103.214.12.20 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Philippines

Internet Service Provider: NewMountainView Satellite Corporation

Hostname: unknown

Organization: unknown

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Unauthorized connection attempt detected from IP address 103.214.12.20 to port 80	2020-07-01 16:25:51

Comments on same subnet:

IP	Type	Details	Datetime
103.214.129.204	attackbotsspam	Sep 14 13:15:56 jumpserver sshd[24592]: Failed password for invalid user fragocompta from 103.214.129.204 port 37882 ssh2 Sep 14 13:20:14 jumpserver sshd[24626]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.214.129.204 user=root Sep 14 13:20:17 jumpserver sshd[24626]: Failed password for root from 103.214.129.204 port 34788 ssh2 ...	2020-09-14 23:31:46
103.214.129.204	attackbots	Connection to SSH Honeypot - Detected by HoneypotDB	2020-09-14 15:19:31
103.214.129.204	attackbotsspam	2020-09-13 16:51:39.042641-0500 localhost sshd[4180]: Failed password for invalid user cpanelconnecttrack from 103.214.129.204 port 51690 ssh2	2020-09-14 07:15:14
103.214.129.204	attackspam	Sep 1 02:25:56 web9 sshd\[28818\]: Invalid user geoserver from 103.214.129.204 Sep 1 02:25:56 web9 sshd\[28818\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.214.129.204 Sep 1 02:25:58 web9 sshd\[28818\]: Failed password for invalid user geoserver from 103.214.129.204 port 42972 ssh2 Sep 1 02:31:04 web9 sshd\[29462\]: Invalid user lilin from 103.214.129.204 Sep 1 02:31:04 web9 sshd\[29462\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.214.129.204	2020-09-02 00:45:25
103.214.129.204	attackbots	Aug 26 07:41:48 l02a sshd[3477]: Invalid user insurgency from 103.214.129.204 Aug 26 07:41:48 l02a sshd[3477]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.214.129.204 Aug 26 07:41:48 l02a sshd[3477]: Invalid user insurgency from 103.214.129.204 Aug 26 07:41:50 l02a sshd[3477]: Failed password for invalid user insurgency from 103.214.129.204 port 33190 ssh2	2020-08-26 17:25:55
103.214.129.204	attack	$f2bV_matches	2020-08-25 12:21:24
103.214.129.204	attack	$f2bV_matches	2020-08-23 22:44:23
103.214.129.204	attack	[SID2] Fail2ban detected 5 failed SSH login attempts within 30 minutes. This report was submitted automatically.	2020-08-20 15:11:37
103.214.129.204	attack	Jul 23 02:01:11 * sshd[12322]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.214.129.204 Jul 23 02:01:13 * sshd[12322]: Failed password for invalid user toor from 103.214.129.204 port 39758 ssh2	2020-07-23 08:02:15
103.214.129.204	attack	Fail2Ban - SSH Bruteforce Attempt	2020-07-16 18:47:32
103.214.128.5	attackspambots	Icarus honeypot on github	2020-07-13 20:52:30
103.214.129.204	attackbotsspam	Jul 12 14:12:01 eventyay sshd[8848]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.214.129.204 Jul 12 14:12:04 eventyay sshd[8848]: Failed password for invalid user sh from 103.214.129.204 port 37640 ssh2 Jul 12 14:16:21 eventyay sshd[9016]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.214.129.204 ...	2020-07-12 20:35:57
103.214.129.204	attackbots	2020-07-11T07:38:49.193323lavrinenko.info sshd[14094]: Invalid user syj from 103.214.129.204 port 37210 2020-07-11T07:38:49.203384lavrinenko.info sshd[14094]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.214.129.204 2020-07-11T07:38:49.193323lavrinenko.info sshd[14094]: Invalid user syj from 103.214.129.204 port 37210 2020-07-11T07:38:51.097338lavrinenko.info sshd[14094]: Failed password for invalid user syj from 103.214.129.204 port 37210 ssh2 2020-07-11T07:43:02.229866lavrinenko.info sshd[14404]: Invalid user gabi from 103.214.129.204 port 33704 ...	2020-07-11 12:55:21
103.214.12.23	attack	Brute forcing RDP port 3389	2020-07-04 03:18:04
103.214.129.204	attackbotsspam	SSH / Telnet Brute Force Attempts on Honeypot	2020-07-02 05:32:06

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 103.214.12.20
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 25702
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;103.214.12.20.			IN	A

;; AUTHORITY SECTION:
.			234	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020070101 1800 900 604800 86400

;; Query time: 454 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Jul 01 16:25:43 CST 2020
;; MSG SIZE  rcvd: 117

Host info

20.12.214.103.in-addr.arpa has no PTR record

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 20.12.214.103.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
187.111.220.168	attackbots	unauthorized connection attempt	2020-02-19 15:26:50
187.56.142.110	attackbots	unauthorized connection attempt	2020-02-19 15:15:04
106.51.138.234	attackbots	unauthorized connection attempt	2020-02-19 15:19:09
115.77.123.2	attackbots	unauthorized connection attempt	2020-02-19 15:36:28
58.6.81.142	attackspam	unauthorized connection attempt	2020-02-19 15:06:21
59.127.61.105	attack	Honeypot attack, port: 81, PTR: 59-127-61-105.HINET-IP.hinet.net.	2020-02-19 15:12:53
115.76.66.112	attackbots	unauthorized connection attempt	2020-02-19 15:17:13
203.160.161.46	attackbotsspam	unauthorized connection attempt	2020-02-19 14:55:07
191.241.199.140	attackspambots	unauthorized connection attempt	2020-02-19 15:26:17
92.8.253.18	attackbots	unauthorized connection attempt	2020-02-19 15:20:14
194.186.24.206	attackbots	unauthorized connection attempt	2020-02-19 15:14:12
37.210.198.98	attackbots	LGS,WP GET /wp-login.php	2020-02-19 15:12:24
171.248.63.110	attackspambots	unauthorized connection attempt	2020-02-19 15:34:29
49.145.229.84	attackbotsspam	unauthorized connection attempt	2020-02-19 15:30:06
124.156.178.135	attack	unauthorized connection attempt	2020-02-19 15:35:46

Recently Reported IPs

133.200.227.22	207.255.102.247	50.100.196.244	124.28.116.30
48.97.223.117	42.115.11.68	79.229.186.101	2.57.67.221
128.96.95.228	90.73.75.94	149.148.73.105	157.72.179.240
176.160.71.9	99.141.24.13	193.60.121.144	128.106.248.30
71.155.231.217	166.225.117.56	114.33.159.252	106.104.172.173