170.130.187.2 Threat Intelligence and Host Information

Apr 07, 2024 ipinfopage

General

This page contains threat intelligence information for the IPv4 address 170.130.187.2 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Potentially Malicious Host 🟡 45/100

Host and Network Information

Tags: cyber security, ioc, kfsensor, malicious, Nextray, phishing, rdp, ssh, tsec
View other sources: Spamhaus VirusTotal
Contained within other IP sets: normshield_all_attack, normshield_all_bruteforce, normshield_high_attack, normshield_high_bruteforce

Country: United States
Network: AS62904 eonix corporation
Noticed: 50 times
Protocols Attacked: redis snmp
Countries Attacked: Canada, Czechia, Denmark, Estonia, France, Germany, Latvia, Lithuania, Norway, Poland, Romania, Turkey, Ukraine, United Kingdom of Great Britain and Northern Ireland, United States of America

Malware Detected on Host

Count:

Open Ports Detected

123 9100

Map

Whois Information

NetRange: 170.130.0.0 - 170.130.255.255
CIDR: 170.130.0.0/16
NetName: EONIX
NetHandle: NET-170-130-0-0-1
Parent: NET170 (NET-170-0-0-0-0)
NetType: Direct Allocation
OriginAS: AS62904
Organization: Eonix Corporation (EONIX)
RegDate: 2014-02-26
Updated: 2019-02-28
Comment: Please use the below contact information to report suspected security issues specific to traffic emanating from net blocks in this range, including the distribution of malicious content or other illicit or illegal material.
Comment:
Comment: For SPAM and other abuse issues, please contact:
Comment: * net-abuse@eonix.net
Comment:
Comment: For legal and law enforcement-related requests, please contact:
Comment: * legal@eonix.net
Comment:
Comment: For Routing, Peering or DNS issues, please contact:
Comment: * noc@eonix.net
Ref: https://rdap.arin.net/registry/ip/170.130.0.0
OrgName: Eonix Corporation
OrgId: EONIX
Address: 3773 Howard Hughes Pkwy. Suite 500S
City: Las Vegas
StateProv: NV
PostalCode: 89169-6014
Country: US
RegDate: 2006-05-31
Updated: 2022-09-20
Comment: Please use the below contact information to report suspected security issues specific to traffic emanating from net blocks in this range, including the distribution of malicious content or other illicit or illegal material.
Comment:
Comment: For SPAM and other abuse issues, please contact:
Comment: * net-abuse@eonix.net
Comment:
Comment: For legal and law enforcement-related requests, please contact:
Comment: * legal@eonix.net
Comment:
Comment: For Routing, Peering or DNS issues, please contact:
Comment: * noc@eonix.net
Ref: https://rdap.arin.net/registry/entity/EONIX
OrgAbuseHandle: NTS22-ARIN
OrgAbuseName: Network Trust and Safety
OrgAbusePhone: +1-702-605-2981
OrgAbuseEmail: net-admin@eonix.net
OrgAbuseRef: https://rdap.arin.net/registry/entity/NTS22-ARIN
OrgNOCHandle: NOC31884-ARIN
OrgNOCName: Network Operations Center
OrgNOCPhone: +1-702-605-2981
OrgNOCEmail: noc@eonix.net
OrgNOCRef: https://rdap.arin.net/registry/entity/NOC31884-ARIN
OrgTechHandle: NOC31884-ARIN
OrgTechName: Network Operations Center
OrgTechPhone: +1-702-605-2981
OrgTechEmail: noc@eonix.net
OrgTechRef: https://rdap.arin.net/registry/entity/NOC31884-ARIN
OrgTechHandle: EDM7-ARIN
OrgTechName: Eonix DNS Management
OrgTechPhone: +1-877-841-3341
OrgTechEmail: 902214@serverhub.com
OrgTechRef: https://rdap.arin.net/registry/entity/EDM7-ARIN
OrgDNSHandle: EDM7-ARIN
OrgDNSName: Eonix DNS Management
OrgDNSPhone: +1-877-841-3341
OrgDNSEmail: 902214@serverhub.com
OrgDNSRef: https://rdap.arin.net/registry/entity/EDM7-ARIN
NetRange: 170.130.184.0 - 170.130.187.255
CIDR: 170.130.184.0/22
NetName: SERVERHUB-LOS-ANGELES
NetHandle: NET-170-130-184-0-1
Parent: EONIX (NET-170-130-0-0-1)
NetType: Reallocated
OriginAS: AS62904
Organization: ServerHub Los Angeles (SLA-55)
RegDate: 2019-03-14
Updated: 2019-03-14
Comment: This IP address space is assigned statically to the registered customer. IP Addresses within this block are not portable. Please contact the reallocated customer for abuse complaints. If attempts to contact the reallocated customer are unsuccessful, please make an escalated complaint for UCE, SPAM and fraudulent activity that is strictly prohibited from this network by contacting the upstream at: abuse@eonix.net
Ref: https://rdap.arin.net/registry/ip/170.130.184.0
OrgName: ServerHub Los Angeles
OrgId: SLA-55
Address: 530 W 6th Street
City: Los Angeles
StateProv: CA
PostalCode: 90014
Country: US
RegDate: 2019-03-14
Updated: 2019-03-14
Ref: https://rdap.arin.net/registry/entity/SLA-55
OrgAbuseHandle: ADMIN7080-ARIN
OrgAbuseName: Administrator, Administrator
OrgAbusePhone: +1-888-578-2372
OrgAbuseEmail: poc@eonix.net
OrgAbuseRef: https://rdap.arin.net/registry/entity/ADMIN7080-ARIN
OrgTechHandle: ADMIN7080-ARIN
OrgTechName: Administrator, Administrator
OrgTechPhone: +1-888-578-2372
OrgTechEmail: poc@eonix.net
OrgTechRef: https://rdap.arin.net/registry/entity/ADMIN7080-ARIN

Links to attack logs

Share on: