City: unknown
Region: unknown
Country: United States
Internet Service Provider: CARInet Inc.
Hostname: unknown
Organization: unknown
Usage Type: Data Center/Web Hosting/Transit
| Type | Details | Datetime |
|---|---|---|
| attackspam | Honeypot hit. |
2019-11-20 13:16:08 |
| attack | ET CINS Active Threat Intelligence Poor Reputation IP group 65 - port: 502 proto: TCP cat: Misc Attack |
2019-10-27 07:25:19 |
| attackbots | 10/13/2019-22:15:03.475601 71.6.142.80 Protocol: 6 ET CINS Active Threat Intelligence Poor Reputation IP group 71 |
2019-10-14 05:48:33 |
| attack | Portscan or hack attempt detected by psad/fwsnort |
2019-08-11 20:05:31 |
| attack | Port scan: Attack repeated for 24 hours |
2019-08-09 12:20:05 |
| attackbots | 2083/tcp 2082/tcp 1900/udp... [2019-04-29/06-30]49pkt,16pt.(tcp),3pt.(udp) |
2019-06-30 11:49:47 |
| IP | Type | Details | Datetime |
|---|---|---|---|
| 71.6.142.85 | attackbots | scans once in preceeding hours on the ports (in chronological order) 8443 resulting in total of 3 scans from 71.6.128.0/17 block. |
2020-07-07 01:08:55 |
| 71.6.142.86 | attackbotsspam | ET CINS Active Threat Intelligence Poor Reputation IP group 61 - port: 80 proto: TCP cat: Misc Attack |
2019-12-11 05:52:18 |
| 71.6.142.81 | attackbotsspam | UTC: 2019-12-06 port: 53/tcp |
2019-12-07 15:24:35 |
| 71.6.142.86 | attack | " " |
2019-12-05 05:42:03 |
| 71.6.142.87 | attack | Honeypot hit. |
2019-11-27 00:39:25 |
| 71.6.142.86 | attackbotsspam | 22/tcp 1900/tcp 3306/tcp... [2019-09-02/10-29]18pkt,7pt.(tcp),3pt.(udp) |
2019-10-30 15:17:41 |
| 71.6.142.83 | attack | 3389/tcp 21/tcp 9200/tcp... [2019-08-18/10-17]37pkt,15pt.(tcp),3pt.(udp) |
2019-10-17 18:02:14 |
| 71.6.142.87 | attackbotsspam | 10/13/2019-22:15:13.009906 71.6.142.87 Protocol: 17 ET CINS Active Threat Intelligence Poor Reputation IP group 71 |
2019-10-14 05:39:13 |
| 71.6.142.83 | attackspambots | 10/13/2019-05:50:39.117650 71.6.142.83 Protocol: 17 GPL SNMP public access udp |
2019-10-13 16:17:07 |
| 71.6.142.83 | attackspambots | MultiHost/MultiPort Probe, Scan, Hack - |
2019-10-10 12:10:53 |
| 71.6.142.86 | attackbots | Automated reporting of Vulnerability scanning |
2019-10-09 01:44:22 |
| 71.6.142.86 | attackbots | Honeypot attack, port: 445, PTR: debian814286.aspadmin.net. |
2019-10-08 00:13:48 |
| 71.6.142.87 | attackspam | Scanning random ports - tries to find possible vulnerable services |
2019-09-01 18:24:30 |
| 71.6.142.86 | attackbots | 08/31/2019-07:56:19.221096 71.6.142.86 Protocol: 6 ET CINS Active Threat Intelligence Poor Reputation IP group 71 |
2019-08-31 21:14:05 |
| 71.6.142.81 | attackbots | [portscan] udp/123 [NTP] *(RWIN=-)(06271037) |
2019-06-27 16:34:13 |
b
; <<>> DiG 9.10.3-P4-Ubuntu <<>> 71.6.142.80
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 24343
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;71.6.142.80. IN A
;; AUTHORITY SECTION:
. 3600 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2019032900 1800 900 604800 86400
;; Query time: 2 msec
;; SERVER: 67.207.67.3#53(67.207.67.3)
;; WHEN: Fri Mar 29 16:48:57 +08 2019
;; MSG SIZE rcvd: 115
80.142.6.71.in-addr.arpa domain name pointer debian814280.aspadmin.net.
Server: 67.207.67.3
Address: 67.207.67.3#53
Non-authoritative answer:
80.142.6.71.in-addr.arpa name = debian814280.aspadmin.net.
Authoritative answers can be found from:
| IP | Type | Details | Datetime |
|---|---|---|---|
| 180.149.125.141 | attack | probes 4 times on the port 8888 |
2020-07-06 23:11:26 |
| 45.145.66.110 | attack |
|
2020-07-06 23:37:57 |
| 150.107.149.11 | attack | firewall-block, port(s): 15463/tcp |
2020-07-06 23:15:26 |
| 120.78.93.10 | attackbots | scans 7 times in preceeding hours on the ports (in chronological order) 6380 8088 7001 7002 7001 8080 7002 |
2020-07-06 23:17:10 |
| 183.230.108.191 | attack |
|
2020-07-06 23:09:15 |
| 183.136.225.45 | attackspam |
|
2020-07-06 23:09:34 |
| 157.245.163.0 | attackspambots | *Port Scan* detected from 157.245.163.0 (US/United States/California/Santa Clara/-). 4 hits in the last 135 seconds |
2020-07-06 23:13:43 |
| 1.192.94.61 | attack | Jul 6 16:07:09 meumeu sshd[638064]: Invalid user printer from 1.192.94.61 port 57926 Jul 6 16:07:09 meumeu sshd[638064]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=1.192.94.61 Jul 6 16:07:09 meumeu sshd[638064]: Invalid user printer from 1.192.94.61 port 57926 Jul 6 16:07:11 meumeu sshd[638064]: Failed password for invalid user printer from 1.192.94.61 port 57926 ssh2 Jul 6 16:13:29 meumeu sshd[638382]: Invalid user contest from 1.192.94.61 port 54666 Jul 6 16:13:29 meumeu sshd[638382]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=1.192.94.61 Jul 6 16:13:29 meumeu sshd[638382]: Invalid user contest from 1.192.94.61 port 54666 Jul 6 16:13:31 meumeu sshd[638382]: Failed password for invalid user contest from 1.192.94.61 port 54666 ssh2 Jul 6 16:16:47 meumeu sshd[638530]: Invalid user ines from 1.192.94.61 port 53036 ... |
2020-07-06 23:43:28 |
| 51.91.247.125 | attack | scans once in preceeding hours on the ports (in chronological order) 9042 resulting in total of 1 scans from 51.91.247.0/24 block. |
2020-07-06 23:34:08 |
| 51.75.52.127 | attackspam |
|
2020-07-06 23:34:44 |
| 159.65.100.233 | attack | scans 2 times in preceeding hours on the ports (in chronological order) 25722 10728 |
2020-07-06 23:13:29 |
| 113.200.121.186 | attackspambots | scans 2 times in preceeding hours on the ports (in chronological order) 2205 2205 |
2020-07-06 23:17:50 |
| 185.175.93.14 | attackspambots | scans 11 times in preceeding hours on the ports (in chronological order) 62222 8390 10900 63391 23000 8989 8689 7788 5333 14141 4500 resulting in total of 25 scans from 185.175.93.0/24 block. |
2020-07-06 23:23:01 |
| 193.27.228.13 | attackspambots |
|
2020-07-06 23:07:47 |
| 45.148.121.43 | attack | probes 3 times on the port 11211 |
2020-07-06 23:36:45 |