103.145.13.213

Basic Info

City: unknown

Region: unknown

Country: None

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	SIP Server BruteForce Attack	2020-09-19 16:48:48

Comments on same subnet:

IP	Type	Details	Datetime
103.145.13.88	attack	Port Scan	2022-08-18 13:44:23
103.145.13.10	attack	TCP ports : 443	2020-11-06 18:32:07
103.145.13.149	attack	Severity: Medium TypeMisc: Attack Category: Dshield Source: 103.145.13.149 : 42748	2020-10-21 16:53:33
103.145.13.124	attackspambots	ET DROP Dshield Block Listed Source group 1 - port: 5060 proto: sip cat: Misc Attackbytes: 452	2020-10-14 05:18:15
103.145.13.229	attackbots	ET DROP Dshield Block Listed Source group 1 - port: 5060 proto: sip cat: Misc Attackbytes: 461	2020-10-14 04:59:54
103.145.13.58	attackspam	ET DROP Dshield Block Listed Source group 1 - port: 5038 proto: tcp cat: Misc Attackbytes: 60	2020-10-13 20:33:43
103.145.13.58	attackspam	ET DROP Dshield Block Listed Source group 1 - port: 5038 proto: tcp cat: Misc Attackbytes: 60	2020-10-13 12:05:57
103.145.13.58	attack	ET CINS Active Threat Intelligence Poor Reputation IP group 95 - port: 5038 proto: tcp cat: Misc Attackbytes: 60	2020-10-13 04:55:55
103.145.13.229	attackspam	103.145.13.229 was recorded 6 times by 4 hosts attempting to connect to the following ports: 5060. Incident counter (4h, 24h, all-time): 6, 33, 646	2020-10-13 00:41:48
103.145.13.229	attackspambots	ET SCAN Sipvicious Scan - port: 5060 proto: sip cat: Attempted Information Leakbytes: 462	2020-10-12 16:06:39
103.145.13.193	attackbotsspam	Trying ports that it shouldn't be.	2020-10-10 05:42:03
103.145.13.193	attackbotsspam	UDP 103.145.13.193:5140 -> port 5060, len 417	2020-10-09 21:47:36
103.145.13.193	attack	Port scan denied	2020-10-09 13:37:25
103.145.13.124	attackbotsspam	UDP port : 5060	2020-10-09 04:44:22
103.145.13.124	attackbots	UDP port : 5060	2020-10-08 20:54:40

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 103.145.13.213
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 58485
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;103.145.13.213.			IN	A

;; AUTHORITY SECTION:
.			151	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020081800 1800 900 604800 86400

;; Query time: 71 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Aug 19 00:21:53 CST 2020
;; MSG SIZE  rcvd: 118

Host info

Host 213.13.145.103.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 213.13.145.103.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
117.208.174.206	attackbots	Unauthorised access (Sep 4) SRC=117.208.174.206 LEN=40 PREC=0x20 TTL=238 ID=46837 TCP DPT=445 WINDOW=1024 SYN Unauthorised access (Sep 2) SRC=117.208.174.206 LEN=40 PREC=0x20 TTL=237 ID=65242 TCP DPT=445 WINDOW=1024 SYN	2019-09-04 14:05:21
138.68.29.52	attack	Sep 3 19:13:13 tdfoods sshd\[5242\]: Invalid user chu from 138.68.29.52 Sep 3 19:13:13 tdfoods sshd\[5242\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.29.52 Sep 3 19:13:15 tdfoods sshd\[5242\]: Failed password for invalid user chu from 138.68.29.52 port 34500 ssh2 Sep 3 19:17:17 tdfoods sshd\[5658\]: Invalid user zq from 138.68.29.52 Sep 3 19:17:17 tdfoods sshd\[5658\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.29.52	2019-09-04 13:47:24
211.193.13.111	attackspam	Sep 4 06:57:32 server sshd\[4070\]: Invalid user ming from 211.193.13.111 port 35762 Sep 4 06:57:32 server sshd\[4070\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=211.193.13.111 Sep 4 06:57:34 server sshd\[4070\]: Failed password for invalid user ming from 211.193.13.111 port 35762 ssh2 Sep 4 07:02:13 server sshd\[22215\]: Invalid user user123 from 211.193.13.111 port 57509 Sep 4 07:02:13 server sshd\[22215\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=211.193.13.111	2019-09-04 14:36:18
181.230.35.65	attackbotsspam	Sep 4 10:20:05 itv-usvr-02 sshd[13519]: Invalid user postgres from 181.230.35.65 port 60970 Sep 4 10:20:05 itv-usvr-02 sshd[13519]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=181.230.35.65 Sep 4 10:20:05 itv-usvr-02 sshd[13519]: Invalid user postgres from 181.230.35.65 port 60970 Sep 4 10:20:06 itv-usvr-02 sshd[13519]: Failed password for invalid user postgres from 181.230.35.65 port 60970 ssh2 Sep 4 10:27:15 itv-usvr-02 sshd[13531]: Invalid user hxhtftp from 181.230.35.65 port 35784	2019-09-04 14:22:23
115.159.86.75	attackspambots	Sep 3 19:19:38 aiointranet sshd\[32479\]: Invalid user pilar from 115.159.86.75 Sep 3 19:19:38 aiointranet sshd\[32479\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=115.159.86.75 Sep 3 19:19:40 aiointranet sshd\[32479\]: Failed password for invalid user pilar from 115.159.86.75 port 34681 ssh2 Sep 3 19:23:26 aiointranet sshd\[349\]: Invalid user is from 115.159.86.75 Sep 3 19:23:26 aiointranet sshd\[349\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=115.159.86.75	2019-09-04 13:57:22
211.104.171.239	attackspam	Sep 4 07:37:59 eventyay sshd[21965]: Failed password for root from 211.104.171.239 port 41929 ssh2 Sep 4 07:43:01 eventyay sshd[22118]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=211.104.171.239 Sep 4 07:43:03 eventyay sshd[22118]: Failed password for invalid user ppldtepe from 211.104.171.239 port 35842 ssh2 ...	2019-09-04 13:48:54
185.211.245.198	attackbotsspam	Sep 4 07:09:30 mail postfix/smtpd\[32739\]: warning: unknown\[185.211.245.198\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\ Sep 4 07:09:40 mail postfix/smtpd\[2201\]: warning: unknown\[185.211.245.198\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\ Sep 4 07:25:10 mail postfix/smtpd\[4065\]: warning: unknown\[185.211.245.198\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\ Sep 4 08:01:04 mail postfix/smtpd\[6246\]: warning: unknown\[185.211.245.198\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\	2019-09-04 14:07:35
134.209.1.169	attack	Sep 3 18:55:47 wbs sshd\[24515\]: Invalid user vnc from 134.209.1.169 Sep 3 18:55:47 wbs sshd\[24515\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.1.169 Sep 3 18:55:49 wbs sshd\[24515\]: Failed password for invalid user vnc from 134.209.1.169 port 39282 ssh2 Sep 3 19:00:38 wbs sshd\[24965\]: Invalid user jakarta from 134.209.1.169 Sep 3 19:00:38 wbs sshd\[24965\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.1.169	2019-09-04 13:49:32
184.105.139.124	attackbotsspam	Honeypot hit.	2019-09-04 14:11:38
124.65.152.14	attack	Sep 3 19:20:16 hiderm sshd\[5410\]: Invalid user dq from 124.65.152.14 Sep 3 19:20:16 hiderm sshd\[5410\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.65.152.14 Sep 3 19:20:18 hiderm sshd\[5410\]: Failed password for invalid user dq from 124.65.152.14 port 3981 ssh2 Sep 3 19:25:30 hiderm sshd\[5850\]: Invalid user web2 from 124.65.152.14 Sep 3 19:25:30 hiderm sshd\[5850\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.65.152.14	2019-09-04 13:55:48
111.230.53.144	attackspam	ssh failed login	2019-09-04 14:34:46
198.14.228.4	attack	Automatic report - Port Scan Attack	2019-09-04 14:25:30
46.229.176.207	attackbots	Automatic report - Port Scan Attack	2019-09-04 14:18:19
175.175.73.173	attackspambots	" "	2019-09-04 14:26:01
184.105.139.67	attack	MultiHost/MultiPort Probe, Scan, Hack -	2019-09-04 14:15:04

Recently Reported IPs

65.217.148.103	166.136.51.98	125.113.11.218	212.191.192.50
164.68.119.127	105.225.203.230	40.40.241.37	112.197.99.146
77.64.193.185	182.76.33.202	178.168.226.211	101.1.146.75
235.38.20.28	56.69.120.176	54.116.210.6	130.195.202.148
85.14.182.95	52.168.49.178	138.114.177.117	193.64.132.7