103.39.213.242

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: Shenzhen Qianhai bird cloud computing Co. Ltd.

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspam	2020-05-24T00:28:54.359797ns386461 sshd\[12830\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.39.213.242 user=root 2020-05-24T00:28:56.273739ns386461 sshd\[12830\]: Failed password for root from 103.39.213.242 port 31753 ssh2 2020-05-24T03:12:57.525422ns386461 sshd\[774\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.39.213.242 user=root 2020-05-24T03:12:59.709543ns386461 sshd\[774\]: Failed password for root from 103.39.213.242 port 31753 ssh2 2020-05-24T05:55:54.912155ns386461 sshd\[19529\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.39.213.242 user=root ...	2020-05-24 12:24:56

Type

Details

Datetime

attackspam

2020-05-24T00:28:54.359797ns386461 sshd\[12830\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.39.213.242  user=root
2020-05-24T00:28:56.273739ns386461 sshd\[12830\]: Failed password for root from 103.39.213.242 port 31753 ssh2
2020-05-24T03:12:57.525422ns386461 sshd\[774\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.39.213.242  user=root
2020-05-24T03:12:59.709543ns386461 sshd\[774\]: Failed password for root from 103.39.213.242 port 31753 ssh2
2020-05-24T05:55:54.912155ns386461 sshd\[19529\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.39.213.242  user=root
...

2020-05-24 12:24:56

Comments on same subnet:

IP	Type	Details	Datetime
103.39.213.170	attackbots	Sep 28 10:14:32 plex-server sshd[3768203]: Invalid user factorio from 103.39.213.170 port 56456 Sep 28 10:14:32 plex-server sshd[3768203]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.39.213.170 Sep 28 10:14:32 plex-server sshd[3768203]: Invalid user factorio from 103.39.213.170 port 56456 Sep 28 10:14:34 plex-server sshd[3768203]: Failed password for invalid user factorio from 103.39.213.170 port 56456 ssh2 Sep 28 10:16:57 plex-server sshd[3769152]: Invalid user rodrigo from 103.39.213.170 port 33728 ...	2020-09-28 20:37:12
103.39.213.170	attack	Sep 28 04:27:16 vps-51d81928 sshd[433170]: Invalid user adam from 103.39.213.170 port 58402 Sep 28 04:27:16 vps-51d81928 sshd[433170]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.39.213.170 Sep 28 04:27:16 vps-51d81928 sshd[433170]: Invalid user adam from 103.39.213.170 port 58402 Sep 28 04:27:18 vps-51d81928 sshd[433170]: Failed password for invalid user adam from 103.39.213.170 port 58402 ssh2 Sep 28 04:29:20 vps-51d81928 sshd[433181]: Invalid user cai from 103.39.213.170 port 55372 ...	2020-09-28 12:43:58
103.39.213.133	attack	(sshd) Failed SSH login from 103.39.213.133 (CN/China/Guangdong/Shenzhen (Nanshan Qu)/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Sep 24 18:59:26 atlas sshd[27333]: Invalid user toto from 103.39.213.133 port 44932 Sep 24 18:59:27 atlas sshd[27333]: Failed password for invalid user toto from 103.39.213.133 port 44932 ssh2 Sep 24 19:07:37 atlas sshd[29270]: Invalid user ds from 103.39.213.133 port 42272 Sep 24 19:07:39 atlas sshd[29270]: Failed password for invalid user ds from 103.39.213.133 port 42272 ssh2 Sep 24 19:17:09 atlas sshd[31435]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.39.213.133 user=root	2020-09-25 10:36:42
103.39.213.133	attack	2020-07-29T15:40[Censored Hostname] sshd[10166]: Invalid user liyuan from 103.39.213.133 port 42770 2020-07-29T15:40[Censored Hostname] sshd[10166]: Failed password for invalid user liyuan from 103.39.213.133 port 42770 ssh2 2020-07-29T15:46[Censored Hostname] sshd[13256]: Invalid user xuzhendong from 103.39.213.133 port 46304[...]	2020-07-30 00:15:30
103.39.213.133	attack	Fail2Ban - SSH Bruteforce Attempt	2020-07-04 08:58:49
103.39.213.133	attackspambots	Jun 16 17:48:13 ws22vmsma01 sshd[127322]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.39.213.133 Jun 16 17:48:15 ws22vmsma01 sshd[127322]: Failed password for invalid user gta from 103.39.213.133 port 48326 ssh2 ...	2020-06-17 05:10:48
103.39.213.133	attack	Jun 3 21:13:44 cdc sshd[16611]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.39.213.133 user=root Jun 3 21:13:46 cdc sshd[16611]: Failed password for invalid user root from 103.39.213.133 port 51962 ssh2	2020-06-04 06:47:48
103.39.213.133	attackbotsspam	Apr 19 23:03:52 haigwepa sshd[28179]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.39.213.133 Apr 19 23:03:53 haigwepa sshd[28179]: Failed password for invalid user pk from 103.39.213.133 port 38696 ssh2 ...	2020-04-20 05:17:36
103.39.213.211	attackspam	Invalid user stephanie from 103.39.213.211 port 47788	2020-03-28 16:51:37
103.39.213.211	attackbotsspam	Invalid user stephanie from 103.39.213.211 port 47788	2020-03-25 02:13:14
103.39.213.211	attackbotsspam	Mar 23 16:43:55 vmd48417 sshd[7218]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.39.213.211	2020-03-24 04:54:32
103.39.213.211	attackspambots	Mar 6 11:21:49 Tower sshd[6031]: Connection from 103.39.213.211 port 36896 on 192.168.10.220 port 22 rdomain "" Mar 6 11:21:52 Tower sshd[6031]: Failed password for root from 103.39.213.211 port 36896 ssh2 Mar 6 11:21:53 Tower sshd[6031]: Received disconnect from 103.39.213.211 port 36896:11: Bye Bye [preauth] Mar 6 11:21:53 Tower sshd[6031]: Disconnected from authenticating user root 103.39.213.211 port 36896 [preauth]	2020-03-07 01:31:03
103.39.213.133	attackbotsspam	Unauthorized connection attempt detected from IP address 103.39.213.133 to port 2220 [J]	2020-01-25 06:48:18
103.39.213.211	attackspambots	Dec 19 15:06:31 tux-35-217 sshd\[15958\]: Invalid user otsu from 103.39.213.211 port 33936 Dec 19 15:06:31 tux-35-217 sshd\[15958\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.39.213.211 Dec 19 15:06:33 tux-35-217 sshd\[15958\]: Failed password for invalid user otsu from 103.39.213.211 port 33936 ssh2 Dec 19 15:13:06 tux-35-217 sshd\[16042\]: Invalid user admin from 103.39.213.211 port 51422 Dec 19 15:13:06 tux-35-217 sshd\[16042\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.39.213.211 ...	2019-12-19 22:19:30
103.39.213.211	attack	Dec 13 17:05:40 localhost sshd\[25850\]: Invalid user guest888 from 103.39.213.211 port 55870 Dec 13 17:05:40 localhost sshd\[25850\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.39.213.211 Dec 13 17:05:42 localhost sshd\[25850\]: Failed password for invalid user guest888 from 103.39.213.211 port 55870 ssh2 Dec 13 17:11:02 localhost sshd\[26080\]: Invalid user kumirin from 103.39.213.211 port 42322 Dec 13 17:11:02 localhost sshd\[26080\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.39.213.211 ...	2019-12-14 03:53:01

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 103.39.213.242
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 31373
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;103.39.213.242.			IN	A

;; AUTHORITY SECTION:
.			571	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020052302 1800 900 604800 86400

;; Query time: 122 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun May 24 12:24:50 CST 2020
;; MSG SIZE  rcvd: 118

Host info

Host 242.213.39.103.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 242.213.39.103.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
180.76.114.218	attackspambots	May 8 05:51:05 haigwepa sshd[20986]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.76.114.218 May 8 05:51:07 haigwepa sshd[20986]: Failed password for invalid user kiosk from 180.76.114.218 port 59388 ssh2 ...	2020-05-08 17:57:18
2001:41d0:1:8268::1	attackspam	C1,WP GET /manga/wp-login.php	2020-05-08 18:18:26
198.199.73.239	attack	2020-05-08T05:43:47.233299shield sshd\[30071\]: Invalid user xguest from 198.199.73.239 port 40837 2020-05-08T05:43:47.236867shield sshd\[30071\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=198.199.73.239 2020-05-08T05:43:48.484469shield sshd\[30071\]: Failed password for invalid user xguest from 198.199.73.239 port 40837 ssh2 2020-05-08T05:46:00.943817shield sshd\[30493\]: Invalid user build from 198.199.73.239 port 57466 2020-05-08T05:46:00.947610shield sshd\[30493\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=198.199.73.239	2020-05-08 17:58:57
195.24.207.199	attackbotsspam	May 8 12:50:44 pkdns2 sshd\[56936\]: Invalid user git from 195.24.207.199May 8 12:50:47 pkdns2 sshd\[56936\]: Failed password for invalid user git from 195.24.207.199 port 36430 ssh2May 8 12:55:27 pkdns2 sshd\[57170\]: Invalid user ss from 195.24.207.199May 8 12:55:29 pkdns2 sshd\[57170\]: Failed password for invalid user ss from 195.24.207.199 port 50082 ssh2May 8 13:00:08 pkdns2 sshd\[57372\]: Invalid user cvr from 195.24.207.199May 8 13:00:09 pkdns2 sshd\[57372\]: Failed password for invalid user cvr from 195.24.207.199 port 35390 ssh2 ...	2020-05-08 18:08:13
198.108.66.172	attackspam	firewall-block, port(s): 3389/tcp	2020-05-08 18:27:13
82.200.65.218	attackspam	May 8 11:54:52 mout sshd[15847]: Invalid user dashboard from 82.200.65.218 port 55032	2020-05-08 18:29:58
140.143.247.30	attackspam	Brute-force attempt banned	2020-05-08 18:14:04
157.230.19.72	attackbots	Brute force attempt	2020-05-08 18:25:21
116.1.180.22	attack	sshd	2020-05-08 18:19:42
165.16.80.123	attack	May 6 04:59:29 liveconfig01 sshd[26645]: Invalid user ame from 165.16.80.123 May 6 04:59:29 liveconfig01 sshd[26645]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=165.16.80.123 May 6 04:59:31 liveconfig01 sshd[26645]: Failed password for invalid user ame from 165.16.80.123 port 43232 ssh2 May 6 04:59:31 liveconfig01 sshd[26645]: Received disconnect from 165.16.80.123 port 43232:11: Bye Bye [preauth] May 6 04:59:31 liveconfig01 sshd[26645]: Disconnected from 165.16.80.123 port 43232 [preauth] May 6 05:02:01 liveconfig01 sshd[26839]: Invalid user adminixxxr from 165.16.80.123 May 6 05:02:01 liveconfig01 sshd[26839]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=165.16.80.123 May 6 05:02:02 liveconfig01 sshd[26839]: Failed password for invalid user adminixxxr from 165.16.80.123 port 52174 ssh2 May 6 05:02:02 liveconfig01 sshd[26839]: Received disconnect from 165.16.80.123 port 521........ -------------------------------	2020-05-08 18:08:40
89.45.226.116	attack	May 7 23:44:11 mockhub sshd[7102]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=89.45.226.116 May 7 23:44:13 mockhub sshd[7102]: Failed password for invalid user bd from 89.45.226.116 port 55068 ssh2 ...	2020-05-08 18:02:26
71.6.232.7	attackbots	MultiHost/MultiPort Probe, Scan, Hack -	2020-05-08 17:54:39
116.202.111.84	attackbots	116.202.111.84 - - \[08/May/2020:10:08:22 +0200\] "POST /wp-login.php HTTP/1.0" 200 5932 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" 116.202.111.84 - - \[08/May/2020:10:08:23 +0200\] "POST /wp-login.php HTTP/1.0" 200 5745 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" 116.202.111.84 - - \[08/May/2020:10:08:24 +0200\] "POST /xmlrpc.php HTTP/1.0" 200 736 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0"	2020-05-08 18:00:39
106.13.6.116	attack	May 8 11:25:19 prox sshd[14824]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.6.116 May 8 11:25:20 prox sshd[14824]: Failed password for invalid user rabbitmq from 106.13.6.116 port 38482 ssh2	2020-05-08 17:55:27
154.8.159.88	attack	May 8 06:25:00 legacy sshd[24184]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=154.8.159.88 May 8 06:25:01 legacy sshd[24184]: Failed password for invalid user ubuntu from 154.8.159.88 port 45266 ssh2 May 8 06:34:50 legacy sshd[24697]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=154.8.159.88 ...	2020-05-08 18:04:57

Recently Reported IPs

167.99.137.75	188.166.2.141	88.147.153.101	77.237.77.56
188.170.189.129	93.81.217.93	189.45.198.214	138.36.201.134
191.96.20.85	183.16.207.67	197.220.72.99	105.242.21.250
182.160.127.101	192.64.86.34	177.157.208.200	202.86.148.164
186.216.64.42	159.89.157.126	188.166.6.240	120.55.62.112