2a01:488:66:1000:53a9:21cc:0:1

Basic Info

City: unknown

Region: unknown

Country: Germany

Internet Service Provider: Host Europe GmbH

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspam	[munged]::443 2a01:488:66:1000:53a9:21cc:0:1 - - [23/Jun/2019:06:15:10 +0200] "POST /[munged]: HTTP/1.1" 200 6722 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" [munged]::443 2a01:488:66:1000:53a9:21cc:0:1 - - [23/Jun/2019:06:15:11 +0200] "POST /[munged]: HTTP/1.1" 200 6710 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2019-06-23 14:09:33

Type

Details

Datetime

attackspam

[munged]::443 2a01:488:66:1000:53a9:21cc:0:1 - - [23/Jun/2019:06:15:10 +0200] "POST /[munged]: HTTP/1.1" 200 6722 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
[munged]::443 2a01:488:66:1000:53a9:21cc:0:1 - - [23/Jun/2019:06:15:11 +0200] "POST /[munged]: HTTP/1.1" 200 6710 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"

2019-06-23 14:09:33

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 2a01:488:66:1000:53a9:21cc:0:1
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 10853
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;2a01:488:66:1000:53a9:21cc:0:1.	IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019062300 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Sun Jun 23 14:09:26 CST 2019
;; MSG SIZE  rcvd: 134

Host info

1.0.0.0.0.0.0.0.c.c.1.2.9.a.3.5.0.0.0.1.6.6.0.0.8.8.4.0.1.0.a.2.ip6.arpa domain name pointer server5.qfrog.de.

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
1.0.0.0.0.0.0.0.c.c.1.2.9.a.3.5.0.0.0.1.6.6.0.0.8.8.4.0.1.0.a.2.ip6.arpa	name = server5.qfrog.de.

Authoritative answers can be found from:

Related comments:

IP	Type	Details	Datetime
103.237.58.142	attack	Sep 17 08:43:17 mail.srvfarm.net postfix/smtps/smtpd[4099551]: warning: unknown[103.237.58.142]: SASL PLAIN authentication failed: Sep 17 08:43:18 mail.srvfarm.net postfix/smtps/smtpd[4099551]: lost connection after AUTH from unknown[103.237.58.142] Sep 17 08:45:53 mail.srvfarm.net postfix/smtps/smtpd[4099386]: warning: unknown[103.237.58.142]: SASL PLAIN authentication failed: Sep 17 08:45:53 mail.srvfarm.net postfix/smtps/smtpd[4099386]: lost connection after AUTH from unknown[103.237.58.142] Sep 17 08:50:19 mail.srvfarm.net postfix/smtps/smtpd[4099386]: warning: unknown[103.237.58.142]: SASL PLAIN authentication failed:	2020-09-17 17:53:22
79.167.21.54	attack	Portscan detected	2020-09-17 17:58:55
139.59.23.209	attack	WordPress wp-login brute force :: 139.59.23.209 0.068 BYPASS [16/Sep/2020:23:39:44 0000] [censored_2] "POST /wp-login.php HTTP/1.1" 200 2577 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-09-17 18:02:47
37.59.55.14	attackbots	(sshd) Failed SSH login from 37.59.55.14 (FR/France/ns3267977.ip-37-59-55.eu): 5 in the last 3600 secs	2020-09-17 18:10:07
51.103.129.9	attack	CH GB/United Kingdom/- Failures: 5 smtpauth	2020-09-17 17:56:41
187.109.39.72	attack	Sep 17 05:41:25 mail.srvfarm.net postfix/smtpd[4021777]: warning: unknown[187.109.39.72]: SASL PLAIN authentication failed: Sep 17 05:41:26 mail.srvfarm.net postfix/smtpd[4021777]: lost connection after AUTH from unknown[187.109.39.72] Sep 17 05:46:26 mail.srvfarm.net postfix/smtpd[4021782]: warning: unknown[187.109.39.72]: SASL PLAIN authentication failed: Sep 17 05:46:26 mail.srvfarm.net postfix/smtpd[4021782]: lost connection after AUTH from unknown[187.109.39.72] Sep 17 05:48:39 mail.srvfarm.net postfix/smtpd[4027718]: warning: unknown[187.109.39.72]: SASL PLAIN authentication failed:	2020-09-17 17:48:16
81.219.95.66	attack	Sep 16 18:02:08 mail.srvfarm.net postfix/smtpd[3583724]: warning: 81-219-95-66.ostmedia.pl[81.219.95.66]: SASL PLAIN authentication failed: Sep 16 18:02:08 mail.srvfarm.net postfix/smtpd[3583724]: lost connection after AUTH from 81-219-95-66.ostmedia.pl[81.219.95.66] Sep 16 18:11:32 mail.srvfarm.net postfix/smtpd[3583724]: warning: 81-219-95-66.ostmedia.pl[81.219.95.66]: SASL PLAIN authentication failed: Sep 16 18:11:32 mail.srvfarm.net postfix/smtpd[3583724]: lost connection after AUTH from 81-219-95-66.ostmedia.pl[81.219.95.66] Sep 16 18:11:48 mail.srvfarm.net postfix/smtpd[3584838]: warning: 81-219-95-66.ostmedia.pl[81.219.95.66]: SASL PLAIN authentication failed:	2020-09-17 17:56:04
45.254.25.62	attackbotsspam	Connection to SSH Honeypot - Detected by HoneypotDB	2020-09-17 18:05:10
117.35.118.42	attack	Sep 17 04:11:52 email sshd\[2773\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.35.118.42 user=root Sep 17 04:11:54 email sshd\[2773\]: Failed password for root from 117.35.118.42 port 43376 ssh2 Sep 17 04:15:01 email sshd\[3359\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.35.118.42 user=root Sep 17 04:15:03 email sshd\[3359\]: Failed password for root from 117.35.118.42 port 60496 ssh2 Sep 17 04:18:15 email sshd\[3964\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.35.118.42 user=root ...	2020-09-17 18:11:12
13.75.92.25	attackbotsspam	Sep 16 20:45:37 mail.srvfarm.net postfix/smtps/smtpd[3651758]: warning: unknown[13.75.92.25]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 16 20:47:14 mail.srvfarm.net postfix/smtps/smtpd[3650008]: warning: unknown[13.75.92.25]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 16 20:48:52 mail.srvfarm.net postfix/smtps/smtpd[3650008]: warning: unknown[13.75.92.25]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 16 20:50:29 mail.srvfarm.net postfix/smtps/smtpd[3651112]: warning: unknown[13.75.92.25]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 16 20:52:07 mail.srvfarm.net postfix/smtps/smtpd[3651758]: warning: unknown[13.75.92.25]: SASL LOGIN authentication failed: UGFzc3dvcmQ6	2020-09-17 17:45:03
122.117.137.47	attackspambots	Honeypot attack, port: 5555, PTR: 122-117-137-47.HINET-IP.hinet.net.	2020-09-17 18:22:24
148.203.151.248	attack	Sep 17 10:56:39 mail.srvfarm.net postfix/smtpd[4160586]: NOQUEUE: reject: RCPT from mailrelay5.vw.com.mx[148.203.151.248]: 450 4.7.1 : Helo command rejected: Host not found; from= to= proto=ESMTP helo= Sep 17 10:56:40 mail.srvfarm.net postfix/smtpd[4160189]: NOQUEUE: reject: RCPT from mailrelay5.vw.com.mx[148.203.151.248]: 450 4.7.1 : Helo command rejected: Host not found; from= to= proto=ESMTP helo= Sep 17 10:56:40 mail.srvfarm.net postfix/smtpd[4160586]: NOQUEUE: reject: RCPT from mailrelay5.vw.com.mx[148.203.151.248]: 450 4.7.1 : Helo command rejected: Host not found; from= to= proto=ESMTP helo= Sep 17 10:56:41 mail.srvfarm.net postfix/smtpd[4160189]: NOQUEUE: reje	2020-09-17 17:51:45
113.164.236.59	attack	Unauthorized connection attempt from IP address 113.164.236.59 on Port 445(SMB)	2020-09-17 18:14:21
61.160.251.98	attackspam	Invalid user admin from 61.160.251.98 port 58337	2020-09-17 18:07:46
51.38.190.237	attackspam	SS5,DEF GET /wp-login.php	2020-09-17 18:17:18

Recently Reported IPs

122.160.4.77	240.85.43.161	65.21.188.25	197.33.225.70
30.252.40.156	236.80.249.91	191.128.252.18	232.64.48.170
187.248.63.104	181.115.194.85	132.196.52.112	97.160.6.171
185.176.100.143	219.6.88.89	139.199.78.250	247.249.195.17
35.222.163.124	205.59.240.226	113.106.83.235	17.247.26.27