JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 209.141.45.103

209.141.45.103 was found in our database!

This IP was reported 843 times. Confidence of Abuse is 100%: ?

100%

ISP	FranTech Solutions
Usage Type	Data Center/Web Hosting/Transit
ASN	AS53667
Hostname(s)	ns-uswest.domainnamesystem.io
Domain Name	frantech.ca
Country	🇺🇸 United States of America
City	Las Vegas, Nevada

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 209.141.45.103

Whois 209.141.45.103

IP Abuse Reports for 209.141.45.103:

This IP address has been reported a total of 843 times from 168 distinct sources. 209.141.45.103 was first reported on November 15th 2022, and the most recent report was 45 minutes ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 KPS	2026-06-05 23:31:05 (45 minutes ago)	PortscanN	Port Scan
🇬🇧 Andrew	2026-06-05 23:25:02 (51 minutes ago)	Blocked by UFW (TCP on port 5060). Source port: 56397 TTL: 243 Packet length: 44 TOS: 0x00 This rep ... show more Blocked by UFW (TCP on port 5060). Source port: 56397 TTL: 243 Packet length: 44 TOS: 0x00 This report (for 209.141.45.103) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇩🇪 ValtonTahiri	2026-06-05 23:24:11 (52 minutes ago)	UFW blocked a suspicious connection attempt to a closed or denied port. This activity is commonly as ... show more UFW blocked a suspicious connection attempt to a closed or denied port. This activity is commonly associated with port scanning, service discovery, or automated internet probing. Technical: source_ip=209.141.45.103; proto=TCP; source_port=56397; target_port=5061; flags=SYN show less	Port Scan
🇩🇪 iNetWorker	2026-06-05 23:21:13 (55 minutes ago)	firewall-block, port(s): 5060/tcp, 5061/tcp	Port Scan
🇺🇸 MPL	2026-06-05 23:07:29 (1 hour ago)	tcp ports: 5060,5061 (23 or more attempts)	Port Scan
🇮🇹 Fusty	2026-06-05 22:53:59 (1 hour ago)	Unauthorized attempt on (TCP on port 5060). Source port: 56397 TTL: 237 Packet length: 44 Timestamp: ... show more Unauthorized attempt on (TCP on port 5060). Source port: 56397 TTL: 237 Packet length: 44 Timestamp: 2026-06-06 00:53:58 show less	Port Scan
🇦🇷 Bruno	2026-06-05 22:47:08 (1 hour ago)	Port Scanner: 209.141.45.103	Port Scan
🇧🇾 StatsMe	2026-06-05 22:35:30 (1 hour ago)	2026-06-05T21:04:59.112091+0300 ET SCAN NMAP -sS window 1024	Port Scan
Anonymous	2026-06-05 22:31:40 (1 hour ago)	Unauthorized access (tcp/5060/sip)	Port Scan Fraud VoIP
🇨🇭 SOC [GOLINE SA]	2026-06-05 22:26:05 (1 hour ago)	[RoutePulse \| 2026-06-05T22:26:05Z] ATTACK: Threat IP Active SOURCE: 209.141.45.103 (ns-uswest.domai ... show more [RoutePulse \| 2026-06-05T22:26:05Z] ATTACK: Threat IP Active SOURCE: 209.141.45.103 (ns-uswest.domainnamesystem.io) · AS53667 FranTech Solutions · United States EVIDENCE: severity=critical · 131 flows · 66 KB INTEL: AbuseIPDB 100% (661 reports) \| feeds: Wazuh SIEM — Suricata IDS (1) \| RoutePulse score 64/100 24H PERSISTENCE: 2 events (Threat IP Active×1, Host Baseline Shift×1) CONVICTION: Tier 4, LLR -0.37, 0.8 independent groups (multi-source SPRT) MITRE: T1071 Application Layer Protocol DETECTION: sFlow/IPFIX flow analysis + 14-detector ML stack (6-model weighted ensemble) + threat-intel correlation ACTION: Pre-blackhole intelligence report (live monitoring continues) show less	Hacking Exploited Host
🇩🇪 David Ferneding	2026-06-05 22:07:28 (2 hours ago)	Blocked by UFW (TCP on 5061) Source port: 56397 TTL: 234 Packet length: 44 TOS: 0x00 This report (f ... show more Blocked by UFW (TCP on 5061) Source port: 56397 TTL: 234 Packet length: 44 TOS: 0x00 This report (for 209.141.45.103) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇺🇸 MPL	2026-06-05 21:56:03 (2 hours ago)	tcp/5061 (19 or more attempts)	Port Scan
🇺🇸 MPL	2026-06-05 21:56:03 (2 hours ago)	tcp ports: 5061,5060 (110 or more attempts)	Port Scan
🇫🇷 security.rdmc.fr	2026-06-05 21:54:41 (2 hours ago)	VoIP Attack proto:TCP src:56397 dst:5060	Port Scan Fraud VoIP
🇪🇸 el-brujo	2026-06-05 19:33:09 (4 hours ago)	06/05/2026-21:33:09.261004 209.141.45.103 Protocol: 6 ET SCAN NMAP -sS window 1024	Port Scan

Showing 1 to 15 of 843 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇧🇪 198.235.24.192

🇳🇱 176.65.148.132

🇫🇷 149.202.60.80

🇫🇷 45.84.88.32

🇸🇬 43.133.61.254

🇬🇧 5.226.140.123

🇩🇪 2.27.20.28

🇺🇸 205.210.31.46

🇸🇬 188.166.183.201

🇩🇪 167.94.146.56

🇸🇬 152.32.218.149

🇺🇸 75.127.15.105

🇲🇾 47.250.179.142

🇺🇸 38.148.249.2

🇧🇷 200.166.238.17

🇵🇪 190.81.117.162

🇲🇽 187.190.35.163

🇳🇱 185.223.235.41

🇨🇳 182.43.164.191

🇺🇸 172.234.25.61