Must be a valid IPv4 or IPv6 ip address, e.g. 127.0.0.1 or 2001:DB8:0:0:8:800:200C:417A
Basic Info

City: unknown

Region: unknown

Country: United States

Internet Service Provider: CARInet Inc.

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:
Type Details Datetime
attackspam
Honeypot hit.
2019-11-20 13:16:08
attack
ET CINS Active Threat Intelligence Poor Reputation IP group 65 - port: 502 proto: TCP cat: Misc Attack
2019-10-27 07:25:19
attackbots
10/13/2019-22:15:03.475601 71.6.142.80 Protocol: 6 ET CINS Active Threat Intelligence Poor Reputation IP group 71
2019-10-14 05:48:33
attack
Portscan or hack attempt detected by psad/fwsnort
2019-08-11 20:05:31
attack
Port scan: Attack repeated for 24 hours
2019-08-09 12:20:05
attackbots
2083/tcp 2082/tcp 1900/udp...
[2019-04-29/06-30]49pkt,16pt.(tcp),3pt.(udp)
2019-06-30 11:49:47
Comments on same subnet:
IP Type Details Datetime
71.6.142.85 attackbots
scans once in preceeding hours on the ports (in chronological order) 8443 resulting in total of 3 scans from 71.6.128.0/17 block.
2020-07-07 01:08:55
71.6.142.86 attackbotsspam
ET CINS Active Threat Intelligence Poor Reputation IP group 61 - port: 80 proto: TCP cat: Misc Attack
2019-12-11 05:52:18
71.6.142.81 attackbotsspam
UTC: 2019-12-06 port: 53/tcp
2019-12-07 15:24:35
71.6.142.86 attack
" "
2019-12-05 05:42:03
71.6.142.87 attack
Honeypot hit.
2019-11-27 00:39:25
71.6.142.86 attackbotsspam
22/tcp 1900/tcp 3306/tcp...
[2019-09-02/10-29]18pkt,7pt.(tcp),3pt.(udp)
2019-10-30 15:17:41
71.6.142.83 attack
3389/tcp 21/tcp 9200/tcp...
[2019-08-18/10-17]37pkt,15pt.(tcp),3pt.(udp)
2019-10-17 18:02:14
71.6.142.87 attackbotsspam
10/13/2019-22:15:13.009906 71.6.142.87 Protocol: 17 ET CINS Active Threat Intelligence Poor Reputation IP group 71
2019-10-14 05:39:13
71.6.142.83 attackspambots
10/13/2019-05:50:39.117650 71.6.142.83 Protocol: 17 GPL SNMP public access udp
2019-10-13 16:17:07
71.6.142.83 attackspambots
MultiHost/MultiPort Probe, Scan, Hack -
2019-10-10 12:10:53
71.6.142.86 attackbots
Automated reporting of Vulnerability scanning
2019-10-09 01:44:22
71.6.142.86 attackbots
Honeypot attack, port: 445, PTR: debian814286.aspadmin.net.
2019-10-08 00:13:48
71.6.142.87 attackspam
Scanning random ports - tries to find possible vulnerable services
2019-09-01 18:24:30
71.6.142.86 attackbots
08/31/2019-07:56:19.221096 71.6.142.86 Protocol: 6 ET CINS Active Threat Intelligence Poor Reputation IP group 71
2019-08-31 21:14:05
71.6.142.81 attackbots
[portscan] udp/123 [NTP]
*(RWIN=-)(06271037)
2019-06-27 16:34:13
Whois info:
b
Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 71.6.142.80
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 24343
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;71.6.142.80.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019032900 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.3#53(67.207.67.3)
;; WHEN: Fri Mar 29 16:48:57 +08 2019
;; MSG SIZE  rcvd: 115

Host info
80.142.6.71.in-addr.arpa domain name pointer debian814280.aspadmin.net.
Nslookup info:
Server:		67.207.67.3
Address:	67.207.67.3#53

Non-authoritative answer:
80.142.6.71.in-addr.arpa	name = debian814280.aspadmin.net.

Authoritative answers can be found from:

Related IP info:
Related comments:
IP Type Details Datetime
178.128.112.98 attack
Jun 27 00:58:34 lnxmail61 sshd[12485]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.128.112.98
2019-06-27 07:20:16
77.40.61.204 attack
2019-06-27T00:53:24.125971mail01 postfix/smtpd[31092]: warning: unknown[77.40.61.204]: SASL LOGIN authentication failed: UGFzc3dvcmQ6
2019-06-27T00:54:41.069955mail01 postfix/smtpd[31092]: warning: unknown[77.40.61.204]: SASL LOGIN authentication failed: UGFzc3dvcmQ6
2019-06-27T00:57:43.216210mail01 postfix/smtpd[12790]: warning: unknown[77.40.61.204]: SASL LOGIN authentication failed: UGFzc3dvcmQ6
2019-06-27 07:39:15
51.15.183.200 attackspam
miraniessen.de 51.15.183.200 \[27/Jun/2019:00:56:37 +0200\] "POST /wp-login.php HTTP/1.1" 200 5972 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0"
miraniessen.de 51.15.183.200 \[27/Jun/2019:00:56:37 +0200\] "POST /wp-login.php HTTP/1.1" 200 5976 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0"
2019-06-27 07:44:03
103.113.105.11 attackbotsspam
Jun 27 00:58:16 pornomens sshd\[30258\]: Invalid user webs from 103.113.105.11 port 49810
Jun 27 00:58:16 pornomens sshd\[30258\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.113.105.11
Jun 27 00:58:18 pornomens sshd\[30258\]: Failed password for invalid user webs from 103.113.105.11 port 49810 ssh2
...
2019-06-27 07:25:38
190.85.203.254 attackspam
Triggered by Fail2Ban at Vostok web server
2019-06-27 07:41:55
49.206.219.163 attack
Stolen Passwords
2019-06-27 07:40:52
142.93.81.77 attackbotsspam
Jun 27 01:29:59 dev sshd\[24359\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.81.77  user=root
Jun 27 01:30:01 dev sshd\[24359\]: Failed password for root from 142.93.81.77 port 54696 ssh2
...
2019-06-27 07:51:17
221.230.131.6 attackspambots
Jun 27 00:15:01 mail sshd\[20351\]: Invalid user victorien from 221.230.131.6 port 32998
Jun 27 00:15:01 mail sshd\[20351\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=221.230.131.6
...
2019-06-27 07:37:41
199.249.230.119 attack
frenzy
2019-06-27 07:06:39
51.75.202.218 attackbots
Jun 27 06:57:49 localhost sshd[24975]: Invalid user wf from 51.75.202.218 port 57074
...
2019-06-27 07:35:09
14.152.92.70 attackspambots
$f2bV_matches
2019-06-27 07:42:26
218.92.0.207 attackspam
Failed password for root from 218.92.0.207 port 35303 ssh2
Failed password for root from 218.92.0.207 port 35303 ssh2
pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.207  user=root
Failed password for root from 218.92.0.207 port 24402 ssh2
Failed password for root from 218.92.0.207 port 24402 ssh2
2019-06-27 07:32:30
35.224.176.55 attack
2019-06-26T22:58:16Z - RDP login failed multiple times. (35.224.176.55)
2019-06-27 07:27:33
190.46.88.48 attackbotsspam
" "
2019-06-27 07:47:59
202.47.80.65 attack
Jun 27 01:03:40 MK-Soft-Root1 sshd\[31779\]: Invalid user support from 202.47.80.65 port 40588
Jun 27 01:03:40 MK-Soft-Root1 sshd\[31779\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.47.80.65
Jun 27 01:03:43 MK-Soft-Root1 sshd\[31779\]: Failed password for invalid user support from 202.47.80.65 port 40588 ssh2
...
2019-06-27 07:16:23

Recently Reported IPs

167.99.66.166 165.227.97.108 159.89.235.61 159.65.174.81
139.59.34.17 134.175.129.225 134.175.49.215 130.105.68.200
111.231.83.123 106.12.131.50 103.65.236.179 98.234.14.119
94.191.99.114 94.23.55.228 90.171.227.63 86.61.66.59
67.248.136.89 51.255.174.215 51.68.122.216 50.116.98.174