103.140.30.172

Basic Info

City: unknown

Region: unknown

Country: Pakistan

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

Type

Details

Datetime

103.140.30.173

attack

This IP tried to hack my protonmail account.. 
Login failure (password) 	103.140.30.173 	May 15, 2021 3:39:04 PM

This year’s failed hack attempts to my protonmail account..  I think it's all China cyber-warfare...
	209.234.253.61        Jan 14, 2021 9:03:05 AM
        69.241.4.90              Jan 17, 2021 9:12:18 PM 
	83.171.114.92 	Jan 21, 2021 1:37:10 PM
 	45.164.248.46 	Jan 24, 2021 2:41:05 PM
	116.58.247.37 	Jan 26, 2021 7:20:20 PM
	187.180.249.117 	Jan 28, 2021 9:59:15 AM
	  186.219.3.5 	        Feb 8, 2021 9:50:14 PM
	177.200.70.81 	Feb 9, 2021 9:45:53 PM
	105.163.1.34 	        Feb 12, 2021 11:16:33 AM
       102.166.14.32           Feb 24, 2021 11:10:36 AM
 	27.54.182.124 	Mar 4, 2021 2:49:34 PM
        14.171.48.181          Mar 8, 2021 2:31:06 AM
	187.20.68.165 	Mar 10, 2021 3:36:32 PM
	177.128.198.125 	Mar 18, 2021 2:36:09 AM
        118.174.135.2          Mar 22, 2021 9:17:41 AM
 	78.27.74.67 	        Mar 23, 2021 7:44:05 
 	49.228.146.66 	Mar 26, 2021 11:47:21 PM
	117.55.243.82 	Mar 27, 2021 3:22:47 AM
	95.31.5.29 	        Mar 28, 2021 10:38:35 PM
	202.129.54.101 	Apr 1, 2021 4:20:02 AM
 	203.158.222.31 	Apr 2, 2021 7:32:56 PM
	201.63.126.161 	Apr 3, 2021 1:37:32 AM
 	112.133.243.109 	Apr 8, 2021 3:17:08 PM
 	212.58.103.232 	Apr 7, 2021 12:02:09 PM
 	123.252.135.82 	Apr 7, 2021 11:58:51 PM
	91.246.238.72 	Apr 12, 2021 3:19:15 AM
 	123.49.62.165 	Apr 13, 2021 6:32:20 PM
	123.25.207.15 	Apr 16, 2021 9:19:28 AM
        36.89.51.169 	        Apr 19, 2021 5:02:12 AM
 	103.140.30.173 	May 15, 2021 3:39:04 PM

2021-05-16 12:18:26

103.140.30.173

attackbotsspam

Dec 19 15:39:30 grey postfix/smtpd\[23251\]: NOQUEUE: reject: RCPT from unknown\[103.140.30.173\]: 554 5.7.1 Service unavailable\; Client host \[103.140.30.173\] blocked using truncate.gbudb.net\; http://www.gbudb.com/truncate/ \[103.140.30.173\]\; from=\ to=\ proto=ESMTP helo=\<\[103.140.30.173\]\>
...

2019-12-19 22:58:04

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 103.140.30.172
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 42194
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;103.140.30.172.			IN	A

;; AUTHORITY SECTION:
.			552	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022011000 1800 900 604800 86400

;; Query time: 19 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Jan 11 00:30:39 CST 2022
;; MSG SIZE  rcvd: 107

Host info

Host 172.30.140.103.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 172.30.140.103.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
133.167.38.11	attackbots	Dec 9 20:19:23 web8 sshd\[1782\]: Invalid user named from 133.167.38.11 Dec 9 20:19:23 web8 sshd\[1782\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=133.167.38.11 Dec 9 20:19:25 web8 sshd\[1782\]: Failed password for invalid user named from 133.167.38.11 port 53922 ssh2 Dec 9 20:25:31 web8 sshd\[5053\]: Invalid user mercury from 133.167.38.11 Dec 9 20:25:31 web8 sshd\[5053\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=133.167.38.11	2019-12-10 06:32:17
51.75.248.127	attack	Dec 8 06:27:05 mail sshd[27327]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.75.248.127 Dec 8 06:27:07 mail sshd[27327]: Failed password for invalid user admin from 51.75.248.127 port 54554 ssh2 Dec 8 06:32:34 mail sshd[28591]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.75.248.127	2019-12-10 07:09:34
211.23.61.194	attack	Dec 9 21:34:03 cvbnet sshd[14335]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=211.23.61.194 Dec 9 21:34:05 cvbnet sshd[14335]: Failed password for invalid user test from 211.23.61.194 port 48608 ssh2 ...	2019-12-10 06:42:15
162.250.97.47	attackspambots	Dec 9 21:59:00 [host] sshd[32679]: Invalid user admin from 162.250.97.47 Dec 9 21:59:00 [host] sshd[32679]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=162.250.97.47 Dec 9 21:59:02 [host] sshd[32679]: Failed password for invalid user admin from 162.250.97.47 port 34567 ssh2	2019-12-10 06:51:17
104.140.188.22	attackbots	SNMP Scan	2019-12-10 07:12:30
145.239.88.184	attackbots	$f2bV_matches	2019-12-10 07:03:26
124.207.209.114	attack	failed_logins	2019-12-10 07:07:50
113.172.173.109	attack	Dec 9 14:59:07 l02a sshd[11793]: Invalid user admin from 113.172.173.109 Dec 9 14:59:07 l02a sshd[11793]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=113.172.173.109 Dec 9 14:59:07 l02a sshd[11793]: Invalid user admin from 113.172.173.109 Dec 9 14:59:09 l02a sshd[11793]: Failed password for invalid user admin from 113.172.173.109 port 43497 ssh2	2019-12-10 06:51:51
106.13.87.170	attack	2019-12-09T15:38:21.125723abusebot-5.cloudsearch.cf sshd\[13832\]: Invalid user etnografisk from 106.13.87.170 port 52058	2019-12-10 06:42:44
119.146.144.19	attackbots	[munged]::443 119.146.144.19 - - [09/Dec/2019:15:58:18 +0100] "POST /[munged]: HTTP/1.1" 200 10030 "http://[munged]:/[munged]:" "Mozilla/5.0 (Windows NT 6.1; rv:60.0) Gecko/20100101 Firefox/60.0" [munged]::443 119.146.144.19 - - [09/Dec/2019:15:58:22 +0100] "POST /[munged]: HTTP/1.1" 200 6180 "http://[munged]:/[munged]:" "Mozilla/5.0 (Windows NT 6.1; rv:60.0) Gecko/20100101 Firefox/60.0" [munged]::443 119.146.144.19 - - [09/Dec/2019:15:58:29 +0100] "POST /[munged]: HTTP/1.1" 200 6180 "http://[munged]:/[munged]:" "Mozilla/5.0 (Windows NT 6.1; rv:60.0) Gecko/20100101 Firefox/60.0" [munged]::443 119.146.144.19 - - [09/Dec/2019:15:58:33 +0100] "POST /[munged]: HTTP/1.1" 200 6180 "http://[munged]:/[munged]:" "Mozilla/5.0 (Windows NT 6.1; rv:60.0) Gecko/20100101 Firefox/60.0" [munged]::443 119.146.144.19 - - [09/Dec/2019:15:58:36 +0100] "POST /[munged]: HTTP/1.1" 200 6180 "http://[munged]:/[munged]:" "Mozilla/5.0 (Windows NT 6.1; rv:60.0) Gecko/20100101 Firefox/60.0" [munged]::443 119.146.144.19 - - [09/Dec/2019:15	2019-12-10 07:03:47
128.199.177.16	attackbotsspam	2019-12-09T22:53:54.477164abusebot.cloudsearch.cf sshd\[624\]: Invalid user feig from 128.199.177.16 port 46074	2019-12-10 07:10:32
104.140.188.34	attackspam	10443/tcp 1433/tcp 23/tcp... [2019-12-06/09]6pkt,4pt.(tcp),1pt.(udp)	2019-12-10 06:54:50
188.165.236.25	attack	Unauthorized connection attempt detected from IP address 188.165.236.25 to port 5985	2019-12-10 07:16:05
117.243.219.93	attackbots	[munged]::80 117.243.219.93 - - [09/Dec/2019:15:59:12 +0100] "POST /[munged]: HTTP/1.1" 200 4225 "http://[munged]:/[munged]:" "Mozilla/5.0 (Windows NT 6.1; rv:60.0) Gecko/20100101 Firefox/60.0" [munged]::80 117.243.219.93 - - [09/Dec/2019:15:59:13 +0100] "POST /[munged]: HTTP/1.1" 200 4225 "http://[munged]:/[munged]:" "Mozilla/5.0 (Windows NT 6.1; rv:60.0) Gecko/20100101 Firefox/60.0" [munged]::80 117.243.219.93 - - [09/Dec/2019:15:59:14 +0100] "POST /[munged]: HTTP/1.1" 200 4225 "http://[munged]:/[munged]:" "Mozilla/5.0 (Windows NT 6.1; rv:60.0) Gecko/20100101 Firefox/60.0" [munged]::80 117.243.219.93 - - [09/Dec/2019:15:59:16 +0100] "POST /[munged]: HTTP/1.1" 200 4225 "http://[munged]:/[munged]:" "Mozilla/5.0 (Windows NT 6.1; rv:60.0) Gecko/20100101 Firefox/60.0" [munged]::80 117.243.219.93 - - [09/Dec/2019:15:59:17 +0100] "POST /[munged]: HTTP/1.1" 200 4225 "http://[munged]:/[munged]:" "Mozilla/5.0 (Windows NT 6.1; rv:60.0) Gecko/20100101 Firefox/60.0" [munged]::80 117.243.219.93 - - [09/Dec/2019:15:59:18	2019-12-10 06:34:29
80.211.158.23	attack	Dec 9 23:31:45 MK-Soft-Root1 sshd[28599]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.211.158.23 Dec 9 23:31:47 MK-Soft-Root1 sshd[28599]: Failed password for invalid user admin from 80.211.158.23 port 47258 ssh2 ...	2019-12-10 06:38:47

Recently Reported IPs

141.1.79.65	182.253.99.170	140.218.82.146	104.145.3.230
109.19.193.77	140.29.46.126	1.195.131.162	109.79.120.33
140.90.173.68	15.203.235.130	105.68.175.41	0.209.99.122
235.96.39.18	100.249.195.120	119.90.163.251	24.43.222.14
139.105.196.170	123.103.239.202	117.236.250.225	234.113.92.7