117.240.30.145

Basic Info

City: unknown

Region: unknown

Country: India

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 117.240.30.145
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 8586
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;117.240.30.145.			IN	A

;; AUTHORITY SECTION:
.			595	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022030800 1800 900 604800 86400

;; Query time: 55 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Mar 08 14:49:09 CST 2022
;; MSG SIZE  rcvd: 107

Host info

Host 145.30.240.117.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 145.30.240.117.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
59.9.210.52	attack	Unauthorized SSH login attempts	2020-06-15 15:43:21
134.209.208.159	attackspambots	TCP (SYN) 134.209.208.159:46179 -> port 7425, len 44	2020-06-15 15:37:35
185.39.11.47	attack	TCP (SYN) 185.39.11.47:58957 -> port 35246, len 44	2020-06-15 15:58:32
54.38.42.63	attackspambots	Invalid user scanner from 54.38.42.63 port 58588	2020-06-15 15:40:03
92.207.180.50	attackspambots	Jun 14 20:32:46 Tower sshd[7292]: refused connect from 103.45.161.100 (103.45.161.100) Jun 15 03:02:40 Tower sshd[7292]: Connection from 92.207.180.50 port 57062 on 192.168.10.220 port 22 rdomain "" Jun 15 03:02:40 Tower sshd[7292]: Invalid user user from 92.207.180.50 port 57062 Jun 15 03:02:40 Tower sshd[7292]: error: Could not get shadow information for NOUSER Jun 15 03:02:40 Tower sshd[7292]: Failed password for invalid user user from 92.207.180.50 port 57062 ssh2 Jun 15 03:02:41 Tower sshd[7292]: Received disconnect from 92.207.180.50 port 57062:11: Bye Bye [preauth] Jun 15 03:02:41 Tower sshd[7292]: Disconnected from invalid user user 92.207.180.50 port 57062 [preauth]	2020-06-15 15:41:37
101.71.28.72	attack	Jun 15 05:14:31 ajax sshd[8656]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=101.71.28.72 Jun 15 05:14:32 ajax sshd[8656]: Failed password for invalid user danny from 101.71.28.72 port 45461 ssh2	2020-06-15 15:59:41
59.125.182.209	attack	Jun 15 09:14:06 gw1 sshd[17792]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=59.125.182.209 Jun 15 09:14:09 gw1 sshd[17792]: Failed password for invalid user rai from 59.125.182.209 port 60457 ssh2 ...	2020-06-15 15:55:51
191.254.132.180	attackbots	[Mon Jun 15 10:53:00.347457 2020] [:error] [pid 14881:tid 140416430409472] [client 191.254.132.180:35243] [client 191.254.132.180] ModSecurity: Access denied with code 403 (phase 2). Pattern match "^[\\\\d.:]+$" at REQUEST_HEADERS:Host. [file "/etc/modsecurity/owasp-modsecurity-crs-3.2.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "696"] [id "920350"] [msg "Host header is a numeric IP address"] [data "103.27.207.197:80"] [severity "WARNING"] [ver "OWASP_CRS/3.2.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "OWASP_CRS"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/IP_HOST"] [tag "WASCTC/WASC-21"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "103.27.207.197"] [uri "/"] [unique_id "XubwnCkSlPgyt-kn6anvlQAAAfA"] ...	2020-06-15 15:34:29
62.31.252.38	attack	DATE:2020-06-15 06:15:19, IP:62.31.252.38, PORT:ssh SSH brute force auth (docker-dc)	2020-06-15 16:11:31
59.53.183.169	attackbots	1592193174 - 06/15/2020 05:52:54 Host: 59.53.183.169/59.53.183.169 Port: 445 TCP Blocked	2020-06-15 15:42:36
49.145.236.121	attack	1592193179 - 06/15/2020 05:52:59 Host: 49.145.236.121/49.145.236.121 Port: 445 TCP Blocked	2020-06-15 15:33:51
190.111.119.69	attackspambots	$f2bV_matches	2020-06-15 16:14:36
177.152.124.21	attack	Jun 15 07:55:50 minden010 sshd[6755]: Failed password for root from 177.152.124.21 port 42712 ssh2 Jun 15 07:57:35 minden010 sshd[7352]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=177.152.124.21 Jun 15 07:57:37 minden010 sshd[7352]: Failed password for invalid user elias from 177.152.124.21 port 37798 ssh2 ...	2020-06-15 15:42:50
101.231.146.34	attackbots	Jun 15 07:38:10 django-0 sshd\[32356\]: Invalid user liulei from 101.231.146.34Jun 15 07:38:12 django-0 sshd\[32356\]: Failed password for invalid user liulei from 101.231.146.34 port 36786 ssh2Jun 15 07:42:30 django-0 sshd\[32420\]: Invalid user server1 from 101.231.146.34 ...	2020-06-15 15:52:21
167.71.203.254	attackspam	WordPress (CMS) attack attempts. Date: 2020 Jun 15. 04:51:49 Source IP: 167.71.203.254 Portion of the log(s): 167.71.203.254 - [15/Jun/2020:04:51:46 +0200] "GET /wp-login.php HTTP/1.1" 200 2035 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 167.71.203.254 - [15/Jun/2020:04:51:48 +0200] "POST /wp-login.php HTTP/1.1" 200 2235 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 167.71.203.254 - [15/Jun/2020:04:51:49 +0200] "POST /xmlrpc.php HTTP/1.1" 200 421 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-06-15 16:15:42

Recently Reported IPs

117.240.10.43	117.241.167.7	117.241.120.70	117.241.170.63
117.241.133.209	117.241.171.97	117.24.84.175	117.241.180.171
108.59.45.77	117.241.178.254	117.241.187.67	117.241.38.40
117.241.201.156	117.241.181.160	117.241.190.131	117.241.98.240
117.241.98.245	117.241.98.247	117.241.98.252	117.241.185.38