103.66.196.139

Basic Info

City: Jakarta

Region: Jakarta

Country: Indonesia

Internet Service Provider: Esia

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
103.66.196.210	attack	Honeypot attack, port: 445, PTR: PTR record not found	2020-04-24 04:28:29
103.66.196.75	attackspambots	Honeypot attack, port: 445, PTR: PTR record not found	2020-01-23 12:27:18
103.66.196.75	attackbotsspam	Unauthorised access (Dec 9) SRC=103.66.196.75 LEN=68 TTL=116 ID=26873 DF TCP DPT=445 WINDOW=8192 SYN	2019-12-09 15:06:39

Type

Details

Datetime

103.66.196.210

attack

Honeypot attack, port: 445, PTR: PTR record not found

2020-04-24 04:28:29

103.66.196.75

attackspambots

Honeypot attack, port: 445, PTR: PTR record not found

2020-01-23 12:27:18

103.66.196.75

attackbotsspam

Unauthorised access (Dec  9) SRC=103.66.196.75 LEN=68 TTL=116 ID=26873 DF TCP DPT=445 WINDOW=8192 SYN

2019-12-09 15:06:39

Whois info:

Dig info:

b'
; <<>> DiG 9.11.3-1ubuntu1.15-Ubuntu <<>> 103.66.196.139
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 19854
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 65494
;; QUESTION SECTION:
;103.66.196.139.			IN	A

;; Query time: 1 msec
;; SERVER: 127.0.0.53#53(127.0.0.53)
;; WHEN: Sat Jun 26 18:10:02 CST 2021
;; MSG SIZE  rcvd: 43

'

Host info

Host 139.196.66.103.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 139.196.66.103.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
27.76.141.109	attack	Unauthorized connection attempt detected from IP address 27.76.141.109 to port 445	2019-12-12 14:22:59
87.67.79.51	attackspambots	Dec 12 00:27:21 eola sshd[31477]: Invalid user strawn from 87.67.79.51 port 41386 Dec 12 00:27:21 eola sshd[31477]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=87.67.79.51 Dec 12 00:27:23 eola sshd[31477]: Failed password for invalid user strawn from 87.67.79.51 port 41386 ssh2 Dec 12 00:27:23 eola sshd[31477]: Received disconnect from 87.67.79.51 port 41386:11: Bye Bye [preauth] Dec 12 00:27:23 eola sshd[31477]: Disconnected from 87.67.79.51 port 41386 [preauth] Dec 12 00:27:48 eola sshd[31523]: Invalid user blanchard from 87.67.79.51 port 47320 Dec 12 00:27:48 eola sshd[31523]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=87.67.79.51 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=87.67.79.51	2019-12-12 13:56:58
94.66.58.202	attack	TCP Port Scanning	2019-12-12 13:56:32
218.92.0.168	attack	Dec 12 05:57:23 work-partkepr sshd\[23145\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.168 user=root Dec 12 05:57:25 work-partkepr sshd\[23145\]: Failed password for root from 218.92.0.168 port 37029 ssh2 ...	2019-12-12 14:00:50
172.86.75.119	attack	MultiHost/MultiPort Probe, Scan, Hack -	2019-12-12 13:52:35
58.250.44.53	attackspambots	Dec 11 18:48:14 php1 sshd\[1944\]: Invalid user test from 58.250.44.53 Dec 11 18:48:14 php1 sshd\[1944\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.250.44.53 Dec 11 18:48:16 php1 sshd\[1944\]: Failed password for invalid user test from 58.250.44.53 port 24637 ssh2 Dec 11 18:55:18 php1 sshd\[2650\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.250.44.53 user=root Dec 11 18:55:20 php1 sshd\[2650\]: Failed password for root from 58.250.44.53 port 49502 ssh2	2019-12-12 13:51:22
106.75.122.202	attackbots	Brute-force attempt banned	2019-12-12 13:53:46
23.247.6.178	attack	Dec 11 16:25:39 clarabelen sshd[15969]: Address 23.247.6.178 maps to 01436.club, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT! Dec 11 16:25:39 clarabelen sshd[15969]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=23.247.6.178 user=r.r Dec 11 16:25:42 clarabelen sshd[15969]: Failed password for r.r from 23.247.6.178 port 56768 ssh2 Dec 11 16:25:42 clarabelen sshd[15969]: Received disconnect from 23.247.6.178: 11: Bye Bye [preauth] Dec 11 16:36:48 clarabelen sshd[16738]: Address 23.247.6.178 maps to 01436.club, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT! Dec 11 16:36:48 clarabelen sshd[16738]: Invalid user sarumino from 23.247.6.178 Dec 11 16:36:48 clarabelen sshd[16738]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=23.247.6.178 Dec 11 16:36:51 clarabelen sshd[16738]: Failed password for invalid user sarumino from 23.247.6.178 port 554........ -------------------------------	2019-12-12 13:54:18
120.59.249.237	attackbotsspam	Attempt to attack host OS, exploiting network vulnerabilities, on 12-12-2019 04:55:09.	2019-12-12 14:07:21
1.23.185.14	attackbotsspam	Dec 12 07:06:08 eventyay sshd[17027]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=1.23.185.14 Dec 12 07:06:10 eventyay sshd[17027]: Failed password for invalid user struempfer from 1.23.185.14 port 56232 ssh2 Dec 12 07:13:02 eventyay sshd[17215]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=1.23.185.14 ...	2019-12-12 14:25:38
209.17.96.194	attackspam	209.17.96.194 was recorded 15 times by 12 hosts attempting to connect to the following ports: 593,5351,8530,8888,11211,47808,138,20,401,2161,5906,5632,987. Incident counter (4h, 24h, all-time): 15, 63, 1835	2019-12-12 13:49:43
106.13.118.216	attackbots	Dec 11 22:32:12 eola sshd[29151]: Invalid user feltman from 106.13.118.216 port 49538 Dec 11 22:32:12 eola sshd[29151]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.118.216 Dec 11 22:32:14 eola sshd[29151]: Failed password for invalid user feltman from 106.13.118.216 port 49538 ssh2 Dec 11 22:32:14 eola sshd[29151]: Received disconnect from 106.13.118.216 port 49538:11: Bye Bye [preauth] Dec 11 22:32:14 eola sshd[29151]: Disconnected from 106.13.118.216 port 49538 [preauth] Dec 11 22:51:06 eola sshd[29636]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.118.216 user=mysql Dec 11 22:51:08 eola sshd[29636]: Failed password for mysql from 106.13.118.216 port 48526 ssh2 Dec 11 22:51:08 eola sshd[29636]: Received disconnect from 106.13.118.216 port 48526:11: Bye Bye [preauth] Dec 11 22:51:08 eola sshd[29636]: Disconnected from 106.13.118.216 port 48526 [preauth] Dec 11 22:56:4........ -------------------------------	2019-12-12 13:59:54
123.207.5.190	attackspambots	Dec 12 00:51:37 plusreed sshd[1480]: Invalid user benfer from 123.207.5.190 ...	2019-12-12 14:09:12
146.88.240.4	attackspambots	12.12.2019 06:18:19 Connection to port 7778 blocked by firewall	2019-12-12 14:11:34
103.26.43.202	attackspam	Dec 11 19:33:21 php1 sshd\[13500\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.26.43.202 user=root Dec 11 19:33:23 php1 sshd\[13500\]: Failed password for root from 103.26.43.202 port 54568 ssh2 Dec 11 19:41:17 php1 sshd\[14800\]: Invalid user erdem from 103.26.43.202 Dec 11 19:41:17 php1 sshd\[14800\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.26.43.202 Dec 11 19:41:19 php1 sshd\[14800\]: Failed password for invalid user erdem from 103.26.43.202 port 58548 ssh2	2019-12-12 14:02:01

Recently Reported IPs

47.9.103.102	117.212.45.123	70.39.186.188	8.37.226.34
58.8.213.63	40.125.122.176	183.63.253.196	139.28.223.8
51.116.110.71	121.244.91.10	34.75.110.192	196.219.36.42
197.251.226.41	54.208.232.32	197.251.226.2	139.28.139.224
171.255.137.44	185.33.87.5	178.217.49.10	89.102.124.228