3.210.30.142 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: None

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 3.210.30.142
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 51864
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;3.210.30.142.			IN	A

;; AUTHORITY SECTION:
.			460	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022010801 1800 900 604800 86400

;; Query time: 18 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Jan 09 10:27:21 CST 2022
;; MSG SIZE  rcvd: 105

Host info

142.30.210.3.in-addr.arpa domain name pointer ec2-3-210-30-142.compute-1.amazonaws.com.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
142.30.210.3.in-addr.arpa	name = ec2-3-210-30-142.compute-1.amazonaws.com.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
37.202.74.180	attack	firewall-block, port(s): 23/tcp	2020-07-10 18:55:08
112.133.232.75	attack	07/10/2020-05:41:20.028547 112.133.232.75 Protocol: 6 ET SCAN Suspicious inbound to MSSQL port 1433	2020-07-10 18:47:54
180.183.228.72	attackbotsspam	Automatic report - Port Scan Attack	2020-07-10 19:14:17
192.35.168.225	attackbots	TCP (SYN) 192.35.168.225:41613 -> port 9406, len 44	2020-07-10 18:27:44
223.247.140.89	attackspam	2020-07-10T06:30:34.5527131495-001 sshd[6063]: Failed password for invalid user lilac from 223.247.140.89 port 56954 ssh2 2020-07-10T06:32:25.2878021495-001 sshd[6143]: Invalid user hyku from 223.247.140.89 port 49384 2020-07-10T06:32:25.2951961495-001 sshd[6143]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=223.247.140.89 2020-07-10T06:32:25.2878021495-001 sshd[6143]: Invalid user hyku from 223.247.140.89 port 49384 2020-07-10T06:32:27.2285711495-001 sshd[6143]: Failed password for invalid user hyku from 223.247.140.89 port 49384 ssh2 2020-07-10T06:34:14.4317971495-001 sshd[6269]: Invalid user taryn from 223.247.140.89 port 41812 ...	2020-07-10 19:02:31
114.35.52.91	attackbotsspam	firewall-block, port(s): 88/tcp	2020-07-10 18:44:56
202.138.244.50	attack	DATE:2020-07-10 05:50:06, IP:202.138.244.50, PORT:telnet Telnet brute force auth on honeypot server (epe-honey1-hq)	2020-07-10 18:40:34
201.72.190.98	attackbotsspam	SSH bruteforce	2020-07-10 19:07:47
95.181.131.153	attack	Jul 10 08:28:41 ns382633 sshd\[23421\]: Invalid user chenduo from 95.181.131.153 port 37618 Jul 10 08:28:41 ns382633 sshd\[23421\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=95.181.131.153 Jul 10 08:28:43 ns382633 sshd\[23421\]: Failed password for invalid user chenduo from 95.181.131.153 port 37618 ssh2 Jul 10 08:41:07 ns382633 sshd\[25972\]: Invalid user qhbz from 95.181.131.153 port 58072 Jul 10 08:41:07 ns382633 sshd\[25972\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=95.181.131.153	2020-07-10 19:10:00
94.102.51.17	attack	TCP (SYN) 94.102.51.17:48898 -> port 1028, len 44	2020-07-10 18:49:51
211.215.107.78	attackbots	TCP (SYN) 211.215.107.78:20073 -> port 80, len 44	2020-07-10 18:34:42
178.154.200.49	attack	[Fri Jul 10 10:49:55.306005 2020] [:error] [pid 10596:tid 140046008297216] [client 178.154.200.49:40114] [client 178.154.200.49] ModSecurity: Access denied with code 403 (phase 2). Pattern match "^[\\\\d.:]+$" at REQUEST_HEADERS:Host. [file "/etc/modsecurity/owasp-modsecurity-crs-3.2.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "696"] [id "920350"] [msg "Host header is a numeric IP address"] [data "103.27.207.197"] [severity "WARNING"] [ver "OWASP_CRS/3.2.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "OWASP_CRS"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/IP_HOST"] [tag "WASCTC/WASC-21"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "103.27.207.197"] [uri "/"] [unique_id "XwflYwyyfZuVP@0p3es30QAAAv8"] ...	2020-07-10 19:03:33
114.224.148.92	attackspam	Jul 10 10:30:27 PorscheCustomer sshd[6424]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=114.224.148.92 Jul 10 10:30:29 PorscheCustomer sshd[6424]: Failed password for invalid user basulto from 114.224.148.92 port 22844 ssh2 Jul 10 10:33:52 PorscheCustomer sshd[6557]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=114.224.148.92 ...	2020-07-10 18:44:34
139.198.191.217	attack	Unauthorized access to SSH at 10/Jul/2020:03:50:05 +0000.	2020-07-10 18:52:26
186.216.70.38	attackbotsspam	(smtpauth) Failed SMTP AUTH login from 186.216.70.38 (BR/Brazil/186-216-70-38.uni-wr.mastercabo.com.br): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: 2020-07-10 08:20:14 plain authenticator failed for ([186.216.70.38]) [186.216.70.38]: 535 Incorrect authentication data (set_id=info@sepasgroup.com)	2020-07-10 18:36:54

Recently Reported IPs

2a01:4f8:212:1553::2	222.209.55.244	102.184.109.19	235.180.117.110
194.187.33.16	10.255.73.47	134.40.245.36	109.227.84.158
78.5.1.133	81.252.68.152	151.46.91.140	115.132.190.147
188.210.176.202	118.147.145.79	66.130.29.140	208.94.26.229
36.13.226.233	185.77.51.130	211.179.249.4	57.122.238.249