103.145.12.104

Basic Info

City: unknown

Region: unknown

Country: Netherlands

Internet Service Provider: Cinty EU Web Solutions

Hostname: unknown

Organization: unknown

Usage Type: Commercial

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbots	[2020-05-20 04:37:30] NOTICE[1157] chan_sip.c: Registration from '400 ' failed for '103.145.12.104:5060' - Wrong password [2020-05-20 04:37:30] SECURITY[1173] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2020-05-20T04:37:30.314-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="400",SessionID="0x7f5f10443b28",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/103.145.12.104/5060",Challenge="4499f10e",ReceivedChallenge="4499f10e",ReceivedHash="3c57f9759a51c167f9178b019bc9ea39" [2020-05-20 04:40:07] NOTICE[1157] chan_sip.c: Registration from '3001 ' failed for '103.145.12.104:5060' - Wrong password [2020-05-20 04:40:07] SECURITY[1173] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2020-05-20T04:40:07.668-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="3001",SessionID="0x7f5f1051dd08",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/103.14 ...	2020-05-20 16:50:45
attackspam	[2020-05-19 20:04:33] NOTICE[1157] chan_sip.c: Registration from '5005 ' failed for '103.145.12.104:5060' - Wrong password [2020-05-19 20:04:33] SECURITY[1173] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2020-05-19T20:04:33.967-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="5005",SessionID="0x7f5f10405c98",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/103.145.12.104/5060",Challenge="08d68222",ReceivedChallenge="08d68222",ReceivedHash="420ebba9737460ed7fe14ff81e3fe372" [2020-05-19 20:04:55] NOTICE[1157] chan_sip.c: Registration from '2005 ' failed for '103.145.12.104:5060' - Wrong password [2020-05-19 20:04:55] SECURITY[1173] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2020-05-19T20:04:55.656-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="2005",SessionID="0x7f5f1058e4f8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/103 ...	2020-05-20 08:11:47
attackbotsspam	[2020-05-15 22:51:54] NOTICE[1157] chan_sip.c: Registration from 'MohTay ' failed for '103.145.12.104:5060' - Wrong password [2020-05-15 22:51:54] SECURITY[1173] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2020-05-15T22:51:54.127-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="MohTay",SessionID="0x7f5f10d1ed48",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/103.145.12.104/5060",Challenge="3f02cb2a",ReceivedChallenge="3f02cb2a",ReceivedHash="10203630b28ca9fcbf0b5bd8e5b3caa5" [2020-05-15 22:51:54] NOTICE[1157] chan_sip.c: Registration from 'MohTay ' failed for '103.145.12.104:5060' - Wrong password [2020-05-15 22:51:54] SECURITY[1173] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2020-05-15T22:51:54.356-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="MohTay",SessionID="0x7f5f104853f8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress=" ...	2020-05-16 23:03:58

Type

Details

Datetime

attackbots

[2020-05-20 04:37:30] NOTICE[1157] chan_sip.c: Registration from '400 ' failed for '103.145.12.104:5060' - Wrong password
[2020-05-20 04:37:30] SECURITY[1173] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2020-05-20T04:37:30.314-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="400",SessionID="0x7f5f10443b28",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/103.145.12.104/5060",Challenge="4499f10e",ReceivedChallenge="4499f10e",ReceivedHash="3c57f9759a51c167f9178b019bc9ea39"
[2020-05-20 04:40:07] NOTICE[1157] chan_sip.c: Registration from '3001 ' failed for '103.145.12.104:5060' - Wrong password
[2020-05-20 04:40:07] SECURITY[1173] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2020-05-20T04:40:07.668-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="3001",SessionID="0x7f5f1051dd08",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/103.14
...

2020-05-20 16:50:45

attackspam

[2020-05-19 20:04:33] NOTICE[1157] chan_sip.c: Registration from '5005 ' failed for '103.145.12.104:5060' - Wrong password
[2020-05-19 20:04:33] SECURITY[1173] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2020-05-19T20:04:33.967-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="5005",SessionID="0x7f5f10405c98",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/103.145.12.104/5060",Challenge="08d68222",ReceivedChallenge="08d68222",ReceivedHash="420ebba9737460ed7fe14ff81e3fe372"
[2020-05-19 20:04:55] NOTICE[1157] chan_sip.c: Registration from '2005 ' failed for '103.145.12.104:5060' - Wrong password
[2020-05-19 20:04:55] SECURITY[1173] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2020-05-19T20:04:55.656-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="2005",SessionID="0x7f5f1058e4f8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/103
...

2020-05-20 08:11:47

attackbotsspam

[2020-05-15 22:51:54] NOTICE[1157] chan_sip.c: Registration from 'MohTay ' failed for '103.145.12.104:5060' - Wrong password
[2020-05-15 22:51:54] SECURITY[1173] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2020-05-15T22:51:54.127-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="MohTay",SessionID="0x7f5f10d1ed48",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/103.145.12.104/5060",Challenge="3f02cb2a",ReceivedChallenge="3f02cb2a",ReceivedHash="10203630b28ca9fcbf0b5bd8e5b3caa5"
[2020-05-15 22:51:54] NOTICE[1157] chan_sip.c: Registration from 'MohTay ' failed for '103.145.12.104:5060' - Wrong password
[2020-05-15 22:51:54] SECURITY[1173] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2020-05-15T22:51:54.356-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="MohTay",SessionID="0x7f5f104853f8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="
...

2020-05-16 23:03:58

Comments on same subnet:

IP	Type	Details	Datetime
103.145.12.228	attackbotsspam	VoIP Brute Force - 103.145.12.228 - Auto Report ...	2020-10-13 02:20:41
103.145.12.228	attackbotsspam	VoIP Brute Force - 103.145.12.228 - Auto Report ...	2020-10-12 17:45:58
103.145.12.227	attack	[2020-10-03 19:40:53] NOTICE[1182][C-00000d42] chan_sip.c: Call from '' (103.145.12.227:58963) to extension '0046812111802' rejected because extension not found in context 'public'. [2020-10-03 19:40:53] SECURITY[1204] res_security_log.c: SecurityEvent="FailedACL",EventTV="2020-10-03T19:40:53.670-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="0046812111802",SessionID="0x7f22f8572958",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/103.145.12.227/58963",ACLName="no_extension_match" [2020-10-03 19:41:59] NOTICE[1182][C-00000d43] chan_sip.c: Call from '' (103.145.12.227:57346) to extension '90046812111802' rejected because extension not found in context 'public'. [2020-10-03 19:41:59] SECURITY[1204] res_security_log.c: SecurityEvent="FailedACL",EventTV="2020-10-03T19:41:59.743-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="90046812111802",SessionID="0x7f22f83b6678",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/103 ...	2020-10-04 08:06:39
103.145.12.227	attackspambots	[2020-10-03 12:24:04] NOTICE[1182][C-00000b6d] chan_sip.c: Call from '' (103.145.12.227:58599) to extension '90046812111802' rejected because extension not found in context 'public'. [2020-10-03 12:24:04] SECURITY[1204] res_security_log.c: SecurityEvent="FailedACL",EventTV="2020-10-03T12:24:04.770-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="90046812111802",SessionID="0x7f22f8572958",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/103.145.12.227/58599",ACLName="no_extension_match" [2020-10-03 12:27:20] NOTICE[1182][C-00000b71] chan_sip.c: Call from '' (103.145.12.227:52542) to extension '01146812111802' rejected because extension not found in context 'public'. ...	2020-10-04 00:30:31
103.145.12.227	attackbots	[2020-10-02 18:57:04] NOTICE[1182][C-000006fa] chan_sip.c: Call from '' (103.145.12.227:54771) to extension '801146812111458' rejected because extension not found in context 'public'. [2020-10-02 18:57:04] SECURITY[1204] res_security_log.c: SecurityEvent="FailedACL",EventTV="2020-10-02T18:57:04.023-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="801146812111458",SessionID="0x7f22f8418138",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/103.145.12.227/54771",ACLName="no_extension_match" [2020-10-02 18:57:38] NOTICE[1182][C-000006fb] chan_sip.c: Call from '' (103.145.12.227:58701) to extension '0046812111458' rejected because extension not found in context 'public'. [2020-10-02 18:57:38] SECURITY[1204] res_security_log.c: SecurityEvent="FailedACL",EventTV="2020-10-02T18:57:38.818-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="0046812111458",SessionID="0x7f22f8418138",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/1 ...	2020-10-03 16:18:43
103.145.12.225	attackspam	Port scan denied	2020-09-26 02:07:30
103.145.12.225	attackspam	Port scan denied	2020-09-25 17:48:01
103.145.12.227	attackbots	[2020-09-24 19:43:06] NOTICE[1159][C-000014a4] chan_sip.c: Call from '' (103.145.12.227:50812) to extension '01146812410910' rejected because extension not found in context 'public'. [2020-09-24 19:43:06] SECURITY[1198] res_security_log.c: SecurityEvent="FailedACL",EventTV="2020-09-24T19:43:06.869-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="01146812410910",SessionID="0x7fcaa02d7a38",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/103.145.12.227/50812",ACLName="no_extension_match" [2020-09-24 19:45:13] NOTICE[1159][C-000014a7] chan_sip.c: Call from '' (103.145.12.227:52024) to extension '901146812410910' rejected because extension not found in context 'public'. [2020-09-24 19:45:13] SECURITY[1198] res_security_log.c: SecurityEvent="FailedACL",EventTV="2020-09-24T19:45:13.790-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="901146812410910",SessionID="0x7fcaa0022038",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP ...	2020-09-25 11:22:30
103.145.12.227	attack	[2020-09-20 09:58:24] NOTICE[1239][C-000059e9] chan_sip.c: Call from '' (103.145.12.227:57874) to extension '01146812410910' rejected because extension not found in context 'public'. [2020-09-20 09:58:24] SECURITY[1264] res_security_log.c: SecurityEvent="FailedACL",EventTV="2020-09-20T09:58:24.645-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="01146812410910",SessionID="0x7f4d48338208",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/103.145.12.227/57874",ACLName="no_extension_match" [2020-09-20 10:00:07] NOTICE[1239][C-000059ec] chan_sip.c: Call from '' (103.145.12.227:64684) to extension '901146812410910' rejected because extension not found in context 'public'. [2020-09-20 10:00:07] SECURITY[1264] res_security_log.c: SecurityEvent="FailedACL",EventTV="2020-09-20T10:00:07.232-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="901146812410910",SessionID="0x7f4d482f9458",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP ...	2020-09-20 22:24:49
103.145.12.227	attackspambots	[2020-09-20 01:54:12] NOTICE[1239][C-0000581f] chan_sip.c: Call from '' (103.145.12.227:63639) to extension '01146812410910' rejected because extension not found in context 'public'. [2020-09-20 01:54:12] SECURITY[1264] res_security_log.c: SecurityEvent="FailedACL",EventTV="2020-09-20T01:54:12.827-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="01146812410910",SessionID="0x7f4d48423e18",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/103.145.12.227/63639",ACLName="no_extension_match" [2020-09-20 01:55:49] NOTICE[1239][C-00005821] chan_sip.c: Call from '' (103.145.12.227:55335) to extension '901146812410910' rejected because extension not found in context 'public'. ...	2020-09-20 14:15:55
103.145.12.227	attackspambots	[2020-09-19 18:04:26] NOTICE[1239][C-000055a3] chan_sip.c: Call from '' (103.145.12.227:58137) to extension '01146812410910' rejected because extension not found in context 'public'. [2020-09-19 18:04:26] SECURITY[1264] res_security_log.c: SecurityEvent="FailedACL",EventTV="2020-09-19T18:04:26.594-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="01146812410910",SessionID="0x7f4d48488fa8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/103.145.12.227/58137",ACLName="no_extension_match" [2020-09-19 18:06:09] NOTICE[1239][C-000055a5] chan_sip.c: Call from '' (103.145.12.227:52418) to extension '901146812410910' rejected because extension not found in context 'public'. [2020-09-19 18:06:09] SECURITY[1264] res_security_log.c: SecurityEvent="FailedACL",EventTV="2020-09-19T18:06:09.567-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="901146812410910",SessionID="0x7f4d48488fa8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP ...	2020-09-20 06:16:08
103.145.12.182	attack	SIP scanner	2020-09-18 21:33:58
103.145.12.182	attackbotsspam	SIP scanner	2020-09-18 13:51:20
103.145.12.182	attackbots	SIP scanner	2020-09-18 04:08:58
103.145.12.227	attackspambots	[2020-09-15 14:20:34] NOTICE[1239][C-000041fa] chan_sip.c: Call from '' (103.145.12.227:57394) to extension '901146812410910' rejected because extension not found in context 'public'. [2020-09-15 14:20:34] SECURITY[1264] res_security_log.c: SecurityEvent="FailedACL",EventTV="2020-09-15T14:20:34.855-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="901146812410910",SessionID="0x7f4d482e4338",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/103.145.12.227/57394",ACLName="no_extension_match" [2020-09-15 14:22:18] NOTICE[1239][C-000041fd] chan_sip.c: Call from '' (103.145.12.227:63659) to extension '801146812410910' rejected because extension not found in context 'public'. ...	2020-09-16 02:32:53

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 103.145.12.104
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 501
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;103.145.12.104.			IN	A

;; AUTHORITY SECTION:
.			505	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020051600 1800 900 604800 86400

;; Query time: 137 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat May 16 23:03:51 CST 2020
;; MSG SIZE  rcvd: 118

Host info

Host 104.12.145.103.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 104.12.145.103.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
161.117.176.196	attack	Sep 24 22:20:07 vps647732 sshd[17586]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=161.117.176.196 Sep 24 22:20:09 vps647732 sshd[17586]: Failed password for invalid user steve from 161.117.176.196 port 2842 ssh2 ...	2019-09-25 04:41:50
200.130.35.244	attack	WordPress brute force	2019-09-25 04:25:10
115.236.170.78	attackbots	$f2bV_matches	2019-09-25 04:27:39
178.62.28.79	attackspambots	Sep 24 07:43:45 hcbb sshd\[31144\]: Invalid user webuser from 178.62.28.79 Sep 24 07:43:45 hcbb sshd\[31144\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.62.28.79 Sep 24 07:43:47 hcbb sshd\[31144\]: Failed password for invalid user webuser from 178.62.28.79 port 33576 ssh2 Sep 24 07:47:48 hcbb sshd\[31454\]: Invalid user zr from 178.62.28.79 Sep 24 07:47:48 hcbb sshd\[31454\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.62.28.79	2019-09-25 04:11:32
118.97.140.237	attackspam	Sep 24 05:43:51 auw2 sshd\[24088\]: Invalid user user from 118.97.140.237 Sep 24 05:43:51 auw2 sshd\[24088\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.97.140.237 Sep 24 05:43:53 auw2 sshd\[24088\]: Failed password for invalid user user from 118.97.140.237 port 48440 ssh2 Sep 24 05:49:26 auw2 sshd\[24590\]: Invalid user poi from 118.97.140.237 Sep 24 05:49:26 auw2 sshd\[24590\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.97.140.237	2019-09-25 04:54:00
194.230.155.161	attackbotsspam	''	2019-09-25 04:21:34
103.38.215.20	attackspam	Sep 24 17:54:01 [munged] sshd[18352]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.38.215.20	2019-09-25 04:20:21
62.234.99.172	attackbotsspam	Sep 24 22:11:08 vps647732 sshd[17493]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=62.234.99.172 Sep 24 22:11:10 vps647732 sshd[17493]: Failed password for invalid user mark from 62.234.99.172 port 55307 ssh2 ...	2019-09-25 04:36:20
94.177.202.153	attack	2019-09-24T14:36:21.579917vfs-server-01 sshd\[29135\]: Invalid user ubnt from 94.177.202.153 port 48408 2019-09-24T14:36:28.974206vfs-server-01 sshd\[29140\]: Invalid user admin from 94.177.202.153 port 48496 2019-09-24T14:36:36.637774vfs-server-01 sshd\[29148\]: Invalid user 1234 from 94.177.202.153 port 52786	2019-09-25 04:15:21
159.203.139.128	attackspam	Sep 24 22:03:54 vps01 sshd[31077]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.203.139.128 Sep 24 22:03:56 vps01 sshd[31077]: Failed password for invalid user cheryl from 159.203.139.128 port 41108 ssh2	2019-09-25 04:20:42
49.73.61.65	attackbots	Invalid user seymour from 49.73.61.65 port 50326	2019-09-25 04:07:16
42.59.178.223	attackspambots	Unauthorised access (Sep 24) SRC=42.59.178.223 LEN=40 TTL=48 ID=28823 TCP DPT=8080 WINDOW=9175 SYN Unauthorised access (Sep 24) SRC=42.59.178.223 LEN=40 TTL=48 ID=56216 TCP DPT=8080 WINDOW=63348 SYN	2019-09-25 04:12:27
222.186.42.4	attack	v+ssh-bruteforce	2019-09-25 04:18:29
210.212.145.125	attackbotsspam	Sep 24 15:36:25 vps691689 sshd[4040]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=210.212.145.125 Sep 24 15:36:28 vps691689 sshd[4040]: Failed password for invalid user dp from 210.212.145.125 port 50716 ssh2 Sep 24 15:40:31 vps691689 sshd[4113]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=210.212.145.125 ...	2019-09-25 04:38:01
181.177.112.167	attack	2,23-03/03 concatform PostRequest-Spammer scoring: wien2018	2019-09-25 04:24:45

Recently Reported IPs

110.6.203.95	220.246.154.130	114.32.174.176	45.157.120.122
38.147.163.102	210.99.36.175	117.5.108.148	180.254.144.178
85.116.125.167	49.206.200.232	35.244.47.234	188.81.61.223
31.247.65.25	14.237.135.53	203.143.205.19	94.101.134.247
36.235.227.139	5.16.15.26	45.134.179.122	234.153.59.51