0.0.0.81 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Reserved

Internet Service Provider: Broadcast RFC1700

Hostname: unknown

Organization: unknown

Usage Type: Reserved

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbots	pfaffenroth-photographie.de 2404:f080:1101:320:150:95:108:81 \[11/Sep/2019:09:56:08 +0200\] "POST /wp-login.php HTTP/1.1" 200 6694 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" pfaffenroth-photographie.de 2404:f080:1101:320:150:95:108:81 \[11/Sep/2019:09:56:12 +0200\] "POST /wp-login.php HTTP/1.1" 200 6705 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0"	2019-09-11 18:10:42

Type

Details

Datetime

attackbots

pfaffenroth-photographie.de 2404:f080:1101:320:150:95:108:81 \[11/Sep/2019:09:56:08 +0200\] "POST /wp-login.php HTTP/1.1" 200 6694 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0"
pfaffenroth-photographie.de 2404:f080:1101:320:150:95:108:81 \[11/Sep/2019:09:56:12 +0200\] "POST /wp-login.php HTTP/1.1" 200 6705 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0"

2019-09-11 18:10:42

Comments on same subnet:

IP	Type	Details	Datetime
0.0.0.193	attackspam	Fail2Ban Ban Triggered	2020-02-21 00:19:57
0.0.0.4	attack	chaangnoi.com 2a00:ab00:203:b::4 \[03/Nov/2019:06:51:34 +0100\] "POST /xmlrpc.php HTTP/1.1" 301 445 "-" "WordPress/4.5.15\; https://evparg.ru" chaangnoifulda.de 2a00:ab00:203:b::4 \[03/Nov/2019:06:51:34 +0100\] "POST /xmlrpc.php HTTP/1.1" 200 4248 "-" "WordPress/4.5.15\; https://evparg.ru"	2019-11-03 17:30:14
0.0.0.32	attackspam	www.goldgier.de 2a06:dd00:1:4::32 \[29/Oct/2019:04:48:45 +0100\] "POST /wp-login.php HTTP/1.1" 200 6202 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" www.goldgier.de 2a06:dd00:1:4::32 \[29/Oct/2019:04:48:46 +0100\] "POST /wp-login.php HTTP/1.1" 200 6197 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0"	2019-10-29 17:30:23
0.0.0.27	attackbots	abcdata-sys.de:80 2a02:4780:1:8::27 - - \[28/Oct/2019:12:51:29 +0100\] "POST /xmlrpc.php HTTP/1.1" 301 441 "-" "WordPress/4.7.11\; http://claudiaservicios.online" www.goldgier.de 2a02:4780:1:8::27 \[28/Oct/2019:12:51:29 +0100\] "POST /xmlrpc.php HTTP/1.1" 200 4484 "-" "WordPress/4.7.11\; http://claudiaservicios.online"	2019-10-28 23:02:28
0.0.0.22	attackspambots	abasicmove.de 2a00:d680:10:50::22 \[18/Oct/2019:21:53:31 +0200\] "POST /wp-login.php HTTP/1.1" 200 5761 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" abasicmove.de 2a00:d680:10:50::22 \[18/Oct/2019:21:53:31 +0200\] "POST /wp-login.php HTTP/1.1" 200 5560 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0"	2019-10-19 04:14:06
0.0.0.44	attackbotsspam	www.ft-1848-basketball.de 2a00:d0c0:200:0:b9:1a:9c:44 \[18/Oct/2019:13:33:16 +0200\] "POST /wp-login.php HTTP/1.1" 200 2172 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" www.ft-1848-basketball.de 2a00:d0c0:200:0:b9:1a:9c:44 \[18/Oct/2019:13:33:16 +0200\] "POST /wp-login.php HTTP/1.1" 200 2143 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0"	2019-10-19 03:04:17
0.0.0.67	attackbots	miraniessen.de 2a02:408:7722:1:77:222:62:67 \[09/Sep/2019:06:38:19 +0200\] "POST /wp-login.php HTTP/1.1" 200 5972 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" miraniessen.de 2a02:408:7722:1:77:222:62:67 \[09/Sep/2019:06:38:20 +0200\] "POST /wp-login.php HTTP/1.1" 200 5976 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0"	2019-09-09 15:36:08
0.0.0.63	attack	masters-of-media.de 2404:f080:1101:318:150:95:105:63 \[09/Sep/2019:06:39:08 +0200\] "POST /wp-login.php HTTP/1.1" 200 5855 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" masters-of-media.de 2404:f080:1101:318:150:95:105:63 \[09/Sep/2019:06:39:10 +0200\] "POST /wp-login.php HTTP/1.1" 200 5854 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0"	2019-09-09 14:57:40
0.0.0.77	attackbotsspam	masters-of-media.de 2a06:dd00:1:4:1::77 \[21/Jun/2019:06:36:25 +0200\] "POST /wp-login.php HTTP/1.1" 200 5856 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" masters-of-media.de 2a06:dd00:1:4:1::77 \[21/Jun/2019:06:36:26 +0200\] "POST /wp-login.php HTTP/1.1" 200 5811 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0"	2019-06-21 17:19:17

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 0.0.0.81
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 20953
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;0.0.0.81.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019091100 1800 900 604800 86400

;; Query time: 4 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Wed Sep 11 18:10:37 CST 2019
;; MSG SIZE  rcvd: 112

Host info

Host 81.0.0.0.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 81.0.0.0.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
119.196.83.14	attackspam	Automated report - ssh fail2ban: Jul 23 03:40:33 authentication failure Jul 23 03:40:35 wrong password, user=ranjit, port=60470, ssh2 Jul 23 04:27:14 authentication failure	2019-07-23 13:30:10
79.60.18.222	attack	2019-07-23T00:32:46.445896abusebot-3.cloudsearch.cf sshd\[3103\]: Invalid user qhsupport from 79.60.18.222 port 61067	2019-07-23 12:39:06
112.226.186.47	attackspam	firewall-block, port(s): 23/tcp	2019-07-23 12:37:33
114.251.73.201	attackbots	Jul 22 13:32:53 iberia postfix/smtpd[55013]: connect from unknown[114.251.73.201] Jul 22 13:32:54 iberia postfix/smtpd[55013]: warning: unknown[114.251.73.201]: SASL LOGIN authentication failed: authentication failure Jul 22 13:32:54 iberia postfix/smtpd[55013]: disconnect from unknown[114.251.73.201] helo=1 auth=0/1 quhostname=1 commands=2/3 Jul 22 13:32:54 iberia postfix/smtpd[55013]: connect from unknown[114.251.73.201] Jul 22 13:32:56 iberia postfix/smtpd[55013]: warning: unknown[114.251.73.201]: SASL LOGIN authentication failed: authentication failure Jul 22 13:32:56 iberia postfix/smtpd[55013]: disconnect from unknown[114.251.73.201] helo=1 auth=0/1 quhostname=1 commands=2/3 Jul 22 13:32:58 iberia postfix/smtpd[55013]: connect from unknown[114.251.73.201] Jul 22 13:32:59 iberia postfix/smtpd[55013]: warning: unknown[114.251.73.201]: SASL LOGIN authentication failed: authentication failure Jul 22 13:32:59 iberia postfix/smtpd[55013]: disconnect from unknown[114.251........ -------------------------------	2019-07-23 12:51:20
208.58.129.131	attackbotsspam	2019-07-23T04:01:56.197833abusebot-2.cloudsearch.cf sshd\[26034\]: Invalid user mcserver from 208.58.129.131 port 33192	2019-07-23 12:29:02
200.52.94.186	attack	Telnet login attempt	2019-07-23 12:57:10
77.54.169.192	attackspam	SSH/22 MH Probe, BF, Hack -	2019-07-23 13:16:38
182.254.154.89	attackspam	Jul 23 06:21:43 mail sshd\[9519\]: Invalid user marc from 182.254.154.89 port 59968 Jul 23 06:21:43 mail sshd\[9519\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.254.154.89 Jul 23 06:21:45 mail sshd\[9519\]: Failed password for invalid user marc from 182.254.154.89 port 59968 ssh2 Jul 23 06:24:01 mail sshd\[9752\]: Invalid user ble from 182.254.154.89 port 54008 Jul 23 06:24:01 mail sshd\[9752\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.254.154.89	2019-07-23 12:34:40
49.81.198.195	attackbotsspam	[Aegis] @ 2019-07-23 00:18:55 0100 -> Sendmail rejected message.	2019-07-23 13:23:43
119.90.24.41	attackspam	Port 1433 Scan	2019-07-23 12:42:08
132.232.112.25	attackspambots	Jul 23 04:08:56 ip-172-31-62-245 sshd\[20958\]: Invalid user mac from 132.232.112.25\ Jul 23 04:08:58 ip-172-31-62-245 sshd\[20958\]: Failed password for invalid user mac from 132.232.112.25 port 44246 ssh2\ Jul 23 04:13:54 ip-172-31-62-245 sshd\[21109\]: Invalid user jh from 132.232.112.25\ Jul 23 04:13:56 ip-172-31-62-245 sshd\[21109\]: Failed password for invalid user jh from 132.232.112.25 port 34946 ssh2\ Jul 23 04:18:51 ip-172-31-62-245 sshd\[21176\]: Invalid user mb from 132.232.112.25\	2019-07-23 13:01:43
185.159.32.4	attack	2019-07-23T03:10:58.520801abusebot-7.cloudsearch.cf sshd\[13453\]: Invalid user bridge from 185.159.32.4 port 43252	2019-07-23 13:03:35
36.234.142.192	attackspam	"to=/etc/passwd	2019-07-23 13:17:58
118.68.170.172	attack	Jul 23 06:35:31 icinga sshd[24071]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.68.170.172 Jul 23 06:35:33 icinga sshd[24071]: Failed password for invalid user tono from 118.68.170.172 port 47260 ssh2 ...	2019-07-23 13:15:10
185.94.111.1	attackbotsspam	RPC Portmapper DUMP Request Detected	2019-07-23 13:27:31

Recently Reported IPs

77.239.216.100	66.249.65.204	222.186.31.145	49.69.209.16
91.188.245.233	210.81.163.28	50.186.57.20	193.93.193.67
129.225.96.184	124.56.31.203	172.105.0.111	86.105.195.93
179.48.163.115	45.79.58.151	124.165.224.158	190.204.150.196
63.166.94.126	27.97.81.168	15.188.70.213	211.53.128.215