103.145.13.125

Basic Info

City: unknown

Region: unknown

Country: Estonia

Internet Service Provider: Cinty EU Web Solutions

Hostname: unknown

Organization: unknown

Usage Type: Commercial

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspambots	[H1] Blocked by UFW	2020-09-23 21:21:12
attackbotsspam	[H1] Blocked by UFW	2020-09-23 13:40:55
attack	[H1] Blocked by UFW	2020-09-23 05:30:23

Comments on same subnet:

IP	Type	Details	Datetime
103.145.13.88	attack	Port Scan	2022-08-18 13:44:23
103.145.13.10	attack	TCP ports : 443	2020-11-06 18:32:07
103.145.13.149	attack	Severity: Medium TypeMisc: Attack Category: Dshield Source: 103.145.13.149 : 42748	2020-10-21 16:53:33
103.145.13.124	attackspambots	ET DROP Dshield Block Listed Source group 1 - port: 5060 proto: sip cat: Misc Attackbytes: 452	2020-10-14 05:18:15
103.145.13.229	attackbots	ET DROP Dshield Block Listed Source group 1 - port: 5060 proto: sip cat: Misc Attackbytes: 461	2020-10-14 04:59:54
103.145.13.58	attackspam	ET DROP Dshield Block Listed Source group 1 - port: 5038 proto: tcp cat: Misc Attackbytes: 60	2020-10-13 20:33:43
103.145.13.58	attackspam	ET DROP Dshield Block Listed Source group 1 - port: 5038 proto: tcp cat: Misc Attackbytes: 60	2020-10-13 12:05:57
103.145.13.58	attack	ET CINS Active Threat Intelligence Poor Reputation IP group 95 - port: 5038 proto: tcp cat: Misc Attackbytes: 60	2020-10-13 04:55:55
103.145.13.229	attackspam	103.145.13.229 was recorded 6 times by 4 hosts attempting to connect to the following ports: 5060. Incident counter (4h, 24h, all-time): 6, 33, 646	2020-10-13 00:41:48
103.145.13.229	attackspambots	ET SCAN Sipvicious Scan - port: 5060 proto: sip cat: Attempted Information Leakbytes: 462	2020-10-12 16:06:39
103.145.13.193	attackbotsspam	Trying ports that it shouldn't be.	2020-10-10 05:42:03
103.145.13.193	attackbotsspam	UDP 103.145.13.193:5140 -> port 5060, len 417	2020-10-09 21:47:36
103.145.13.193	attack	Port scan denied	2020-10-09 13:37:25
103.145.13.124	attackbotsspam	UDP port : 5060	2020-10-09 04:44:22
103.145.13.124	attackbots	UDP port : 5060	2020-10-08 20:54:40

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 103.145.13.125
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 10080
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;103.145.13.125.			IN	A

;; AUTHORITY SECTION:
.			589	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020092202 1800 900 604800 86400

;; Query time: 69 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Sep 23 05:30:18 CST 2020
;; MSG SIZE  rcvd: 118

Host info

Host 125.13.145.103.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		100.100.2.138
Address:	100.100.2.138#53

** server can't find 125.13.145.103.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
93.107.105.114	attackspambots	Automatic report - Port Scan Attack	2020-05-14 08:01:31
188.173.80.134	attackbotsspam	Invalid user postgres from 188.173.80.134 port 54410	2020-05-14 07:57:59
175.107.230.9	attack	20/5/13@17:06:07: FAIL: Alarm-Network address from=175.107.230.9 ...	2020-05-14 08:00:10
183.150.34.155	attackspambots	2020-05-14T06:06:28.689306hermes postfix/smtpd[489496]: NOQUEUE: reject: RCPT from unknown[183.150.34.155]: 554 5.7.1 Service unavailable; Client host [183.150.34.155] blocked using zen.spamhaus.org; https://www.spamhaus.org/query/ip/183.150.34.155; from= to= proto=ESMTP helo= ...	2020-05-14 07:46:04
192.168.10.15	attack	May 13 17:06:06 Tower sshd[10339]: Connection from 192.168.10.15 port 54418 on 192.168.10.220 port 22 rdomain "" May 13 17:06:10 Tower sshd[10339]: Failed password for root from 192.168.10.15 port 54418 ssh2 May 13 17:06:15 Tower sshd[10339]: Failed password for root from 192.168.10.15 port 54418 ssh2 May 13 17:06:20 Tower sshd[10339]: Failed password for root from 192.168.10.15 port 54418 ssh2	2020-05-14 07:51:29
202.159.6.196	attackspambots	20/5/13@19:25:14: FAIL: Alarm-Network address from=202.159.6.196 20/5/13@19:25:15: FAIL: Alarm-Network address from=202.159.6.196 ...	2020-05-14 07:39:26
118.97.23.33	attackbotsspam	May 14 02:38:20 hosting sshd[17829]: Invalid user jenkins from 118.97.23.33 port 45295 May 14 02:38:20 hosting sshd[17829]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.97.23.33 May 14 02:38:20 hosting sshd[17829]: Invalid user jenkins from 118.97.23.33 port 45295 May 14 02:38:22 hosting sshd[17829]: Failed password for invalid user jenkins from 118.97.23.33 port 45295 ssh2 May 14 02:47:29 hosting sshd[18720]: Invalid user manju from 118.97.23.33 port 43588 ...	2020-05-14 08:01:12
118.193.34.233	attack	May 14 00:47:47 vps639187 sshd\[416\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.193.34.233 user=root May 14 00:47:49 vps639187 sshd\[416\]: Failed password for root from 118.193.34.233 port 53764 ssh2 May 14 00:52:30 vps639187 sshd\[506\]: Invalid user nathan from 118.193.34.233 port 46694 May 14 00:52:30 vps639187 sshd\[506\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.193.34.233 ...	2020-05-14 08:13:10
185.176.27.34	attackbotsspam	May 14 01:38:29 debian-2gb-nbg1-2 kernel: \[11671965.065503\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=185.176.27.34 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=244 ID=15067 PROTO=TCP SPT=45644 DPT=3887 WINDOW=1024 RES=0x00 SYN URGP=0	2020-05-14 07:40:31
178.217.169.247	attackspambots	SSH Invalid Login	2020-05-14 07:46:26
42.236.10.107	attackspam	Automatic report - Banned IP Access	2020-05-14 07:55:10
182.156.209.222	attackbotsspam	May 14 02:28:29 gw1 sshd[23883]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.156.209.222 May 14 02:28:31 gw1 sshd[23883]: Failed password for invalid user smkim from 182.156.209.222 port 56449 ssh2 ...	2020-05-14 07:41:05
213.202.101.114	attackbots	Invalid user testuser from 213.202.101.114 port 52134	2020-05-14 07:39:59
2400:8901::f03c:92ff:fe28:4ead	attackbotsspam	xmlrpc attack	2020-05-14 08:12:23
37.59.98.179	attack	Automatic report - XMLRPC Attack	2020-05-14 07:54:15

Recently Reported IPs

92.112.157.36	157.245.64.126	97.81.187.225	69.63.68.194
95.71.135.110	198.251.217.220	35.240.38.176	164.68.114.169
117.253.140.143	106.52.150.93	85.209.89.243	207.180.252.162
109.184.35.49	212.195.194.166	187.188.141.212	114.119.137.220
182.122.0.140	94.25.169.100	72.144.151.135	133.110.104.254