2002:dcaf:3227::dcaf:3227

Basic Info

City: unknown

Region: unknown

Country: unknown

Internet Service Provider: 6to4 RFC3056

Hostname: unknown

Organization: unknown

Usage Type: Reserved

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbots	Sep 6 05:42:23 lnxmail61 postfix/smtps/smtpd[30496]: warning: unknown[2002:dcaf:3227::dcaf:3227]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 6 05:42:25 lnxmail61 postfix/smtps/smtpd[30496]: lost connection after AUTH from unknown[2002:dcaf:3227::dcaf:3227] Sep 6 05:45:01 lnxmail61 postfix/smtps/smtpd[30494]: warning: unknown[2002:dcaf:3227::dcaf:3227]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 6 05:45:06 lnxmail61 postfix/smtps/smtpd[30494]: lost connection after AUTH from unknown[2002:dcaf:3227::dcaf:3227] Sep 6 05:47:11 lnxmail61 postfix/smtps/smtpd[30496]: warning: unknown[2002:dcaf:3227::dcaf:3227]: SASL LOGIN authentication failed: UGFzc3dvcmQ6	2019-09-06 21:10:40

Type

Details

Datetime

attackbots

Sep  6 05:42:23 lnxmail61 postfix/smtps/smtpd[30496]: warning: unknown[2002:dcaf:3227::dcaf:3227]: SASL LOGIN authentication failed: UGFzc3dvcmQ6
Sep  6 05:42:25 lnxmail61 postfix/smtps/smtpd[30496]: lost connection after AUTH from unknown[2002:dcaf:3227::dcaf:3227]
Sep  6 05:45:01 lnxmail61 postfix/smtps/smtpd[30494]: warning: unknown[2002:dcaf:3227::dcaf:3227]: SASL LOGIN authentication failed: UGFzc3dvcmQ6
Sep  6 05:45:06 lnxmail61 postfix/smtps/smtpd[30494]: lost connection after AUTH from unknown[2002:dcaf:3227::dcaf:3227]
Sep  6 05:47:11 lnxmail61 postfix/smtps/smtpd[30496]: warning: unknown[2002:dcaf:3227::dcaf:3227]: SASL LOGIN authentication failed: UGFzc3dvcmQ6

2019-09-06 21:10:40

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 2002:dcaf:3227::dcaf:3227
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 37517
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;2002:dcaf:3227::dcaf:3227.	IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019090600 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Fri Sep 06 21:10:35 CST 2019
;; MSG SIZE  rcvd: 129

Host info

Host 7.2.2.3.f.a.c.d.0.0.0.0.0.0.0.0.0.0.0.0.7.2.2.3.f.a.c.d.2.0.0.2.ip6.arpa not found: 3(NXDOMAIN)

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 7.2.2.3.f.a.c.d.0.0.0.0.0.0.0.0.0.0.0.0.7.2.2.3.f.a.c.d.2.0.0.2.ip6.arpa: NXDOMAIN

Related comments:

IP	Type	Details	Datetime
88.71.83.0	attack	47696/tcp [2019-12-13]1pkt	2019-12-14 00:29:08
202.163.126.134	attackspam	2019-12-13T15:44:05.913422vps751288.ovh.net sshd\[19590\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.163.126.134 user=root 2019-12-13T15:44:07.955946vps751288.ovh.net sshd\[19590\]: Failed password for root from 202.163.126.134 port 53028 ssh2 2019-12-13T15:52:58.529066vps751288.ovh.net sshd\[19671\]: Invalid user ftpuser from 202.163.126.134 port 55803 2019-12-13T15:52:58.540874vps751288.ovh.net sshd\[19671\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.163.126.134 2019-12-13T15:53:01.089684vps751288.ovh.net sshd\[19671\]: Failed password for invalid user ftpuser from 202.163.126.134 port 55803 ssh2	2019-12-14 00:01:12
104.236.78.228	attack	$f2bV_matches	2019-12-13 23:51:39
195.228.22.54	attackspambots	Dec 13 06:11:12 web1 sshd\[27554\]: Invalid user zaqueu from 195.228.22.54 Dec 13 06:11:12 web1 sshd\[27554\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=195.228.22.54 Dec 13 06:11:15 web1 sshd\[27554\]: Failed password for invalid user zaqueu from 195.228.22.54 port 63809 ssh2 Dec 13 06:16:50 web1 sshd\[28092\]: Invalid user test from 195.228.22.54 Dec 13 06:16:50 web1 sshd\[28092\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=195.228.22.54	2019-12-14 00:23:06
160.20.253.41	attack	1433/tcp [2019-12-13]1pkt	2019-12-14 00:27:13
52.160.125.155	attackspambots	Dec 13 05:39:23 kapalua sshd\[8157\]: Invalid user guest from 52.160.125.155 Dec 13 05:39:23 kapalua sshd\[8157\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.160.125.155 Dec 13 05:39:25 kapalua sshd\[8157\]: Failed password for invalid user guest from 52.160.125.155 port 59090 ssh2 Dec 13 05:45:54 kapalua sshd\[8753\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.160.125.155 user=backup Dec 13 05:45:56 kapalua sshd\[8753\]: Failed password for backup from 52.160.125.155 port 42106 ssh2	2019-12-13 23:53:51
185.198.167.94	attackbots	Dec 13 16:59:52 grey postfix/smtpd\[376\]: NOQUEUE: reject: RCPT from unknown\[185.198.167.94\]: 554 5.7.1 Service unavailable\; Client host \[185.198.167.94\] blocked using truncate.gbudb.net\; http://www.gbudb.com/truncate/ \[185.198.167.94\]\; from=\ to=\ proto=ESMTP helo=\ ...	2019-12-14 00:28:35
115.74.246.141	attackbots	Dec 13 15:47:35 XXXXXX sshd[11143]: Invalid user guest from 115.74.246.141 port 57771	2019-12-14 00:13:50
74.207.232.191	attack	44818/tcp [2019-12-13]1pkt	2019-12-14 00:24:28
218.92.0.138	attack	Dec 13 17:07:04 MK-Soft-VM7 sshd[23970]: Failed password for root from 218.92.0.138 port 6570 ssh2 Dec 13 17:07:08 MK-Soft-VM7 sshd[23970]: Failed password for root from 218.92.0.138 port 6570 ssh2 ...	2019-12-14 00:07:24
200.89.174.176	attackbotsspam	Dec 13 18:25:11 vtv3 sshd[22585]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.89.174.176 Dec 13 18:25:14 vtv3 sshd[22585]: Failed password for invalid user shelaine from 200.89.174.176 port 38092 ssh2 Dec 13 18:33:07 vtv3 sshd[26651]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.89.174.176 Dec 13 19:00:48 vtv3 sshd[7886]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.89.174.176 Dec 13 19:00:50 vtv3 sshd[7886]: Failed password for invalid user configure from 200.89.174.176 port 54516 ssh2 Dec 13 19:07:33 vtv3 sshd[10929]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.89.174.176	2019-12-14 00:18:35
83.97.20.136	attackspambots	Honeypot attack, port: 81, PTR: 136.20.97.83.ro.ovo.sc.	2019-12-13 23:45:06
106.13.56.72	attack	Dec 13 16:37:22 [host] sshd[6360]: Invalid user fernie from 106.13.56.72 Dec 13 16:37:22 [host] sshd[6360]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.56.72 Dec 13 16:37:24 [host] sshd[6360]: Failed password for invalid user fernie from 106.13.56.72 port 50728 ssh2	2019-12-13 23:51:15
211.187.9.234	attackspam	23/tcp 23/tcp [2019-12-13]2pkt	2019-12-14 00:05:05
62.210.206.48	attackspambots	62.210.206.48 was recorded 13 times by 7 hosts attempting to connect to the following ports: 25141,45154. Incident counter (4h, 24h, all-time): 13, 13, 53	2019-12-13 23:51:58

Recently Reported IPs

113.182.7.45	121.161.220.212	115.191.151.101	115.85.213.217
62.99.177.238	176.225.121.97	138.255.9.221	14.210.111.238
147.163.255.175	191.53.250.73	84.22.4.227	176.58.130.196
179.125.63.110	82.252.135.10	196.75.102.19	40.112.250.138
63.216.30.135	218.235.233.204	32.228.248.230	36.67.25.138