107.6.171.134 - IPInfo

Basic Info

City: Amsterdam

Region: North Holland

Country: Netherlands

Internet Service Provider: SingleHop LLC

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbots	Honeypot attack, port: 81, PTR: sh-ams-nl-gp1-wk104.internet-census.org.	2020-02-11 14:13:45
attackbots	Port 22 Scan, PTR: sh-ams-nl-gp1-wk104.internet-census.org.	2020-02-02 20:09:19
attackbotsspam	MultiHost/MultiPort Probe, Scan, Hack -	2019-12-28 03:11:23

Comments on same subnet:

IP	Type	Details	Datetime
107.6.171.130	attackspam	port scan and connect, tcp 443 (https)	2020-10-12 00:39:55
107.6.171.130	attackbotsspam	Unauthorized connection attempt detected from IP address 107.6.171.130 to port 5984 [T]	2020-10-11 16:36:42
107.6.171.130	attack	srv02 Mass scanning activity detected Target: 9200 ..	2020-10-11 09:55:12
107.6.171.132	attack	[Mon Aug 03 23:12:20 2020] - DDoS Attack From IP: 107.6.171.132 Port: 40521	2020-09-08 02:44:43
107.6.171.132	attackbotsspam	[Mon Aug 03 23:12:20 2020] - DDoS Attack From IP: 107.6.171.132 Port: 40521	2020-09-07 18:12:15
107.6.171.130	attackbotsspam	Unauthorized connection attempt detected from IP address 107.6.171.130 to port 5601 [T]	2020-08-29 20:53:18
107.6.171.132	attackbots	Unwanted checking 80 or 443 port ...	2020-08-29 14:32:09
107.6.171.130	attack	5000/tcp 3541/tcp 5009/tcp... [2020-06-17/08-17]49pkt,37pt.(tcp),1pt.(udp)	2020-08-18 08:10:01
107.6.171.130	attackbotsspam	Honeypot hit.	2020-08-16 19:05:56
107.6.171.133	attack	" "	2020-08-12 19:19:23
107.6.171.131	attackspambots	TCP (SYN) 107.6.171.131:29886 -> port 1741, len 44	2020-08-05 08:28:24
107.6.171.130	attack	TCP (SYN) 107.6.171.130:17511 -> port 9100, len 44	2020-07-16 20:44:58
107.6.171.133	attackspam	[Thu Jun 18 15:44:29 2020] - DDoS Attack From IP: 107.6.171.133 Port: 28480	2020-07-16 20:19:13
107.6.171.130	attackspam	Unauthorized connection attempt detected from IP address 107.6.171.130 to port 3388	2020-07-13 03:11:52
107.6.171.133	attack	Honeypot attack, port: 4848, PTR: sh-ams-nl-gp1-wk104.internet-census.org.	2020-07-13 02:50:51

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 107.6.171.134
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 5256
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;107.6.171.134.			IN	A

;; AUTHORITY SECTION:
.			591	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019122700 1800 900 604800 86400

;; Query time: 178 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Dec 28 03:11:20 CST 2019
;; MSG SIZE  rcvd: 117

Host info

134.171.6.107.in-addr.arpa domain name pointer sh-ams-nl-gp1-wk104.internet-census.org.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
134.171.6.107.in-addr.arpa	name = sh-ams-nl-gp1-wk104.internet-census.org.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
113.28.150.73	attack	$f2bV_matches	2019-12-25 05:35:32
50.82.34.106	attack	Dec 24 15:45:30 microserver sshd[23739]: Invalid user rydgren from 50.82.34.106 port 56424 Dec 24 15:45:30 microserver sshd[23739]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=50.82.34.106 Dec 24 15:45:32 microserver sshd[23739]: Failed password for invalid user rydgren from 50.82.34.106 port 56424 ssh2 Dec 24 15:54:25 microserver sshd[24651]: Invalid user home from 50.82.34.106 port 50030 Dec 24 15:54:25 microserver sshd[24651]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=50.82.34.106 Dec 24 16:11:43 microserver sshd[27199]: Invalid user administrator from 50.82.34.106 port 37048 Dec 24 16:11:43 microserver sshd[27199]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=50.82.34.106 Dec 24 16:11:45 microserver sshd[27199]: Failed password for invalid user administrator from 50.82.34.106 port 37048 ssh2 Dec 24 16:20:42 microserver sshd[28467]: Invalid user constance from 50.82.34.106 po	2019-12-25 05:30:26
104.206.128.54	attackspam	Unauthorized connection attempt detected from IP address 104.206.128.54 to port 5060	2019-12-25 05:43:07
54.39.99.236	attackbots	Dec 24 15:23:54 server sshd\[10146\]: Invalid user user from 54.39.99.236 Dec 24 15:23:54 server sshd\[10146\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=236.ip-54-39-99.net Dec 24 15:23:56 server sshd\[10146\]: Failed password for invalid user user from 54.39.99.236 port 38590 ssh2 Dec 25 00:36:50 server sshd\[27823\]: Invalid user admin from 54.39.99.236 Dec 25 00:36:50 server sshd\[27823\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=236.ip-54-39-99.net ...	2019-12-25 06:01:38
46.166.151.47	attack	\[2019-12-24 13:04:52\] SECURITY\[2857\] res_security_log.c: SecurityEvent="FailedACL",EventTV="2019-12-24T13:04:52.868-0500",Severity="Error",Service="SIP",EventVersion="1",AccountID="00246213724604",SessionID="0x7f0fb43866b8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/46.166.151.47/55259",ACLName="no_extension_match" \[2019-12-24 13:14:00\] SECURITY\[2857\] res_security_log.c: SecurityEvent="FailedACL",EventTV="2019-12-24T13:14:00.472-0500",Severity="Error",Service="SIP",EventVersion="1",AccountID="900146462607501",SessionID="0x7f0fb43866b8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/46.166.151.47/62823",ACLName="no_extension_match" \[2019-12-24 13:14:31\] SECURITY\[2857\] res_security_log.c: SecurityEvent="FailedACL",EventTV="2019-12-24T13:14:31.293-0500",Severity="Error",Service="SIP",EventVersion="1",AccountID="900346462607502",SessionID="0x7f0fb447f838",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/46.166.151.47/57163",ACLName="no_exte	2019-12-25 05:33:58
46.38.144.32	attackbots	Dec 24 22:23:50 relay postfix/smtpd\[12823\]: warning: unknown\[46.38.144.32\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Dec 24 22:24:53 relay postfix/smtpd\[7452\]: warning: unknown\[46.38.144.32\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Dec 24 22:27:11 relay postfix/smtpd\[5213\]: warning: unknown\[46.38.144.32\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Dec 24 22:28:09 relay postfix/smtpd\[4739\]: warning: unknown\[46.38.144.32\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Dec 24 22:30:21 relay postfix/smtpd\[12823\]: warning: unknown\[46.38.144.32\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2019-12-25 05:37:16
129.211.76.101	attackbots	Dec 24 16:40:31 markkoudstaal sshd[2667]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.211.76.101 Dec 24 16:40:33 markkoudstaal sshd[2667]: Failed password for invalid user sqoop from 129.211.76.101 port 46686 ssh2 Dec 24 16:44:38 markkoudstaal sshd[3013]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.211.76.101	2019-12-25 05:45:11
78.165.64.5	attackbotsspam	Dec 24 16:28:18 blackhole sshd\[23617\]: User root from 78.165.64.5 not allowed because not listed in AllowUsers Dec 24 16:28:18 blackhole sshd\[23617\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=78.165.64.5 user=root Dec 24 16:28:21 blackhole sshd\[23617\]: Failed password for invalid user root from 78.165.64.5 port 62521 ssh2 ...	2019-12-25 05:49:24
95.92.116.149	attackbotsspam	Automatic report - SSH Brute-Force Attack	2019-12-25 05:49:01
116.109.160.1	attackbotsspam	port scan and connect, tcp 1433 (ms-sql-s)	2019-12-25 05:29:13
217.11.249.85	attack	3389BruteforceStormFW23	2019-12-25 06:06:12
185.220.100.255	attackbots	michaelklotzbier.de:80 185.220.100.255 - - [24/Dec/2019:16:28:21 +0100] "POST /xmlrpc.php HTTP/1.0" 301 505 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/68.0.3440.106 Safari/537.36" michaelklotzbier.de 185.220.100.255 [24/Dec/2019:16:28:22 +0100] "POST /xmlrpc.php HTTP/1.0" 200 3595 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/68.0.3440.106 Safari/537.36"	2019-12-25 05:48:07
31.57.207.201	attackbots	php WP PHPmyadamin ABUSE blocked for 12h	2019-12-25 05:31:40
139.99.38.244	attack	Unauthorized connection attempt detected from IP address 139.99.38.244 to port 1433	2019-12-25 06:04:14
157.245.60.3	attackbotsspam	Dec 24 17:34:40 [host] sshd[3308]: Invalid user hachigian from 157.245.60.3 Dec 24 17:34:40 [host] sshd[3308]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.245.60.3 Dec 24 17:34:43 [host] sshd[3308]: Failed password for invalid user hachigian from 157.245.60.3 port 2523 ssh2	2019-12-25 05:37:36

Recently Reported IPs

47.115.32.76	78.188.207.119	122.15.174.109	2.95.61.1
195.141.185.213	68.31.199.80	50.251.6.254	56.89.252.195
173.169.210.166	46.229.133.171	62.12.176.76	116.87.213.227
73.12.147.25	46.222.136.105	103.192.78.48	13.40.197.67
139.208.17.189	91.139.133.59	233.232.100.131	59.19.184.187