70.39.21.131 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: United States

Internet Service Provider: Minerva Valley Telephone Company

Hostname: unknown

Organization: unknown

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	5431/tcp 5431/tcp [2019-07-04/08-27]2pkt	2019-08-28 12:31:15

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 70.39.21.131
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 9216
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;70.39.21.131.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019082701 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Wed Aug 28 12:31:08 CST 2019
;; MSG SIZE  rcvd: 116

Host info

131.21.39.70.in-addr.arpa domain name pointer zrng-05-131.dsl.netins.net.

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
131.21.39.70.in-addr.arpa	name = zrng-05-131.dsl.netins.net.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
185.176.27.58	attackbotsspam	firewall-block, port(s): 7463/tcp, 7471/tcp	2019-06-26 15:58:34
158.69.217.202	attack	WordPress login Brute force / Web App Attack on client site.	2019-06-26 16:17:06
47.92.241.11	attackbots	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-06-26 02:04:27,898 INFO [amun_request_handler] unknown vuln (Attacker: 47.92.241.11 Port: 554, Mess: ['\x80\x00\x00(r\xfe\x1d\x13\x00\x00\x00\x00\x00\x00\x00\x02\x00\x01\x86\xa0\x00\x01\x97\|\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00'] (44) Stages: ['HELIX_STAGE1'])	2019-06-26 16:30:38
59.9.31.195	attackbots	Jun 24 19:50:03 sanyalnet-cloud-vps3 sshd[2372]: Connection from 59.9.31.195 port 51276 on 45.62.248.66 port 22 Jun 24 19:50:04 sanyalnet-cloud-vps3 sshd[2372]: Invalid user piao from 59.9.31.195 Jun 24 19:50:04 sanyalnet-cloud-vps3 sshd[2372]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=59.9.31.195 Jun 24 19:50:07 sanyalnet-cloud-vps3 sshd[2372]: Failed password for invalid user piao from 59.9.31.195 port 51276 ssh2 Jun 24 19:50:07 sanyalnet-cloud-vps3 sshd[2372]: Received disconnect from 59.9.31.195: 11: Bye Bye [preauth] Jun 24 19:52:40 sanyalnet-cloud-vps3 sshd[2459]: Connection from 59.9.31.195 port 33339 on 45.62.248.66 port 22 Jun 24 19:52:42 sanyalnet-cloud-vps3 sshd[2459]: Invalid user sang from 59.9.31.195 Jun 24 19:52:42 sanyalnet-cloud-vps3 sshd[2459]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=59.9.31.195 Jun 24 19:52:44 sanyalnet-cloud-vps3 sshd[2459]: Failed passwor........ -------------------------------	2019-06-26 16:14:14
45.225.120.21	attack	Honeypot attack, port: 445, PTR: PTR record not found	2019-06-26 16:15:11
156.54.202.242	attackbots	WordPress login Brute force / Web App Attack on client site.	2019-06-26 16:34:39
118.69.67.248	attack	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-06-26 00:13:03,383 INFO [shellcode_manager] (118.69.67.248) no match, writing hexdump (467086d37a8578636d10abac3e7c2413 :2252798) - MS17010 (EternalBlue)	2019-06-26 16:13:49
81.22.45.148	attack	26.06.2019 07:31:08 Connection to port 33901 blocked by firewall	2019-06-26 15:39:27
77.247.109.30	attack	Scanning (more than 2 packets) random ports - tries to find possible vulnerable services	2019-06-26 15:42:50
81.22.45.239	attackspambots	26.06.2019 07:39:03 Connection to port 4043 blocked by firewall	2019-06-26 16:07:54
110.36.222.83	attackspambots	23/tcp 23/tcp 23/tcp... [2019-05-14/06-26]4pkt,1pt.(tcp)	2019-06-26 16:23:05
185.176.27.78	attackbots	26.06.2019 04:36:43 Connection to port 7459 blocked by firewall	2019-06-26 15:56:14
35.195.139.112	attackspambots	Jun 26 03:21:38 vps200512 sshd\[2288\]: Invalid user server from 35.195.139.112 Jun 26 03:21:38 vps200512 sshd\[2288\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=35.195.139.112 Jun 26 03:21:40 vps200512 sshd\[2288\]: Failed password for invalid user server from 35.195.139.112 port 52720 ssh2 Jun 26 03:23:12 vps200512 sshd\[2316\]: Invalid user fletcher from 35.195.139.112 Jun 26 03:23:12 vps200512 sshd\[2316\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=35.195.139.112	2019-06-26 16:15:28
188.163.99.43	attack	Jun 26 07:49:07 *** sshd[20002]: Did not receive identification string from 188.163.99.43	2019-06-26 16:16:01
185.53.91.50	attack	Port scan attempt detected by AWS-CCS, CTS, India	2019-06-26 16:05:19

Recently Reported IPs

200.56.60.44	79.183.238.116	138.167.27.195	213.100.177.57
112.250.248.58	113.246.251.7	40.34.186.162	46.217.87.188
101.192.86.2	214.49.133.78	57.24.227.14	239.96.25.36
78.176.165.192	86.107.21.182	150.95.83.147	191.53.52.249
252.197.144.5	181.123.177.204	139.35.164.95	195.1.101.200