2002:c1a9:fd1b::c1a9:fd1b

Basic Info

City: unknown

Region: unknown

Country: unknown

Internet Service Provider: 6to4 RFC3056

Hostname: unknown

Organization: unknown

Usage Type: Reserved

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Aug 17 05:34:59 web01.agentur-b-2.de postfix/smtpd[722964]: warning: unknown[2002:c1a9:fd1b::c1a9:fd1b]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Aug 17 05:34:59 web01.agentur-b-2.de postfix/smtpd[722964]: lost connection after AUTH from unknown[2002:c1a9:fd1b::c1a9:fd1b] Aug 17 05:37:51 web01.agentur-b-2.de postfix/smtpd[722964]: warning: unknown[2002:c1a9:fd1b::c1a9:fd1b]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Aug 17 05:37:51 web01.agentur-b-2.de postfix/smtpd[722964]: lost connection after AUTH from unknown[2002:c1a9:fd1b::c1a9:fd1b] Aug 17 05:38:39 web01.agentur-b-2.de postfix/smtpd[722964]: warning: unknown[2002:c1a9:fd1b::c1a9:fd1b]: SASL LOGIN authentication failed: UGFzc3dvcmQ6	2020-08-17 12:05:41

Type

Details

Datetime

attack

Aug 17 05:34:59 web01.agentur-b-2.de postfix/smtpd[722964]: warning: unknown[2002:c1a9:fd1b::c1a9:fd1b]: SASL LOGIN authentication failed: UGFzc3dvcmQ6
Aug 17 05:34:59 web01.agentur-b-2.de postfix/smtpd[722964]: lost connection after AUTH from unknown[2002:c1a9:fd1b::c1a9:fd1b]
Aug 17 05:37:51 web01.agentur-b-2.de postfix/smtpd[722964]: warning: unknown[2002:c1a9:fd1b::c1a9:fd1b]: SASL LOGIN authentication failed: UGFzc3dvcmQ6
Aug 17 05:37:51 web01.agentur-b-2.de postfix/smtpd[722964]: lost connection after AUTH from unknown[2002:c1a9:fd1b::c1a9:fd1b]
Aug 17 05:38:39 web01.agentur-b-2.de postfix/smtpd[722964]: warning: unknown[2002:c1a9:fd1b::c1a9:fd1b]: SASL LOGIN authentication failed: UGFzc3dvcmQ6

2020-08-17 12:05:41

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:


; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.68.rc1.el6_10.3 <<>> 2002:c1a9:fd1b::c1a9:fd1b
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 64943
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;2002:c1a9:fd1b::c1a9:fd1b.	IN	A

;; AUTHORITY SECTION:
.			10800	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020081601 1800 900 604800 86400

;; Query time: 1 msec
;; SERVER: 100.100.2.138#53(100.100.2.138)
;; WHEN: Mon Aug 17 12:20:04 2020
;; MSG SIZE  rcvd: 118

Host info

Host b.1.d.f.9.a.1.c.0.0.0.0.0.0.0.0.0.0.0.0.b.1.d.f.9.a.1.c.2.0.0.2.ip6.arpa not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find b.1.d.f.9.a.1.c.0.0.0.0.0.0.0.0.0.0.0.0.b.1.d.f.9.a.1.c.2.0.0.2.ip6.arpa: NXDOMAIN

Related comments:

IP	Type	Details	Datetime
31.179.144.190	attackspambots	Nov 28 18:55:03 php1 sshd\[30945\]: Invalid user mariza from 31.179.144.190 Nov 28 18:55:03 php1 sshd\[30945\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=31.179.144.190 Nov 28 18:55:05 php1 sshd\[30945\]: Failed password for invalid user mariza from 31.179.144.190 port 54935 ssh2 Nov 28 18:58:43 php1 sshd\[31399\]: Invalid user kendarius from 31.179.144.190 Nov 28 18:58:43 php1 sshd\[31399\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=31.179.144.190	2019-11-29 13:13:25
180.76.246.104	attack	Nov 29 05:57:59 MK-Soft-Root1 sshd[32122]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.76.246.104 Nov 29 05:58:01 MK-Soft-Root1 sshd[32122]: Failed password for invalid user friends from 180.76.246.104 port 49476 ssh2 ...	2019-11-29 13:39:16
145.239.90.235	attackspambots	Nov 29 04:58:03 zx01vmsma01 sshd[103714]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=145.239.90.235 Nov 29 04:58:06 zx01vmsma01 sshd[103714]: Failed password for invalid user katen from 145.239.90.235 port 55578 ssh2 ...	2019-11-29 13:35:49
185.143.223.184	attackspam	2019-11-29T05:58:58.972237+01:00 lumpi kernel: [293503.139173] INPUT:DROP:SPAMHAUS_EDROP:IN=eth0 OUT= MAC=52:54:a2:01:a5:04:d2:74:7f:6e:37:e3:08:00 SRC=185.143.223.184 DST=78.46.199.189 LEN=40 TOS=0x00 PREC=0x00 TTL=246 ID=34227 PROTO=TCP SPT=58205 DPT=14337 WINDOW=1024 RES=0x00 SYN URGP=0 ...	2019-11-29 13:09:33
104.131.82.112	attackspambots	Nov 29 06:02:35 markkoudstaal sshd[22539]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.82.112 Nov 29 06:02:36 markkoudstaal sshd[22539]: Failed password for invalid user denis2 from 104.131.82.112 port 37773 ssh2 Nov 29 06:06:58 markkoudstaal sshd[22920]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.82.112	2019-11-29 13:10:23
45.55.184.78	attackbotsspam	Nov 29 10:40:48 vibhu-HP-Z238-Microtower-Workstation sshd\[340\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.55.184.78 user=root Nov 29 10:40:50 vibhu-HP-Z238-Microtower-Workstation sshd\[340\]: Failed password for root from 45.55.184.78 port 38538 ssh2 Nov 29 10:45:11 vibhu-HP-Z238-Microtower-Workstation sshd\[614\]: Invalid user admin from 45.55.184.78 Nov 29 10:45:11 vibhu-HP-Z238-Microtower-Workstation sshd\[614\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.55.184.78 Nov 29 10:45:13 vibhu-HP-Z238-Microtower-Workstation sshd\[614\]: Failed password for invalid user admin from 45.55.184.78 port 45838 ssh2 ...	2019-11-29 13:34:30
212.114.52.206	attackbots	Fail2Ban Ban Triggered SMTP Abuse Attempt	2019-11-29 13:29:46
167.250.178.105	attackbotsspam	Unauthorised access (Nov 29) SRC=167.250.178.105 LEN=52 TOS=0x10 PREC=0x40 TTL=106 ID=13085 DF TCP DPT=445 WINDOW=8192 SYN	2019-11-29 13:26:58
86.35.250.191	attackbots	Automatic report - Port Scan Attack	2019-11-29 13:14:26
89.248.168.217	attackbots	29.11.2019 05:05:42 Connection to port 67 blocked by firewall	2019-11-29 13:21:44
111.230.73.133	attackbots	Nov 29 06:58:01 ncomp sshd[21536]: User daemon from 111.230.73.133 not allowed because none of user's groups are listed in AllowGroups Nov 29 06:58:01 ncomp sshd[21536]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.230.73.133 user=daemon Nov 29 06:58:01 ncomp sshd[21536]: User daemon from 111.230.73.133 not allowed because none of user's groups are listed in AllowGroups Nov 29 06:58:03 ncomp sshd[21536]: Failed password for invalid user daemon from 111.230.73.133 port 34172 ssh2	2019-11-29 13:37:53
121.142.111.106	attackbotsspam	Nov 29 05:58:04 * sshd[20117]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.142.111.106 Nov 29 05:58:05 * sshd[20117]: Failed password for invalid user cvs from 121.142.111.106 port 43742 ssh2	2019-11-29 13:36:05
120.206.184.27	attack	" "	2019-11-29 13:06:09
45.45.45.45	attackspambots	29.11.2019 04:58:39 Recursive DNS scan	2019-11-29 13:18:53
203.114.102.69	attack	Nov 29 06:04:02 [host] sshd[28975]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=203.114.102.69 user=root Nov 29 06:04:04 [host] sshd[28975]: Failed password for root from 203.114.102.69 port 33636 ssh2 Nov 29 06:09:30 [host] sshd[29289]: Invalid user server from 203.114.102.69 Nov 29 06:09:30 [host] sshd[29289]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=203.114.102.69	2019-11-29 13:37:23

Recently Reported IPs

81.161.67.106	45.239.142.184	45.232.65.184	45.191.152.24
189.91.2.198	186.121.191.92	128.127.90.36	51.104.221.177
84.16.248.172	81.15.197.202	37.72.52.192	3.25.164.146
209.85.222.176	209.85.208.170	5.143.124.94	186.19.115.161
167.223.203.87	124.152.76.205	115.236.136.115	212.227.15.15