4.113.186 LEN=40 TTL=52 ID=28827 TCP DPT=8080 WINDOW=53349 SYN	2019-10-01 16:55:20
222.186.175.216	attack	SSH scan ::	2019-10-01 16:40:13
185.211.245.198	attackbots	Oct 1 10:13:21 vmanager6029 postfix/smtpd\[18882\]: warning: unknown\[185.211.245.198\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 1 10:13:29 vmanager6029 postfix/smtpd\[18882\]: warning: unknown\[185.211.245.198\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6	2019-10-01 16:17:53
104.238.120.2	attackbotsspam	fail2ban honeypot	2019-10-01 16:37:29
95.224.5.20	attackbots	Attempt to attack host OS, exploiting network vulnerabilities, on 01-10-2019 04:50:22.	2019-10-01 16:27:26
82.210.161.64	attack		2019-10-01 16:54:01
45.136.109.199	attack	firewall-block, port(s): 6859/tcp, 7216/tcp	2019-10-01 16:47:22
211.239.121.27	attack	Sep 30 22:46:22 kapalua sshd\[13676\]: Invalid user swpro from 211.239.121.27 Sep 30 22:46:22 kapalua sshd\[13676\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=211.239.121.27 Sep 30 22:46:25 kapalua sshd\[13676\]: Failed password for invalid user swpro from 211.239.121.27 port 45132 ssh2 Sep 30 22:51:13 kapalua sshd\[14093\]: Invalid user tai from 211.239.121.27 Sep 30 22:51:13 kapalua sshd\[14093\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=211.239.121.27	2019-10-01 16:53:27
222.186.42.241	attack	"Fail2Ban detected SSH brute force attempt"	2019-10-01 16:26:24
116.213.55.228	attackspam	Attempt to attack host OS, exploiting network vulnerabilities, on 01-10-2019 04:50:18.	2019-10-01 16:33:49
209.17.97.50	attackspambots	Scanning random ports - tries to find possible vulnerable services	2019-10-01 16:26:43
220.121.58.55	attackspam	Oct 1 05:30:26 venus sshd\[16022\]: Invalid user urias123 from 220.121.58.55 port 39284 Oct 1 05:30:26 venus sshd\[16022\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=220.121.58.55 Oct 1 05:30:28 venus sshd\[16022\]: Failed password for invalid user urias123 from 220.121.58.55 port 39284 ssh2 ...	2019-10-01 16:49:32
62.75.145.134	attackbotsspam	(sshd) Failed SSH login from 62.75.145.134 (FR/France/studynjoy.at): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Oct 1 05:22:07 server2 sshd[26357]: Invalid user test from 62.75.145.134 port 56240 Oct 1 05:22:09 server2 sshd[26357]: Failed password for invalid user test from 62.75.145.134 port 56240 ssh2 Oct 1 05:31:30 server2 sshd[27079]: Failed password for root from 62.75.145.134 port 33110 ssh2 Oct 1 05:49:54 server2 sshd[28344]: Invalid user test from 62.75.145.134 port 37940 Oct 1 05:49:56 server2 sshd[28344]: Failed password for invalid user test from 62.75.145.134 port 37940 ssh2	2019-10-01 16:56:51

最近上报的IP列表

111.119.217.74	73.93.102.54	58.87.72.113	75.128.209.158
190.186.55.91	18.188.141.38	217.41.31.72	178.128.214.174
162.243.158.198	139.162.111.98	118.24.157.127	51.77.148.140
182.162.143.236	68.183.231.174	115.47.160.19	49.88.160.164
181.28.244.92	218.88.22.112	80.211.3.119	71.6.142.85