Back to IOCs

IOC Details

IP

Indicator

3.130.168.2

Tag

honeypot

Source

4

First seen

2026-02-23 18:34:54

Last seen

2026-06-29 11:49:19

Hits

717

Comment history

  • 2026-06-29

    Observed 43 times. Targeted ports: 22225. Country: United States. Reputation: known attacker.

  • 2026-06-28

    Observed 44 times. Targeted ports: 55555. Country: United States. Alert categories: Misc activity. Signatures: ET INFO SSH session in progress on Unusual Port.

  • 2026-06-27

    Observed 34 times. Targeted ports: 9443. Country: United States. Reputation: known attacker.

  • 2026-06-26

    Observed 4 times. Targeted ports: 22227. Country: United States. Reputation: known attacker.

  • 2026-06-25

    Observed 55 times. Targeted ports: 80, 8092. Country: United States. Alert categories: Generic Protocol Command Decode. Signatures: SURICATA Applayer Detect protocol only one direction, SURICATA HTTP request missing protocol.

  • 2026-06-24

    Observed 36 times. Targeted ports: 37810, 51080. Country: United States.

  • 2026-06-23

    Observed 104 times. Targeted ports: 1962, 8008, 9200. Country: United States. Reputation: known attacker.

  • 2026-06-22

    Observed 38 times. Targeted ports: 80, 8291, 9043. Country: United States. Reputation: known attacker.

  • 2026-06-21

    Observed 85 times. Targeted ports: 5901, 8079, 9200, 51080. Country: United States. Reputation: known attacker.

  • 2026-06-20

    Observed 47 times. Targeted ports: 80. Country: United States. Reputation: known attacker.

  • 2026-06-19

    Observed 35 times. Targeted ports: 8087. Country: United States. Reputation: known attacker.

  • 2026-06-18

    Observed 43 times. Targeted ports: 21, 60000. Country: United States. Reputation: known attacker.

  • 2026-06-17

    Observed 19 times. Targeted ports: 1723. Country: United States. Reputation: known attacker.

  • 2026-06-16

    Observed 41 times. Targeted ports: 9002. Country: United States.

  • 2026-05-24

    Observed 193 times. Targeted ports: 4433, 8083, 8265, 24000, 30003, 33335. Country: United States. Reputation: known attacker.

  • 2026-05-23

    Observed 70 times. Targeted ports: 1962, 8008. Country: United States. Reputation: known attacker.

  • 2026-05-22

    Observed 47 times. Targeted ports: 389. Country: United States. Reputation: known attacker. Alert categories: Generic Protocol Command Decode. Signatures: SURICATA Applayer Mismatch protocol both directions, SURICATA TLS invalid record type.

  • 2026-05-21

    Observed 2 times. Targeted ports: 3389. Country: United States. Reputation: known attacker.

  • 2026-05-20

    Observed 34 times. Targeted ports: 22226. Country: United States. Reputation: known attacker.

  • 2026-05-19

    Observed 87 times. Targeted ports: 4000, 10080. Country: United States. Reputation: known attacker.

  • 2026-05-18

    Observed 50 times. Targeted ports: 3389. Country: United States. Reputation: known attacker. Alert categories: Generic Protocol Command Decode. Signatures: SURICATA Applayer Mismatch protocol both directions, SURICATA TLS invalid record type.

  • 2026-05-17

    Observed 78 times. Targeted ports: 4500, 9043. Country: United States. Reputation: known attacker.

  • 2026-05-16

    Observed 49 times. Targeted ports: 389. Country: United States. Reputation: known attacker. Alert categories: Generic Protocol Command Decode. Signatures: SURICATA Applayer Mismatch protocol both directions, SURICATA TLS invalid record type.

  • 2026-05-15

    Observed 157 times. Targeted ports: 1701, 3389, 4500, 10001, 37810. Country: United States. Alert categories: Generic Protocol Command Decode. Signatures: SURICATA Applayer Mismatch protocol both directions, SURICATA TLS invalid record type.

  • 2026-05-14

    Observed 38 times. Targeted ports: 10080. Country: United States. Reputation: known attacker. Alert categories: Generic Protocol Command Decode. Signatures: SURICATA STREAM spurious retransmission.

  • 2026-05-13

    Observed 108 times. Targeted ports: 9043, 9800, 30005. Country: United States. Reputation: known attacker.

  • 2026-05-12

    Observed 33 times. Targeted ports: 1962. Country: United States.

  • 2026-05-11

    Observed 44 times. Targeted ports: 9002. Country: United States. Reputation: known attacker.

  • 2026-05-10

    Observed 76 times. Targeted ports: 80, 9020. Country: United States. Reputation: known attacker.

  • 2026-05-09

    Observed 30 times. Targeted ports: 1723. Country: United States. Reputation: known attacker.

  • 2026-05-08

    Observed 38 times. Targeted ports: 9200. Country: United States. Reputation: known attacker.

  • 2026-05-07

    Observed 106 times. Targeted ports: 1723, 22227, 31337. Country: United States. Reputation: known attacker.

  • 2026-05-06

    Observed 49 times. Targeted ports: 8020, 8092. Country: United States. Reputation: known attacker.

  • 2026-05-05

    Observed 78 times. Targeted ports: 4000, 37215. Country: United States. Reputation: known attacker. Alert categories: Generic Protocol Command Decode. Signatures: SURICATA STREAM spurious retransmission.

  • 2026-05-04

    Observed 92 times. Targeted ports: 80, 389. Country: United States. Reputation: known attacker. Alert categories: Generic Protocol Command Decode. Signatures: SURICATA Applayer Mismatch protocol both directions, SURICATA TLS invalid record type.

  • 2026-05-03

    Observed 37 times. Targeted ports: 8092. Country: United States. Reputation: known attacker.

  • 2026-05-02

    Observed 43 times. Targeted ports: 443. Country: United States.

  • 2026-05-01

    Observed 42 times. Targeted ports: 22227. Country: United States.

  • 2026-04-30

    Observed 75 times. Targeted ports: 8079, 22227. Country: United States.

  • 2026-04-29

    Observed 24 times. Targeted ports: 1723, 22227. Country: United States.

  • 2026-04-28

    Observed 34 times. Targeted ports: 37215. Country: United States.

  • 2026-04-27

    Observed 33 times. Targeted ports: 9043. Country: United States.

  • 2026-04-26

    Observed 114 times. Targeted ports: 53, 1900, 55555. Country: United States. Alert categories: Misc activity. Signatures: ET INFO SSH session in progress on Unusual Port.

  • 2026-04-23

    Observed 26 times. Targeted ports: 7000. Country: United States.

  • 2026-04-22

    Observed 167 times. Targeted ports: 21, 9002, 9020, 22227. Country: United States. Alert categories: Misc activity. Signatures: ET INFO SSH session in progress on Unusual Port.

  • 2026-04-21

    Observed 37 times. Targeted ports: 1080. Country: United States.

  • 2026-04-10

    Observed 84 times. Targeted ports: 5672, 9700. Country: United States. Alert categories: Misc activity. Signatures: ET INFO SSH session in progress on Unusual Port.

  • 2026-03-28

    Observed 105 times. Targeted ports: 10080, 51005. Country: United States. Alert categories: Misc activity. Signatures: ET INFO SSH session in progress on Unusual Port.

  • 2026-03-27

    Observed 1 times. Targeted ports: 8079. Country: United States. Reputation: known attacker.

  • 2026-03-26

    Observed 107 times. Targeted ports: 8088, 22226. Country: United States. Reputation: known attacker. Alert categories: Misc activity. Signatures: ET INFO SSH session in progress on Unusual Port.

  • 2026-03-25

    Observed 35 times. Targeted ports: 7777, 18190. Country: United States. Reputation: known attacker. Alert categories: Misc activity. Signatures: ET INFO SSH session in progress on Unusual Port.

  • 2026-03-24

    Observed 17 times. Targeted ports: 9002. Country: United States. Reputation: known attacker.

  • 2026-03-23

    Observed 30 times. Targeted ports: 1080. Country: United States. Reputation: known attacker.

  • 2026-03-22

    Observed 18 times. Targeted ports: 9800. Country: United States. Reputation: known attacker.

  • 2026-03-21

    Observed 141 times. Targeted ports: 21, 389, 1443, 37810. Country: United States. Alert categories: Generic Protocol Command Decode. Signatures: SURICATA Applayer Mismatch protocol both directions, SURICATA TLS invalid record type.

  • 2026-03-20

    Observed 47 times. Targeted ports: 8088. Country: United States. Reputation: known attacker. Alert categories: Misc activity. Signatures: ET INFO SSH session in progress on Unusual Port.

  • 2026-03-19

    Observed 7 times. Targeted ports: 4145, 9080. Country: United States.

  • 2026-03-18

    Observed 2 times. Targeted ports: 1025. Country: United States. Reputation: known attacker.

  • 2026-03-17

    Observed 169 times. Targeted ports: 3333, 8087, 27017, 37215. Country: United States. Reputation: known attacker. Alert categories: Misc activity. Signatures: ET INFO SSH session in progress on Unusual Port.

  • 2026-03-16

    Observed 56 times. Targeted ports: 9020. Country: United States. Alert categories: Generic Protocol Command Decode, Misc activity. Signatures: ET INFO SSH session in progress on Unusual Port, SURICATA STREAM spurious retransmission.

  • 2026-03-15

    Observed 105 times. Targeted ports: 10002, 10003. Country: United States. Reputation: known attacker. Alert categories: Misc activity. Signatures: ET INFO SSH session in progress on Unusual Port.

  • 2026-03-14

    Observed 69 times. Targeted ports: 23, 30005, 37810. Country: United States. Reputation: known attacker.

  • 2026-03-13

    Observed 109 times. Targeted ports: 8020, 9020. Country: United States. Alert categories: Misc activity. Signatures: ET INFO SSH session in progress on Unusual Port.

  • 2026-03-12

    Observed 118 times. Targeted ports: 5353, 8011, 31112. Country: United States. Reputation: known attacker. Alert categories: Misc activity. Signatures: ET INFO SSH session in progress on Unusual Port.

  • 2026-03-11

    Observed 126 times. Targeted ports: 8020, 8087, 10001, 60000. Country: United States. Reputation: known attacker. Alert categories: Misc activity. Signatures: ET INFO SSH session in progress on Unusual Port.

  • 2026-03-10

    Observed 190 times. Targeted ports: 2077, 2083, 5678, 8200, 18190. Country: United States. Reputation: known attacker. Alert categories: Misc activity. Signatures: ET INFO SSH session in progress on Unusual Port.

  • 2026-03-09

    Observed 10 times. Targeted ports: 2077, 3001, 3333. Country: United States. Reputation: known attacker.

  • 2026-03-08

    Observed 98 times. Targeted ports: 30001, 37215. Country: United States. Alert categories: Misc activity. Signatures: ET INFO SSH session in progress on Unusual Port.

  • 2026-03-07

    Observed 45 times. Targeted ports: 5431, 8800. Country: United States. Reputation: known attacker. Alert categories: Misc activity. Signatures: ET INFO SSH session in progress on Unusual Port.

  • 2026-03-06

    Observed 53 times. Targeted ports: 9800. Country: United States. Reputation: known attacker. Alert categories: Misc activity. Signatures: ET INFO SSH session in progress on Unusual Port.

  • 2026-03-05

    Observed 52 times. Targeted ports: 1080. Country: United States. Reputation: known attacker.

  • 2026-03-04

    Observed 23 times. Targeted ports: 60000. Country: United States. Reputation: known attacker.

  • 2026-03-03

    Observed 28 times. Targeted ports: 8085. Country: United States. Alert categories: Misc activity.

  • 2026-03-02

    Observed 100 times. Targeted ports: 1443, 37810. Country: United States. Alert categories: Misc activity.

Actions

Open Indicator Page Search for this indicator View pDNS Records View all ip IOCs View all honeypot IOCs View all from 4

Related IOCs

ID Indicator Type Tag Source Last seen Actions
322715
40.83.75.96
IP malware 11 2026-06-29 12:23:12 IOC Record
378210
8.153.193.141
IP malware 11 2026-06-29 11:59:57 IOC Record
376808
45.194.67.29
IP honeypot 4 2026-06-29 11:50:21 IOC Record
295508
66.132.195.78
IP honeypot 4 2026-06-29 11:50:21 IOC Record
295371
66.132.186.129
IP honeypot 4 2026-06-29 11:50:21 IOC Record