103.145.13.114

Basic Info

City: unknown

Region: unknown

Country: Estonia

Internet Service Provider: Cinty EU Web Solutions

Hostname: unknown

Organization: unknown

Usage Type: Commercial

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Fail2Ban Ban Triggered	2020-08-31 07:26:47
attack	Port scanning [4 denied]	2020-08-30 02:35:28
attack	ET DROP Dshield Block Listed Source group 1 - port: 5060 proto: sip cat: Misc Attackbytes: 458	2020-08-29 03:41:12

Comments on same subnet:

IP	Type	Details	Datetime
103.145.13.88	attack	Port Scan	2022-08-18 13:44:23
103.145.13.10	attack	TCP ports : 443	2020-11-06 18:32:07
103.145.13.149	attack	Severity: Medium TypeMisc: Attack Category: Dshield Source: 103.145.13.149 : 42748	2020-10-21 16:53:33
103.145.13.124	attackspambots	ET DROP Dshield Block Listed Source group 1 - port: 5060 proto: sip cat: Misc Attackbytes: 452	2020-10-14 05:18:15
103.145.13.229	attackbots	ET DROP Dshield Block Listed Source group 1 - port: 5060 proto: sip cat: Misc Attackbytes: 461	2020-10-14 04:59:54
103.145.13.58	attackspam	ET DROP Dshield Block Listed Source group 1 - port: 5038 proto: tcp cat: Misc Attackbytes: 60	2020-10-13 20:33:43
103.145.13.58	attackspam	ET DROP Dshield Block Listed Source group 1 - port: 5038 proto: tcp cat: Misc Attackbytes: 60	2020-10-13 12:05:57
103.145.13.58	attack	ET CINS Active Threat Intelligence Poor Reputation IP group 95 - port: 5038 proto: tcp cat: Misc Attackbytes: 60	2020-10-13 04:55:55
103.145.13.229	attackspam	103.145.13.229 was recorded 6 times by 4 hosts attempting to connect to the following ports: 5060. Incident counter (4h, 24h, all-time): 6, 33, 646	2020-10-13 00:41:48
103.145.13.229	attackspambots	ET SCAN Sipvicious Scan - port: 5060 proto: sip cat: Attempted Information Leakbytes: 462	2020-10-12 16:06:39
103.145.13.193	attackbotsspam	Trying ports that it shouldn't be.	2020-10-10 05:42:03
103.145.13.193	attackbotsspam	UDP 103.145.13.193:5140 -> port 5060, len 417	2020-10-09 21:47:36
103.145.13.193	attack	Port scan denied	2020-10-09 13:37:25
103.145.13.124	attackbotsspam	UDP port : 5060	2020-10-09 04:44:22
103.145.13.124	attackbots	UDP port : 5060	2020-10-08 20:54:40

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 103.145.13.114
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 10725
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;103.145.13.114.			IN	A

;; AUTHORITY SECTION:
.			392	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020082801 1800 900 604800 86400

;; Query time: 62 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Aug 29 03:41:08 CST 2020
;; MSG SIZE  rcvd: 118

Host info

Host 114.13.145.103.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 114.13.145.103.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
101.207.134.63	attack	Nov 11 22:23:22 MK-Soft-VM8 sshd[840]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=101.207.134.63 Nov 11 22:23:23 MK-Soft-VM8 sshd[840]: Failed password for invalid user admin from 101.207.134.63 port 55354 ssh2 ...	2019-11-12 06:15:52
123.243.111.52	attackbotsspam	Honeypot attack, port: 445, PTR: 123-243-111-52.static.tpgi.com.au.	2019-11-12 06:25:22
51.75.124.215	attack	Invalid user test from 51.75.124.215 port 43592	2019-11-12 05:57:16
52.187.131.27	attack	Nov 11 21:09:09 srv1 sshd[24407]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.187.131.27 Nov 11 21:09:11 srv1 sshd[24407]: Failed password for invalid user alikhan from 52.187.131.27 port 57818 ssh2 ...	2019-11-12 05:55:03
89.157.230.183	attack	Automatic report - Port Scan Attack	2019-11-12 06:16:09
69.94.156.11	attackspambots	Nov 11 15:34:30 exim[26083]: 2019-11-11 15:34:30 1iUAlw-0006mh-58 H=chintz.nabhaa.com (chintz.ohrevi.com) [69.94.156.11] F= rejected after DATA: This message scored 102.2 spam points.	2019-11-12 06:31:39
201.238.198.114	attack	Invalid user admin from 201.238.198.114 port 2058	2019-11-12 06:08:34
139.199.29.155	attackbots	2019-11-11T16:19:04.116713shield sshd\[26228\]: Invalid user servers from 139.199.29.155 port 35257 2019-11-11T16:19:04.121024shield sshd\[26228\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.29.155 2019-11-11T16:19:06.651731shield sshd\[26228\]: Failed password for invalid user servers from 139.199.29.155 port 35257 ssh2 2019-11-11T16:24:32.542109shield sshd\[26517\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.29.155 user=root 2019-11-11T16:24:34.431064shield sshd\[26517\]: Failed password for root from 139.199.29.155 port 14148 ssh2	2019-11-12 06:13:01
217.112.128.199	attackbots	Postfix DNSBL listed. Trying to send SPAM.	2019-11-12 06:01:59
210.56.13.254	attack	Honeypot attack, port: 445, PTR: PTR record not found	2019-11-12 06:32:21
1.254.154.42	attackspam	2019-11-11T21:48:09.050889abusebot-2.cloudsearch.cf sshd\[24202\]: Invalid user hadoop from 1.254.154.42 port 10836	2019-11-12 06:24:34
183.203.96.105	attackbots	5x Failed Password	2019-11-12 06:00:24
113.123.242.209	attack	Honeypot attack, port: 5555, PTR: PTR record not found	2019-11-12 06:13:14
52.231.205.120	attack	Nov 11 15:34:57 MK-Soft-Root2 sshd[23363]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.231.205.120 Nov 11 15:34:58 MK-Soft-Root2 sshd[23363]: Failed password for invalid user andrey from 52.231.205.120 port 59326 ssh2 ...	2019-11-12 06:33:14
167.114.185.237	attack	Nov 11 04:31:36 web9 sshd\[7080\]: Invalid user postgis from 167.114.185.237 Nov 11 04:31:36 web9 sshd\[7080\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.114.185.237 Nov 11 04:31:38 web9 sshd\[7080\]: Failed password for invalid user postgis from 167.114.185.237 port 53054 ssh2 Nov 11 04:35:31 web9 sshd\[7560\]: Invalid user qwe369 from 167.114.185.237 Nov 11 04:35:31 web9 sshd\[7560\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.114.185.237	2019-11-12 06:11:25

Recently Reported IPs

103.7.61.129	223.238.159.114	245.78.164.185	181.177.254.238
171.88.42.68	77.247.178.88	95.213.193.199	78.180.143.254
122.2.108.194	171.224.180.211	31.173.100.53	62.87.178.250
39.36.115.172	114.101.246.243	62.78.84.201	198.62.251.172
196.249.102.17	84.2.139.224	112.201.162.182	180.245.234.168