172.81.130.245

Basic Info

City: Islington

Region: England

Country: United Kingdom

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Scammer logged into one of our user's email accounts from this IP address	2025-01-04 05:03:31
attack	Hacker using this IP address gained unlawful access to a user's email account	2025-01-04 04:57:09

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 172.81.130.245
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 2849
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;172.81.130.245.			IN	A

;; AUTHORITY SECTION:
.			29	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2025010301 1800 900 604800 86400

;; Query time: 10 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Jan 04 03:16:55 CST 2025
;; MSG SIZE  rcvd: 107

Host info

245.130.81.172.in-addr.arpa domain name pointer bkworc.komteno.co.uk.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
245.130.81.172.in-addr.arpa	name = bkworc.komteno.co.uk.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
124.129.230.59	attack	Honeypot attack, port: 23, PTR: PTR record not found	2020-01-02 15:41:14
54.37.159.50	attackbots	no	2020-01-02 15:44:07
49.232.35.211	attackbots	2020-01-02T07:26:50.108013vps751288.ovh.net sshd\[19245\]: Invalid user host from 49.232.35.211 port 44792 2020-01-02T07:26:50.117492vps751288.ovh.net sshd\[19245\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.232.35.211 2020-01-02T07:26:52.638978vps751288.ovh.net sshd\[19245\]: Failed password for invalid user host from 49.232.35.211 port 44792 ssh2 2020-01-02T07:29:32.239056vps751288.ovh.net sshd\[19265\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.232.35.211 user=root 2020-01-02T07:29:33.998260vps751288.ovh.net sshd\[19265\]: Failed password for root from 49.232.35.211 port 35122 ssh2	2020-01-02 15:44:29
222.186.169.194	attack	Jan 2 08:27:05 root sshd[30694]: Failed password for root from 222.186.169.194 port 16876 ssh2 Jan 2 08:27:08 root sshd[30694]: Failed password for root from 222.186.169.194 port 16876 ssh2 Jan 2 08:27:12 root sshd[30694]: Failed password for root from 222.186.169.194 port 16876 ssh2 Jan 2 08:27:15 root sshd[30694]: Failed password for root from 222.186.169.194 port 16876 ssh2 ...	2020-01-02 15:37:42
162.243.41.112	attackspam	SSH Brute-Force reported by Fail2Ban	2020-01-02 15:35:29
178.46.208.117	attackbots	Jan 2 07:29:40 vps339862 kernel: \[2619354.187522\] \[iptables\] PORT DENIED: IN=eth0 OUT= MAC=fa:16:3e:65:a1:f6:22:9b:64:31:28:de:08:00 SRC=178.46.208.117 DST=51.254.206.43 LEN=40 TOS=0x00 PREC=0xE0 TTL=50 ID=37534 PROTO=TCP SPT=1664 DPT=23 SEQ=872336939 ACK=0 WINDOW=42659 RES=0x00 SYN URGP=0 Jan 2 07:29:40 vps339862 kernel: \[2619354.195132\] \[iptables\] PORT DENIED: IN=eth0 OUT= MAC=fa:16:3e:65:a1:f6:22:9b:64:31:28:de:08:00 SRC=178.46.208.117 DST=51.254.206.43 LEN=40 TOS=0x00 PREC=0xE0 TTL=50 ID=37534 PROTO=TCP SPT=1664 DPT=23 SEQ=872336939 ACK=0 WINDOW=42659 RES=0x00 SYN URGP=0 Jan 2 07:29:40 vps339862 kernel: \[2619354.251336\] \[iptables\] PORT DENIED: IN=eth0 OUT= MAC=fa:16:3e:65:a1:f6:22:9b:64:31:28:de:08:00 SRC=178.46.208.117 DST=51.254.206.43 LEN=40 TOS=0x00 PREC=0xE0 TTL=50 ID=37534 PROTO=TCP SPT=1664 DPT=23 SEQ=872336939 ACK=0 WINDOW=42659 RES=0x00 SYN URGP=0 Jan 2 07:29:40 vps339862 kernel: \[2619354.324260\] \[iptables\] PORT DENIED: IN=eth0 OUT= MAC=fa:16:3e:65:a ...	2020-01-02 15:38:18
223.166.241.185	attack	Port Scan	2020-01-02 15:22:58
190.83.193.206	attack	Honeypot attack, port: 81, PTR: PTR record not found	2020-01-02 15:56:31
128.199.142.0	attack	Jan 2 07:29:24 srv206 sshd[14949]: Invalid user workat from 128.199.142.0 ...	2020-01-02 15:51:13
88.5.56.101	attackspam	Automatic report - Port Scan Attack	2020-01-02 15:54:36
89.25.117.63	attackbots	Unauthorised access (Jan 2) SRC=89.25.117.63 LEN=44 TTL=52 ID=7752 TCP DPT=23 WINDOW=61780 SYN	2020-01-02 15:43:35
1.53.111.224	attackspam	fell into ViewStateTrap:oslo	2020-01-02 16:00:12
115.94.204.156	attackbots	Jan 2 08:09:21 DAAP sshd[7977]: Invalid user squid from 115.94.204.156 port 43838 Jan 2 08:09:21 DAAP sshd[7977]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=115.94.204.156 Jan 2 08:09:21 DAAP sshd[7977]: Invalid user squid from 115.94.204.156 port 43838 Jan 2 08:09:23 DAAP sshd[7977]: Failed password for invalid user squid from 115.94.204.156 port 43838 ssh2 Jan 2 08:10:31 DAAP sshd[8048]: Invalid user alveberg from 115.94.204.156 port 39550 ...	2020-01-02 15:30:25
187.63.73.56	attackspam	$f2bV_matches	2020-01-02 15:20:02
200.188.19.31	attackbotsspam	Honeypot attack, port: 445, PTR: static-200-188-19-31.axtel.net.	2020-01-02 15:22:09

Recently Reported IPs

163.207.79.17	237.164.7.47	100.19.242.120	124.188.168.230
252.177.132.58	160.73.64.159	195.156.203.255	192.168.1.244
79.251.204.243	253.218.23.226	36.72.199.219	89.19.176.140
245.188.249.98	179.186.185.252	174.34.32.166	85.247.71.160
172.59.73.0	119.92.237.172	185.157.52.114	61.49.0.68