71.6.142.80 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: United States

Internet Service Provider: CARInet Inc.

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspam	Honeypot hit.	2019-11-20 13:16:08
attack	ET CINS Active Threat Intelligence Poor Reputation IP group 65 - port: 502 proto: TCP cat: Misc Attack	2019-10-27 07:25:19
attackbots	10/13/2019-22:15:03.475601 71.6.142.80 Protocol: 6 ET CINS Active Threat Intelligence Poor Reputation IP group 71	2019-10-14 05:48:33
attack	Portscan or hack attempt detected by psad/fwsnort	2019-08-11 20:05:31
attack	Port scan: Attack repeated for 24 hours	2019-08-09 12:20:05
attackbots	2083/tcp 2082/tcp 1900/udp... [2019-04-29/06-30]49pkt,16pt.(tcp),3pt.(udp)	2019-06-30 11:49:47

Comments on same subnet:

IP	Type	Details	Datetime
71.6.142.85	attackbots	scans once in preceeding hours on the ports (in chronological order) 8443 resulting in total of 3 scans from 71.6.128.0/17 block.	2020-07-07 01:08:55
71.6.142.86	attackbotsspam	ET CINS Active Threat Intelligence Poor Reputation IP group 61 - port: 80 proto: TCP cat: Misc Attack	2019-12-11 05:52:18
71.6.142.81	attackbotsspam	UTC: 2019-12-06 port: 53/tcp	2019-12-07 15:24:35
71.6.142.86	attack	" "	2019-12-05 05:42:03
71.6.142.87	attack	Honeypot hit.	2019-11-27 00:39:25
71.6.142.86	attackbotsspam	22/tcp 1900/tcp 3306/tcp... [2019-09-02/10-29]18pkt,7pt.(tcp),3pt.(udp)	2019-10-30 15:17:41
71.6.142.83	attack	3389/tcp 21/tcp 9200/tcp... [2019-08-18/10-17]37pkt,15pt.(tcp),3pt.(udp)	2019-10-17 18:02:14
71.6.142.87	attackbotsspam	10/13/2019-22:15:13.009906 71.6.142.87 Protocol: 17 ET CINS Active Threat Intelligence Poor Reputation IP group 71	2019-10-14 05:39:13
71.6.142.83	attackspambots	10/13/2019-05:50:39.117650 71.6.142.83 Protocol: 17 GPL SNMP public access udp	2019-10-13 16:17:07
71.6.142.83	attackspambots	MultiHost/MultiPort Probe, Scan, Hack -	2019-10-10 12:10:53
71.6.142.86	attackbots	Automated reporting of Vulnerability scanning	2019-10-09 01:44:22
71.6.142.86	attackbots	Honeypot attack, port: 445, PTR: debian814286.aspadmin.net.	2019-10-08 00:13:48
71.6.142.87	attackspam	Scanning random ports - tries to find possible vulnerable services	2019-09-01 18:24:30
71.6.142.86	attackbots	08/31/2019-07:56:19.221096 71.6.142.86 Protocol: 6 ET CINS Active Threat Intelligence Poor Reputation IP group 71	2019-08-31 21:14:05
71.6.142.81	attackbots	[portscan] udp/123 [NTP] *(RWIN=-)(06271037)	2019-06-27 16:34:13

Whois info:

Dig info:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 71.6.142.80
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 24343
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;71.6.142.80.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019032900 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.3#53(67.207.67.3)
;; WHEN: Fri Mar 29 16:48:57 +08 2019
;; MSG SIZE  rcvd: 115

Host info

80.142.6.71.in-addr.arpa domain name pointer debian814280.aspadmin.net.

Nslookup info:

Server:		67.207.67.3
Address:	67.207.67.3#53

Non-authoritative answer:
80.142.6.71.in-addr.arpa	name = debian814280.aspadmin.net.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
186.159.135.81	attackspambots	Sep 14 20:05:21 mxgate1 postfix/postscreen[13331]: CONNECT from [186.159.135.81]:32322 to [176.31.12.44]:25 Sep 14 20:05:21 mxgate1 postfix/dnsblog[13335]: addr 186.159.135.81 listed by domain zen.spamhaus.org as 127.0.0.11 Sep 14 20:05:21 mxgate1 postfix/dnsblog[13335]: addr 186.159.135.81 listed by domain zen.spamhaus.org as 127.0.0.3 Sep 14 20:05:21 mxgate1 postfix/dnsblog[13335]: addr 186.159.135.81 listed by domain zen.spamhaus.org as 127.0.0.4 Sep 14 20:05:21 mxgate1 postfix/dnsblog[13334]: addr 186.159.135.81 listed by domain cbl.abuseat.org as 127.0.0.2 Sep 14 20:05:21 mxgate1 postfix/dnsblog[13332]: addr 186.159.135.81 listed by domain bl.spamcop.net as 127.0.0.2 Sep 14 20:05:21 mxgate1 postfix/dnsblog[13336]: addr 186.159.135.81 listed by domain b.barracudacentral.org as 127.0.0.2 Sep 14 20:05:27 mxgate1 postfix/postscreen[13331]: DNSBL rank 5 for [186.159.135.81]:32322 Sep x@x Sep 14 20:05:28 mxgate1 postfix/postscreen[13331]: HANGUP after 0.73 from [186.159......... -------------------------------	2019-09-15 08:10:01
122.246.161.93	attackbots	Automatic report - Port Scan Attack	2019-09-15 07:35:01
92.63.194.90	attackbots	Sep 15 00:46:08 localhost sshd\[11368\]: Invalid user admin from 92.63.194.90 port 55864 Sep 15 00:46:08 localhost sshd\[11368\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=92.63.194.90 Sep 15 00:46:10 localhost sshd\[11368\]: Failed password for invalid user admin from 92.63.194.90 port 55864 ssh2	2019-09-15 07:56:32
81.22.45.133	attackspam	09/14/2019-19:25:20.489459 81.22.45.133 Protocol: 6 ET CINS Active Threat Intelligence Poor Reputation IP group 85	2019-09-15 08:03:36
49.235.76.84	attack	Automatic report - Banned IP Access	2019-09-15 07:56:48
5.45.6.66	attack	Sep 15 01:34:39 rpi sshd[5163]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.45.6.66 Sep 15 01:34:41 rpi sshd[5163]: Failed password for invalid user gitblit from 5.45.6.66 port 39126 ssh2	2019-09-15 08:06:55
179.125.25.218	attack	Spamassassin_179.125.25.218	2019-09-15 08:10:18
213.136.73.193	attackspambots	User agent in blacklist: Mozilla/5.0 (Windows NT 6.3; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/40.0.2214.115 Safari/537.36 @ 2019-09-14T22:57:58+02:00.	2019-09-15 08:02:24
106.12.30.229	attackspambots	Sep 14 22:19:13 nextcloud sshd\[4548\]: Invalid user doudou from 106.12.30.229 Sep 14 22:19:13 nextcloud sshd\[4548\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.30.229 Sep 14 22:19:16 nextcloud sshd\[4548\]: Failed password for invalid user doudou from 106.12.30.229 port 58264 ssh2 ...	2019-09-15 08:12:16
111.68.102.73	attackbots	firewall-block, port(s): 445/tcp	2019-09-15 07:39:19
182.253.105.93	attack	Sep 14 23:28:25 game-panel sshd[29232]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.253.105.93 Sep 14 23:28:28 game-panel sshd[29232]: Failed password for invalid user 123456 from 182.253.105.93 port 36526 ssh2 Sep 14 23:32:57 game-panel sshd[29385]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.253.105.93	2019-09-15 07:33:39
165.22.112.87	attackbots	Sep 14 13:22:01 php1 sshd\[29867\]: Invalid user ashley from 165.22.112.87 Sep 14 13:22:01 php1 sshd\[29867\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=165.22.112.87 Sep 14 13:22:03 php1 sshd\[29867\]: Failed password for invalid user ashley from 165.22.112.87 port 46626 ssh2 Sep 14 13:26:09 php1 sshd\[30348\]: Invalid user max from 165.22.112.87 Sep 14 13:26:09 php1 sshd\[30348\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=165.22.112.87	2019-09-15 07:37:27
45.136.6.166	attackbotsspam	Sep 14 20:04:29 mxgate1 postfix/postscreen[13331]: CONNECT from [45.136.6.166]:36752 to [176.31.12.44]:25 Sep 14 20:04:29 mxgate1 postfix/dnsblog[13335]: addr 45.136.6.166 listed by domain zen.spamhaus.org as 127.0.0.3 Sep 14 20:04:29 mxgate1 postfix/dnsblog[13333]: addr 45.136.6.166 listed by domain b.barracudacentral.org as 127.0.0.2 Sep 14 20:04:35 mxgate1 postfix/postscreen[13331]: DNSBL rank 3 for [45.136.6.166]:36752 Sep x@x Sep 14 20:04:35 mxgate1 postfix/postscreen[13331]: DISCONNECT [45.136.6.166]:36752 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=45.136.6.166	2019-09-15 08:05:16
13.68.141.175	attackbotsspam	Sep 14 21:38:01 OPSO sshd\[32579\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=13.68.141.175 user=operator Sep 14 21:38:03 OPSO sshd\[32579\]: Failed password for operator from 13.68.141.175 port 51886 ssh2 Sep 14 21:42:14 OPSO sshd\[1003\]: Invalid user wordpresser from 13.68.141.175 port 40060 Sep 14 21:42:14 OPSO sshd\[1003\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=13.68.141.175 Sep 14 21:42:16 OPSO sshd\[1003\]: Failed password for invalid user wordpresser from 13.68.141.175 port 40060 ssh2	2019-09-15 08:09:01
36.89.157.197	attackbots	Sep 14 10:20:46 aiointranet sshd\[28216\]: Invalid user ue from 36.89.157.197 Sep 14 10:20:46 aiointranet sshd\[28216\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=mail.kesad.mil.id Sep 14 10:20:48 aiointranet sshd\[28216\]: Failed password for invalid user ue from 36.89.157.197 port 50890 ssh2 Sep 14 10:25:00 aiointranet sshd\[28560\]: Invalid user am from 36.89.157.197 Sep 14 10:25:00 aiointranet sshd\[28560\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=mail.kesad.mil.id	2019-09-15 07:48:31

Recently Reported IPs

167.99.66.166	165.227.97.108	159.89.235.61	159.65.174.81
139.59.34.17	134.175.129.225	134.175.49.215	130.105.68.200
111.231.83.123	106.12.131.50	103.65.236.179	98.234.14.119
94.191.99.114	94.23.55.228	90.171.227.63	86.61.66.59
67.248.136.89	51.255.174.215	51.68.122.216	50.116.98.174