45.143.220.214

Basic Info

City: unknown

Region: unknown

Country: Netherlands

Internet Service Provider: Zumy Communications

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	MultiHost/MultiPort Probe, Scan, Hack -	2020-04-17 21:16:14
attack	Port 59369 scan denied	2020-04-10 16:30:24
attackbots	[2020-03-22 04:34:04] NOTICE[1148] chan_sip.c: Registration from '"966" ' failed for '45.143.220.214:6066' - Wrong password [2020-03-22 04:34:04] SECURITY[1163] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2020-03-22T04:34:04.724-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="966",SessionID="0x7fd82c530768",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/45.143.220.214/6066",Challenge="7ebe755c",ReceivedChallenge="7ebe755c",ReceivedHash="621c662320f65c8a7d61c482e15cfa93" [2020-03-22 04:34:04] NOTICE[1148] chan_sip.c: Registration from '"966" ' failed for '45.143.220.214:6066' - Wrong password [2020-03-22 04:34:04] SECURITY[1163] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2020-03-22T04:34:04.821-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="966",SessionID="0x7fd82c40aa58",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/45.14 ...	2020-03-22 19:36:19
attackspam	[2020-03-20 01:10:45] NOTICE[1148][C-000139b5] chan_sip.c: Call from '' (45.143.220.214:46134) to extension '899' rejected because extension not found in context 'public'. [2020-03-20 01:10:45] SECURITY[1163] res_security_log.c: SecurityEvent="FailedACL",EventTV="2020-03-20T01:10:45.930-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="899",SessionID="0x7fd82c530768",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/45.143.220.214/46134",ACLName="no_extension_match" [2020-03-20 01:12:43] NOTICE[1148][C-000139b9] chan_sip.c: Call from '' (45.143.220.214:60029) to extension '911' rejected because extension not found in context 'public'. [2020-03-20 01:12:43] SECURITY[1163] res_security_log.c: SecurityEvent="FailedACL",EventTV="2020-03-20T01:12:43.033-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="911",SessionID="0x7fd82c43c848",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/45.143.220.214/60029",ACLName="no_extension_m ...	2020-03-20 17:40:19
attackbots	[2020-03-19 20:13:31] NOTICE[1148][C-00013826] chan_sip.c: Call from '' (45.143.220.214:50238) to extension '999' rejected because extension not found in context 'public'. [2020-03-19 20:13:31] SECURITY[1163] res_security_log.c: SecurityEvent="FailedACL",EventTV="2020-03-19T20:13:31.534-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="999",SessionID="0x7fd82c43c848",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/45.143.220.214/50238",ACLName="no_extension_match" [2020-03-19 20:16:28] NOTICE[1148][C-0001382a] chan_sip.c: Call from '' (45.143.220.214:40063) to extension '0000' rejected because extension not found in context 'public'. [2020-03-19 20:16:28] SECURITY[1163] res_security_log.c: SecurityEvent="FailedACL",EventTV="2020-03-19T20:16:28.682-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="0000",SessionID="0x7fd82c43c848",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/45.143.220.214/40063",ACLName="no_extension ...	2020-03-20 08:38:24
attackspam	" "	2020-03-10 23:50:08

Comments on same subnet:

IP	Type	Details	Datetime
45.143.220.3	attack	The IP 45.143.220.3 has just been banned by Fail2Ban after 8 attempts	2020-10-16 03:06:49
45.143.220.250	attackspambots	Automatic report - Brute Force attack using this IP address	2020-08-25 16:44:35
45.143.220.87	attack	Tried our host z.	2020-08-22 07:43:17
45.143.220.59	attackspam	45.143.220.59 was recorded 7 times by 2 hosts attempting to connect to the following ports: 5060. Incident counter (4h, 24h, all-time): 7, 16, 1532	2020-08-20 08:57:56
45.143.220.59	attackbotsspam	45.143.220.59 was recorded 5 times by 2 hosts attempting to connect to the following ports: 5060. Incident counter (4h, 24h, all-time): 5, 30, 1507	2020-08-19 02:52:58
45.143.220.87	attack	[2020-08-15 11:32:40] NOTICE[1185][C-000027ae] chan_sip.c: Call from '' (45.143.220.87:6336) to extension '0046842002652' rejected because extension not found in context 'public'. [2020-08-15 11:32:40] SECURITY[1203] res_security_log.c: SecurityEvent="FailedACL",EventTV="2020-08-15T11:32:40.124-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="0046842002652",SessionID="0x7f10c43e3a48",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/45.143.220.87/6336",ACLName="no_extension_match" [2020-08-15 11:40:48] NOTICE[1185][C-000027b5] chan_sip.c: Call from '' (45.143.220.87:11278) to extension '+46842002652' rejected because extension not found in context 'public'. [2020-08-15 11:40:48] SECURITY[1203] res_security_log.c: SecurityEvent="FailedACL",EventTV="2020-08-15T11:40:48.085-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="+46842002652",SessionID="0x7f10c43e3a48",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/45.143.220.8 ...	2020-08-15 23:57:56
45.143.220.165	attack	Try to login my routers admin-account several times.	2020-08-12 20:14:50
45.143.220.59	attack	45.143.220.59 was recorded 5 times by 4 hosts attempting to connect to the following ports: 5060. Incident counter (4h, 24h, all-time): 5, 38, 1279	2020-08-12 03:28:54
45.143.220.116	attack	[N10.H2.VM2] Port Scanner Detected Blocked by UFW	2020-08-09 21:34:40
45.143.220.59	attackbots	08/07/2020-08:08:43.480573 45.143.220.59 Protocol: 17 ET SCAN Sipvicious Scan	2020-08-07 20:26:49
45.143.220.116	attack	Aug 5 07:28:09 debian-2gb-nbg1-2 kernel: \[18863752.168870\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=45.143.220.116 DST=195.201.40.59 LEN=444 TOS=0x00 PREC=0x00 TTL=54 ID=0 DF PROTO=UDP SPT=5252 DPT=5060 LEN=424	2020-08-05 15:00:58
45.143.220.59	attack	SmallBizIT.US 6 packets to udp(5060)	2020-08-01 06:26:51
45.143.220.59	attackspambots	45.143.220.59 was recorded 10 times by 5 hosts attempting to connect to the following ports: 5060. Incident counter (4h, 24h, all-time): 10, 63, 653	2020-07-27 06:35:08
45.143.220.116	attackspambots	firewall-block, port(s): 5060/udp	2020-07-27 03:28:04
45.143.220.116	attackspambots	Jul 25 19:20:47 debian-2gb-nbg1-2 kernel: \[17956161.731244\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=45.143.220.116 DST=195.201.40.59 LEN=444 TOS=0x00 PREC=0x00 TTL=55 ID=0 DF PROTO=UDP SPT=5368 DPT=5060 LEN=424	2020-07-26 04:50:57

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 45.143.220.214
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 57583
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;45.143.220.214.			IN	A

;; AUTHORITY SECTION:
.			249	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020022400 1800 900 604800 86400

;; Query time: 85 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Feb 24 16:20:31 CST 2020
;; MSG SIZE  rcvd: 118

Host info

Host 214.220.143.45.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		100.100.2.138
Address:	100.100.2.138#53

** server can't find 214.220.143.45.in-addr.arpa.: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
118.71.31.234	attackspam	Dec 11 13:31:03 debian-2gb-nbg1-2 kernel: \[24349007.911300\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=118.71.31.234 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=50 ID=59744 PROTO=TCP SPT=48639 DPT=23 WINDOW=35791 RES=0x00 SYN URGP=0	2019-12-11 20:38:07
189.244.149.208	attack	Automatic report - Port Scan Attack	2019-12-11 20:39:25
139.59.41.154	attack	Dec 11 12:39:43 mail sshd\[19828\]: Invalid user batham from 139.59.41.154 Dec 11 12:39:43 mail sshd\[19828\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.41.154 Dec 11 12:39:45 mail sshd\[19828\]: Failed password for invalid user batham from 139.59.41.154 port 60660 ssh2 ...	2019-12-11 20:20:13
122.51.57.78	attack	SSH Bruteforce attempt	2019-12-11 20:37:34
42.115.221.40	attack	Dec 11 17:25:49 itv-usvr-01 sshd[16900]: Invalid user herodes from 42.115.221.40 Dec 11 17:25:49 itv-usvr-01 sshd[16900]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.115.221.40 Dec 11 17:25:49 itv-usvr-01 sshd[16900]: Invalid user herodes from 42.115.221.40 Dec 11 17:25:51 itv-usvr-01 sshd[16900]: Failed password for invalid user herodes from 42.115.221.40 port 42206 ssh2 Dec 11 17:33:42 itv-usvr-01 sshd[17203]: Invalid user test from 42.115.221.40	2019-12-11 21:01:38
89.109.23.190	attackspam	Dec 11 02:47:27 eddieflores sshd\[9029\]: Invalid user pul from 89.109.23.190 Dec 11 02:47:27 eddieflores sshd\[9029\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=89.109.23.190 Dec 11 02:47:29 eddieflores sshd\[9029\]: Failed password for invalid user pul from 89.109.23.190 port 58456 ssh2 Dec 11 02:53:09 eddieflores sshd\[9584\]: Invalid user deetta from 89.109.23.190 Dec 11 02:53:09 eddieflores sshd\[9584\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=89.109.23.190	2019-12-11 20:53:47
82.81.12.247	attack	Honeypot attack, port: 23, PTR: bzq-82-81-12-247.red.bezeqint.net.	2019-12-11 20:23:09
36.83.134.84	attackspam	Unauthorised access (Dec 11) SRC=36.83.134.84 LEN=52 TTL=116 ID=4464 DF TCP DPT=445 WINDOW=8192 SYN Unauthorised access (Dec 11) SRC=36.83.134.84 LEN=52 TTL=116 ID=20758 DF TCP DPT=445 WINDOW=8192 SYN	2019-12-11 21:02:11
180.248.139.185	attackspam	Attempt to attack host OS, exploiting network vulnerabilities, on 11-12-2019 06:25:19.	2019-12-11 20:42:17
45.57.236.202	attackspam	(From edwardfrancis792@gmail.com) Greetings! I'm an online digital marketer, and I just finished conducting some SEO reporting tests on your site. The results showed a few issues preventing it from being easily found by people searching online for products/services relevant to your business. There's also a great amount of additional web traffic we can get you by making your website get a better placement on the search engine results with search engine optimization. I'd really like to discuss with you more helpful information about this, so please reply let me know if you're interested. I can also provide a free consultation to present you the data about your website's potential and where I can take it further. Don't worry about my rates since they're considered cheap even by small start-up companies. I hope to speak with you and share some helpful insights. Just let me know about the best time to give you a call. Talk to you soon! Best regards, Edward Francis	2019-12-11 20:16:40
36.79.221.45	attack	Attempt to attack host OS, exploiting network vulnerabilities, on 11-12-2019 06:25:23.	2019-12-11 20:32:35
36.76.255.92	attack	Attempt to attack host OS, exploiting network vulnerabilities, on 11-12-2019 06:25:22.	2019-12-11 20:32:53
82.81.211.248	attackspambots	Dec 11 11:38:42 freya sshd[24664]: Did not receive identification string from 82.81.211.248 port 36120 Dec 11 11:56:07 freya sshd[27252]: Connection closed by 82.81.211.248 port 53247 [preauth] Dec 11 12:00:22 freya sshd[27883]: Connection closed by 82.81.211.248 port 57465 [preauth] Dec 11 12:04:38 freya sshd[28506]: Connection closed by 82.81.211.248 port 33428 [preauth] Dec 11 12:08:52 freya sshd[29148]: Connection closed by 82.81.211.248 port 37627 [preauth] ...	2019-12-11 20:43:35
49.149.78.253	attack	Attempt to attack host OS, exploiting network vulnerabilities, on 11-12-2019 06:25:25.	2019-12-11 20:29:09
51.75.123.107	attackbots	SSH bruteforce	2019-12-11 20:59:18

Recently Reported IPs

184.82.194.253	112.85.193.100	78.188.92.137	120.29.66.237
105.96.44.36	111.170.82.93	72.27.139.232	117.216.14.178
62.192.61.137	123.21.89.94	85.98.45.71	168.70.83.84
185.184.79.2	85.106.4.162	98.143.144.6	211.117.60.23
27.66.89.28	125.67.237.247	118.68.153.192	14.226.161.174