103.71.66.67 - IPInfo

Basic Info

City: Solapur

Region: Maharashtra

Country: India

Internet Service Provider: NAS Broadband Pvt Ltd

Hostname: unknown

Organization: unknown

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbotsspam	SSH_scan	2020-09-09 02:33:50
attackspambots	Sep 6 04:51:02 server sshd[4560]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.71.66.67 Sep 6 04:51:03 server sshd[4560]: Failed password for invalid user wanght from 103.71.66.67 port 38984 ssh2 Sep 6 04:57:41 server sshd[4800]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.71.66.67 Sep 6 04:57:43 server sshd[4800]: Failed password for invalid user logger from 103.71.66.67 port 33002 ssh2	2020-09-08 18:03:09
attackspam	2020-07-23T17:12:25.757501afi-git.jinr.ru sshd[25309]: Failed password for redmine from 103.71.66.67 port 45882 ssh2 2020-07-23T17:17:19.745015afi-git.jinr.ru sshd[26590]: Invalid user daniela from 103.71.66.67 port 60772 2020-07-23T17:17:19.748329afi-git.jinr.ru sshd[26590]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.71.66.67 2020-07-23T17:17:19.745015afi-git.jinr.ru sshd[26590]: Invalid user daniela from 103.71.66.67 port 60772 2020-07-23T17:17:21.637414afi-git.jinr.ru sshd[26590]: Failed password for invalid user daniela from 103.71.66.67 port 60772 ssh2 ...	2020-07-23 22:23:55
attackspambots	Port Scan detected from 103.71.66.67 (IN/India/Maharashtra/Solapur/ns1.nbplsolapur.com). 4 hits in the last 180 seconds	2020-07-21 08:15:05
attack	Jul 19 19:19:35 OPSO sshd\[15334\]: Invalid user gaowei from 103.71.66.67 port 50520 Jul 19 19:19:35 OPSO sshd\[15334\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.71.66.67 Jul 19 19:19:37 OPSO sshd\[15334\]: Failed password for invalid user gaowei from 103.71.66.67 port 50520 ssh2 Jul 19 19:24:38 OPSO sshd\[16702\]: Invalid user minecraft from 103.71.66.67 port 39266 Jul 19 19:24:38 OPSO sshd\[16702\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.71.66.67	2020-07-20 01:37:28
attack	Jul 15 21:01:52 server6 sshd[5707]: Address 103.71.66.67 maps to nxxxxxxx.nbplsolapur.com, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT! Jul 15 21:01:55 server6 sshd[5707]: Failed password for invalid user maundy from 103.71.66.67 port 40894 ssh2 Jul 15 21:01:55 server6 sshd[5707]: Received disconnect from 103.71.66.67: 11: Bye Bye [preauth] Jul 15 21:09:17 server6 sshd[12783]: Address 103.71.66.67 maps to nxxxxxxx.nbplsolapur.com, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT! Jul 15 21:09:19 server6 sshd[12783]: Failed password for invalid user ftpuser from 103.71.66.67 port 36658 ssh2 Jul 15 21:09:19 server6 sshd[12783]: Received disconnect from 103.71.66.67: 11: Bye Bye [preauth] Jul 15 21:14:07 server6 sshd[17781]: Address 103.71.66.67 maps to nxxxxxxx.nbplsolapur.com, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT! Jul 15 21:14:09 server6 sshd[17781]: Failed password for invalid user paresh fr........ -------------------------------	2020-07-16 20:26:29
attack	20 attempts against mh-ssh on acorn	2020-07-16 06:57:36

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 103.71.66.67
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 60855
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;103.71.66.67.			IN	A

;; AUTHORITY SECTION:
.			121	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020071501 1800 900 604800 86400

;; Query time: 31 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Jul 16 06:57:33 CST 2020
;; MSG SIZE  rcvd: 116

Host info

67.66.71.103.in-addr.arpa domain name pointer ns1.nbplsolapur.com.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
67.66.71.103.in-addr.arpa	name = ns1.nbplsolapur.com.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
220.191.239.6	attack	1577773577 - 12/31/2019 07:26:17 Host: 220.191.239.6/220.191.239.6 Port: 445 TCP Blocked	2019-12-31 16:56:48
95.173.179.118	attack	Automatic report - XMLRPC Attack	2019-12-31 16:49:40
111.231.219.142	attack	Dec 31 08:37:19 dedicated sshd[30112]: Invalid user support from 111.231.219.142 port 41462	2019-12-31 16:52:52
60.190.98.27	attackspam	Host Scan	2019-12-31 16:47:30
91.246.1.9	attackspam	[portscan] Port scan	2019-12-31 16:41:02
222.186.175.163	attackbots	2019-12-31T08:42:46.347642abusebot-7.cloudsearch.cf sshd[29419]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.163 user=root 2019-12-31T08:42:47.780418abusebot-7.cloudsearch.cf sshd[29419]: Failed password for root from 222.186.175.163 port 52836 ssh2 2019-12-31T08:42:51.195884abusebot-7.cloudsearch.cf sshd[29419]: Failed password for root from 222.186.175.163 port 52836 ssh2 2019-12-31T08:42:46.347642abusebot-7.cloudsearch.cf sshd[29419]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.163 user=root 2019-12-31T08:42:47.780418abusebot-7.cloudsearch.cf sshd[29419]: Failed password for root from 222.186.175.163 port 52836 ssh2 2019-12-31T08:42:51.195884abusebot-7.cloudsearch.cf sshd[29419]: Failed password for root from 222.186.175.163 port 52836 ssh2 2019-12-31T08:42:46.347642abusebot-7.cloudsearch.cf sshd[29419]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 ...	2019-12-31 16:43:19
186.89.40.127	attack	1577773576 - 12/31/2019 07:26:16 Host: 186.89.40.127/186.89.40.127 Port: 445 TCP Blocked	2019-12-31 16:58:20
54.36.63.4	attackbotsspam	MultiHost/MultiPort Probe, Scan, Hack -	2019-12-31 16:59:19
134.175.124.221	attackbotsspam	Dec 30 08:45:52 v11 sshd[3199]: Invalid user bhide from 134.175.124.221 port 33044 Dec 30 08:45:54 v11 sshd[3199]: Failed password for invalid user bhide from 134.175.124.221 port 33044 ssh2 Dec 30 08:45:54 v11 sshd[3199]: Received disconnect from 134.175.124.221 port 33044:11: Bye Bye [preauth] Dec 30 08:45:54 v11 sshd[3199]: Disconnected from 134.175.124.221 port 33044 [preauth] Dec 30 08:58:03 v11 sshd[3847]: Invalid user yuke from 134.175.124.221 port 44306 Dec 30 08:58:04 v11 sshd[3847]: Failed password for invalid user yuke from 134.175.124.221 port 44306 ssh2 Dec 30 08:58:05 v11 sshd[3847]: Received disconnect from 134.175.124.221 port 44306:11: Bye Bye [preauth] Dec 30 08:58:05 v11 sshd[3847]: Disconnected from 134.175.124.221 port 44306 [preauth] Dec 30 09:00:19 v11 sshd[3980]: Invalid user jtsai from 134.175.124.221 port 34512 Dec 30 09:00:22 v11 sshd[3980]: Failed password for invalid user jtsai from 134.175.124.221 port 34512 ssh2 Dec 30 09:00:22 v11 sshd[39........ -------------------------------	2019-12-31 17:00:06
122.142.133.93	attack	Automatic report - Port Scan Attack	2019-12-31 16:46:13
114.237.109.158	attackbots	Dec 31 07:26:37 grey postfix/smtpd\[2147\]: NOQUEUE: reject: RCPT from unknown\[114.237.109.158\]: 554 5.7.1 Service unavailable\; Client host \[114.237.109.158\] blocked using truncate.gbudb.net\; http://www.gbudb.com/truncate/ \[114.237.109.158\]\; from=\ to=\ proto=ESMTP helo=\ ...	2019-12-31 16:42:07
111.67.197.14	attackspam	Dec 31 01:25:52 plusreed sshd[7618]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.67.197.14 user=root Dec 31 01:25:54 plusreed sshd[7618]: Failed password for root from 111.67.197.14 port 46400 ssh2 ...	2019-12-31 17:10:35
119.28.191.184	attackbots	Dec 31 07:25:46 lnxweb61 sshd[29629]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.28.191.184	2019-12-31 17:15:53
115.85.16.11	attackspambots	12/31/2019-07:26:36.243344 115.85.16.11 Protocol: 6 ET SCAN Suspicious inbound to MSSQL port 1433	2019-12-31 16:42:43
178.34.188.52	attackbots	178.34.188.52 - - [31/Dec/2019:06:25:59 +0000] "POST /wp/wp-login.php HTTP/1.1" 200 6239 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 178.34.188.52 - - [31/Dec/2019:06:26:00 +0000] "POST /wp/xmlrpc.php HTTP/1.1" 200 403 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2019-12-31 17:07:26

Recently Reported IPs

71.116.187.73	143.169.13.114	145.239.85.21	78.176.215.16
180.182.2.122	172.19.25.188	17.26.133.225	77.138.251.21
110.37.223.142	173.174.38.163	56.203.20.111	93.160.255.11
124.90.173.120	41.123.46.42	52.51.22.101	166.247.225.111
50.111.122.3	176.72.202.169	134.85.158.235	87.72.7.197