Traffic Report - rynzs (US, San Jose)

Traffic Report for rynzs (US, San Jose)

Linux | 0.89 GB | hosting

Select Endpoint:

Page loaded: 2025-12-19 09:45:52 UTC

Actionable Threat Intelligence

Firewall IP Blocklists

Choose Your Blocklist Strategy

Three different blocklist options are available based on your security requirements and tolerance for false positives.

LightScope Network Power

Harnesses the power of the entire LightScope network! Contains IPs that connected to honeypots across ALL LightScope endpoints.

🌐 Network-wide threat intelligence
✓ 100% verified genuine attackers
✓ No spoofed IP addresses
✓ Maximum protection coverage

Best Choice: Leverages the collective intelligence of the entire LightScope network. Safe for immediate deployment.

Download Recommended

Conservative

Endpoint-Specific Verified

Only includes IPs that completed a 3-way TCP handshake with THIS endpoint's honeypot services. These are verified genuine threat actors specific to your endpoint.

✓ Endpoint-specific targeting
✓ Zero spoofing risk
✓ Safe for production
✓ Targeted protection

Good Choice: For endpoint-specific protection. These IPs specifically targeted your infrastructure.

Download Conservative

Extreme (Not Recommended)

All Threat Actor IPs

Includes ALL individual threat actor IPs that targeted your network, including those that may be spoofed by competitors or other attackers.

🚨 HIGH spoofing probability
⚠️ WILL LIKELY block legitimate traffic
⚠️ Can cause service disruption
⚠️ NOT RECOMMENDED

Not Recommended: High risk of blocking legitimate services. Only for isolated environments.

Download Extreme

Firewall Import Instructions:

pfSense/OPNsense:
Firewall → Aliases → IP → Upload

Cisco ASA:
object-group network BLOCKLIST

iptables:
ipset create blocklist hash:ip

Format:
Plain text, one IP per line

Automation & API Access

Automate your blocklist updates! Use these wget commands to automatically download the latest blocklists for integration into scripts, cron jobs, or automated security workflows.

Recommended (Network-wide)

wget -O recommended_blocklist.txt \

                                                              "https://lightscope.isi.edu/blocklist/20251004_pesszaxsjsanedtmkihqycumjrdaihwegcrtytwlpnrynzs/recommended"

Conservative (Endpoint-specific)

wget -O conservative_blocklist.txt \

                                                              "https://lightscope.isi.edu/blocklist/20251004_pesszaxsjsanedtmkihqycumjrdaihwegcrtytwlpnrynzs/conservative"

Extreme (Not Recommended)

wget -O extreme_blocklist.txt \

                                                              "https://lightscope.isi.edu/blocklist/20251004_pesszaxsjsanedtmkihqycumjrdaihwegcrtytwlpnrynzs/extreme"

Example Automation Script:

#!/bin/bash

                                                            # Download latest LightScope blocklist

                                                            wget -q -O /tmp/blocklist.txt \

                                                              "https://lightscope.isi.edu/blocklist/20251004_pesszaxsjsanedtmkihqycumjrdaihwegcrtytwlpnrynzs/recommended"

                                                            

                                                            # Apply to iptables

                                                            ipset flush lightscope_blocklist

                                                            while read ip; do

                                                              ipset add lightscope_blocklist $ip

                                                            done < /tmp/blocklist.txt

Cron Job Example:

# Update blocklist every hour

                                                            0 * * * * /usr/local/bin/update_blocklist.sh

                                                            

                                                            # Update blocklist daily at 2 AM

                                                            0 2 * * * wget -q -O /etc/firewall/blocklist.txt \

                                                              "https://lightscope.isi.edu/blocklist/20251004_pesszaxsjsanedtmkihqycumjrdaihwegcrtytwlpnrynzs/recommended" \

                                                              && /usr/local/bin/reload_firewall.sh

Pro Tip: Set up automated downloads to keep your firewall protection current. The blocklists are updated whenever new dashboard data is processed, ensuring you have the latest threat intelligence.

Internal Threats

None detected
No unwanted traffic from internal IP addresses

Changes To Targeted Ports

No major changes detected
No port changes above 300%

Overall Traffic Trends

Normal Level
+0.6% change (7-day)

Current: 411,401
Previous: 409,127

Status:

Traffic levels are within normal range
Continue regular monitoring
Review other sections for insights

How to Use This Section

This section provides immediate, actionable insights from your threat intelligence data. Red items require immediate attention, yellow items need investigation, and green items indicate normal status. Click on the detailed sections below for comprehensive analysis and remediation steps.

Honeypot Analysis

IPs Connected to Honeypot Ports On Your Machine

Loading honeypot connections data...

Incomplete Connections: Attackers Started But Didn't Complete The 3-Way Handshake To Honeypot Ports

Loading incomplete connections data...

Honeypot Port Statistics

Loading port statistics...

Attack Payloads

Loading payload analysis...

Honeypot Attack Timeline

Loading temporal analysis...

General Information

All Sources Unwanted Traffic Port Activity

Last 7 Days

Show top:

Daily Unwanted Traffic Since Inception

Weekly Unwanted Traffic by Hour

Last 7 Days

Ports Targeted by Unwanted Traffic

Last 7 Days

Show top:

Data Time Ranges:

Weekly Unwanted Traffic by Hour: Last 7 days
Daily Unwanted Traffic Since Inception: Complete history
Port Statistics: Last 7 days

Unique Threat Actors

18,455

Distinct sources of unwanted traffic

Comparative Analysis

Unwanted Traffic Rankings

71.4% Unwanted Traffic Volume Percentile

Rank 13 of 42
among active endpoints for receiving unwanted traffic

226,802

Unwanted
Packets (7d)

12,768

Threat
Sources

16476

Targeted
Ports

Unwanted Traffic Concentration

Top threat subnets generate:

Top 5% of subnets (302 subnets): 88.7%

Top 10% of subnets: 93.2%

Top 20% of subnets: 95.9%

From 6,038 total threat subnets (226,788 unwanted packets)

Internal Threats

CRITICAL SECURITY WARNING

Any unwanted traffic shown in this section represents a critical security threat and must be investigated immediately.

This traffic originates from private (non-publicly routable) IP addresses on your local network, which indicates:

A compromised endpoint on your internal network
Malware or unauthorized software sending unwanted traffic
Potential lateral movement by an attacker
Misconfigured network equipment or services

If any traffic is shown below, immediate action is required: Identify and isolate the source devices, perform security scans, and investigate for signs of compromise.

No Internal Threats Detected

Excellent! No unwanted traffic from internal/private IP addresses was detected on this endpoint. This indicates that your internal network security posture is good for this monitoring point.

7-Day Comparison

Traffic Volume Changes

Current Week

411,401

packets

Previous Week

409,127

packets

Change

+2,274

(0.6%)

New Threat Actors

IP Address	Hit Count	Country	ASN
143.198.60.26	3254	United States	AS14061
104.156.155.8	2169	United States	AS400161
62.60.135.171	2055	Iran	AS59441
172.233.178.66	2013	United States	AS63949
79.124.60.6	1941	Bulgaria	AS50360
81.17.16.178	1824	Switzerland	AS51852
79.124.56.6	1588	Bulgaria	AS50360
139.199.80.137	1423	China	AS45090
79.124.56.110	1385	Bulgaria	AS50360
194.50.16.198	1328	Netherlands	AS49870

New Subnets

Subnet	Hit Count
79.124.49.0/24	13110
147.185.132.0/24	13092

Significant Activity Changes

IP Address	Change	Country
79.124.49.114	+73%	Bulgaria
185.16.39.79	+68%	Poland
102.213.28.195	-50%	South Africa
87.120.191.65	+45%	Netherlands

Port Targeting Changes

New Ports Being Targeted

Port 2222 (9839 hits) Port 3306 (3595 hits) Port 1080 (1439 hits) Port 445 (1360 hits) Port 3000 (1320 hits) Port 3128 (1136 hits) Port 8888 (925 hits) Port 8081 (913 hits) Port 8000 (908 hits) Port 6036 (842 hits)

Significant Port Changes

Port	Change
23	+120%
443	+114%
80	+80%
8080	+74%
45634	+68%
8728	+64%
1433	+52%
8443	+50%
3389	+28%

New Geographic Sources

Iran (2055 hits) Switzerland (1824 hits) China (1423 hits) Romania (1034 hits) Canada (1030 hits)

Comparison Summary: This analysis compares the last 7 days with the previous 7 days (8-14 days ago). Traffic has increased by 2,274 packets (0.6%). 10 new threat actor(s) detected. 2 new subnet(s) detected.

Threat Intelligence Analysis

Unwanted Traffic by Company/Organization

Company/Organization	Packet Count	Unique Sources	Countries	ASNs	Sample IPs
Capgemini Nederland B.V.	211,978	1	Netherlands	AS16074	192.113.218.205
Contabo GmbH	121,026	4	Germany	AS51167	82.208.21.194, 77.237.241.122, 84.247.188.191...
DigitalOcean, LLC	105,213	11	Germany Singapore United Kingdom +1	AS14061	134.199.196.58, 68.183.230.4, 134.199.204.151...
Tamatiya EOOD	24,793	19	Bulgaria	AS50360	79.124.49.114, 79.124.56.6, 79.124.56.110...
Linode	19,929	81	United States	AS63949	172.233.178.66, 45.79.163.53, 139.144.52.241...
Google LLC	17,711	115	Singapore United Kingdom United States	AS396982	34.124.161.110, 162.216.150.168, 35.203.210.112...
OMAO SINGAPORE BOARDBAND	12,305	2	Singapore	AS47741	202.155.148.50, 202.155.148.23
Fuse Hosting Web	10,526	3	Netherlands	AS174	87.120.191.65, 87.120.191.81, 87.120.191.38
Palo Alto Networks, Inc	10,505	69	Belgium Brazil Finland +2	AS396982	147.185.132.178, 198.235.24.145, 147.185.133.146...
MEVSPACE sp. z o.o.	9,990	4	Poland	AS201814	185.16.39.79, 95.214.53.196, 193.34.213.150...
Telkom Internet LTD	4,763	12	Netherlands	AS210848	185.156.73.181, 92.63.197.145, 92.63.197.236...
Pfcloud UG	4,654	22	Germany Netherlands	AS51396	176.65.148.168, 176.65.148.250, 176.65.148.229...
NOAVARAN SHABAKEH SABZ MEHREGAN (Ltd.)	3,863	2	Iran	AS59441	62.60.135.171, 62.60.131.19
Department of E-Government	2,913	1	South Africa	AS329220	102.213.28.195
Alsycon B.V.	2,737	1	Netherlands	AS49870	194.50.16.198
Amazon Technologies Inc.	2,649	13	United States	AS14618 AS16509	3.139.108.119, 3.138.204.93, 3.149.241.78...
Censys, Inc.	2,476	12	Germany United States	AS398324 AS398705	206.168.34.46, 206.168.34.193, 167.94.146.53...
Alferov Aleksey Aleksandrovich	2,358	6	Russia	Unknown	88.210.63.69, 88.210.63.191, 88.210.63.192...
Academy for Internet Research Limited Liability Company	2,169	1	United States	AS400161	104.156.155.8
VenomDC - Private Internet Space.	1,941	1	Bulgaria	AS50360	79.124.60.6
TECHOFF SRV LIMITED	1,922	3	Netherlands Romania	AS47890 AS48090	80.94.92.12, 195.178.110.109, 45.148.10.115
Amazon Data Services France	1,850	2	France	AS16509	13.37.248.113, 13.38.100.96
CLIENT4811	1,824	1	Switzerland	AS51852	81.17.16.178
RECYBER PROJECT NETBLOCK	1,577	4	Netherlands	AS202425	89.248.163.200, 89.248.163.181, 89.248.163.61...
FR ONYPHE	1,456	10	France United States	AS213412	195.184.76.105, 91.196.152.17, 91.196.152.97...

Unwanted Traffic by Country

Country	Country Code	Packet Count	Unique Sources	Sample IPs
Netherlands	NL	238,957	41	192.113.218.205, 87.120.191.65, 194.50.16.198, 87.120.191.81, 193.142.147.209
Germany	DE	127,902	31	82.208.21.194, 185.91.127.107, 176.65.148.168, 77.237.241.122, 176.65.148.250
United States	US	126,564	205	134.199.196.58, 134.199.204.151, 143.198.60.26, 172.233.178.66, 104.156.155.8
Singapore	SG	31,362	6	68.183.230.4, 202.155.148.50, 34.124.161.110, 202.155.148.23, 36.255.98.221
Bulgaria	BG	28,790	28	79.124.49.114, 79.124.60.6, 79.124.56.6, 79.124.56.110, 79.124.49.226
United Kingdom	GB	11,123	61	157.245.32.173, 85.11.183.6, 35.203.210.112, 35.203.210.239, 35.203.210.55
Poland	PL	10,839	7	185.16.39.79, 95.214.53.196, 194.180.48.63, 45.227.253.51, 193.34.213.150
China	CN	6,491	12	139.199.80.137, 116.228.106.122, 117.70.74.242, 122.233.33.154, 114.55.236.5
Finland	FI	6,114	40	147.185.133.146, 147.185.133.137, 147.185.133.136, 147.185.133.223, 147.185.133.162
Iran	IR	4,085	3	62.60.135.171, 188.136.133.123, 62.60.131.19
Russia	RU	3,864	12	88.210.63.69, 88.210.63.191, 88.210.63.192, 88.210.63.193, 178.22.24.121
France	FR	3,005	10	13.37.248.113, 13.38.100.96, 91.196.152.17, 91.196.152.97, 91.231.89.250
South Africa	ZA	2,913	1	102.213.28.195
Switzerland	CH	2,326	2	81.17.16.178, 138.226.237.41
Romania	RO	1,333	2	80.94.92.12, 80.94.95.221
Hong Kong	HK	1,222	2	47.239.196.248, 52.128.247.26
Canada	CA	1,030	1	103.102.230.4
Lithuania	LT	969	2	141.98.11.140, 77.90.185.84
Belgium	BE	937	6	198.235.24.145, 198.235.24.131, 198.235.24.139, 198.235.24.155, 198.235.24.135
Taiwan	TW	811	5	203.67.99.229, 198.235.24.20, 198.235.24.33, 198.235.24.10, 198.235.24.14
Japan	JP	638	1	185.244.104.2
Turkey	TR	635	4	178.20.210.152, 178.20.210.151, 178.20.210.159, 45.141.233.45
India	IN	564	3	128.185.220.90, 122.187.228.233, 161.248.218.190
Egypt	EG	382	2	196.219.143.75, 41.40.9.190
Spain	ES	327	2	5.187.35.158, 5.187.35.54

Unwanted Traffic by Autonomous System (ASN)

ASN	AS Name	Packet Count	Unique Sources	Countries	Sample IPs
AS16074	Capgemini Nederland B.V.	211,978	1	Netherlands	192.113.218.205
AS51167	Contabo GmbH	121,026	4	Germany	82.208.21.194, 77.237.241.122, 84.247.188.191...
AS14061	DigitalOcean, LLC	105,213	11	Germany Singapore United Kingdom +1	134.199.196.58, 68.183.230.4, 134.199.204.151...
AS396982	Google LLC	28,216	184	Belgium Brazil Finland +4	34.124.161.110, 162.216.150.168, 35.203.210.112...
AS50360	Tamatiya EOOD	26,734	20	Bulgaria	79.124.49.114, 79.124.60.6, 79.124.56.6...
AS63949	Akamai Connected Cloud	19,929	81	United States	172.233.178.66, 45.79.163.53, 139.144.52.241...
AS47741	TSUNAMI ELECTRIC LIMITED	12,305	2	Singapore	202.155.148.50, 202.155.148.23
AS201814	MEVSPACE sp. z o.o.	10,567	6	Poland	185.16.39.79, 95.214.53.196, 194.180.48.63...
AS174	Cogent Communications	10,526	3	Netherlands	87.120.191.65, 87.120.191.81, 87.120.191.38
Unknown	Unknown	6,246	15	Bulgaria Canada Denmark +5	103.102.230.4, 45.156.87.74, 85.11.183.6...
AS210848	Telkom Internet LTD	4,763	12	Netherlands	185.156.73.181, 92.63.197.145, 92.63.197.236...
AS51396	Pfcloud UG	4,654	22	Germany Netherlands	176.65.148.168, 176.65.148.250, 176.65.148.229...
AS16509	Amazon.com, Inc.	4,270	14	France United States	13.37.248.113, 13.38.100.96, 3.139.108.119...
AS59441	Hostiran Network	3,863	2	Iran	62.60.135.171, 62.60.131.19
AS202425	IP Volume inc	3,048	8	Netherlands	80.82.77.144, 89.248.163.200, 89.248.163.181...
AS49870	Alsycon B.V.	2,922	2	Netherlands	194.50.16.198, 45.140.222.66
AS329220	Department of E-Government	2,913	1	South Africa	102.213.28.195
AS4134	CHINANET-BACKBONE	2,203	4	China	117.70.74.242, 122.233.33.154, 122.245.143.18...
AS400161	Academy for Internet Research Limited Liability Company	2,169	1	United States	104.156.155.8
AS398324	Censys, Inc.	2,099	10	United States	206.168.34.46, 206.168.34.193, 206.168.34.118...
AS51852	Private Layer INC	1,824	1	Switzerland	81.17.16.178
AS213412	ONYPHE SAS	1,456	10	France United States	195.184.76.105, 91.196.152.17, 91.196.152.97...
AS45090	Shenzhen Tencent Computer Systems Company Limited	1,423	1	China	139.199.80.137
AS49581	Ferdinand Zink trading as Tube-Hosting	1,262	1	Germany	185.91.127.107
AS214943	Railnet LLC	1,222	3	Netherlands Turkey	213.209.143.82, 213.209.143.73, 45.141.233.45

Global Threat Intelligence

Network-Wide Intelligence: This section provides threat intelligence analysis across all LightScope endpoints in your network, helping you understand broader attack patterns and emerging threats.

Global Threat Trends

Network-Wide Traffic Volume

Recent 30 days

17,871,221

Previous 30 days

16,682,973

+7.1% change

Unique Threat Sources

Recent 30 days

73,271

Previous 30 days

78,183

-6.3% change

Top Threat Source Countries

Country	Packets	Sources
United States	3,980,080	167
France	1,719,916	10
Canada	1,505,133	21
Germany	1,502,932	51
Netherlands	911,039	70

Top Targeted Ports Globally

Port	Hit Count	Sources
5900	4,094,119	2348
3306	1,868,525	3187
2222	518,447	5953
1080	373,220	1757
8728	304,737	435

New Threat Subnets (Last 7 Days)

7 new subnet(s) have appeared across your network that weren't seen in the previous 30 days.

Subnet	First Seen	Packets	Endpoints	Country	Organization	Sample IPs
203.23.128.0/24	2025-12-17T19:11:26	38	1	Hong Kong	BrainStorm Network, Inc	203.23.128.218
78.184.97.0/24	2025-12-17T19:12:44	1	1	Turkey	TT ADSL-TTnet_dynamic_gay	78.184.97.59
180.154.62.0/24	2025-12-17T19:12:40	1	1	China	CHINANET SHANGHAI PROVINCE NETWORK	180.154.62.130
14.19.130.0/24	2025-12-17T19:12:30	1	1	China	CHINANET Guangdong province network	14.19.130.47
186.48.91.0/24	2025-12-17T19:12:21	1	1	Uruguay	Administracion Nacional de Telecomunicaciones	186.48.91.110
191.36.215.0/24	2025-12-17T19:11:45	1	1	Brazil	Brconecta LTDA	191.36.215.192
45.56.109.0/24	2025-12-17T19:10:37	1	1	United States	Linode	45.56.109.244

Coordinated Attack Patterns (Sharded Subnets)

1 coordinated attack group(s) detected - Multiple subnets showing synchronized traffic pattern changes (50%+ increase/decrease within 2-hour windows). This may indicate botnet activity, coordinated attacks, or shared command & control infrastructure.

Group 1 94 subnets

12,314,499 packets

patterns

Germany | Deutsche Telekom AG
ASN: AS3320

Subnets in Coordinated Group:

79.221.233.0/24 231.70.51.0/24 91.224.92.0/24 62.6.249.0/24 134.199.196.0/24 251.75.253.0/24 143.110.223.0/24 165.227.47.0/24 134.199.203.0/24 143.198.44.0/24 129.212.185.0/24 35.40.64.0/24 143.198.239.0/24 159.203.39.0/24 165.22.233.0/24 79.124.56.0/24 162.243.248.0/24 2.237.187.0/24 192.113.218.0/24 87.120.191.0/24 167.94.138.0/24 35.203.211.0/24 87.133.135.0/24 147.185.133.0/24 162.216.149.0/24 162.216.150.0/24 207.90.244.0/24 162.199.20.0/24 129.212.188.0/24 35.203.210.0/24 147.185.132.0/24 115.74.211.0/24 79.124.49.0/24 198.235.24.0/24 159.89.225.0/24 129.212.181.0/24 143.110.210.0/24 129.64.177.0/24 205.210.31.0/24 79.124.62.0/24 55.236.236.0/24 82.208.21.0/24 78.128.114.0/24 142.214.101.0/24 88.26.109.0/24 52.154.143.0/24 206.168.34.0/24 77.169.208.0/24 193.163.125.0/24 129.212.179.0/24 162.142.125.0/24 165.232.156.0/24 167.94.146.0/24 249.112.182.0/24 198.245.9.0/24 185.16.39.0/24 195.184.76.0/24 91.231.89.0/24 176.65.149.0/24 120.247.7.0/24 216.180.246.0/24 133.89.7.0/24 109.205.211.0/24 79.124.40.0/24 92.63.197.0/24 113.39.106.0/24 134.199.204.0/24 213.199.75.0/24 176.65.148.0/24 62.60.135.0/24 194.50.16.0/24 88.210.63.0/24 185.156.73.0/24 172.105.147.0/24 144.86.173.0/24 196.15.219.0/24 68.183.149.0/24 165.227.43.0/24 137.184.121.0/24 146.190.253.0/24 68.183.230.0/24 147.182.155.0/24 165.227.41.0/24 159.89.117.0/24 206.189.180.0/24 107.170.3.0/24 134.199.202.0/24 134.199.197.0/24 165.22.130.0/24 165.22.16.0/24 64.23.175.0/24 45.9.229.0/24 159.195.61.0/24 143.198.60.0/24

Detected Coordination Patterns:

Traffic Timeline - Coordinated Patterns:

This chart shows hourly traffic patterns for all subnets in this coordinated group. Look for synchronized increases/decreases that indicate coordinated behavior.

Unwanted Traffic Temporal Analysis:

This scatter plot shows detailed port targeting activity over time for all subnets in this coordinated group. Each bubble represents port activity - larger bubbles indicate higher packet volumes.

Individual Threat Actors

82.208.21.194

57,002 hits

1 ports

2/60 endpoints

Germany (DE)
Düsseldorf, North Rhine-Westphalia

ASN: AS51167
Contabo GmbH

AbuseIPDB 32%

Location Information

Country:	Germany (DE)
City:	Düsseldorf
Region:	North Rhine-Westphalia
Postal Code:	40210
Timezone:	Europe/Berlin

Network Information

ASN:	AS51167
AS Name:	Contabo GmbH
Company:	Contabo GmbH
Domain:	contabo.com

Privacy Information

Hosting:	true
Proxy:
VPN:
Tor:

AbuseIPDB Information

Abuse Confidence Score:

AbuseIPDB 32% (Low Risk)

rynzs - Targeted Ports

Top:

Temporal Port Activity

Last 7 Days

Threat Actor Observations on Other Lightscope Endpoints

ludbp (86,843 hits)

Temporal Port Activity

Last 7 Days

xqtiq (654 hits)

Temporal Port Activity

Last 7 Days

134.199.196.58

28,781 hits

1 ports

10/60 endpoints

United States (US)
Lithia Springs, Georgia

ASN: AS14061
DigitalOcean, LLC

AbuseIPDB 100%

Location Information

Country:	United States (US)
City:	Lithia Springs
Region:	Georgia
Postal Code:	30122
Timezone:	America/New_York

Network Information

ASN:	AS14061
AS Name:	DigitalOcean, LLC
Company:	DigitalOcean, LLC
Domain:	digitalocean.com

Privacy Information

Hosting:	true
Proxy:
VPN:
Tor:

AbuseIPDB Information

Abuse Confidence Score:

AbuseIPDB 100% (High Risk)

rynzs - Targeted Ports

Top:

Temporal Port Activity

Last 7 Days

Threat Actor Observations on Other Lightscope Endpoints

202.155.148.50

12,145 hits

8810 ports

0/60 endpoints

Singapore (SG)
Singapore,

ASN: AS47741
OMAO SINGAPORE BOARDBAND

AbuseIPDB 0%

Location Information

Country:	Singapore (SG)
City:	Singapore
Region:
Postal Code:	574180
Timezone:	Asia/Singapore

Network Information

ASN:	AS47741
AS Name:	TSUNAMI ELECTRIC LIMITED
Company:	OMAO SINGAPORE BOARDBAND
Domain:	omao.ee

Privacy Information

Hosting:	true
Proxy:
VPN:
Tor:

AbuseIPDB Information

Abuse Confidence Score:

AbuseIPDB 0% (Clean)

rynzs - Targeted Ports

Top:

Temporal Port Activity

Last 7 Days

79.124.49.114

11,343 hits

1802 ports

3/60 endpoints

Bulgaria (BG)
Sofia, Sofia-Capital

ASN: AS50360
Tamatiya EOOD

AbuseIPDB 54%

Location Information

Country:	Bulgaria (BG)
City:	Sofia
Region:	Sofia-Capital
Postal Code:	1000
Timezone:	Europe/Sofia

Network Information

ASN:	AS50360
AS Name:	Tamatiya EOOD
Company:	Tamatiya EOOD
Domain:	4vendeta.com

Privacy Information

Hosting:	true
Proxy:
VPN:
Tor:

AbuseIPDB Information

Abuse Confidence Score:

AbuseIPDB 54% (Medium Risk)

rynzs - Targeted Ports

Top:

Temporal Port Activity

Last 7 Days

Threat Actor Observations on Other Lightscope Endpoints

vqhav (10,825 hits)

Temporal Port Activity

Last 7 Days

crwvg (10,129 hits)

Temporal Port Activity

Last 7 Days

nqatp (10,063 hits)

Temporal Port Activity

Last 7 Days

68.183.230.4

8,806 hits

1 ports

10/60 endpoints

Singapore (SG)
Singapore,

ASN: AS14061
DigitalOcean, LLC

AbuseIPDB 100%

Location Information

Country:	Singapore (SG)
City:	Singapore
Region:
Postal Code:	627753
Timezone:	Asia/Singapore

Network Information

ASN:	AS14061
AS Name:	DigitalOcean, LLC
Company:	DigitalOcean, LLC
Domain:	digitalocean.com

Privacy Information

Hosting:	true
Proxy:
VPN:
Tor:

AbuseIPDB Information

Abuse Confidence Score:

AbuseIPDB 100% (High Risk)

rynzs - Targeted Ports

Top:

Temporal Port Activity

Last 7 Days

Threat Actor Observations on Other Lightscope Endpoints

134.199.204.151

7,183 hits

1 ports

4/60 endpoints

United States (US)
Lithia Springs, Georgia

ASN: AS14061
DigitalOcean, LLC

AbuseIPDB 100%

Location Information

Country:	United States (US)
City:	Lithia Springs
Region:	Georgia
Postal Code:	30122
Timezone:	America/New_York

Network Information

ASN:	AS14061
AS Name:	DigitalOcean, LLC
Company:	DigitalOcean, LLC
Domain:	digitalocean.com

Privacy Information

Hosting:	true
Proxy:
VPN:
Tor:

AbuseIPDB Information

Abuse Confidence Score:

AbuseIPDB 100% (High Risk)

rynzs - Targeted Ports

Top:

Temporal Port Activity

Last 7 Days

Threat Actor Observations on Other Lightscope Endpoints

isxku (18,002 hits)

Temporal Port Activity

Last 7 Days

deoyg (17,304 hits)

Temporal Port Activity

Last 7 Days

xqtiq (16,416 hits)

Temporal Port Activity

Last 7 Days

ludbp (7,651 hits)

Temporal Port Activity

Last 7 Days

185.16.39.79

5,722 hits

2 ports

10/60 endpoints

Poland (PL)
Warsaw, Mazovia

ASN: AS201814
MEVSPACE sp. z o.o.

AbuseIPDB 100%

Location Information

Country:	Poland (PL)
City:	Warsaw
Region:	Mazovia
Postal Code:	00-002
Timezone:	Europe/Warsaw

Network Information

ASN:	AS201814
AS Name:	MEVSPACE sp. z o.o.
Company:	MEVSPACE sp. z o.o.
Domain:	mevspace.com

Privacy Information

Hosting:	true
Proxy:
VPN:
Tor:

AbuseIPDB Information

Abuse Confidence Score:

AbuseIPDB 100% (High Risk)

rynzs - Targeted Ports

Top:

Temporal Port Activity

Last 7 Days

Threat Actor Observations on Other Lightscope Endpoints

87.120.191.65

4,473 hits

1 ports

10/60 endpoints

Netherlands (NL)
Lelystad, Flevoland

ASN: AS174
Fuse Hosting Web

AbuseIPDB 100%

Location Information

Country:	Netherlands (NL)
City:	Lelystad
Region:	Flevoland
Postal Code:	8224
Timezone:	Europe/Amsterdam

Network Information

ASN:	AS174
AS Name:	Cogent Communications
Company:	Fuse Hosting Web
Domain:	fusehosting.net

Privacy Information

Hosting:	Unknown
Proxy:	Unknown
VPN:	Unknown
Tor:	Unknown

AbuseIPDB Information

Abuse Confidence Score:

AbuseIPDB 100% (High Risk)

rynzs - Targeted Ports

Top:

Temporal Port Activity

Last 7 Days

Threat Actor Observations on Other Lightscope Endpoints

143.198.60.26

3,254 hits

1 ports

10/60 endpoints

United States (US)
Santa Clara, California

ASN: AS14061
DigitalOcean, LLC

AbuseIPDB 45%

Location Information

Country:	United States (US)
City:	Santa Clara
Region:	California
Postal Code:	95054
Timezone:	America/Los_Angeles

Network Information

ASN:	AS14061
AS Name:	DigitalOcean, LLC
Company:	DigitalOcean, LLC
Domain:	digitalocean.com

Privacy Information

Hosting:	true
Proxy:
VPN:
Tor:

AbuseIPDB Information

Abuse Confidence Score:

AbuseIPDB 45% (Low Risk)

rynzs - Targeted Ports

Top:

Temporal Port Activity

Last 7 Days

Threat Actor Observations on Other Lightscope Endpoints

104.156.155.8

2,169 hits

1466 ports

10/60 endpoints

United States (US)
Los Angeles, California

ASN: AS400161
Academy for Internet Research Limited Liability Company

AbuseIPDB 100%

Location Information

Country:	United States (US)
City:	Los Angeles
Region:	California
Postal Code:	90009
Timezone:	America/Los_Angeles

Network Information

ASN:	AS400161
AS Name:	Academy for Internet Research Limited Liability Company
Company:	Academy for Internet Research Limited Liability Company
Domain:	academyforinternetresearch.org

Privacy Information

Hosting:	Unknown
Proxy:	Unknown
VPN:	Unknown
Tor:	Unknown

AbuseIPDB Information

Abuse Confidence Score:

AbuseIPDB 100% (High Risk)

rynzs - Targeted Ports

Top:

Temporal Port Activity

Last 7 Days

Threat Actor Observations on Other Lightscope Endpoints

Show top:

Subnet Temporal Port Activity

Last 7 Days

Show top:

Top Subnet Offenders

82.208.21.0/24

57,002 hits

1 IPs

1 ports

1/60 endpoints

82.208.21.194 (57,002)

IPs in Subnet

IP Address	Hit Count
82.208.21.194	57,002

Ports Targeted by This Subnet

Top:

Temporal Port Activity

134.199.196.0/24

28,787 hits

4 IPs

7 ports

28/60 endpoints

134.199.196.58 (28,781) 134.199.196.0 (2) 134.199.196.142 (2) +1 more

IPs in Subnet

IP Address	Hit Count
134.199.196.58	28,781
134.199.196.0	2
134.199.196.142	2
134.199.196.250	2

Ports Targeted by This Subnet

Top:

Temporal Port Activity

147.185.133.0/24

20,521 hits

253 IPs

4191 ports

32/60 endpoints

147.185.133.146 (199) 147.185.133.137 (194) 147.185.133.136 (193) +250 more

IPs in Subnet

IP Address	Hit Count
147.185.133.146	199
147.185.133.137	194
147.185.133.136	193
147.185.133.223	191
147.185.133.162	187
147.185.133.170	183
147.185.133.172	178
147.185.133.179	175
147.185.133.13	168
147.185.133.16	165
147.185.133.181	164
147.185.133.89	163
147.185.133.99	160
147.185.133.189	159
147.185.133.151	158
147.185.133.133	155
147.185.133.253	155
147.185.133.43	154
147.185.133.188	153
147.185.133.129	151
147.185.133.194	151
147.185.133.113	146
147.185.133.160	145
147.185.133.44	143
147.185.133.239	141
147.185.133.40	140
147.185.133.6	137
147.185.133.76	137
147.185.133.231	136
147.185.133.187	135
147.185.133.3	135
147.185.133.228	134
147.185.133.140	131
147.185.133.55	131
147.185.133.165	130
147.185.133.212	129
147.185.133.119	128
147.185.133.246	128
147.185.133.180	127
147.185.133.47	125
147.185.133.80	125
147.185.133.198	124
147.185.133.250	124
147.185.133.86	124
147.185.133.156	123
147.185.133.87	123
147.185.133.251	121
147.185.133.67	121
147.185.133.26	119
147.185.133.18	118
147.185.133.60	118
147.185.133.2	117
147.185.133.74	115
147.185.133.135	111
147.185.133.192	111
147.185.133.149	110
147.185.133.177	106
147.185.133.83	106
147.185.133.202	105
147.185.133.63	105
147.185.133.186	103
147.185.133.183	102
147.185.133.90	101
147.185.133.125	100
147.185.133.45	100
147.185.133.52	97
147.185.133.107	95
147.185.133.233	94
147.185.133.132	93
147.185.133.145	92
147.185.133.169	92
147.185.133.185	92
147.185.133.195	92
147.185.133.66	92
147.185.133.126	91
147.185.133.173	91
147.185.133.23	91
147.185.133.240	91
147.185.133.127	90
147.185.133.152	90
147.185.133.184	90
147.185.133.20	90
147.185.133.122	89
147.185.133.199	89
147.185.133.210	89
147.185.133.211	89
147.185.133.230	89
147.185.133.69	89
147.185.133.197	88
147.185.133.217	88
147.185.133.241	87
147.185.133.243	87
147.185.133.61	87
147.185.133.105	86
147.185.133.205	86
147.185.133.229	86
147.185.133.216	85
147.185.133.168	84
147.185.133.200	84
147.185.133.234	84
147.185.133.8	84
147.185.133.96	84
147.185.133.120	83
147.185.133.30	83
147.185.133.175	82
147.185.133.235	82
147.185.133.114	81
147.185.133.14	81
147.185.133.24	81
147.185.133.139	80
147.185.133.42	80
147.185.133.77	80
147.185.133.201	79
147.185.133.215	79
147.185.133.147	78
147.185.133.153	78
147.185.133.157	78
147.185.133.249	78
147.185.133.31	77
147.185.133.53	77
147.185.133.117	76
147.185.133.247	76
147.185.133.65	76
147.185.133.167	75
147.185.133.206	75
147.185.133.138	74
147.185.133.252	74
147.185.133.32	74
147.185.133.48	74
147.185.133.54	74
147.185.133.12	73
147.185.133.220	73
147.185.133.46	73
147.185.133.191	72
147.185.133.218	71
147.185.133.174	69
147.185.133.143	68
147.185.133.21	68
147.185.133.91	67
147.185.133.225	65
147.185.133.193	64
147.185.133.19	63
147.185.133.237	62
147.185.133.115	61
147.185.133.29	61
147.185.133.15	60
147.185.133.196	60
147.185.133.51	59
147.185.133.102	58
147.185.133.103	58
147.185.133.123	58
147.185.133.208	58
147.185.133.110	57
147.185.133.221	57
147.185.133.39	57
147.185.133.131	56
147.185.133.148	56
147.185.133.154	56
147.185.133.4	56
147.185.133.71	56
147.185.133.214	55
147.185.133.238	55
147.185.133.1	54
147.185.133.124	53
147.185.133.176	53
147.185.133.171	52
147.185.133.248	52
147.185.133.58	52
147.185.133.159	51
147.185.133.190	51
147.185.133.56	51
147.185.133.128	50
147.185.133.222	50
147.185.133.227	50
147.185.133.37	50
147.185.133.92	50
147.185.133.97	50
147.185.133.150	49
147.185.133.163	49
147.185.133.166	49
147.185.133.245	49
147.185.133.27	49
147.185.133.41	49
147.185.133.57	49
147.185.133.59	49
147.185.133.100	48
147.185.133.109	48
147.185.133.155	48
147.185.133.161	48
147.185.133.207	48
147.185.133.236	48
147.185.133.28	48
147.185.133.68	48
147.185.133.81	48
147.185.133.85	48
147.185.133.134	47
147.185.133.17	47
147.185.133.254	47
147.185.133.255	47
147.185.133.88	47
147.185.133.0	46
147.185.133.116	46
147.185.133.209	46
147.185.133.213	46
147.185.133.33	46
147.185.133.35	46
147.185.133.49	46
147.185.133.72	46
147.185.133.104	45
147.185.133.106	45
147.185.133.112	45
147.185.133.158	45
147.185.133.164	45
147.185.133.203	45
147.185.133.204	45
147.185.133.219	45
147.185.133.22	45
147.185.133.242	45
147.185.133.82	45
147.185.133.84	45
147.185.133.141	44
147.185.133.70	44
147.185.133.93	44
147.185.133.111	43
147.185.133.142	43
147.185.133.182	43
147.185.133.50	43
147.185.133.75	43
147.185.133.78	43
147.185.133.9	43
147.185.133.94	43
147.185.133.98	43
147.185.133.10	42
147.185.133.144	42
147.185.133.226	42
147.185.133.232	42
147.185.133.244	42
147.185.133.25	42
147.185.133.121	41
147.185.133.108	40
147.185.133.62	40
147.185.133.101	39
147.185.133.130	39
147.185.133.34	39
147.185.133.73	39
147.185.133.95	39
147.185.133.11	38
147.185.133.178	38
147.185.133.5	35
147.185.133.7	34
147.185.133.224	33
147.185.133.36	33
147.185.133.118	29

Ports Targeted by This Subnet

Top:

Temporal Port Activity

162.216.149.0/24

19,909 hits

244 IPs

4173 ports

32/60 endpoints

162.216.149.73 (235) 162.216.149.77 (213) 162.216.149.170 (209) +241 more

IPs in Subnet

IP Address	Hit Count
162.216.149.73	235
162.216.149.77	213
162.216.149.170	209
162.216.149.180	183
162.216.149.158	182
162.216.149.68	172
162.216.149.69	172
162.216.149.39	171
162.216.149.253	164
162.216.149.160	162
162.216.149.192	154
162.216.149.133	153
162.216.149.246	153
162.216.149.125	149
162.216.149.130	144
162.216.149.29	142
162.216.149.11	139
162.216.149.80	138
162.216.149.63	137
162.216.149.145	136
162.216.149.237	136
162.216.149.102	135
162.216.149.52	135
162.216.149.55	135
162.216.149.227	133
162.216.149.109	131
162.216.149.162	131
162.216.149.184	131
162.216.149.7	131
162.216.149.90	130
162.216.149.87	129
162.216.149.34	127
162.216.149.20	125
162.216.149.225	125
162.216.149.233	123
162.216.149.88	123
162.216.149.154	122
162.216.149.8	122
162.216.149.41	121
162.216.149.91	120
162.216.149.108	119
162.216.149.35	119
162.216.149.147	118
162.216.149.211	117
162.216.149.249	117
162.216.149.36	117
162.216.149.47	116
162.216.149.146	114
162.216.149.92	113
162.216.149.155	112
162.216.149.244	112
162.216.149.243	109
162.216.149.148	107
162.216.149.66	107
162.216.149.107	106
162.216.149.202	106
162.216.149.136	104
162.216.149.17	104
162.216.149.101	103
162.216.149.38	103
162.216.149.194	102
162.216.149.195	102
162.216.149.31	101
162.216.149.134	100
162.216.149.122	98
162.216.149.128	98
162.216.149.186	98
162.216.149.193	98
162.216.149.232	97
162.216.149.235	97
162.216.149.10	96
162.216.149.100	96
162.216.149.166	95
162.216.149.183	95
162.216.149.224	95
162.216.149.197	94
162.216.149.239	94
162.216.149.58	94
162.216.149.144	92
162.216.149.221	92
162.216.149.5	92
162.216.149.114	91
162.216.149.118	91
162.216.149.173	91
162.216.149.179	90
162.216.149.215	90
162.216.149.60	90
162.216.149.142	89
162.216.149.157	89
162.216.149.37	89
162.216.149.40	89
162.216.149.45	89
162.216.149.79	89
162.216.149.228	88
162.216.149.42	88
162.216.149.119	87
162.216.149.167	87
162.216.149.46	87
162.216.149.126	86
162.216.149.156	86
162.216.149.230	86
162.216.149.83	86
162.216.149.165	85
162.216.149.236	85
162.216.149.43	85
162.216.149.247	84
162.216.149.53	84
162.216.149.54	84
162.216.149.151	83
162.216.149.214	83
162.216.149.226	83
162.216.149.181	82
162.216.149.19	81
162.216.149.12	80
162.216.149.123	79
162.216.149.65	79
162.216.149.72	79
162.216.149.81	79
162.216.149.161	78
162.216.149.199	78
162.216.149.98	78
162.216.149.177	77
162.216.149.210	77
162.216.149.245	76
162.216.149.115	75
162.216.149.164	75
162.216.149.208	75
162.216.149.25	75
162.216.149.104	74
162.216.149.51	73
162.216.149.28	71
162.216.149.172	70
162.216.149.209	70
162.216.149.213	70
162.216.149.248	69
162.216.149.6	69
162.216.149.176	68
162.216.149.223	67
162.216.149.3	67
162.216.149.27	65
162.216.149.14	64
162.216.149.163	63
162.216.149.174	63
162.216.149.217	63
162.216.149.9	62
162.216.149.103	60
162.216.149.140	60
162.216.149.212	60
162.216.149.105	59
162.216.149.241	59
162.216.149.89	59
162.216.149.153	58
162.216.149.219	58
162.216.149.106	57
162.216.149.234	57
162.216.149.75	57
162.216.149.207	56
162.216.149.62	56
162.216.149.74	56
162.216.149.85	55
162.216.149.95	55
162.216.149.13	54
162.216.149.182	54
162.216.149.67	54
162.216.149.97	54
162.216.149.110	53
162.216.149.138	53
162.216.149.251	53
162.216.149.252	53
162.216.149.141	52
162.216.149.205	52
162.216.149.238	52
162.216.149.56	52
162.216.149.137	51
162.216.149.18	51
162.216.149.93	51
162.216.149.169	50
162.216.149.185	50
162.216.149.201	50
162.216.149.203	50
162.216.149.32	50
162.216.149.70	50
162.216.149.78	50
162.216.149.94	50
162.216.149.168	49
162.216.149.187	49
162.216.149.188	49
162.216.149.196	49
162.216.149.112	48
162.216.149.139	48
162.216.149.175	48
162.216.149.200	48
162.216.149.30	48
162.216.149.61	48
162.216.149.22	47
162.216.149.44	47
162.216.149.49	47
162.216.149.59	47
162.216.149.131	46
162.216.149.178	46
162.216.149.189	46
162.216.149.216	46
162.216.149.229	46
162.216.149.240	46
162.216.149.26	46
162.216.149.48	46
162.216.149.113	45
162.216.149.121	45
162.216.149.82	45
162.216.149.120	44
162.216.149.124	44
162.216.149.129	44
162.216.149.132	44
162.216.149.143	44
162.216.149.16	44
162.216.149.64	44
162.216.149.111	43
162.216.149.23	43
162.216.149.33	43
162.216.149.127	42
162.216.149.135	42
162.216.149.159	42
162.216.149.231	42
162.216.149.50	42
162.216.149.86	42
162.216.149.116	41
162.216.149.117	41
162.216.149.171	41
162.216.149.15	40
162.216.149.71	40
162.216.149.149	39
162.216.149.190	39
162.216.149.198	39
162.216.149.242	39
162.216.149.250	39
162.216.149.84	39
162.216.149.21	38
162.216.149.254	38
162.216.149.24	37
162.216.149.152	36
162.216.149.191	36
162.216.149.57	36
162.216.149.99	36
162.216.149.76	33

Ports Targeted by This Subnet

Top:

Temporal Port Activity

162.216.150.0/24

19,649 hits

245 IPs

4178 ports

33/60 endpoints

162.216.150.168 (246) 162.216.150.184 (207) 162.216.150.122 (194) +242 more

IPs in Subnet

IP Address	Hit Count
162.216.150.168	246
162.216.150.184	207
162.216.150.122	194
162.216.150.239	185
162.216.150.77	171
162.216.150.42	170
162.216.150.105	169
162.216.150.161	158
162.216.150.129	155
162.216.150.112	154
162.216.150.10	153
162.216.150.237	147
162.216.150.210	145
162.216.150.211	145
162.216.150.126	143
162.216.150.9	143
162.216.150.103	142
162.216.150.251	141
162.216.150.164	139
162.216.150.21	135
162.216.150.208	134
162.216.150.158	132
162.216.150.196	132
162.216.150.165	127
162.216.150.250	127
162.216.150.35	127
162.216.150.147	124
162.216.150.7	124
162.216.150.185	122
162.216.150.163	121
162.216.150.135	120
162.216.150.65	119
162.216.150.101	118
162.216.150.189	118
162.216.150.121	117
162.216.150.125	117
162.216.150.46	117
162.216.150.17	116
162.216.150.222	116
162.216.150.140	115
162.216.150.92	115
162.216.150.167	112
162.216.150.54	111
162.216.150.241	110
162.216.150.67	110
162.216.150.69	110
162.216.150.51	109
162.216.150.124	108
162.216.150.176	108
162.216.150.249	108
162.216.150.37	108
162.216.150.44	108
162.216.150.93	106
162.216.150.215	105
162.216.150.238	105
162.216.150.5	104
162.216.150.108	103
162.216.150.226	103
162.216.150.36	103
162.216.150.99	103
162.216.150.221	102
162.216.150.219	100
162.216.150.95	100
162.216.150.110	99
162.216.150.31	99
162.216.150.76	99
162.216.150.4	97
162.216.150.153	95
162.216.150.253	95
162.216.150.62	95
162.216.150.128	94
162.216.150.151	94
162.216.150.81	94
162.216.150.82	94
162.216.150.159	93
162.216.150.178	93
162.216.150.190	93
162.216.150.134	92
162.216.150.172	92
162.216.150.174	92
162.216.150.150	91
162.216.150.40	91
162.216.150.45	91
162.216.150.79	91
162.216.150.170	90
162.216.150.149	89
162.216.150.240	89
162.216.150.30	89
162.216.150.32	89
162.216.150.139	88
162.216.150.244	88
162.216.150.75	88
162.216.150.90	88
162.216.150.216	87
162.216.150.152	86
162.216.150.3	86
162.216.150.116	85
162.216.150.197	85
162.216.150.73	85
162.216.150.230	84
162.216.150.49	84
162.216.150.50	84
162.216.150.66	84
162.216.150.74	84
162.216.150.136	83
162.216.150.56	83
162.216.150.247	82
162.216.150.63	82
162.216.150.39	81
162.216.150.171	80
162.216.150.43	80
162.216.150.61	80
162.216.150.204	78
162.216.150.213	78
162.216.150.254	77
162.216.150.59	77
162.216.150.252	76
162.216.150.64	76
162.216.150.87	76
162.216.150.145	74
162.216.150.192	74
162.216.150.200	74
162.216.150.223	74
162.216.150.24	74
162.216.150.245	74
162.216.150.89	74
162.216.150.115	73
162.216.150.29	73
162.216.150.133	72
162.216.150.199	72
162.216.150.243	72
162.216.150.130	70
162.216.150.131	70
162.216.150.27	70
162.216.150.181	69
162.216.150.246	69
162.216.150.34	69
162.216.150.155	67
162.216.150.16	67
162.216.150.148	66
162.216.150.22	66
162.216.150.86	66
162.216.150.120	64
162.216.150.162	63
162.216.150.214	62
162.216.150.106	61
162.216.150.143	60
162.216.150.156	60
162.216.150.179	60
162.216.150.236	59
162.216.150.109	58
162.216.150.146	58
162.216.150.169	58
162.216.150.97	58
162.216.150.144	57
162.216.150.207	57
162.216.150.60	57
162.216.150.177	56
162.216.150.225	56
162.216.150.114	55
162.216.150.127	55
162.216.150.58	55
162.216.150.78	55
162.216.150.194	54
162.216.150.217	54
162.216.150.100	53
162.216.150.102	53
162.216.150.123	53
162.216.150.57	53
162.216.150.71	53
162.216.150.104	52
162.216.150.117	52
162.216.150.206	52
162.216.150.88	52
162.216.150.113	51
162.216.150.119	51
162.216.150.132	51
162.216.150.175	51
162.216.150.201	51
162.216.150.212	51
162.216.150.111	50
162.216.150.186	50
162.216.150.229	50
162.216.150.235	50
162.216.150.248	50
162.216.150.38	50
162.216.150.41	50
162.216.150.72	50
162.216.150.80	50
162.216.150.138	49
162.216.150.68	49
162.216.150.96	49
162.216.150.14	48
162.216.150.94	48
162.216.150.11	47
162.216.150.18	47
162.216.150.187	47
162.216.150.198	47
162.216.150.227	47
162.216.150.83	47
162.216.150.107	46
162.216.150.13	46
162.216.150.142	46
162.216.150.180	46
162.216.150.203	46
162.216.150.228	46
162.216.150.118	45
162.216.150.12	45
162.216.150.15	45
162.216.150.157	45
162.216.150.20	45
162.216.150.209	45
162.216.150.220	45
162.216.150.23	45
162.216.150.232	45
162.216.150.48	45
162.216.150.55	45
162.216.150.91	45
162.216.150.195	44
162.216.150.202	44
162.216.150.234	44
162.216.150.242	44
162.216.150.47	44
162.216.150.53	44
162.216.150.52	43
162.216.150.84	43
162.216.150.141	42
162.216.150.188	42
162.216.150.233	42
162.216.150.28	42
162.216.150.98	42
162.216.150.191	41
162.216.150.218	41
162.216.150.231	41
162.216.150.26	41
162.216.150.33	40
162.216.150.160	39
162.216.150.6	38
162.216.150.182	37
162.216.150.85	37
162.216.150.173	36
162.216.150.224	36
162.216.150.25	35
162.216.150.137	34
162.216.150.193	31

Ports Targeted by This Subnet

Top:

Temporal Port Activity

35.203.210.0/24

19,026 hits

244 IPs

4144 ports

33/60 endpoints

35.203.210.112 (240) 35.203.210.239 (207) 35.203.210.55 (206) +241 more

IPs in Subnet

IP Address	Hit Count
35.203.210.112	240
35.203.210.239	207
35.203.210.55	206
35.203.210.138	189
35.203.210.98	178
35.203.210.159	177
35.203.210.193	168
35.203.210.37	163
35.203.210.85	157
35.203.210.225	156
35.203.210.101	153
35.203.210.169	145
35.203.210.177	143
35.203.210.197	142
35.203.210.129	141
35.203.210.24	140
35.203.210.8	139
35.203.210.222	137
35.203.210.179	136
35.203.210.196	135
35.203.210.203	133
35.203.210.251	132
35.203.210.20	131
35.203.210.57	131
35.203.210.78	131
35.203.210.43	129
35.203.210.17	127
35.203.210.62	119
35.203.210.12	117
35.203.210.254	117
35.203.210.148	116
35.203.210.156	116
35.203.210.16	116
35.203.210.161	116
35.203.210.100	115
35.203.210.171	115
35.203.210.200	115
35.203.210.202	115
35.203.210.240	114
35.203.210.115	112
35.203.210.29	112
35.203.210.49	112
35.203.210.54	111
35.203.210.87	110
35.203.210.44	109
35.203.210.183	108
35.203.210.90	108
35.203.210.35	107
35.203.210.104	105
35.203.210.215	105
35.203.210.216	104
35.203.210.207	102
35.203.210.21	102
35.203.210.48	102
35.203.210.26	100
35.203.210.75	100
35.203.210.124	99
35.203.210.94	99
35.203.210.180	96
35.203.210.204	96
35.203.210.67	96
35.203.210.164	95
35.203.210.128	94
35.203.210.218	94
35.203.210.137	93
35.203.210.253	93
35.203.210.170	92
35.203.210.208	92
35.203.210.229	92
35.203.210.7	92
35.203.210.140	91
35.203.210.19	91
35.203.210.72	91
35.203.210.143	90
35.203.210.185	90
35.203.210.223	90
35.203.210.46	90
35.203.210.160	89
35.203.210.109	88
35.203.210.119	88
35.203.210.199	88
35.203.210.102	87
35.203.210.106	87
35.203.210.182	86
35.203.210.22	86
35.203.210.231	86
35.203.210.127	85
35.203.210.69	85
35.203.210.18	84
35.203.210.31	84
35.203.210.45	84
35.203.210.83	84
35.203.210.103	81
35.203.210.194	81
35.203.210.86	81
35.203.210.105	80
35.203.210.187	80
35.203.210.89	80
35.203.210.92	80
35.203.210.50	79
35.203.210.64	79
35.203.210.84	79
35.203.210.117	78
35.203.210.68	78
35.203.210.192	77
35.203.210.230	77
35.203.210.5	77
35.203.210.158	76
35.203.210.175	76
35.203.210.73	75
35.203.210.174	74
35.203.210.190	74
35.203.210.79	74
35.203.210.13	73
35.203.210.234	73
35.203.210.41	73
35.203.210.172	71
35.203.210.219	71
35.203.210.38	71
35.203.210.42	70
35.203.210.91	70
35.203.210.114	69
35.203.210.136	69
35.203.210.56	68
35.203.210.252	67
35.203.210.149	66
35.203.210.82	66
35.203.210.121	65
35.203.210.14	65
35.203.210.166	65
35.203.210.76	65
35.203.210.32	64
35.203.210.235	63
35.203.210.47	63
35.203.210.163	62
35.203.210.189	62
35.203.210.195	62
35.203.210.206	62
35.203.210.245	62
35.203.210.53	62
35.203.210.132	61
35.203.210.238	61
35.203.210.51	61
35.203.210.99	61
35.203.210.110	60
35.203.210.145	60
35.203.210.220	60
35.203.210.233	59
35.203.210.40	59
35.203.210.144	58
35.203.210.152	58
35.203.210.227	58
35.203.210.107	57
35.203.210.173	57
35.203.210.77	56
35.203.210.95	56
35.203.210.141	55
35.203.210.155	55
35.203.210.70	55
35.203.210.74	55
35.203.210.118	54
35.203.210.125	54
35.203.210.151	54
35.203.210.246	54
35.203.210.153	53
35.203.210.168	53
35.203.210.108	52
35.203.210.113	52
35.203.210.162	52
35.203.210.226	52
35.203.210.237	52
35.203.210.65	52
35.203.210.66	52
35.203.210.154	51
35.203.210.88	51
35.203.210.28	50
35.203.210.10	49
35.203.210.181	49
35.203.210.198	49
35.203.210.209	49
35.203.210.213	49
35.203.210.224	49
35.203.210.241	49
35.203.210.3	49
35.203.210.4	49
35.203.210.139	48
35.203.210.201	48
35.203.210.211	48
35.203.210.23	48
35.203.210.248	48
35.203.210.250	48
35.203.210.30	48
35.203.210.111	47
35.203.210.116	47
35.203.210.126	47
35.203.210.142	47
35.203.210.205	47
35.203.210.210	47
35.203.210.247	47
35.203.210.36	47
35.203.210.58	47
35.203.210.93	47
35.203.210.214	46
35.203.210.217	46
35.203.210.243	46
35.203.210.25	46
35.203.210.33	46
35.203.210.131	45
35.203.210.147	45
35.203.210.157	45
35.203.210.120	44
35.203.210.123	44
35.203.210.15	44
35.203.210.221	44
35.203.210.9	44
35.203.210.130	43
35.203.210.167	43
35.203.210.6	43
35.203.210.61	43
35.203.210.122	42
35.203.210.184	42
35.203.210.191	42
35.203.210.59	42
35.203.210.97	42
35.203.210.165	41
35.203.210.52	41
35.203.210.60	41
35.203.210.133	40
35.203.210.39	40
35.203.210.63	40
35.203.210.81	40
35.203.210.236	39
35.203.210.96	39
35.203.210.11	38
35.203.210.228	38
35.203.210.249	38
35.203.210.80	38
35.203.210.134	37
35.203.210.150	37
35.203.210.244	37
35.203.210.34	36
35.203.210.135	35
35.203.210.146	35
35.203.210.188	34

Ports Targeted by This Subnet

Top:

Temporal Port Activity

35.203.211.0/24

18,865 hits

245 IPs

4146 ports

32/60 endpoints

35.203.211.238 (198) 35.203.211.71 (186) 35.203.211.219 (184) +242 more

IPs in Subnet

IP Address	Hit Count
35.203.211.238	198
35.203.211.71	186
35.203.211.219	184
35.203.211.39	181
35.203.211.168	176
35.203.211.103	173
35.203.211.229	169
35.203.211.101	167
35.203.211.201	163
35.203.211.114	162
35.203.211.129	157
35.203.211.235	155
35.203.211.40	154
35.203.211.147	145
35.203.211.69	144
35.203.211.21	142
35.203.211.102	141
35.203.211.53	140
35.203.211.59	137
35.203.211.192	134
35.203.211.200	131
35.203.211.42	130
35.203.211.85	130
35.203.211.120	127
35.203.211.178	127
35.203.211.135	126
35.203.211.16	126
35.203.211.19	126
35.203.211.74	124
35.203.211.218	121
35.203.211.141	120
35.203.211.31	119
35.203.211.137	118
35.203.211.174	118
35.203.211.58	118
35.203.211.241	116
35.203.211.89	116
35.203.211.100	115
35.203.211.145	112
35.203.211.184	112
35.203.211.242	112
35.203.211.57	112
35.203.211.148	109
35.203.211.163	109
35.203.211.22	108
35.203.211.251	108
35.203.211.49	108
35.203.211.32	105
35.203.211.50	105
35.203.211.99	105
35.203.211.4	104
35.203.211.5	103
35.203.211.54	103
35.203.211.12	102
35.203.211.175	102
35.203.211.208	102
35.203.211.209	102
35.203.211.240	102
35.203.211.244	102
35.203.211.234	101
35.203.211.33	100
35.203.211.160	99
35.203.211.44	96
35.203.211.51	96
35.203.211.79	96
35.203.211.181	95
35.203.211.61	95
35.203.211.62	95
35.203.211.185	93
35.203.211.77	93
35.203.211.176	92
35.203.211.11	91
35.203.211.196	91
35.203.211.224	91
35.203.211.37	91
35.203.211.252	90
35.203.211.115	89
35.203.211.25	89
35.203.211.24	88
35.203.211.123	87
35.203.211.150	87
35.203.211.127	86
35.203.211.250	86
35.203.211.9	86
35.203.211.140	85
35.203.211.60	85
35.203.211.92	85
35.203.211.82	84
35.203.211.166	83
35.203.211.67	83
35.203.211.80	83
35.203.211.159	82
35.203.211.223	82
35.203.211.243	82
35.203.211.95	82
35.203.211.214	81
35.203.211.91	81
35.203.211.134	80
35.203.211.164	80
35.203.211.180	80
35.203.211.55	80
35.203.211.106	79
35.203.211.143	79
35.203.211.210	79
35.203.211.233	79
35.203.211.152	78
35.203.211.132	77
35.203.211.165	77
35.203.211.36	77
35.203.211.70	77
35.203.211.169	76
35.203.211.179	75
35.203.211.158	74
35.203.211.84	74
35.203.211.157	73
35.203.211.228	73
35.203.211.47	73
35.203.211.81	73
35.203.211.156	69
35.203.211.239	69
35.203.211.222	68
35.203.211.97	66
35.203.211.232	65
35.203.211.15	63
35.203.211.173	63
35.203.211.20	63
35.203.211.198	62
35.203.211.236	62
35.203.211.48	61
35.203.211.119	60
35.203.211.124	60
35.203.211.231	60
35.203.211.138	59
35.203.211.253	59
35.203.211.104	58
35.203.211.131	58
35.203.211.78	58
35.203.211.190	57
35.203.211.212	57
35.203.211.43	57
35.203.211.64	57
35.203.211.221	56
35.203.211.26	56
35.203.211.72	56
35.203.211.93	56
35.203.211.188	55
35.203.211.203	55
35.203.211.249	55
35.203.211.52	55
35.203.211.130	54
35.203.211.18	54
35.203.211.182	54
35.203.211.187	54
35.203.211.29	54
35.203.211.110	53
35.203.211.111	53
35.203.211.144	53
35.203.211.171	53
35.203.211.205	53
35.203.211.246	53
35.203.211.10	52
35.203.211.108	52
35.203.211.46	52
35.203.211.113	51
35.203.211.116	51
35.203.211.133	51
35.203.211.162	51
35.203.211.194	51
35.203.211.34	51
35.203.211.6	51
35.203.211.105	50
35.203.211.107	50
35.203.211.167	50
35.203.211.202	50
35.203.211.27	50
35.203.211.3	50
35.203.211.161	49
35.203.211.183	49
35.203.211.217	49
35.203.211.237	49
35.203.211.41	49
35.203.211.126	48
35.203.211.142	48
35.203.211.146	48
35.203.211.151	48
35.203.211.245	48
35.203.211.28	48
35.203.211.83	48
35.203.211.86	48
35.203.211.139	47
35.203.211.153	47
35.203.211.227	47
35.203.211.247	47
35.203.211.254	47
35.203.211.63	47
35.203.211.65	47
35.203.211.136	46
35.203.211.154	46
35.203.211.155	46
35.203.211.17	46
35.203.211.170	46
35.203.211.193	46
35.203.211.206	46
35.203.211.23	46
35.203.211.73	46
35.203.211.13	45
35.203.211.35	45
35.203.211.98	45
35.203.211.177	44
35.203.211.197	44
35.203.211.199	44
35.203.211.225	44
35.203.211.226	44
35.203.211.109	43
35.203.211.121	43
35.203.211.118	42
35.203.211.172	42
35.203.211.191	42
35.203.211.38	42
35.203.211.125	41
35.203.211.195	41
35.203.211.45	41
35.203.211.66	41
35.203.211.90	41
35.203.211.189	40
35.203.211.204	40
35.203.211.211	40
35.203.211.230	40
35.203.211.75	40
35.203.211.186	39
35.203.211.213	39
35.203.211.220	39
35.203.211.76	39
35.203.211.14	38
35.203.211.207	38
35.203.211.112	37
35.203.211.248	37
35.203.211.7	37
35.203.211.8	37
35.203.211.56	36
35.203.211.68	36
35.203.211.87	36
35.203.211.149	33
35.203.211.96	33
35.203.211.94	32

Ports Targeted by This Subnet

Top:

Temporal Port Activity

79.124.49.0/24

13,110 hits

7 IPs

2052 ports

32/60 endpoints

79.124.49.114 (11,343) 79.124.49.226 (1,300) 79.124.49.230 (404) +4 more

IPs in Subnet

IP Address	Hit Count
79.124.49.114	11,343
79.124.49.226	1,300
79.124.49.230	404
79.124.49.90	33
79.124.49.134	14
79.124.49.58	8
79.124.49.62	8

Ports Targeted by This Subnet

Top:

Temporal Port Activity

147.185.132.0/24

13,092 hits

238 IPs

3573 ports

33/60 endpoints

147.185.132.178 (227) 147.185.132.122 (171) 147.185.132.158 (171) +235 more

IPs in Subnet

IP Address	Hit Count
147.185.132.178	227
147.185.132.122	171
147.185.132.158	171
147.185.132.221	160
147.185.132.35	160
147.185.132.95	155
147.185.132.176	144
147.185.132.151	141
147.185.132.50	140
147.185.132.68	140
147.185.132.167	131
147.185.132.149	130
147.185.132.169	125
147.185.132.196	124
147.185.132.155	123
147.185.132.170	121
147.185.132.136	120
147.185.132.191	120
147.185.132.133	119
147.185.132.128	118
147.185.132.200	115
147.185.132.44	114
147.185.132.53	114
147.185.132.226	112
147.185.132.238	112
147.185.132.140	111
147.185.132.32	111
147.185.132.107	109
147.185.132.217	109
147.185.132.125	106
147.185.132.242	103
147.185.132.162	102
147.185.132.212	100
147.185.132.110	99
147.185.132.188	98
147.185.132.62	98
147.185.132.113	97
147.185.132.166	96
147.185.132.47	95
147.185.132.92	94
147.185.132.134	93
147.185.132.232	93
147.185.132.218	92
147.185.132.80	92
147.185.132.8	91
147.185.132.160	90
147.185.132.248	88
147.185.132.41	88
147.185.132.199	87
147.185.132.71	87
147.185.132.86	86
147.185.132.145	85
147.185.132.190	85
147.185.132.146	84
147.185.132.154	84
147.185.132.77	84
147.185.132.255	83
147.185.132.65	83
147.185.132.168	80
147.185.132.245	80
147.185.132.73	79
147.185.132.157	78
147.185.132.206	78
147.185.132.230	77
147.185.132.152	76
147.185.132.223	76
147.185.132.66	76
147.185.132.116	75
147.185.132.239	75
147.185.132.253	74
147.185.132.55	74
147.185.132.98	74
147.185.132.139	72
147.185.132.241	72
147.185.132.211	71
147.185.132.224	71
147.185.132.129	70
147.185.132.89	70
147.185.132.142	68
147.185.132.161	68
147.185.132.236	68
147.185.132.38	67
147.185.132.81	67
147.185.132.185	66
147.185.132.244	65
147.185.132.214	63
147.185.132.148	62
147.185.132.233	59
147.185.132.124	58
147.185.132.203	58
147.185.132.246	58
147.185.132.10	57
147.185.132.30	57
147.185.132.45	57
147.185.132.74	57
147.185.132.117	56
147.185.132.127	56
147.185.132.150	56
147.185.132.251	56
147.185.132.63	55
147.185.132.75	55
147.185.132.76	55
147.185.132.17	54
147.185.132.204	54
147.185.132.36	54
147.185.132.67	54
147.185.132.220	53
147.185.132.83	53
147.185.132.143	52
147.185.132.187	52
147.185.132.247	52
147.185.132.250	52
147.185.132.56	52
147.185.132.20	51
147.185.132.227	51
147.185.132.229	51
147.185.132.23	51
147.185.132.184	50
147.185.132.58	50
147.185.132.141	49
147.185.132.235	49
147.185.132.29	49
147.185.132.164	48
147.185.132.179	48
147.185.132.59	48
147.185.132.118	47
147.185.132.119	47
147.185.132.163	47
147.185.132.254	47
147.185.132.202	45
147.185.132.26	45
147.185.132.100	44
147.185.132.181	44
147.185.132.215	44
147.185.132.25	44
147.185.132.104	43
147.185.132.130	43
147.185.132.16	43
147.185.132.193	43
147.185.132.171	42
147.185.132.131	41
147.185.132.172	41
147.185.132.209	41
147.185.132.137	40
147.185.132.175	40
147.185.132.197	40
147.185.132.243	40
147.185.132.14	39
147.185.132.194	39
147.185.132.205	39
147.185.132.37	39
147.185.132.207	38
147.185.132.208	38
147.185.132.182	37
147.185.132.60	37
147.185.132.156	36
147.185.132.101	35
147.185.132.78	34
147.185.132.173	33
147.185.132.219	33
147.185.132.85	33
147.185.132.15	26
147.185.132.240	24
147.185.132.195	23
147.185.132.13	21
147.185.132.103	20
147.185.132.93	20
147.185.132.111	19
147.185.132.18	19
147.185.132.39	19
147.185.132.69	19
147.185.132.9	19
147.185.132.222	17
147.185.132.31	17
147.185.132.61	17
147.185.132.82	17
147.185.132.153	16
147.185.132.198	16
147.185.132.106	15
147.185.132.21	15
147.185.132.252	15
147.185.132.64	15
147.185.132.70	15
147.185.132.84	15
147.185.132.99	15
147.185.132.237	14
147.185.132.24	14
147.185.132.42	14
147.185.132.72	14
147.185.132.79	14
147.185.132.144	13
147.185.132.174	13
147.185.132.201	13
147.185.132.49	13
147.185.132.51	13
147.185.132.109	12
147.185.132.114	12
147.185.132.120	12
147.185.132.132	12
147.185.132.135	12
147.185.132.165	12
147.185.132.180	12
147.185.132.213	12
147.185.132.249	12
147.185.132.40	12
147.185.132.48	12
147.185.132.54	12
147.185.132.88	12
147.185.132.115	11
147.185.132.159	11
147.185.132.183	11
147.185.132.189	11
147.185.132.19	11
147.185.132.22	11
147.185.132.234	11
147.185.132.43	11
147.185.132.112	10
147.185.132.12	10
147.185.132.123	10
147.185.132.225	10
147.185.132.27	10
147.185.132.33	10
147.185.132.46	10
147.185.132.52	10
147.185.132.90	10
147.185.132.105	9
147.185.132.57	9
147.185.132.87	9
147.185.132.94	9
147.185.132.108	8
147.185.132.126	8
147.185.132.97	8
147.185.132.138	7
147.185.132.177	7
147.185.132.192	7
147.185.132.91	7
147.185.132.210	6
147.185.132.231	5

Ports Targeted by This Subnet

Top:

Temporal Port Activity

202.155.148.0/24

12,305 hits

2 IPs

8949 ports

3/60 endpoints

202.155.148.50 (12,145) 202.155.148.23 (160)

IPs in Subnet

IP Address	Hit Count
202.155.148.50	12,145
202.155.148.23	160

Ports Targeted by This Subnet

Top:

Temporal Port Activity

Complete Endpoint Data Export

Download All LightScope Data For This Endpoint

Get the complete raw dataset for this endpoint in CSV format. This includes all network traffic data, timestamps, IP addresses, ports, and other collected intelligence from the lightscope_honeypot_included_data table.

Format: CSV (Comma-Separated Values)
Contents: All endpoint data ordered by most recent first
Use Case: Research, analysis, custom reporting, data science
Compatibility: Excel, Python pandas, R, SQL imports

Download All Data

CSV format

Note: This download contains the raw data used to generate all dashboard visualizations and analytics. File size depends on the amount of traffic data collected for this endpoint.