JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 167.172.130.89

167.172.130.89 was found in our database!

This IP was reported 60 times. Confidence of Abuse is 100%: ?

100%

ISP	DigitalOcean, LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS14061
Domain Name	digitalocean.com
Country	🇺🇸 United States of America
City	North Bergen, New Jersey

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 167.172.130.89

Whois 167.172.130.89

IP Abuse Reports for 167.172.130.89:

This IP address has been reported a total of 60 times from 54 distinct sources. 167.172.130.89 was first reported on May 3rd 2026, and the most recent report was 2 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇳🇱 COMPLEX	2026-05-11 01:06:19 (3 weeks ago)	Unsolicited TCP traffic \| Action: DROP \| Port 14782	Brute-Force
🇮🇪 RoboSOC	2026-05-10 19:27:09 (3 weeks ago)	SCAN: Host Sweep CloudCIX Reconnaissance Scan Detected, PTR: PTR record not found	Port Scan
🇸🇰 EVISION	2026-05-10 16:03:57 (3 weeks ago)	Automatic report from EV firewall log. https://github.com/Ragnarocek/Windows_FW_AbuseIPDB_Reporti ... show more Automatic report from EV firewall log. https://github.com/Ragnarocek/Windows_FW_AbuseIPDB_Reporting ID: clHl1fWfSGbxRBnDHxWI3v0nBpayEXdd show less	Port Scan Hacking Brute-Force
🇳🇱 rmvanderspek	2026-05-10 06:40:04 (3 weeks ago)	RDP (Windows Remote Desktop) Brute-force detected.	Brute-Force
🇨🇦 alexbfr	2026-05-10 05:53:28 (3 weeks ago)	Fail2Ban Report, custom-honeypot jail: Automated honeypot detection.	Hacking
🇭🇰 PingMeMaybe	2026-05-10 01:17:39 (3 weeks ago)	Blocked by UFW on hk [4443/tcp] Source port: 55852 TTL: 51 Packet length: 64 TOS: 0x00 This report ... show more Blocked by UFW on hk [4443/tcp] Source port: 55852 TTL: 51 Packet length: 64 TOS: 0x00 This report was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇸🇰 GOVCERT	2026-05-06 14:41:39 (4 weeks ago)	Sweep Scan	Port Scan
🇺🇸 aks4226	2026-05-06 14:20:09 (4 weeks ago)	Brute force on SSH.	SSH Brute-Force
🇮🇱 spd.co.il	2026-05-05 20:01:28 (4 weeks ago)	Port scan detected on multiple ports	Port Scan
🇭🇰 sandra361	2026-05-03 13:26:02 (1 month ago)	Brute-force detected: 12 attempts across 1 unique ports (22). \| Evidence: GHOST_SCAN: OUT= SRC=167.1 ... show more Brute-force detected: 12 attempts across 1 unique ports (22). \| Evidence: GHOST_SCAN: OUT= SRC=167.172.130.89 LEN=64 TOS=0x14 PREC=0x00 TTL=49 ID=0 DF PROTO=TCP SPT=54748 DPT=22 WINDOW=65535 RES=0x00 SYN URGP=0 show less	Brute-Force
🇳🇱 VMHeaven.io	2026-05-03 12:41:04 (1 month ago)	Blocked by UFW [3128/tcp] Source port: 34982 TTL: 50 Packet length: 60	Port Scan
🇫🇷 Little Iguana	2026-05-03 08:46:33 (1 month ago)	trying to access non-authorized port	Port Scan
🇩🇪 Mailguard-FRD	2026-05-03 04:46:40 (1 month ago)	1777783600 - 05/03/2026 06:46:40 Host: 167.172.130.89/167.172.130.89 Port: 3389 TCP Blocked ...	Port Scan
🇫🇷 EDSL	2026-05-03 01:34:38 (1 month ago)	[SRV-VPN1] Blocked by SysWarden Firewall (Web Attack Port 443)	Web App Attack Hacking Port Scan
🇲🇽 FenixHunter🐦‍🔥	2026-05-03 00:52:02 (1 month ago)	Blocked TLS Cipher Downgrade Attemp. Action Performed: DROP	Port Scan Hacking Bad Web Bot Web App Attack

Showing 46 to 60 of 60 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇰🇷 210.118.224.138

🇳🇱 185.189.182.234

🇺🇸 162.216.149.16

🇨🇳 218.25.89.208

🇵🇰 210.56.12.205

🇨🇳 210.13.99.66

🇵🇭 210.5.117.238

🇲🇺 197.225.146.23

🇺🇸 195.184.76.138

🇮🇳 182.95.57.194

🇧🇷 177.22.124.144

🇻🇳 171.237.176.209

🇷🇴 80.94.92.165

🇺🇸 64.23.201.21

🇺🇸 45.79.115.134

🇺🇸 20.84.152.213

🇨🇭 2620:171:a7:f003:9999::244

🇮🇱 176.229.103.46

🇳🇱 160.211.69.75

🇨🇳 124.90.49.113