Traffic Report - nqatp (US, Boardman)

Traffic Report for nqatp (US, Boardman)

Linux | 0.93 GB | hosting

Select Endpoint:

Active (5m ago)

United States | Linux | Unknown RAM

Page loaded: 2025-11-30 22:36:22 UTC

Actionable Threat Intelligence

Firewall IP Blocklists

Choose Your Blocklist Strategy

Three different blocklist options are available based on your security requirements and tolerance for false positives.

LightScope Network Power

Harnesses the power of the entire LightScope network! Contains IPs that connected to honeypots across ALL LightScope endpoints.

🌐 Network-wide threat intelligence
✓ 100% verified genuine attackers
✓ No spoofed IP addresses
✓ Maximum protection coverage

Best Choice: Leverages the collective intelligence of the entire LightScope network. Safe for immediate deployment.

Download Recommended

Conservative

Endpoint-Specific Verified

Only includes IPs that completed a 3-way TCP handshake with THIS endpoint's honeypot services. These are verified genuine threat actors specific to your endpoint.

✓ Endpoint-specific targeting
✓ Zero spoofing risk
✓ Safe for production
✓ Targeted protection

Good Choice: For endpoint-specific protection. These IPs specifically targeted your infrastructure.

Download Conservative

Extreme (Not Recommended)

All Threat Actor IPs

Includes ALL individual threat actor IPs that targeted your network, including those that may be spoofed by competitors or other attackers.

🚨 HIGH spoofing probability
⚠️ WILL LIKELY block legitimate traffic
⚠️ Can cause service disruption
⚠️ NOT RECOMMENDED

Not Recommended: High risk of blocking legitimate services. Only for isolated environments.

Download Extreme

Firewall Import Instructions:

pfSense/OPNsense:
Firewall → Aliases → IP → Upload

Cisco ASA:
object-group network BLOCKLIST

iptables:
ipset create blocklist hash:ip

Format:
Plain text, one IP per line

Automation & API Access

Automate your blocklist updates! Use these wget commands to automatically download the latest blocklists for integration into scripts, cron jobs, or automated security workflows.

Recommended (Network-wide)

wget -O recommended_blocklist.txt \

                                                              "https://lightscope.isi.edu/blocklist/20250625_bywaoltrwcikumlcynjwzfntqugsvzvfkrwdubonocoubyzwznqatp/recommended"

Conservative (Endpoint-specific)

wget -O conservative_blocklist.txt \

                                                              "https://lightscope.isi.edu/blocklist/20250625_bywaoltrwcikumlcynjwzfntqugsvzvfkrwdubonocoubyzwznqatp/conservative"

Extreme (Not Recommended)

wget -O extreme_blocklist.txt \

                                                              "https://lightscope.isi.edu/blocklist/20250625_bywaoltrwcikumlcynjwzfntqugsvzvfkrwdubonocoubyzwznqatp/extreme"

Example Automation Script:

#!/bin/bash

                                                            # Download latest LightScope blocklist

                                                            wget -q -O /tmp/blocklist.txt \

                                                              "https://lightscope.isi.edu/blocklist/20250625_bywaoltrwcikumlcynjwzfntqugsvzvfkrwdubonocoubyzwznqatp/recommended"

                                                            

                                                            # Apply to iptables

                                                            ipset flush lightscope_blocklist

                                                            while read ip; do

                                                              ipset add lightscope_blocklist $ip

                                                            done < /tmp/blocklist.txt

Cron Job Example:

# Update blocklist every hour

                                                            0 * * * * /usr/local/bin/update_blocklist.sh

                                                            

                                                            # Update blocklist daily at 2 AM

                                                            0 2 * * * wget -q -O /etc/firewall/blocklist.txt \

                                                              "https://lightscope.isi.edu/blocklist/20250625_bywaoltrwcikumlcynjwzfntqugsvzvfkrwdubonocoubyzwznqatp/recommended" \

                                                              && /usr/local/bin/reload_firewall.sh

Pro Tip: Set up automated downloads to keep your firewall protection current. The blocklists are updated whenever new dashboard data is processed, ensuring you have the latest threat intelligence.

Internal Threats

None detected
No unwanted traffic from internal IP addresses

Changes To Targeted Ports

No major changes detected
No port changes above 300%

Overall Traffic Trends

Normal Level
+20.3% change (7-day)

Current: 146,203
Previous: 121,521

Status:

Traffic levels are within normal range
Continue regular monitoring
Review other sections for insights

How to Use This Section

This section provides immediate, actionable insights from your threat intelligence data. Red items require immediate attention, yellow items need investigation, and green items indicate normal status. Click on the detailed sections below for comprehensive analysis and remediation steps.

Honeypot Analysis

IPs Connected to Honeypot Ports On Your Machine

Loading honeypot connections data...

Incomplete Connections: Attackers Started But Didn't Complete The 3-Way Handshake To Honeypot Ports

Loading incomplete connections data...

Honeypot Port Statistics

Loading port statistics...

Attack Payloads

Loading payload analysis...

Honeypot Attack Timeline

Loading temporal analysis...

General Information

All Sources Unwanted Traffic Port Activity

Last 7 Days

Show top:

Daily Unwanted Traffic Since Inception

Weekly Unwanted Traffic by Hour

Last 7 Days

Ports Targeted by Unwanted Traffic

Last 7 Days

Show top:

Data Time Ranges:

Weekly Unwanted Traffic by Hour: Last 7 days
Daily Unwanted Traffic Since Inception: Complete history
Port Statistics: Last 7 days

Unique Threat Actors

14,798

Distinct sources of unwanted traffic

Comparative Analysis

Unwanted Traffic Rankings

48.3% Unwanted Traffic Volume Percentile

Rank 16 of 29
among active endpoints for receiving unwanted traffic

122,486

Unwanted
Packets (7d)

10,207

Threat
Sources

13952

Targeted
Ports

Unwanted Traffic Concentration

Top threat subnets generate:

Top 5% of subnets (201 subnets): 90.5%

Top 10% of subnets: 93.8%

Top 20% of subnets: 96.1%

From 4,018 total threat subnets (122,481 unwanted packets)

Internal Threats

CRITICAL SECURITY WARNING

Any unwanted traffic shown in this section represents a critical security threat and must be investigated immediately.

This traffic originates from private (non-publicly routable) IP addresses on your local network, which indicates:

A compromised endpoint on your internal network
Malware or unauthorized software sending unwanted traffic
Potential lateral movement by an attacker
Misconfigured network equipment or services

If any traffic is shown below, immediate action is required: Identify and isolate the source devices, perform security scans, and investigate for signs of compromise.

No Internal Threats Detected

Excellent! No unwanted traffic from internal/private IP addresses was detected on this endpoint. This indicates that your internal network security posture is good for this monitoring point.

7-Day Comparison

Traffic Volume Changes

Current Week

146,203

packets

Previous Week

121,521

packets

Change

+24,682

(20.3%)

New Threat Actors

IP Address	Hit Count	Country	ASN
46.17.96.38	7897	Netherlands	AS57043
111.205.209.78	2506	China	AS4808
78.128.114.110	1389	Bulgaria	AS50360
79.124.49.226	1207	Bulgaria	AS50360
204.76.203.219	1173	Netherlands	AS51396
79.124.40.158	967	Bulgaria	AS50360
79.124.60.6	929	Bulgaria	AS50360
149.102.234.72	914	Brazil	AS212238
79.124.40.138	906	Bulgaria	AS50360
115.231.78.14	836	China	AS58461

New Subnets

Subnet	Hit Count
46.17.96.0/24	7897

Significant Activity Changes

IP Address	Change	Country
169.228.66.209	+141%	United States
206.189.105.53	+108%	Netherlands

Port Targeting Changes

New Ports Being Targeted

Port 3306 (1222 hits) Port 143 (938 hits) Port 6379 (894 hits) Port 5432 (810 hits) Port 21 (804 hits) Port 445 (797 hits) Port 3000 (736 hits) Port 8888 (725 hits) Port 8000 (713 hits) Port 25 (704 hits)

Significant Port Changes

Port	Change
1433	+297%
2222	+182%
8728	+147%
443	+146%
23	+134%
80	+126%
8080	+117%
8443	+115%
5900	+71%
3389	+69%

New Geographic Sources

Bulgaria (12631 hits) China (3342 hits) Canada (738 hits)

Comparison Summary: This analysis compares the last 7 days with the previous 7 days (8-14 days ago). Traffic has increased by 24,682 packets (20.3%). 10 new threat actor(s) detected. 1 new subnet(s) detected.

Threat Intelligence Analysis

Unwanted Traffic by Company/Organization

Company/Organization	Packet Count	Unique Sources	Countries	ASNs	Sample IPs
Microsoft Corporation	31,139	4	United States	AS8075	52.154.143.7, 20.55.84.97, 20.65.193.188...
Tamatiya EOOD	16,547	29	Bulgaria	AS50360	78.128.114.110, 79.124.49.226, 79.124.40.158...
Google LLC	16,332	156	Belgium United Kingdom United States	AS396982	35.203.210.84, 162.216.149.225, 35.203.211.64...
DigitalOcean, LLC	13,896	8	Canada India Netherlands +2	AS14061	206.189.105.53, 157.245.32.173, 68.183.90.203...
Palo Alto Networks, Inc	8,554	82	Belgium Brazil Finland +2	AS396982	147.185.133.58, 147.185.132.250, 147.185.133.248...
HOSTKEY B.V.	7,897	1	Netherlands	AS57043	46.17.96.38
China Unicom Beijing province network	6,106	1	China	AS4808	111.205.209.78
Limited Network LTD	5,913	7	Netherlands	AS214295	45.142.193.90, 45.142.193.191, 45.142.193.131...
Amazon Technologies Inc.	4,629	27	United States	AS16509	3.14.73.254, 3.148.147.222, 18.223.104.85...
Pfcloud UG	4,189	11	Germany Netherlands	AS51396	204.76.203.219, 204.76.203.212, 204.76.203.31...
Amazon Data Services France	3,134	4	France	AS16509	13.37.238.190, 15.188.86.32, 35.180.19.44...
University of California, San Diego	3,132	1	United States	AS7377	169.228.66.209
Fuse Hosting Web	2,223	8	Netherlands	AS174	87.120.191.13, 87.120.191.104, 87.120.191.37...
Datacamp Limited	2,187	3	Brazil	AS212238	149.102.234.72, 149.102.234.81, 149.102.234.193
RECYBER PROJECT NETBLOCK	1,565	6	Netherlands	AS202425	89.248.163.200, 89.248.163.190, 89.248.165.205...
Censys, Inc.	1,558	17	Germany Hong Kong United States	AS398324 AS398705 +1	167.94.145.22, 167.94.145.21, 206.168.35.44...
VenomDC - Private Internet Space.	1,489	3	Bulgaria	AS50360	79.124.60.6, 79.124.60.146, 79.124.58.18
Skoali	1,133	2	Canada	Unknown	103.102.230.4, 103.102.230.3
Hangzhou Duchuang Keji Co.,Ltd	836	1	China	AS58461	115.231.78.14
CyberTech LLC	774	2	Russia	AS44881	178.22.24.60, 178.22.24.121
Driftnet Ltd	747	6	United Kingdom	AS211298	193.163.125.126, 193.163.125.128, 193.163.125.139...
Alsycon B.V.	689	2	Netherlands	AS49870	185.224.128.17, 194.50.16.198
Web Werks India Pvt. Ltd.	649	1	India	AS133296	103.224.247.219
internet-security-cheapyhost	528	3	Netherlands	AS401120	196.251.71.217, 196.251.72.203, 196.251.80.178
The Shadowserver Foundation, Inc.	477	5	United States	AS6939	64.62.156.21, 64.62.197.91, 64.62.156.193...

Unwanted Traffic by Country

Country	Country Code	Packet Count	Unique Sources	Sample IPs
United States	US	53,392	178	52.154.143.7, 169.228.66.209, 3.14.73.254, 3.148.147.222, 162.216.149.225
Netherlands	NL	38,293	57	206.189.105.53, 46.17.96.38, 45.142.193.90, 45.142.193.191, 45.142.193.131
Bulgaria	BG	18,389	35	78.128.114.110, 79.124.49.226, 79.124.40.158, 79.124.60.6, 79.124.40.138
United Kingdom	GB	9,788	89	157.245.32.173, 51.89.172.133, 35.203.210.84, 35.203.211.64, 35.203.211.91
China	CN	7,894	10	111.205.209.78, 115.231.78.14, 123.172.55.253, 39.129.34.202, 221.235.141.78
France	FR	3,945	10	13.37.238.190, 15.188.86.32, 35.180.19.44, 35.180.166.128, 208.115.211.60
Finland	FI	3,824	35	147.185.133.58, 147.185.133.248, 147.185.133.207, 147.185.133.122, 147.185.133.149
Brazil	BR	3,276	14	149.102.234.72, 149.102.234.81, 149.102.234.193, 205.210.31.161, 205.210.31.139
Canada	CA	1,696	7	103.102.230.4, 103.102.230.3, 148.113.214.202, 148.113.189.33, 24.54.95.49
Russia	RU	1,647	6	178.22.24.60, 178.22.24.121, 88.210.63.88, 45.135.95.25, 87.251.67.25
Germany	DE	1,388	11	185.91.127.107, 185.73.23.133, 167.94.145.22, 167.94.145.21, 176.65.148.206
India	IN	1,158	6	103.224.247.219, 103.162.198.97, 68.183.90.203, 103.71.112.18, 162.216.142.81
Belgium	BE	862	9	198.235.24.145, 198.235.24.158, 198.235.24.154, 198.235.24.215, 198.235.24.232
Hong Kong	HK	860	11	156.225.0.37, 199.45.155.66, 199.45.154.177, 45.249.245.54, 156.225.0.41
Poland	PL	597	2	95.214.53.196, 194.180.48.63
Japan	JP	587	3	185.244.104.2, 110.0.133.97, 139.162.70.53
Taiwan	TW	550	5	198.235.24.89, 198.235.24.9, 198.235.24.10, 198.235.24.98, 198.235.24.8
Lithuania	LT	380	3	91.224.92.128, 77.90.185.84, 77.90.185.49
Singapore	SG	347	3	45.32.115.84, 185.200.116.70, 8.222.159.54
Australia	AU	126	1	51.161.174.170
Ukraine	UA	121	1	185.243.98.11
Sweden	SE	79	1	213.114.112.44
Malaysia	MY	60	1	47.250.80.183
Romania	RO	60	1	193.29.13.161
Spain	ES	59	1	5.187.35.21

Unwanted Traffic by Autonomous System (ASN)

ASN	AS Name	Packet Count	Unique Sources	Countries	Sample IPs
AS8075	Microsoft Corporation	31,139	4	United States	52.154.143.7, 20.55.84.97, 20.65.193.188...
AS396982	Google LLC	24,886	238	Belgium Brazil Finland +3	35.203.210.84, 162.216.149.225, 147.185.133.58...
AS50360	Tamatiya EOOD	18,036	32	Bulgaria	78.128.114.110, 79.124.49.226, 79.124.40.158...
AS14061	DigitalOcean, LLC	13,896	8	Canada India Netherlands +2	206.189.105.53, 157.245.32.173, 68.183.90.203...
AS57043	HOSTKEY B.V.	7,897	1	Netherlands	46.17.96.38
AS16509	Amazon.com, Inc.	7,763	31	France United States	13.37.238.190, 15.188.86.32, 35.180.19.44...
AS4808	China Unicom Beijing Province Network	6,106	1	China	111.205.209.78
AS214295	SKYNET NETWORK LTD	5,913	7	Netherlands	45.142.193.90, 45.142.193.191, 45.142.193.131...
AS51396	Pfcloud UG	4,189	11	Germany Netherlands	204.76.203.219, 204.76.203.212, 204.76.203.31...
AS7377	University of California, San Diego	3,132	1	United States	169.228.66.209
AS174	Cogent Communications	2,688	13	Hong Kong Netherlands United States	87.120.191.13, 87.120.191.104, 87.120.191.37...
AS212238	Datacamp Limited	2,598	4	Brazil Japan	149.102.234.72, 149.102.234.81, 149.102.234.193...
AS202425	IP Volume inc	1,948	9	Netherlands	89.248.163.200, 89.248.163.190, 89.248.165.205...
Unknown	Unknown	1,910	9	Canada Hong Kong Russia +1	103.102.230.4, 103.102.230.3, 88.210.63.88...
AS398324	Censys, Inc.	926	11	United States	206.168.35.44, 206.168.35.178, 167.248.133.117...
AS58461	CT-HangZhou-IDC	836	1	China	115.231.78.14
AS16276	OVH SAS	817	5	Australia Canada United Kingdom	51.89.172.133, 148.113.214.202, 148.113.189.33...
AS49870	Alsycon B.V.	798	3	Netherlands	185.224.128.17, 194.50.16.198, 89.190.159.188
AS44881	CyberTech LLC	774	2	Russia	178.22.24.60, 178.22.24.121
AS211298	Driftnet Ltd	747	6	United Kingdom	193.163.125.126, 193.163.125.128, 193.163.125.139...
AS133296	Web Werks India Pvt. Ltd.	649	1	India	103.224.247.219
AS201814	MEVSPACE sp. z o.o.	597	2	Poland	95.214.53.196, 194.180.48.63
AS401120	cheapy.host LLC	528	3	Netherlands	196.251.71.217, 196.251.72.203, 196.251.80.178
AS4134	CHINANET-BACKBONE	519	4	China	123.172.55.253, 221.235.141.78, 222.186.13.133...
AS6939	Hurricane Electric LLC	477	5	United States	64.62.156.21, 64.62.197.91, 64.62.156.193...

Global Threat Intelligence

Network-Wide Intelligence: This section provides threat intelligence analysis across all LightScope endpoints in your network, helping you understand broader attack patterns and emerging threats.

Global Threat Trends

Network-Wide Traffic Volume

Recent 30 days

1,669,932

Previous 30 days

7,478,828

-77.7% change

Unique Threat Sources

Recent 30 days

28,789

Previous 30 days

61,112

-52.9% change

Top Threat Source Countries

Country	Packets	Sources
United States	423,014	197
Germany	207,903	37
Canada	150,172	21
Netherlands	72,831	70
Bulgaria	64,827	44

Top Targeted Ports Globally

Port	Hit Count	Sources
5900	422,947	623
3389	18,633	1214
23	15,757	8599
8080	11,513	1568
443	11,123	1943

Recently Silent Subnets

10 subnet(s) have stopped sending traffic in the last 7 days after being active.

Subnet	Last Seen	Historical Packets	Endpoints	Country	Organization	Sample IPs
134.199.194.0/24	2025-11-24T22:18:45	92,558	1	United States	DigitalOcean, LLC	134.199.194.127
134.199.204.0/24	2025-11-24T22:18:45	74,856	1	United States	DigitalOcean, LLC	134.199.204.19
165.227.44.0/24	2025-11-24T22:18:45	68,003	1	Canada	DigitalOcean, LLC	165.227.44.4
162.243.22.0/24	2025-11-24T22:18:45	67,783	1	United States	DigitalOcean, LLC	162.243.22.228
162.243.248.0/24	2025-11-24T22:18:45	16,461	5	United States	DigitalOcean, LLC	162.243.248.118
54.249.119.0/24	2025-11-24T22:18:46	1,270	1	Japan	Amazon.com, Inc.	54.249.119.10
36.255.98.0/24	2025-11-24T22:18:47	984	24	Singapore	Cyber Security SG	36.255.98.221
162.216.149.0/24	2025-11-24T22:18:46	598	23	United States	Google LLC	162.216.149.44
162.216.150.0/24	2025-11-24T22:18:45	564	23	United States	Google LLC	162.216.150.73
35.203.211.0/24	2025-11-24T22:18:46	559	23	United Kingdom	Google LLC	35.203.211.12

Coordinated Attack Patterns (Sharded Subnets)

7 coordinated attack group(s) detected - Multiple subnets showing synchronized traffic pattern changes (50%+ increase/decrease within 2-hour windows). This may indicate botnet activity, coordinated attacks, or shared command & control infrastructure.

Group 1 10 subnets

74,234 packets

patterns

Bulgaria | CLOUDVPS-NET
ASN: AS207812

Subnets in Coordinated Group:

79.124.62.0/24 55.236.236.0/24 77.169.208.0/24 198.245.9.0/24 185.242.226.0/24 113.39.106.0/24 89.248.163.0/24 204.76.203.0/24 65.49.1.0/24 45.140.222.0/24

Detected Coordination Patterns:

Traffic Timeline - Coordinated Patterns:

This chart shows hourly traffic patterns for all subnets in this coordinated group. Look for synchronized increases/decreases that indicate coordinated behavior.

Unwanted Traffic Temporal Analysis:

This scatter plot shows detailed port targeting activity over time for all subnets in this coordinated group. Each bubble represents port activity - larger bubbles indicate higher packet volumes.

Group 2 4 subnets

42,745 packets

patterns

United States | AT&T Enterprises, LLC
ASN: AS7018

Subnets in Coordinated Group:

162.199.20.0/24 79.124.49.0/24 35.40.64.0/24 192.113.218.0/24

Detected Coordination Patterns:

Traffic Timeline - Coordinated Patterns:

This chart shows hourly traffic patterns for all subnets in this coordinated group. Look for synchronized increases/decreases that indicate coordinated behavior.

Unwanted Traffic Temporal Analysis:

This scatter plot shows detailed port targeting activity over time for all subnets in this coordinated group. Each bubble represents port activity - larger bubbles indicate higher packet volumes.

Group 3 17 subnets

226,811 packets

patterns

United States | Google LLC
ASN: AS396982

Subnets in Coordinated Group:

162.216.150.0/24 35.203.210.0/24 35.203.211.0/24 147.185.133.0/24 162.216.149.0/24 147.185.132.0/24 205.210.31.0/24 88.26.109.0/24 198.235.24.0/24 66.132.153.0/24 167.94.138.0/24 162.142.125.0/24 216.180.246.0/24 206.168.34.0/24 199.45.154.0/24 64.62.156.0/24 64.62.197.0/24

Detected Coordination Patterns:

Traffic Timeline - Coordinated Patterns:

This chart shows hourly traffic patterns for all subnets in this coordinated group. Look for synchronized increases/decreases that indicate coordinated behavior.

Unwanted Traffic Temporal Analysis:

This scatter plot shows detailed port targeting activity over time for all subnets in this coordinated group. Each bubble represents port activity - larger bubbles indicate higher packet volumes.

Group 4 6 subnets

65,504 packets

patterns

United States | DigitalOcean, LLC
ASN: AS14061

Subnets in Coordinated Group:

134.199.204.0/24 162.243.22.0/24 129.64.177.0/24 176.65.149.0/24 167.94.146.0/24 79.124.59.0/24

Detected Coordination Patterns:

Traffic Timeline - Coordinated Patterns:

This chart shows hourly traffic patterns for all subnets in this coordinated group. Look for synchronized increases/decreases that indicate coordinated behavior.

Unwanted Traffic Temporal Analysis:

This scatter plot shows detailed port targeting activity over time for all subnets in this coordinated group. Each bubble represents port activity - larger bubbles indicate higher packet volumes.

Group 5 7 subnets

63,768 packets

patterns

United States | DigitalOcean, LLC
ASN: AS14061

Subnets in Coordinated Group:

162.243.248.0/24 115.74.211.0/24 68.183.207.0/24 79.124.56.0/24 143.42.1.0/24 15.188.207.0/24 81.17.16.0/24

Detected Coordination Patterns:

Traffic Timeline - Coordinated Patterns:

This chart shows hourly traffic patterns for all subnets in this coordinated group. Look for synchronized increases/decreases that indicate coordinated behavior.

Unwanted Traffic Temporal Analysis:

This scatter plot shows detailed port targeting activity over time for all subnets in this coordinated group. Each bubble represents port activity - larger bubbles indicate higher packet volumes.

Group 6 3 subnets

27,614 packets

patterns

United States | Microsoft Corporation
ASN: AS8075

Subnets in Coordinated Group:

52.154.143.0/24 142.214.101.0/24 120.247.7.0/24

Detected Coordination Patterns:

Traffic Timeline - Coordinated Patterns:

This chart shows hourly traffic patterns for all subnets in this coordinated group. Look for synchronized increases/decreases that indicate coordinated behavior.

Unwanted Traffic Temporal Analysis:

This scatter plot shows detailed port targeting activity over time for all subnets in this coordinated group. Each bubble represents port activity - larger bubbles indicate higher packet volumes.

Group 7 4 subnets

23,856 packets

patterns

Bulgaria | Tamatiya EOOD
ASN: AS50360

Subnets in Coordinated Group:

78.128.114.0/24 79.124.58.0/24 196.15.219.0/24 249.112.182.0/24

Detected Coordination Patterns:

Traffic Timeline - Coordinated Patterns:

This chart shows hourly traffic patterns for all subnets in this coordinated group. Look for synchronized increases/decreases that indicate coordinated behavior.

Unwanted Traffic Temporal Analysis:

This scatter plot shows detailed port targeting activity over time for all subnets in this coordinated group. Each bubble represents port activity - larger bubbles indicate higher packet volumes.

Individual Threat Actors

206.189.105.53

9,541 hits

1 ports

10/45 endpoints

Netherlands (NL)
Amsterdam, North Holland

ASN: AS14061
DigitalOcean, LLC

AbuseIPDB 100%

Location Information

Country:	Netherlands (NL)
City:	Amsterdam
Region:	North Holland
Postal Code:	1012
Timezone:	Europe/Amsterdam

Network Information

ASN:	AS14061
AS Name:	DigitalOcean, LLC
Company:	DigitalOcean, LLC
Domain:	digitalocean.com

Privacy Information

Hosting:	true
Proxy:
VPN:	true
Tor:

AbuseIPDB Information

Abuse Confidence Score:

AbuseIPDB 100% (High Risk)

nqatp - Targeted Ports

Top:

Temporal Port Activity

Last 7 Days

Threat Actor Observations on Other Lightscope Endpoints

ludbp (134,226 hits)

Temporal Port Activity

Last 7 Days

xqtiq (44,953 hits)

Temporal Port Activity

Last 7 Days

udqwh (19,298 hits)

Temporal Port Activity

Last 7 Days

isxku (13,877 hits)

Temporal Port Activity

Last 7 Days

alzae (13,051 hits)

Temporal Port Activity

Last 7 Days

deoyg (13,029 hits)

Temporal Port Activity

Last 7 Days

vqhav (12,972 hits)

Temporal Port Activity

Last 7 Days

mrozu (12,862 hits)

Temporal Port Activity

Last 7 Days

crwvg (12,862 hits)

Temporal Port Activity

Last 7 Days

sqepx (12,600 hits)

Temporal Port Activity

Last 7 Days

46.17.96.38

7,897 hits

1457 ports

4/45 endpoints

Netherlands (NL)
Amsterdam, North Holland

ASN: AS57043
HOSTKEY B.V.

AbuseIPDB 100%

Location Information

Country:	Netherlands (NL)
City:	Amsterdam
Region:	North Holland
Postal Code:	1012
Timezone:	Europe/Amsterdam

Network Information

ASN:	AS57043
AS Name:	HOSTKEY B.V.
Company:	HOSTKEY B.V.
Domain:	hostkey.com

Privacy Information

Hosting:	true
Proxy:
VPN:
Tor:

AbuseIPDB Information

Abuse Confidence Score:

AbuseIPDB 100% (High Risk)

nqatp - Targeted Ports

Top:

Temporal Port Activity

Last 7 Days

Threat Actor Observations on Other Lightscope Endpoints

vqhav (6,267 hits)

Temporal Port Activity

Last 7 Days

crwvg (5,493 hits)

Temporal Port Activity

Last 7 Days

hvldm (1,481 hits)

Temporal Port Activity

Last 7 Days

pxiww (2 hits)

Temporal Port Activity

Last 7 Days

169.228.66.209

3,132 hits

9 ports

0/45 endpoints

United States (US)
San Diego, California

ASN: AS7377
University of California, San Diego

AbuseIPDB 0%

Location Information

Country:	United States (US)
City:	San Diego
Region:	California
Postal Code:	92101
Timezone:	America/Los_Angeles

Network Information

ASN:	AS7377
AS Name:	University of California, San Diego
Company:	University of California, San Diego
Domain:	ucsd.edu

Privacy Information

Hosting:	Unknown
Proxy:	Unknown
VPN:	Unknown
Tor:	Unknown

AbuseIPDB Information

Abuse Confidence Score:

AbuseIPDB 0% (Clean)

nqatp - Targeted Ports

Top:

Temporal Port Activity

Last 7 Days

111.205.209.78

2,506 hits

1 ports

3/45 endpoints

China (CN)
Beijing, Beijing

ASN: AS4808
China Unicom Beijing province network

AbuseIPDB 100%

Location Information

Country:	China (CN)
City:	Beijing
Region:	Beijing
Postal Code:	100000
Timezone:	Asia/Shanghai

Network Information

ASN:	AS4808
AS Name:	China Unicom Beijing Province Network
Company:	China Unicom Beijing province network
Domain:	chinaunicom.cn

Privacy Information

Hosting:	Unknown
Proxy:	Unknown
VPN:	Unknown
Tor:	Unknown

AbuseIPDB Information

Abuse Confidence Score:

AbuseIPDB 100% (High Risk)

nqatp - Targeted Ports

Top:

Temporal Port Activity

Last 7 Days

Threat Actor Observations on Other Lightscope Endpoints

rynzs (51 hits)

Temporal Port Activity

Last 7 Days

alzae (1 hits)

Temporal Port Activity

Last 7 Days

xfqdm (1 hits)

Temporal Port Activity

Last 7 Days

13.37.238.190

1,454 hits

1 ports

9/45 endpoints

France (FR)
Paris, Île-de-France

ASN: AS16509
Amazon Data Services France

AbuseIPDB 33%

Location Information

Country:	France (FR)
City:	Paris
Region:	Île-de-France
Postal Code:	75000
Timezone:	Europe/Paris

Network Information

ASN:	AS16509
AS Name:	Amazon.com, Inc.
Company:	Amazon Data Services France
Domain:	amazon.com

Privacy Information

Hosting:	true
Proxy:
VPN:
Tor:

AbuseIPDB Information

Abuse Confidence Score:

AbuseIPDB 33% (Low Risk)

nqatp - Targeted Ports

Top:

Temporal Port Activity

Last 7 Days

Threat Actor Observations on Other Lightscope Endpoints

isxku (1,903 hits)

Temporal Port Activity

Last 7 Days

qffay (1,836 hits)

Temporal Port Activity

Last 7 Days

sqepx (1,779 hits)

Temporal Port Activity

Last 7 Days

crwvg (1,709 hits)

Temporal Port Activity

Last 7 Days

alzae (1,682 hits)

Temporal Port Activity

Last 7 Days

tgcua (1,662 hits)

Temporal Port Activity

Last 7 Days

vqhav (1,655 hits)

Temporal Port Activity

Last 7 Days

deoyg (1,650 hits)

Temporal Port Activity

Last 7 Days

iafdz (1,506 hits)

Temporal Port Activity

Last 7 Days

78.128.114.110

1,389 hits

125 ports

10/45 endpoints

Bulgaria (BG)
Sofia, Sofia-Capital

ASN: AS50360
Tamatiya EOOD

AbuseIPDB 100%

Location Information

Country:	Bulgaria (BG)
City:	Sofia
Region:	Sofia-Capital
Postal Code:	1000
Timezone:	Europe/Sofia

Network Information

ASN:	AS50360
AS Name:	Tamatiya EOOD
Company:	Tamatiya EOOD
Domain:	4vendeta.com

Privacy Information

Hosting:	true
Proxy:
VPN:
Tor:

AbuseIPDB Information

Abuse Confidence Score:

AbuseIPDB 100% (High Risk)

nqatp - Targeted Ports

Top:

Temporal Port Activity

Last 7 Days

Threat Actor Observations on Other Lightscope Endpoints

fapnd (6,550 hits)

Temporal Port Activity

Last 7 Days

ludbp (3,330 hits)

Temporal Port Activity

Last 7 Days

xfqdm (3,297 hits)

Temporal Port Activity

Last 7 Days

vqhav (2,980 hits)

Temporal Port Activity

Last 7 Days

oxrwe (1,281 hits)

Temporal Port Activity

Last 7 Days

alzae (892 hits)

Temporal Port Activity

Last 7 Days

deoyg (840 hits)

Temporal Port Activity

Last 7 Days

crwvg (803 hits)

Temporal Port Activity

Last 7 Days

tgcua (759 hits)

Temporal Port Activity

Last 7 Days

qrukx (628 hits)

Temporal Port Activity

Last 7 Days

45.142.193.90

1,321 hits

1295 ports

1/45 endpoints

Netherlands (NL)
Lelystad, Flevoland

ASN: AS214295
Limited Network LTD

AbuseIPDB 64%

Location Information

Country:	Netherlands (NL)
City:	Lelystad
Region:	Flevoland
Postal Code:	8224
Timezone:	Europe/Amsterdam

Network Information

ASN:	AS214295
AS Name:	SKYNET NETWORK LTD
Company:	Limited Network LTD
Domain:	btcloud.ro

Privacy Information

Hosting:	true
Proxy:
VPN:
Tor:

AbuseIPDB Information

Abuse Confidence Score:

AbuseIPDB 64% (Medium Risk)

nqatp - Targeted Ports

Top:

Temporal Port Activity

Last 7 Days

Threat Actor Observations on Other Lightscope Endpoints

rynzs (1,410 hits)

Temporal Port Activity

Last 7 Days

45.142.193.191

1,309 hits

1302 ports

1/45 endpoints

Netherlands (NL)
Lelystad, Flevoland

ASN: AS214295
Limited Network LTD

AbuseIPDB 72%

Location Information

Country:	Netherlands (NL)
City:	Lelystad
Region:	Flevoland
Postal Code:	8224
Timezone:	Europe/Amsterdam

Network Information

ASN:	AS214295
AS Name:	SKYNET NETWORK LTD
Company:	Limited Network LTD
Domain:	btcloud.ro

Privacy Information

Hosting:	true
Proxy:
VPN:
Tor:

AbuseIPDB Information

Abuse Confidence Score:

AbuseIPDB 72% (Medium Risk)

nqatp - Targeted Ports

Top:

Temporal Port Activity

Last 7 Days

Threat Actor Observations on Other Lightscope Endpoints

rynzs (1,404 hits)

Temporal Port Activity

Last 7 Days

45.142.193.131

1,294 hits

1293 ports

1/45 endpoints

Netherlands (NL)
Lelystad, Flevoland

ASN: AS214295
Limited Network LTD

AbuseIPDB 67%

Location Information

Country:	Netherlands (NL)
City:	Lelystad
Region:	Flevoland
Postal Code:	8224
Timezone:	Europe/Amsterdam

Network Information

ASN:	AS214295
AS Name:	SKYNET NETWORK LTD
Company:	Limited Network LTD
Domain:	btcloud.ro

Privacy Information

Hosting:	true
Proxy:
VPN:
Tor:

AbuseIPDB Information

Abuse Confidence Score:

AbuseIPDB 67% (Medium Risk)

nqatp - Targeted Ports

Top:

Temporal Port Activity

Last 7 Days

Threat Actor Observations on Other Lightscope Endpoints

rynzs (1,392 hits)

Temporal Port Activity

Last 7 Days

45.142.193.18

1,283 hits

1279 ports

1/45 endpoints

Netherlands (NL)
Lelystad, Flevoland

ASN: AS214295
Limited Network LTD

AbuseIPDB 66%

Location Information

Country:	Netherlands (NL)
City:	Lelystad
Region:	Flevoland
Postal Code:	8224
Timezone:	Europe/Amsterdam

Network Information

ASN:	AS214295
AS Name:	SKYNET NETWORK LTD
Company:	Limited Network LTD
Domain:	btcloud.ro

Privacy Information

Hosting:	true
Proxy:	true
VPN:
Tor:

AbuseIPDB Information

Abuse Confidence Score:

AbuseIPDB 66% (Medium Risk)

nqatp - Targeted Ports

Top:

Temporal Port Activity

Last 7 Days

Threat Actor Observations on Other Lightscope Endpoints

rynzs (1,398 hits)

Temporal Port Activity

Last 7 Days

Subnet Analysis (/24 Networks)

Unique Subnets

6,679

Distinct /24 networks with unwanted traffic

Ports Targeted by Subnets

Last 7 Days

Show top:

Subnet Temporal Port Activity

Last 7 Days

Show top:

Top Subnet Offenders

162.216.150.0/24

13,640 hits

245 IPs

4122 ports

34/45 endpoints

162.216.150.107 (202) 162.216.150.157 (193) 162.216.150.186 (159) +242 more

IPs in Subnet

IP Address	Hit Count
162.216.150.107	202
162.216.150.157	193
162.216.150.186	159
162.216.150.21	156
162.216.150.97	156
162.216.150.46	154
162.216.150.224	150
162.216.150.38	138
162.216.150.94	138
162.216.150.190	137
162.216.150.254	136
162.216.150.167	134
162.216.150.243	134
162.216.150.40	122
162.216.150.140	118
162.216.150.184	116
162.216.150.42	114
162.216.150.234	113
162.216.150.90	108
162.216.150.244	101
162.216.150.220	99
162.216.150.105	97
162.216.150.210	96
162.216.150.228	92
162.216.150.168	83
162.216.150.193	82
162.216.150.175	81
162.216.150.199	81
162.216.150.83	81
162.216.150.222	75
162.216.150.146	74
162.216.150.88	74
162.216.150.15	73
162.216.150.229	71
162.216.150.79	70
162.216.150.232	66
162.216.150.104	62
162.216.150.196	61
162.216.150.34	60
162.216.150.75	60
162.216.150.122	59
162.216.150.129	59
162.216.150.143	58
162.216.150.200	58
162.216.150.26	58
162.216.150.57	58
162.216.150.114	57
162.216.150.130	57
162.216.150.172	57
162.216.150.181	57
162.216.150.58	57
162.216.150.65	57
162.216.150.245	56
162.216.150.136	55
162.216.150.240	55
162.216.150.6	55
162.216.150.115	54
162.216.150.16	54
162.216.150.73	54
162.216.150.86	54
162.216.150.13	53
162.216.150.149	53
162.216.150.211	53
162.216.150.27	53
162.216.150.117	52
162.216.150.131	52
162.216.150.158	52
162.216.150.17	52
162.216.150.178	52
162.216.150.225	52
162.216.150.233	52
162.216.150.84	52
162.216.150.10	51
162.216.150.100	51
162.216.150.103	51
162.216.150.14	51
162.216.150.206	51
162.216.150.209	51
162.216.150.214	51
162.216.150.56	51
162.216.150.93	51
162.216.150.95	51
162.216.150.11	50
162.216.150.148	50
162.216.150.18	50
162.216.150.212	50
162.216.150.227	50
162.216.150.250	50
162.216.150.28	50
162.216.150.39	50
162.216.150.7	50
162.216.150.87	50
162.216.150.98	50
162.216.150.102	49
162.216.150.111	49
162.216.150.118	49
162.216.150.132	49
162.216.150.133	49
162.216.150.135	49
162.216.150.162	49
162.216.150.185	49
162.216.150.207	49
162.216.150.242	49
162.216.150.252	49
162.216.150.4	49
162.216.150.62	49
162.216.150.96	49
162.216.150.106	48
162.216.150.123	48
162.216.150.169	48
162.216.150.189	48
162.216.150.194	48
162.216.150.216	48
162.216.150.218	48
162.216.150.223	48
162.216.150.235	48
162.216.150.24	48
162.216.150.119	47
162.216.150.134	47
162.216.150.141	47
162.216.150.152	47
162.216.150.171	47
162.216.150.23	47
162.216.150.238	47
162.216.150.3	47
162.216.150.33	47
162.216.150.52	47
162.216.150.71	47
162.216.150.112	46
162.216.150.12	46
162.216.150.151	46
162.216.150.153	46
162.216.150.156	46
162.216.150.165	46
162.216.150.182	46
162.216.150.192	46
162.216.150.201	46
162.216.150.217	46
162.216.150.221	46
162.216.150.236	46
162.216.150.241	46
162.216.150.248	46
162.216.150.30	46
162.216.150.76	46
162.216.150.77	46
162.216.150.101	45
162.216.150.109	45
162.216.150.121	45
162.216.150.126	45
162.216.150.138	45
162.216.150.145	45
162.216.150.187	45
162.216.150.203	45
162.216.150.41	45
162.216.150.45	45
162.216.150.5	45
162.216.150.66	45
162.216.150.127	44
162.216.150.150	44
162.216.150.160	44
162.216.150.163	44
162.216.150.174	44
162.216.150.179	44
162.216.150.180	44
162.216.150.198	44
162.216.150.208	44
162.216.150.231	44
162.216.150.29	44
162.216.150.49	44
162.216.150.61	44
162.216.150.78	44
162.216.150.81	44
162.216.150.89	44
162.216.150.92	44
162.216.150.113	43
162.216.150.128	43
162.216.150.139	43
162.216.150.32	43
162.216.150.43	43
162.216.150.59	43
162.216.150.63	43
162.216.150.74	43
162.216.150.82	43
162.216.150.164	42
162.216.150.195	42
162.216.150.247	42
162.216.150.25	42
162.216.150.251	42
162.216.150.47	42
162.216.150.50	42
162.216.150.53	42
162.216.150.54	42
162.216.150.68	42
162.216.150.120	41
162.216.150.124	41
162.216.150.161	41
162.216.150.226	41
162.216.150.237	41
162.216.150.239	41
162.216.150.37	41
162.216.150.85	41
162.216.150.9	41
162.216.150.144	40
162.216.150.170	40
162.216.150.219	40
162.216.150.80	40
162.216.150.108	39
162.216.150.159	39
162.216.150.197	39
162.216.150.213	39
162.216.150.67	39
162.216.150.91	39
162.216.150.116	38
162.216.150.125	38
162.216.150.142	38
162.216.150.176	38
162.216.150.177	38
162.216.150.20	38
162.216.150.246	38
162.216.150.51	38
162.216.150.99	38
162.216.150.137	37
162.216.150.173	37
162.216.150.188	37
162.216.150.191	37
162.216.150.202	37
162.216.150.230	37
162.216.150.249	37
162.216.150.64	37
162.216.150.69	37
162.216.150.110	36
162.216.150.147	36
162.216.150.155	36
162.216.150.253	36
162.216.150.31	36
162.216.150.215	34
162.216.150.36	34
162.216.150.60	34
162.216.150.204	33
162.216.150.22	33
162.216.150.35	33
162.216.150.44	33
162.216.150.55	32
162.216.150.48	31
162.216.150.72	31

Ports Targeted by This Subnet

Top:

Temporal Port Activity

147.185.133.0/24

13,544 hits

254 IPs

4148 ports

36/45 endpoints

147.185.133.58 (239) 147.185.133.248 (180) 147.185.133.207 (160) +251 more

IPs in Subnet

IP Address	Hit Count
147.185.133.58	239
147.185.133.248	180
147.185.133.207	160
147.185.133.122	154
147.185.133.149	154
147.185.133.164	150
147.185.133.96	149
147.185.133.228	148
147.185.133.202	147
147.185.133.161	146
147.185.133.107	144
147.185.133.120	141
147.185.133.97	129
147.185.133.230	128
147.185.133.188	126
147.185.133.87	117
147.185.133.137	109
147.185.133.155	102
147.185.133.105	96
147.185.133.232	91
147.185.133.52	81
147.185.133.49	80
147.185.133.253	79
147.185.133.115	71
147.185.133.183	70
147.185.133.68	70
147.185.133.114	65
147.185.133.238	65
147.185.133.72	64
147.185.133.24	63
147.185.133.146	62
147.185.133.41	62
147.185.133.74	62
147.185.133.113	60
147.185.133.212	60
147.185.133.192	59
147.185.133.106	58
147.185.133.30	58
147.185.133.88	58
147.185.133.93	57
147.185.133.172	56
147.185.133.224	56
147.185.133.13	55
147.185.133.180	55
147.185.133.195	55
147.185.133.218	55
147.185.133.40	55
147.185.133.157	54
147.185.133.175	54
147.185.133.27	54
147.185.133.48	54
147.185.133.123	53
147.185.133.125	53
147.185.133.243	53
147.185.133.255	53
147.185.133.85	53
147.185.133.10	52
147.185.133.187	52
147.185.133.190	52
147.185.133.216	52
147.185.133.223	52
147.185.133.234	52
147.185.133.34	52
147.185.133.127	51
147.185.133.133	51
147.185.133.214	51
147.185.133.32	51
147.185.133.99	51
147.185.133.118	50
147.185.133.138	50
147.185.133.141	50
147.185.133.152	50
147.185.133.163	50
147.185.133.189	50
147.185.133.225	50
147.185.133.23	50
147.185.133.236	50
147.185.133.3	50
147.185.133.35	50
147.185.133.59	50
147.185.133.63	50
147.185.133.86	50
147.185.133.110	49
147.185.133.136	49
147.185.133.184	49
147.185.133.208	49
147.185.133.21	49
147.185.133.237	49
147.185.133.57	49
147.185.133.60	49
147.185.133.67	49
147.185.133.7	49
147.185.133.94	49
147.185.133.121	48
147.185.133.129	48
147.185.133.145	48
147.185.133.147	48
147.185.133.178	48
147.185.133.220	48
147.185.133.242	48
147.185.133.5	48
147.185.133.116	47
147.185.133.12	47
147.185.133.128	47
147.185.133.165	47
147.185.133.168	47
147.185.133.201	47
147.185.133.213	47
147.185.133.22	47
147.185.133.227	47
147.185.133.240	47
147.185.133.246	47
147.185.133.53	47
147.185.133.124	46
147.185.133.126	46
147.185.133.159	46
147.185.133.162	46
147.185.133.194	46
147.185.133.196	46
147.185.133.204	46
147.185.133.247	46
147.185.133.25	46
147.185.133.37	46
147.185.133.42	46
147.185.133.77	46
147.185.133.111	45
147.185.133.131	45
147.185.133.143	45
147.185.133.144	45
147.185.133.167	45
147.185.133.181	45
147.185.133.210	45
147.185.133.231	45
147.185.133.233	45
147.185.133.244	45
147.185.133.251	45
147.185.133.56	45
147.185.133.71	45
147.185.133.92	45
147.185.133.98	45
147.185.133.101	44
147.185.133.139	44
147.185.133.142	44
147.185.133.151	44
147.185.133.174	44
147.185.133.19	44
147.185.133.198	44
147.185.133.200	44
147.185.133.211	44
147.185.133.252	44
147.185.133.31	44
147.185.133.33	44
147.185.133.43	44
147.185.133.47	44
147.185.133.50	44
147.185.133.62	44
147.185.133.78	44
147.185.133.102	43
147.185.133.103	43
147.185.133.108	43
147.185.133.132	43
147.185.133.134	43
147.185.133.153	43
147.185.133.166	43
147.185.133.176	43
147.185.133.191	43
147.185.133.199	43
147.185.133.20	43
147.185.133.209	43
147.185.133.217	43
147.185.133.239	43
147.185.133.4	43
147.185.133.44	43
147.185.133.54	43
147.185.133.70	43
147.185.133.79	43
147.185.133.140	42
147.185.133.15	42
147.185.133.177	42
147.185.133.193	42
147.185.133.16	41
147.185.133.169	41
147.185.133.17	41
147.185.133.197	41
147.185.133.235	41
147.185.133.6	41
147.185.133.65	41
147.185.133.69	41
147.185.133.76	41
147.185.133.82	41
147.185.133.95	41
147.185.133.0	40
147.185.133.100	40
147.185.133.104	40
147.185.133.112	40
147.185.133.130	40
147.185.133.158	40
147.185.133.18	40
147.185.133.185	40
147.185.133.206	40
147.185.133.226	40
147.185.133.250	40
147.185.133.39	40
147.185.133.66	40
147.185.133.8	40
147.185.133.9	40
147.185.133.90	40
147.185.133.1	39
147.185.133.135	39
147.185.133.179	39
147.185.133.203	39
147.185.133.205	39
147.185.133.219	39
147.185.133.221	39
147.185.133.241	39
147.185.133.45	39
147.185.133.89	39
147.185.133.109	38
147.185.133.117	38
147.185.133.156	38
147.185.133.186	38
147.185.133.2	38
147.185.133.222	38
147.185.133.83	38
147.185.133.84	38
147.185.133.11	37
147.185.133.119	37
147.185.133.154	37
147.185.133.170	37
147.185.133.173	37
147.185.133.215	37
147.185.133.229	37
147.185.133.245	37
147.185.133.249	37
147.185.133.28	37
147.185.133.36	37
147.185.133.26	36
147.185.133.51	36
147.185.133.81	36
147.185.133.14	35
147.185.133.171	35
147.185.133.29	35
147.185.133.73	35
147.185.133.75	35
147.185.133.160	34
147.185.133.254	34
147.185.133.46	34
147.185.133.80	34
147.185.133.148	33
147.185.133.55	33
147.185.133.182	31
147.185.133.61	31
147.185.133.150	30
147.185.133.91	27

Ports Targeted by This Subnet

Top:

Temporal Port Activity

35.203.211.0/24

13,253 hits

245 IPs

4102 ports

36/45 endpoints

35.203.211.64 (221) 35.203.211.91 (166) 35.203.211.90 (163) +242 more

IPs in Subnet

IP Address	Hit Count
35.203.211.64	221
35.203.211.91	166
35.203.211.90	163
35.203.211.234	159
35.203.211.83	153
35.203.211.186	152
35.203.211.157	150
35.203.211.176	149
35.203.211.132	146
35.203.211.248	145
35.203.211.40	141
35.203.211.13	137
35.203.211.244	126
35.203.211.67	123
35.203.211.71	120
35.203.211.97	120
35.203.211.185	115
35.203.211.8	114
35.203.211.222	112
35.203.211.249	112
35.203.211.190	107
35.203.211.87	99
35.203.211.198	96
35.203.211.158	92
35.203.211.75	84
35.203.211.112	79
35.203.211.192	79
35.203.211.229	79
35.203.211.29	74
35.203.211.189	73
35.203.211.139	65
35.203.211.182	65
35.203.211.34	63
35.203.211.18	62
35.203.211.16	61
35.203.211.169	61
35.203.211.171	61
35.203.211.211	61
35.203.211.191	60
35.203.211.155	59
35.203.211.72	59
35.203.211.245	57
35.203.211.93	57
35.203.211.181	56
35.203.211.58	56
35.203.211.226	55
35.203.211.45	55
35.203.211.101	54
35.203.211.106	54
35.203.211.152	54
35.203.211.184	54
35.203.211.199	54
35.203.211.20	54
35.203.211.102	53
35.203.211.204	53
35.203.211.251	53
35.203.211.253	53
35.203.211.31	53
35.203.211.123	52
35.203.211.134	52
35.203.211.135	52
35.203.211.136	52
35.203.211.218	52
35.203.211.220	52
35.203.211.243	52
35.203.211.28	52
35.203.211.76	52
35.203.211.115	51
35.203.211.154	51
35.203.211.165	51
35.203.211.170	51
35.203.211.177	51
35.203.211.23	51
35.203.211.250	51
35.203.211.26	51
35.203.211.54	51
35.203.211.62	51
35.203.211.77	51
35.203.211.80	51
35.203.211.84	51
35.203.211.14	50
35.203.211.187	50
35.203.211.19	50
35.203.211.86	50
35.203.211.108	49
35.203.211.118	49
35.203.211.156	49
35.203.211.180	49
35.203.211.59	49
35.203.211.111	48
35.203.211.124	48
35.203.211.126	48
35.203.211.138	48
35.203.211.173	48
35.203.211.22	48
35.203.211.237	48
35.203.211.242	48
35.203.211.37	48
35.203.211.66	48
35.203.211.103	47
35.203.211.129	47
35.203.211.153	47
35.203.211.161	47
35.203.211.164	47
35.203.211.201	47
35.203.211.228	47
35.203.211.235	47
35.203.211.4	47
35.203.211.109	46
35.203.211.116	46
35.203.211.142	46
35.203.211.160	46
35.203.211.175	46
35.203.211.205	46
35.203.211.221	46
35.203.211.232	46
35.203.211.238	46
35.203.211.39	46
35.203.211.89	46
35.203.211.10	45
35.203.211.104	45
35.203.211.120	45
35.203.211.144	45
35.203.211.15	45
35.203.211.166	45
35.203.211.240	45
35.203.211.3	45
35.203.211.47	45
35.203.211.52	45
35.203.211.81	45
35.203.211.167	44
35.203.211.179	44
35.203.211.197	44
35.203.211.209	44
35.203.211.212	44
35.203.211.213	44
35.203.211.233	44
35.203.211.239	44
35.203.211.5	44
35.203.211.65	44
35.203.211.69	44
35.203.211.74	44
35.203.211.107	43
35.203.211.114	43
35.203.211.137	43
35.203.211.140	43
35.203.211.141	43
35.203.211.203	43
35.203.211.217	43
35.203.211.219	43
35.203.211.254	43
35.203.211.38	43
35.203.211.41	43
35.203.211.44	43
35.203.211.12	42
35.203.211.125	42
35.203.211.172	42
35.203.211.183	42
35.203.211.188	42
35.203.211.230	42
35.203.211.236	42
35.203.211.35	42
35.203.211.43	42
35.203.211.60	42
35.203.211.61	42
35.203.211.110	41
35.203.211.159	41
35.203.211.224	41
35.203.211.225	41
35.203.211.24	41
35.203.211.27	41
35.203.211.33	41
35.203.211.46	41
35.203.211.51	41
35.203.211.92	41
35.203.211.98	41
35.203.211.148	40
35.203.211.150	40
35.203.211.206	40
35.203.211.231	40
35.203.211.252	40
35.203.211.48	40
35.203.211.57	40
35.203.211.6	40
35.203.211.73	40
35.203.211.99	40
35.203.211.100	39
35.203.211.130	39
35.203.211.146	39
35.203.211.174	39
35.203.211.178	39
35.203.211.193	39
35.203.211.202	39
35.203.211.21	39
35.203.211.223	39
35.203.211.227	39
35.203.211.42	39
35.203.211.55	39
35.203.211.94	39
35.203.211.143	38
35.203.211.145	38
35.203.211.151	38
35.203.211.168	38
35.203.211.17	38
35.203.211.207	38
35.203.211.210	38
35.203.211.241	38
35.203.211.246	38
35.203.211.49	38
35.203.211.121	37
35.203.211.196	37
35.203.211.200	37
35.203.211.247	37
35.203.211.56	37
35.203.211.68	37
35.203.211.7	37
35.203.211.85	37
35.203.211.127	36
35.203.211.131	36
35.203.211.147	36
35.203.211.32	36
35.203.211.53	36
35.203.211.82	36
35.203.211.11	35
35.203.211.208	35
35.203.211.25	35
35.203.211.50	35
35.203.211.119	34
35.203.211.133	34
35.203.211.195	34
35.203.211.36	34
35.203.211.63	34
35.203.211.70	34
35.203.211.113	33
35.203.211.162	33
35.203.211.194	33
35.203.211.78	33
35.203.211.79	33
35.203.211.9	33
35.203.211.95	33
35.203.211.105	32
35.203.211.163	32
35.203.211.96	31
35.203.211.214	30
35.203.211.149	29

Ports Targeted by This Subnet

Top:

Temporal Port Activity

35.203.210.0/24

12,830 hits

244 IPs

4117 ports

33/45 endpoints

35.203.210.84 (316) 35.203.210.189 (154) 35.203.210.171 (147) +241 more

IPs in Subnet

IP Address	Hit Count
35.203.210.84	316
35.203.210.189	154
35.203.210.171	147
35.203.210.231	142
35.203.210.29	141
35.203.210.36	138
35.203.210.30	136
35.203.210.155	134
35.203.210.7	132
35.203.210.229	129
35.203.210.6	113
35.203.210.73	110
35.203.210.241	104
35.203.210.66	104
35.203.210.169	103
35.203.210.47	101
35.203.210.75	98
35.203.210.51	92
35.203.210.101	91
35.203.210.119	89
35.203.210.104	82
35.203.210.54	81
35.203.210.223	80
35.203.210.64	79
35.203.210.10	75
35.203.210.170	73
35.203.210.18	68
35.203.210.107	67
35.203.210.68	67
35.203.210.163	63
35.203.210.166	63
35.203.210.172	63
35.203.210.244	63
35.203.210.251	61
35.203.210.49	60
35.203.210.67	60
35.203.210.206	59
35.203.210.162	58
35.203.210.97	57
35.203.210.124	56
35.203.210.179	56
35.203.210.22	56
35.203.210.91	56
35.203.210.100	55
35.203.210.16	55
35.203.210.34	55
35.203.210.130	54
35.203.210.134	54
35.203.210.138	54
35.203.210.204	54
35.203.210.12	53
35.203.210.140	53
35.203.210.19	53
35.203.210.207	53
35.203.210.219	53
35.203.210.233	53
35.203.210.35	53
35.203.210.145	52
35.203.210.161	52
35.203.210.192	52
35.203.210.9	52
35.203.210.90	52
35.203.210.129	51
35.203.210.156	51
35.203.210.195	51
35.203.210.213	51
35.203.210.24	51
35.203.210.85	51
35.203.210.88	51
35.203.210.102	50
35.203.210.122	50
35.203.210.142	50
35.203.210.214	50
35.203.210.234	50
35.203.210.121	49
35.203.210.147	49
35.203.210.151	49
35.203.210.167	49
35.203.210.187	49
35.203.210.228	49
35.203.210.240	49
35.203.210.33	49
35.203.210.43	49
35.203.210.53	49
35.203.210.77	49
35.203.210.93	49
35.203.210.133	48
35.203.210.164	48
35.203.210.181	48
35.203.210.182	48
35.203.210.199	48
35.203.210.20	48
35.203.210.211	48
35.203.210.225	48
35.203.210.235	48
35.203.210.48	48
35.203.210.96	48
35.203.210.109	47
35.203.210.110	47
35.203.210.116	47
35.203.210.128	47
35.203.210.168	47
35.203.210.188	47
35.203.210.218	47
35.203.210.221	47
35.203.210.227	47
35.203.210.25	47
35.203.210.250	47
35.203.210.38	47
35.203.210.60	47
35.203.210.87	47
35.203.210.113	46
35.203.210.127	46
35.203.210.141	46
35.203.210.196	46
35.203.210.239	46
35.203.210.248	46
35.203.210.5	46
35.203.210.62	46
35.203.210.83	46
35.203.210.94	46
35.203.210.111	45
35.203.210.123	45
35.203.210.143	45
35.203.210.146	45
35.203.210.184	45
35.203.210.238	45
35.203.210.245	45
35.203.210.253	45
35.203.210.44	45
35.203.210.55	45
35.203.210.56	45
35.203.210.59	45
35.203.210.72	45
35.203.210.74	45
35.203.210.81	45
35.203.210.95	45
35.203.210.98	45
35.203.210.13	44
35.203.210.139	44
35.203.210.157	44
35.203.210.17	44
35.203.210.177	44
35.203.210.180	44
35.203.210.202	44
35.203.210.205	44
35.203.210.215	44
35.203.210.252	44
35.203.210.58	44
35.203.210.61	44
35.203.210.185	43
35.203.210.210	43
35.203.210.224	43
35.203.210.243	43
35.203.210.3	43
35.203.210.32	43
35.203.210.70	43
35.203.210.78	43
35.203.210.82	43
35.203.210.89	43
35.203.210.99	43
35.203.210.15	42
35.203.210.152	42
35.203.210.160	42
35.203.210.194	42
35.203.210.200	42
35.203.210.203	42
35.203.210.23	42
35.203.210.230	42
35.203.210.247	42
35.203.210.28	42
35.203.210.40	42
35.203.210.46	42
35.203.210.65	42
35.203.210.92	42
35.203.210.103	41
35.203.210.106	41
35.203.210.108	41
35.203.210.190	41
35.203.210.216	41
35.203.210.249	41
35.203.210.52	41
35.203.210.57	41
35.203.210.112	40
35.203.210.117	40
35.203.210.144	40
35.203.210.158	40
35.203.210.175	40
35.203.210.208	40
35.203.210.220	40
35.203.210.31	40
35.203.210.63	40
35.203.210.11	39
35.203.210.115	39
35.203.210.136	39
35.203.210.149	39
35.203.210.153	39
35.203.210.173	39
35.203.210.174	39
35.203.210.222	39
35.203.210.45	39
35.203.210.79	39
35.203.210.114	38
35.203.210.137	38
35.203.210.14	38
35.203.210.148	38
35.203.210.154	38
35.203.210.197	38
35.203.210.226	38
35.203.210.236	38
35.203.210.41	38
35.203.210.86	38
35.203.210.125	37
35.203.210.126	37
35.203.210.135	37
35.203.210.165	37
35.203.210.246	37
35.203.210.37	37
35.203.210.39	37
35.203.210.8	37
35.203.210.191	36
35.203.210.198	36
35.203.210.201	36
35.203.210.42	36
35.203.210.76	36
35.203.210.80	36
35.203.210.21	35
35.203.210.118	34
35.203.210.132	34
35.203.210.209	34
35.203.210.217	34
35.203.210.105	33
35.203.210.193	33
35.203.210.254	33
35.203.210.4	33
35.203.210.69	33
35.203.210.150	32
35.203.210.120	31
35.203.210.131	30
35.203.210.237	30
35.203.210.50	30
35.203.210.159	29
35.203.210.183	29
35.203.210.26	29

Ports Targeted by This Subnet

Top:

Temporal Port Activity

162.216.149.0/24

12,799 hits

244 IPs

4119 ports

32/45 endpoints

162.216.149.225 (243) 162.216.149.230 (155) 162.216.149.25 (149) +241 more

IPs in Subnet

IP Address	Hit Count
162.216.149.225	243
162.216.149.230	155
162.216.149.25	149
162.216.149.193	146
162.216.149.47	140
162.216.149.104	139
162.216.149.234	134
162.216.149.15	133
162.216.149.119	132
162.216.149.86	131
162.216.149.175	125
162.216.149.243	117
162.216.149.153	116
162.216.149.18	115
162.216.149.224	113
162.216.149.63	112
162.216.149.214	107
162.216.149.32	105
162.216.149.134	104
162.216.149.235	104
162.216.149.139	102
162.216.149.140	92
162.216.149.161	88
162.216.149.215	84
162.216.149.202	83
162.216.149.229	76
162.216.149.167	70
162.216.149.182	69
162.216.149.55	69
162.216.149.147	67
162.216.149.112	61
162.216.149.154	60
162.216.149.21	60
162.216.149.59	59
162.216.149.95	58
162.216.149.177	57
162.216.149.187	57
162.216.149.64	57
162.216.149.110	56
162.216.149.132	56
162.216.149.44	56
162.216.149.184	55
162.216.149.246	55
162.216.149.114	53
162.216.149.16	53
162.216.149.166	53
162.216.149.20	53
162.216.149.72	53
162.216.149.77	53
162.216.149.10	52
162.216.149.195	52
162.216.149.227	52
162.216.149.39	52
162.216.149.98	52
162.216.149.99	52
162.216.149.100	51
162.216.149.130	51
162.216.149.180	51
162.216.149.233	51
162.216.149.241	51
162.216.149.28	51
162.216.149.42	51
162.216.149.101	50
162.216.149.129	50
162.216.149.143	50
162.216.149.169	50
162.216.149.178	50
162.216.149.190	50
162.216.149.217	50
162.216.149.245	50
162.216.149.36	50
162.216.149.49	50
162.216.149.71	50
162.216.149.102	49
162.216.149.168	49
162.216.149.170	49
162.216.149.179	49
162.216.149.196	49
162.216.149.208	49
162.216.149.212	49
162.216.149.248	49
162.216.149.249	49
162.216.149.254	49
162.216.149.90	49
162.216.149.93	49
162.216.149.116	48
162.216.149.121	48
162.216.149.152	48
162.216.149.43	48
162.216.149.68	48
162.216.149.74	48
162.216.149.76	48
162.216.149.8	48
162.216.149.197	47
162.216.149.207	47
162.216.149.223	47
162.216.149.226	47
162.216.149.237	47
162.216.149.242	47
162.216.149.29	47
162.216.149.51	47
162.216.149.80	47
162.216.149.108	46
162.216.149.128	46
162.216.149.186	46
162.216.149.188	46
162.216.149.200	46
162.216.149.239	46
162.216.149.3	46
162.216.149.31	46
162.216.149.38	46
162.216.149.67	46
162.216.149.88	46
162.216.149.91	46
162.216.149.125	45
162.216.149.131	45
162.216.149.146	45
162.216.149.171	45
162.216.149.213	45
162.216.149.37	45
162.216.149.58	45
162.216.149.65	45
162.216.149.7	45
162.216.149.94	45
162.216.149.111	44
162.216.149.113	44
162.216.149.124	44
162.216.149.160	44
162.216.149.174	44
162.216.149.232	44
162.216.149.244	44
162.216.149.33	44
162.216.149.40	44
162.216.149.62	44
162.216.149.79	44
162.216.149.87	44
162.216.149.89	44
162.216.149.9	44
162.216.149.106	43
162.216.149.127	43
162.216.149.149	43
162.216.149.157	43
162.216.149.164	43
162.216.149.231	43
162.216.149.45	43
162.216.149.46	43
162.216.149.57	43
162.216.149.69	43
162.216.149.70	43
162.216.149.11	42
162.216.149.123	42
162.216.149.136	42
162.216.149.156	42
162.216.149.158	42
162.216.149.205	42
162.216.149.22	42
162.216.149.238	42
162.216.149.24	42
162.216.149.30	42
162.216.149.41	42
162.216.149.56	42
162.216.149.75	42
162.216.149.78	42
162.216.149.84	42
162.216.149.97	42
162.216.149.117	41
162.216.149.120	41
162.216.149.163	41
162.216.149.172	41
162.216.149.176	41
162.216.149.19	41
162.216.149.192	41
162.216.149.201	41
162.216.149.221	41
162.216.149.250	41
162.216.149.6	41
162.216.149.73	41
162.216.149.81	41
162.216.149.105	40
162.216.149.141	40
162.216.149.148	40
162.216.149.162	40
162.216.149.181	40
162.216.149.199	40
162.216.149.211	40
162.216.149.216	40
162.216.149.219	40
162.216.149.251	40
162.216.149.5	40
162.216.149.53	40
162.216.149.103	39
162.216.149.209	39
162.216.149.228	39
162.216.149.27	39
162.216.149.35	39
162.216.149.48	39
162.216.149.82	39
162.216.149.83	39
162.216.149.12	38
162.216.149.138	38
162.216.149.142	38
162.216.149.203	38
162.216.149.236	38
162.216.149.240	38
162.216.149.247	38
162.216.149.52	38
162.216.149.66	38
162.216.149.92	38
162.216.149.118	37
162.216.149.13	37
162.216.149.137	37
162.216.149.159	37
162.216.149.183	37
162.216.149.210	37
162.216.149.122	36
162.216.149.133	36
162.216.149.252	36
162.216.149.50	36
162.216.149.54	36
162.216.149.61	36
162.216.149.107	35
162.216.149.115	35
162.216.149.126	35
162.216.149.165	35
162.216.149.185	35
162.216.149.191	35
162.216.149.194	35
162.216.149.198	35
162.216.149.253	35
162.216.149.109	34
162.216.149.135	34
162.216.149.14	34
162.216.149.145	34
162.216.149.173	34
162.216.149.23	34
162.216.149.151	33
162.216.149.60	33
162.216.149.85	31
162.216.149.144	30
162.216.149.17	30
162.216.149.189	30
162.216.149.26	30
162.216.149.34	30
162.216.149.155	28

Ports Targeted by This Subnet

Top:

Temporal Port Activity

206.189.105.0/24

9,541 hits

1 IPs

1 ports

13/45 endpoints

206.189.105.53 (9,541)

IPs in Subnet

IP Address	Hit Count
206.189.105.53	9,541

Ports Targeted by This Subnet

Top:

Temporal Port Activity

147.185.132.0/24

8,157 hits

239 IPs

3458 ports

34/45 endpoints

147.185.132.250 (188) 147.185.132.95 (147) 147.185.132.142 (141) +236 more

IPs in Subnet

IP Address	Hit Count
147.185.132.250	188
147.185.132.95	147
147.185.132.142	141
147.185.132.140	140
147.185.132.130	121
147.185.132.39	104
147.185.132.169	94
147.185.132.235	94
147.185.132.208	93
147.185.132.50	93
147.185.132.89	93
147.185.132.202	87
147.185.132.127	85
147.185.132.190	80
147.185.132.212	74
147.185.132.160	70
147.185.132.181	66
147.185.132.227	66
147.185.132.123	64
147.185.132.170	62
147.185.132.134	58
147.185.132.65	58
147.185.132.116	57
147.185.132.157	57
147.185.132.221	56
147.185.132.23	56
147.185.132.8	56
147.185.132.241	55
147.185.132.154	54
147.185.132.251	54
147.185.132.232	53
147.185.132.239	53
147.185.132.53	53
147.185.132.124	51
147.185.132.128	51
147.185.132.131	51
147.185.132.164	51
147.185.132.248	51
147.185.132.200	50
147.185.132.29	50
147.185.132.113	49
147.185.132.119	49
147.185.132.152	49
147.185.132.158	49
147.185.132.178	49
147.185.132.20	49
147.185.132.214	49
147.185.132.230	49
147.185.132.238	49
147.185.132.101	48
147.185.132.133	48
147.185.132.145	48
147.185.132.173	48
147.185.132.206	48
147.185.132.209	48
147.185.132.224	48
147.185.132.71	48
147.185.132.80	48
147.185.132.86	48
147.185.132.14	47
147.185.132.163	47
147.185.132.166	47
147.185.132.185	47
147.185.132.223	47
147.185.132.229	47
147.185.132.253	47
147.185.132.254	47
147.185.132.83	47
147.185.132.92	47
147.185.132.122	46
147.185.132.242	46
147.185.132.44	46
147.185.132.104	45
147.185.132.136	45
147.185.132.149	45
147.185.132.176	45
147.185.132.182	45
147.185.132.187	45
147.185.132.194	45
147.185.132.203	45
147.185.132.220	45
147.185.132.226	45
147.185.132.236	45
147.185.132.245	45
147.185.132.56	45
147.185.132.137	44
147.185.132.17	44
147.185.132.205	44
147.185.132.110	43
147.185.132.177	43
147.185.132.184	43
147.185.132.191	43
147.185.132.218	43
147.185.132.41	43
147.185.132.47	43
147.185.132.98	43
147.185.132.172	42
147.185.132.188	42
147.185.132.32	42
147.185.132.59	42
147.185.132.139	41
147.185.132.148	41
147.185.132.167	41
147.185.132.197	41
147.185.132.199	41
147.185.132.211	41
147.185.132.244	41
147.185.132.247	41
147.185.132.74	40
147.185.132.146	39
147.185.132.175	39
147.185.132.217	39
147.185.132.38	39
147.185.132.107	38
147.185.132.125	38
147.185.132.196	38
147.185.132.215	38
147.185.132.35	38
147.185.132.73	38
147.185.132.151	37
147.185.132.193	37
147.185.132.62	37
147.185.132.77	37
147.185.132.143	36
147.185.132.26	36
147.185.132.233	35
147.185.132.68	34
147.185.132.179	32
147.185.132.161	31
147.185.132.155	30
147.185.132.15	20
147.185.132.255	18
147.185.132.75	18
147.185.132.100	17
147.185.132.219	17
147.185.132.37	17
147.185.132.49	17
147.185.132.55	17
147.185.132.106	16
147.185.132.115	16
147.185.132.225	16
147.185.132.24	16
147.185.132.79	16
147.185.132.99	16
147.185.132.114	15
147.185.132.16	15
147.185.132.189	15
147.185.132.69	15
147.185.132.94	15
147.185.132.13	14
147.185.132.135	14
147.185.132.213	14
147.185.132.22	14
147.185.132.252	14
147.185.132.45	14
147.185.132.63	14
147.185.132.112	13
147.185.132.129	13
147.185.132.150	13
147.185.132.156	13
147.185.132.159	13
147.185.132.192	13
147.185.132.231	13
147.185.132.46	13
147.185.132.52	13
147.185.132.81	13
147.185.132.93	13
147.185.132.108	12
147.185.132.109	12
147.185.132.111	12
147.185.132.118	12
147.185.132.171	12
147.185.132.180	12
147.185.132.36	12
147.185.132.48	12
147.185.132.54	12
147.185.132.82	12
147.185.132.85	12
147.185.132.90	12
147.185.132.105	11
147.185.132.153	11
147.185.132.18	11
147.185.132.21	11
147.185.132.240	11
147.185.132.243	11
147.185.132.27	11
147.185.132.31	11
147.185.132.43	11
147.185.132.67	11
147.185.132.70	11
147.185.132.72	11
147.185.132.103	10
147.185.132.117	10
147.185.132.138	10
147.185.132.141	10
147.185.132.162	10
147.185.132.165	10
147.185.132.174	10
147.185.132.195	10
147.185.132.207	10
147.185.132.210	10
147.185.132.234	10
147.185.132.30	10
147.185.132.40	10
147.185.132.58	10
147.185.132.60	10
147.185.132.64	10
147.185.132.9	10
147.185.132.120	9
147.185.132.168	9
147.185.132.19	9
147.185.132.198	9
147.185.132.222	9
147.185.132.249	9
147.185.132.57	9
147.185.132.66	9
147.185.132.78	9
147.185.132.91	9
147.185.132.10	8
147.185.132.12	8
147.185.132.201	8
147.185.132.204	8
147.185.132.246	8
147.185.132.42	8
147.185.132.61	8
147.185.132.87	8
147.185.132.126	7
147.185.132.132	7
147.185.132.144	7
147.185.132.237	7
147.185.132.25	7
147.185.132.51	7
147.185.132.84	7
147.185.132.33	6
147.185.132.76	6
147.185.132.183	5
147.185.132.88	5
147.185.132.97	3
147.185.132.0	1

Ports Targeted by This Subnet

Top:

Temporal Port Activity

46.17.96.0/24

7,897 hits

1 IPs

1457 ports

4/45 endpoints

46.17.96.38 (7,897)

IPs in Subnet

IP Address	Hit Count
46.17.96.38	7,897

Ports Targeted by This Subnet

Top:

Temporal Port Activity

79.124.40.0/24

7,565 hits

12 IPs

6009 ports

28/45 endpoints

79.124.40.158 (967) 79.124.40.138 (906) 79.124.40.150 (774) +9 more

IPs in Subnet

IP Address	Hit Count
79.124.40.158	967
79.124.40.138	906
79.124.40.150	774
79.124.40.154	772
79.124.40.142	745
79.124.40.146	739
79.124.40.130	699
79.124.40.134	698
79.124.40.162	680
79.124.40.118	463
79.124.40.178	120
79.124.40.166	2

Ports Targeted by This Subnet

Top:

Temporal Port Activity

45.142.193.0/24

5,932 hits

9 IPs

5239 ports

26/45 endpoints

45.142.193.90 (1,321) 45.142.193.191 (1,309) 45.142.193.131 (1,294) +6 more

IPs in Subnet

IP Address	Hit Count
45.142.193.90	1,321
45.142.193.191	1,309
45.142.193.131	1,294
45.142.193.18	1,283
45.142.193.51	242
45.142.193.49	237
45.142.193.27	226
45.142.193.121	15
45.142.193.125	5

Ports Targeted by This Subnet

Top:

Temporal Port Activity

Complete Endpoint Data Export

Download All LightScope Data For This Endpoint

Get the complete raw dataset for this endpoint in CSV format. This includes all network traffic data, timestamps, IP addresses, ports, and other collected intelligence from the lightscope_honeypot_included_data table.

Format: CSV (Comma-Separated Values)
Contents: All endpoint data ordered by most recent first
Use Case: Research, analysis, custom reporting, data science
Compatibility: Excel, Python pandas, R, SQL imports

Download All Data

CSV format

Note: This download contains the raw data used to generate all dashboard visualizations and analytics. File size depends on the amount of traffic data collected for this endpoint.