IPMediumSignal 59/100
71.6.233.152
Location
United StatesBoston, Massachusetts
ASN
AS10439
Rapid7 Labs - Traffic originating from this network is expected and part of Project Sonar opendata.rapid7.com/about
First Seen
Aug 26, 2020
Last Seen
Jun 13, 2026
Found in 16 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
59%
Signal Score
59 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK
MITRE ATT&CK TTPs
Network Information
CountryUnited States
United StatesRegionBoston, Massachusetts
ASNAS10439
OrganizationRapid7 Labs - Traffic originating from this network is expected and part of Project Sonar opendata.rapid7.com/about
Feed Intelligence Summary
16 reports59% confidence
16
Source reports
59%
Confidence score
Category tags
abuseaccount compromiseactive scanactive scanningapacheapache attackeraustraliaautomated attacksbad reputationbotnetbotnet activitybrute forcebrute force attackbrute force attackerbrute force attacksbrute-forcecloud infrastructurecloud infrastructure attackcloud servicescommand and controlcommunication protocolcompromised hostcowrie honeypotcredential accesscredential guessingcredential stuffingdata encryptiondata exfiltrationdata store exposuredatabase attackdatabase securityddosddos attackdecoy systemdenial of servicedigital oceandionaea honeypotdistributed attacksencryptionenumerationeuropeexploitexploitation activityexploited hostfattfrancefraud voipftpftp brute forcehackinghoneytrap honeypothttp brute forcehttp scannerhttpsidentity & access exploitationinbound scanindicatorinjection activityinjection attacksinternet-facinginternet_scannersintrusion detectioniocipv4lateral movementmailoney honeypotmalicious activitymalicious ipmalicious softwaremalwaremalware behaviourmalware capturemirainetworknetwork attacksnetwork discoverynetwork enumerationnetwork intrusion attemptsnetwork probingnetwork protocolnetwork reconnaissancenetwork scanningnetwork securitynetwork traffic analysisnorth americaoceaniap0fpassword attackpassword attacksphishingphishing attackphishing trapping of deathportscanpotential threat actorprocess injectionprotocol exploitationrapid7sonar-benignreconnaissanceremote accessremote servicesresearchedresource hijackingsansscams & fraudscanscannerscannersscanning activityscripting attackssensor-taggedsentrypeer botnetservice probingservice scansmbsmtpsmtp brute forcessh attackssh monitoringsyn scant-pott1018t1021t1021.001t1021.002t1040t1046t1055t1059t1059.003t1059.007t1071t1071.001t1076t1077t1078t1087t1110t1110.001t1110.002t1110.003t1110.004t1133t1190t1203t1210t1486t1496t1499.001t1499.002t1499.003t1563t1565t1590t1592t1595t1595.001t1595.002t1595.003tannertargeting databasetcptcp protocoltelecommunicationstelnet threatthreat actorthreat detectionthreat intelligencetor nodetpotudp port scanunited statesunited states of americausverified-benignvoipvoip attackvulnerability scanvultrweb application attackweb attackweb exploitationweb traffic
Activity Timeline
Jun 13Jun 13
Threat Activity Heatmap
· Peak: 2026-06-13LessMore
Mon
Wed
Fri
24h
0
Dormant
7d
0
Dormant
30d
1
Minimal
3mo
1
Minimal
Threat ScoreMedium Risk
59
SIGNAL
Signal Score
59%
Confidence
16
Reports
First seenAug 26, 2020
Last seenJun 13, 2026
GeolocationUS
CountryUnited States
LocationBoston, Massachusetts
ASNAS10439
OrgRapid7 Labs - Traffic originating from this network is expected and part of Project Sonar opendata.rapid7.com/about
Coords42.3538, -71.0574
VirusTotal
Not checked
WHOIS
- description
- Scans hitting the server at TCP port 445 SMB. The same IP address may appear more than once a day. S3#
- raw
- CariNet, Inc. CARINET-5 (NET-71-6-128-0-1) 71.6.128.0 - 71.6.255.255 Rapid7 Labs - Traffic originating from this network is expected and part of Rapid7 Labs Project Sonar opendata.rapid7.com/about NET-71-6-233-0-24 (NET-71-6-233-0-1) 71.6.233.0 - 71.6.233.255
Export & API
STIX 2.1 Bundle
CSV Export
Permalink
IOC Journey
mediumFirst detected 5 years ago · Last seen 9 days ago
Appeared in 16 threat reports