103.71.66.67 - IPInfo

Basic Info

City: Solapur

Region: Maharashtra

Country: India

Internet Service Provider: NAS Broadband Pvt Ltd

Hostname: unknown

Organization: unknown

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbotsspam	SSH_scan	2020-09-09 02:33:50
attackspambots	Sep 6 04:51:02 server sshd[4560]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.71.66.67 Sep 6 04:51:03 server sshd[4560]: Failed password for invalid user wanght from 103.71.66.67 port 38984 ssh2 Sep 6 04:57:41 server sshd[4800]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.71.66.67 Sep 6 04:57:43 server sshd[4800]: Failed password for invalid user logger from 103.71.66.67 port 33002 ssh2	2020-09-08 18:03:09
attackspam	2020-07-23T17:12:25.757501afi-git.jinr.ru sshd[25309]: Failed password for redmine from 103.71.66.67 port 45882 ssh2 2020-07-23T17:17:19.745015afi-git.jinr.ru sshd[26590]: Invalid user daniela from 103.71.66.67 port 60772 2020-07-23T17:17:19.748329afi-git.jinr.ru sshd[26590]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.71.66.67 2020-07-23T17:17:19.745015afi-git.jinr.ru sshd[26590]: Invalid user daniela from 103.71.66.67 port 60772 2020-07-23T17:17:21.637414afi-git.jinr.ru sshd[26590]: Failed password for invalid user daniela from 103.71.66.67 port 60772 ssh2 ...	2020-07-23 22:23:55
attackspambots	Port Scan detected from 103.71.66.67 (IN/India/Maharashtra/Solapur/ns1.nbplsolapur.com). 4 hits in the last 180 seconds	2020-07-21 08:15:05
attack	Jul 19 19:19:35 OPSO sshd\[15334\]: Invalid user gaowei from 103.71.66.67 port 50520 Jul 19 19:19:35 OPSO sshd\[15334\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.71.66.67 Jul 19 19:19:37 OPSO sshd\[15334\]: Failed password for invalid user gaowei from 103.71.66.67 port 50520 ssh2 Jul 19 19:24:38 OPSO sshd\[16702\]: Invalid user minecraft from 103.71.66.67 port 39266 Jul 19 19:24:38 OPSO sshd\[16702\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.71.66.67	2020-07-20 01:37:28
attack	Jul 15 21:01:52 server6 sshd[5707]: Address 103.71.66.67 maps to nxxxxxxx.nbplsolapur.com, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT! Jul 15 21:01:55 server6 sshd[5707]: Failed password for invalid user maundy from 103.71.66.67 port 40894 ssh2 Jul 15 21:01:55 server6 sshd[5707]: Received disconnect from 103.71.66.67: 11: Bye Bye [preauth] Jul 15 21:09:17 server6 sshd[12783]: Address 103.71.66.67 maps to nxxxxxxx.nbplsolapur.com, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT! Jul 15 21:09:19 server6 sshd[12783]: Failed password for invalid user ftpuser from 103.71.66.67 port 36658 ssh2 Jul 15 21:09:19 server6 sshd[12783]: Received disconnect from 103.71.66.67: 11: Bye Bye [preauth] Jul 15 21:14:07 server6 sshd[17781]: Address 103.71.66.67 maps to nxxxxxxx.nbplsolapur.com, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT! Jul 15 21:14:09 server6 sshd[17781]: Failed password for invalid user paresh fr........ -------------------------------	2020-07-16 20:26:29
attack	20 attempts against mh-ssh on acorn	2020-07-16 06:57:36

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 103.71.66.67
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 60855
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;103.71.66.67.			IN	A

;; AUTHORITY SECTION:
.			121	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020071501 1800 900 604800 86400

;; Query time: 31 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Jul 16 06:57:33 CST 2020
;; MSG SIZE  rcvd: 116

Host info

67.66.71.103.in-addr.arpa domain name pointer ns1.nbplsolapur.com.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
67.66.71.103.in-addr.arpa	name = ns1.nbplsolapur.com.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
69.47.161.24	attackbots	SSH login attempts.	2020-10-12 18:45:44
92.50.249.166	attackspambots	$f2bV_matches	2020-10-12 19:05:15
178.62.92.70	attackbotsspam	Found on CINS badguys / proto=6 . srcport=61953 . dstport=8083 . (517)	2020-10-12 19:16:43
139.99.155.219	attackbotsspam	2020-10-12T10:02:31.899236abusebot.cloudsearch.cf sshd[9778]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=vps-63118ed8.vps.ovh.ca user=root 2020-10-12T10:02:33.778229abusebot.cloudsearch.cf sshd[9778]: Failed password for root from 139.99.155.219 port 55466 ssh2 2020-10-12T10:06:15.032752abusebot.cloudsearch.cf sshd[9839]: Invalid user Csenge from 139.99.155.219 port 41906 2020-10-12T10:06:15.037980abusebot.cloudsearch.cf sshd[9839]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=vps-63118ed8.vps.ovh.ca 2020-10-12T10:06:15.032752abusebot.cloudsearch.cf sshd[9839]: Invalid user Csenge from 139.99.155.219 port 41906 2020-10-12T10:06:17.334683abusebot.cloudsearch.cf sshd[9839]: Failed password for invalid user Csenge from 139.99.155.219 port 41906 ssh2 2020-10-12T10:09:29.853578abusebot.cloudsearch.cf sshd[9888]: Invalid user yongmi from 139.99.155.219 port 56588 ...	2020-10-12 18:47:41
193.29.15.169	attackbotsspam	UDP ports : 123 / 389 / 1900	2020-10-12 19:01:28
36.133.40.103	attackspam	Oct 12 04:28:27 roki-contabo sshd\[3147\]: Invalid user gail from 36.133.40.103 Oct 12 04:28:27 roki-contabo sshd\[3147\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=36.133.40.103 Oct 12 04:28:29 roki-contabo sshd\[3147\]: Failed password for invalid user gail from 36.133.40.103 port 59640 ssh2 Oct 12 04:43:19 roki-contabo sshd\[3511\]: Invalid user matt from 36.133.40.103 Oct 12 04:43:19 roki-contabo sshd\[3511\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=36.133.40.103 ...	2020-10-12 19:27:30
210.56.23.100	attackspam	ssh brute force	2020-10-12 19:05:49
40.86.72.197	attackbots	Icarus honeypot on github	2020-10-12 18:46:10
185.220.101.17	attackspam	TCP (SYN) 185.220.101.17:33040 -> port 1080, len 52	2020-10-12 19:01:45
45.142.120.58	attackbotsspam	2020-10-12 12:42:11 dovecot_login authenticator failed for $localhost$ \[45.142.120.58\]: 535 Incorrect authentication data $set_id=janjan@no-server.de$ 2020-10-12 12:47:12 dovecot_login authenticator failed for $localhost$ \[45.142.120.58\]: 535 Incorrect authentication data 2020-10-12 12:47:17 dovecot_login authenticator failed for $localhost$ \[45.142.120.58\]: 535 Incorrect authentication data 2020-10-12 12:47:21 dovecot_login authenticator failed for $localhost$ \[45.142.120.58\]: 535 Incorrect authentication data 2020-10-12 12:51:51 dovecot_login authenticator failed for $localhost$ \[45.142.120.58\]: 535 Incorrect authentication data $set_id=werewolf@no-server.de$ ...	2020-10-12 19:03:44
130.162.64.72	attackbots	Oct 11 22:31:56 vps-51d81928 sshd[756528]: Invalid user infomail from 130.162.64.72 port 49878 Oct 11 22:31:56 vps-51d81928 sshd[756528]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=130.162.64.72 Oct 11 22:31:56 vps-51d81928 sshd[756528]: Invalid user infomail from 130.162.64.72 port 49878 Oct 11 22:31:58 vps-51d81928 sshd[756528]: Failed password for invalid user infomail from 130.162.64.72 port 49878 ssh2 Oct 11 22:36:09 vps-51d81928 sshd[756607]: Invalid user mana from 130.162.64.72 port 23723 ...	2020-10-12 19:14:22
167.114.155.2	attack	Brute-force attempt banned	2020-10-12 19:09:21
190.230.193.39	attack	Unauthorised access (Oct 11) SRC=190.230.193.39 LEN=52 TTL=113 ID=13048 DF TCP DPT=445 WINDOW=8192 SYN	2020-10-12 19:16:12
106.13.82.231	attack	Oct 12 13:11:55 dignus sshd[29800]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.82.231 user=root Oct 12 13:11:57 dignus sshd[29800]: Failed password for root from 106.13.82.231 port 35120 ssh2 Oct 12 13:13:43 dignus sshd[29840]: Invalid user adalberto from 106.13.82.231 port 58826 Oct 12 13:13:43 dignus sshd[29840]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.82.231 Oct 12 13:13:45 dignus sshd[29840]: Failed password for invalid user adalberto from 106.13.82.231 port 58826 ssh2 ...	2020-10-12 19:24:38
45.173.205.136	attack	warning: unknown\[45.173.205.136\]: PLAIN authentication failed:	2020-10-12 18:53:20

Recently Reported IPs

71.116.187.73	143.169.13.114	145.239.85.21	78.176.215.16
180.182.2.122	172.19.25.188	17.26.133.225	77.138.251.21
110.37.223.142	173.174.38.163	56.203.20.111	93.160.255.11
124.90.173.120	41.123.46.42	52.51.22.101	166.247.225.111
50.111.122.3	176.72.202.169	134.85.158.235	87.72.7.197