170.130.187.42

Basic Info

City: unknown

Region: unknown

Country: United States

Internet Service Provider: ServerHub

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Found on Binary Defense / proto=6 . srcport=50042 . dstport=5432 . (3324)	2020-09-25 08:36:29
attack	MultiHost/MultiPort Probe, Scan, Hack -	2020-08-02 00:40:34
attackspam	Unauthorized connection attempt detected from IP address 170.130.187.42 to port 21	2020-07-04 23:58:02
attackspam	Unauthorized connection attempt detected from IP address 170.130.187.42 to port 5900	2020-05-27 01:26:36
attackspam	Automatic report - Banned IP Access	2020-05-21 02:07:32
attackbots	Port scan(s) denied	2020-04-24 07:27:09
attack	9160/tcp 69/tcp 23/tcp... [2020-02-07/04-03]36pkt,13pt.(tcp),1pt.(udp)	2020-04-04 09:59:22
attackbotsspam	Scanning random ports - tries to find possible vulnerable services	2020-03-11 06:01:29
attackbots	Automatic report - Banned IP Access	2020-02-26 07:45:07
attackbotsspam	Unauthorized connection attempt detected from IP address 170.130.187.42 to port 21	2020-01-24 01:36:42
attackspam	Unauthorized connection attempt detected from IP address 170.130.187.42 to port 8444 [J]	2020-01-21 13:59:35
attackspam	TCP 3389 (RDP)	2019-12-16 23:36:34
attackspam	Honeypot hit.	2019-12-08 06:11:22
attackbotsspam	1433/tcp 21/tcp 88/tcp... [2019-09-22/11-22]31pkt,10pt.(tcp),1pt.(udp)	2019-11-23 09:28:05
attack	Scanning random ports - tries to find possible vulnerable services	2019-11-03 07:46:33
attackspam	31.08.2019 01:38:34 Connection to port 3389 blocked by firewall	2019-08-31 13:11:57
attackbots	Honeypot attack, port: 23, PTR: PTR record not found	2019-08-14 08:32:34
attack	161/udp 88/tcp 1433/tcp... [2019-06-13/08-11]24pkt,12pt.(tcp),1pt.(udp)	2019-08-12 09:49:13
attackbotsspam	Honeypot attack, port: 23, PTR: PTR record not found	2019-08-08 07:57:33
attack	17.07.2019 16:36:19 Connection to port 5432 blocked by firewall	2019-07-18 02:43:11
attack	Portscan or hack attempt detected by psad/fwsnort	2019-07-16 06:21:43
attack	MultiHost/MultiPort Probe, Scan, Hack -	2019-07-15 23:33:12

Comments on same subnet:

IP	Type	Details	Datetime
170.130.187.14	attack	TCP (SYN) 170.130.187.14:62942 -> port 23, len 44	2020-10-06 07:12:36
170.130.187.14	attackbots	MultiHost/MultiPort Probe, Scan, Hack -	2020-10-05 23:27:51
170.130.187.14	attack	Telnet/23 MH Probe, Scan, BF, Hack -	2020-10-05 15:26:56
170.130.187.38	attackspambots	Found on Binary Defense / proto=6 . srcport=57831 . dstport=5060 . (3769)	2020-10-05 06:59:38
170.130.187.38	attack	Telnet/23 MH Probe, Scan, BF, Hack -	2020-10-04 23:06:00
170.130.187.38	attackspam	5060/tcp 161/udp 21/tcp... [2020-08-04/10-03]28pkt,7pt.(tcp),1pt.(udp)	2020-10-04 14:51:41
170.130.187.2	attackbots	TCP (SYN) 170.130.187.2:60674 -> port 3389, len 44	2020-10-01 07:32:28
170.130.187.38	attackbots	TCP (SYN) 170.130.187.38:65150 -> port 3306, len 44	2020-10-01 07:32:10
170.130.187.2	attack	TCP (SYN) 170.130.187.2:62860 -> port 21, len 44	2020-10-01 00:01:04
170.130.187.38	attackspam	Icarus honeypot on github	2020-10-01 00:00:42
170.130.187.22	attackspam	TCP (SYN) 170.130.187.22:61709 -> port 5900, len 44	2020-09-25 09:27:42
170.130.187.6	attackbotsspam	Found on Binary Defense / proto=6 . srcport=54214 . dstport=1433 . (3341)	2020-09-25 07:00:19
170.130.187.6	attack	Hit honeypot r.	2020-09-24 23:48:13
170.130.187.30	attackspambots	Hit honeypot r.	2020-09-24 22:32:48
170.130.187.14	attackbotsspam	" "	2020-09-24 20:36:53

Whois info:

Dig info:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 170.130.187.42
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 47178
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;170.130.187.42.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019061400 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Fri Jun 14 15:40:40 CST 2019
;; MSG SIZE  rcvd: 118

Host info

Host 42.187.130.170.in-addr.arpa not found: 2(SERVFAIL)

Nslookup info:

;; Got SERVFAIL reply from 67.207.67.2, trying next server
Server:		67.207.67.3
Address:	67.207.67.3#53

** server can't find 42.187.130.170.in-addr.arpa: SERVFAIL

Related IP info:

Related comments:

IP	Type	Details	Datetime
202.205.92.168	attackspambots	445/tcp [2019-07-20]1pkt	2019-07-20 21:09:42
176.175.111.67	attack	Invalid user dev from 176.175.111.67 port 33055	2019-07-20 21:18:34
192.99.216.184	attack	Mar 2 06:38:23 vtv3 sshd\[17308\]: Invalid user ev from 192.99.216.184 port 34510 Mar 2 06:38:23 vtv3 sshd\[17308\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.99.216.184 Mar 2 06:38:25 vtv3 sshd\[17308\]: Failed password for invalid user ev from 192.99.216.184 port 34510 ssh2 Mar 2 06:44:41 vtv3 sshd\[19313\]: Invalid user dr from 192.99.216.184 port 51897 Mar 2 06:44:41 vtv3 sshd\[19313\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.99.216.184 Mar 10 06:27:55 vtv3 sshd\[5654\]: Invalid user ubuntu from 192.99.216.184 port 34284 Mar 10 06:27:55 vtv3 sshd\[5654\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.99.216.184 Mar 10 06:27:57 vtv3 sshd\[5654\]: Failed password for invalid user ubuntu from 192.99.216.184 port 34284 ssh2 Mar 10 06:33:41 vtv3 sshd\[7923\]: Invalid user test1 from 192.99.216.184 port 49959 Mar 10 06:33:41 vtv3 sshd\[7923\]: pam_unix	2019-07-20 20:48:46
102.133.227.228	attack	123/udp [2019-07-20]1pkt	2019-07-20 20:52:19
89.100.21.40	attackspambots	Jul 20 08:54:30 vps200512 sshd\[28863\]: Invalid user deploy from 89.100.21.40 Jul 20 08:54:30 vps200512 sshd\[28863\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=89.100.21.40 Jul 20 08:54:33 vps200512 sshd\[28863\]: Failed password for invalid user deploy from 89.100.21.40 port 58340 ssh2 Jul 20 08:59:28 vps200512 sshd\[28977\]: Invalid user test from 89.100.21.40 Jul 20 08:59:28 vps200512 sshd\[28977\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=89.100.21.40	2019-07-20 21:06:25
139.59.81.185	attackspambots	Malware	2019-07-20 21:28:20
207.154.209.159	attackbots	Jan 27 15:55:29 vtv3 sshd\[13274\]: Invalid user shirley from 207.154.209.159 port 33774 Jan 27 15:55:29 vtv3 sshd\[13274\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=207.154.209.159 Jan 27 15:55:31 vtv3 sshd\[13274\]: Failed password for invalid user shirley from 207.154.209.159 port 33774 ssh2 Jan 27 15:59:31 vtv3 sshd\[13799\]: Invalid user webmail from 207.154.209.159 port 38756 Jan 27 15:59:31 vtv3 sshd\[13799\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=207.154.209.159 Feb 4 09:36:48 vtv3 sshd\[10093\]: Invalid user moo from 207.154.209.159 port 34072 Feb 4 09:36:48 vtv3 sshd\[10093\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=207.154.209.159 Feb 4 09:36:50 vtv3 sshd\[10093\]: Failed password for invalid user moo from 207.154.209.159 port 34072 ssh2 Feb 4 09:40:55 vtv3 sshd\[11394\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tt	2019-07-20 20:49:31
69.138.30.68	attack	23/tcp [2019-07-20]1pkt	2019-07-20 21:01:34
93.21.138.116	attackbots	Invalid user sun from 93.21.138.116 port 39832	2019-07-20 20:47:36
113.184.12.203	attackspambots	445/tcp [2019-07-20]1pkt	2019-07-20 20:42:37
218.92.0.210	attackspambots	2019-07-20T12:15:22.730722abusebot-3.cloudsearch.cf sshd\[26967\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.210 user=root	2019-07-20 20:43:51
212.51.70.103	attack	Honeypot attack, port: 23, PTR: PTR record not found	2019-07-20 20:40:57
123.201.92.4	attackbots	445/tcp [2019-07-20]1pkt	2019-07-20 20:47:09
187.230.41.95	attackbots	8080/tcp [2019-07-20]1pkt	2019-07-20 20:53:57
91.217.78.155	attackbotsspam	[portscan] Port scan	2019-07-20 20:58:43

Recently Reported IPs

94.232.185.242	14.248.82.75	138.47.173.207	125.112.175.88
206.212.244.202	152.254.243.181	160.41.236.86	186.85.44.112
113.190.232.117	24.115.127.220	171.240.241.105	118.173.103.4
58.182.213.76	120.77.168.69	191.241.243.213	25.141.199.207
165.199.70.119	28.165.92.104	240e:344:800:82d:4424:4ebf:980c:e048	152.5.195.45