5.249.94.139 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Portugal

Internet Service Provider: Vodafone Portugal - Communicacoes Pessoais S.A.

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspambots	Jan 6 00:39:27 server sshd\[8160\]: Invalid user dietpi from 5.249.94.139 Jan 6 00:39:27 server sshd\[8160\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.94.249.5.rev.vodafone.pt Jan 6 00:39:29 server sshd\[8160\]: Failed password for invalid user dietpi from 5.249.94.139 port 38016 ssh2 Jan 6 00:50:41 server sshd\[11028\]: Invalid user umg from 5.249.94.139 Jan 6 00:50:41 server sshd\[11028\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.94.249.5.rev.vodafone.pt ...	2020-01-06 06:47:44

Type

Details

Datetime

attackspambots

Jan  6 00:39:27 server sshd\[8160\]: Invalid user dietpi from 5.249.94.139
Jan  6 00:39:27 server sshd\[8160\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.94.249.5.rev.vodafone.pt 
Jan  6 00:39:29 server sshd\[8160\]: Failed password for invalid user dietpi from 5.249.94.139 port 38016 ssh2
Jan  6 00:50:41 server sshd\[11028\]: Invalid user umg from 5.249.94.139
Jan  6 00:50:41 server sshd\[11028\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.94.249.5.rev.vodafone.pt 
...

2020-01-06 06:47:44

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 5.249.94.139
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 60783
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;5.249.94.139.			IN	A

;; AUTHORITY SECTION:
.			504	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020010501 1800 900 604800 86400

;; Query time: 53 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Jan 06 06:47:41 CST 2020
;; MSG SIZE  rcvd: 116

Host info

139.94.249.5.in-addr.arpa domain name pointer 139.94.249.5.rev.vodafone.pt.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
139.94.249.5.in-addr.arpa	name = 139.94.249.5.rev.vodafone.pt.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
107.173.40.211	attack	May 13 07:57:15 vmanager6029 postfix/smtpd\[1209\]: warning: unknown\[107.173.40.211\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 May 13 07:57:22 vmanager6029 postfix/smtpd\[1209\]: warning: unknown\[107.173.40.211\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6	2020-05-13 14:54:54
165.22.69.147	attack	May 13 08:52:21 h2779839 sshd[22257]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=165.22.69.147 user=root May 13 08:52:23 h2779839 sshd[22257]: Failed password for root from 165.22.69.147 port 33874 ssh2 May 13 08:56:58 h2779839 sshd[22527]: Invalid user szerver from 165.22.69.147 port 44714 May 13 08:56:58 h2779839 sshd[22527]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=165.22.69.147 May 13 08:56:58 h2779839 sshd[22527]: Invalid user szerver from 165.22.69.147 port 44714 May 13 08:57:00 h2779839 sshd[22527]: Failed password for invalid user szerver from 165.22.69.147 port 44714 ssh2 May 13 09:01:17 h2779839 sshd[22633]: Invalid user tf2mgeserver from 165.22.69.147 port 55552 May 13 09:01:17 h2779839 sshd[22633]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=165.22.69.147 May 13 09:01:17 h2779839 sshd[22633]: Invalid user tf2mgeserver from 165.22.69.147 po ...	2020-05-13 15:16:35
180.183.193.198	attack	SSH authentication failure x 6 reported by Fail2Ban ...	2020-05-13 15:29:31
188.131.173.220	attack	$f2bV_matches	2020-05-13 15:16:06
139.199.32.57	attackbots	Invalid user user from 139.199.32.57 port 34434	2020-05-13 15:28:59
35.189.12.246	attackspam	Unauthorized connection attempt detected from IP address 35.189.12.246 to port 22 [T]	2020-05-13 15:01:33
116.12.52.141	attackspambots	2020-05-13T06:40:13.778619Z ae4bc76a02d2 New connection: 116.12.52.141:42515 (172.17.0.5:2222) [session: ae4bc76a02d2] 2020-05-13T06:53:17.357445Z b4de19d7f376 New connection: 116.12.52.141:40422 (172.17.0.5:2222) [session: b4de19d7f376]	2020-05-13 15:18:40
185.143.75.157	attackbotsspam	May 13 08:48:22 relay postfix/smtpd\[11510\]: warning: unknown\[185.143.75.157\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 May 13 08:48:49 relay postfix/smtpd\[20558\]: warning: unknown\[185.143.75.157\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 May 13 08:49:02 relay postfix/smtpd\[11510\]: warning: unknown\[185.143.75.157\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 May 13 08:49:29 relay postfix/smtpd\[18814\]: warning: unknown\[185.143.75.157\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 May 13 08:49:41 relay postfix/smtpd\[14518\]: warning: unknown\[185.143.75.157\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2020-05-13 14:56:18
144.64.3.101	attack	May 13 08:48:42 sip sshd[240091]: Invalid user romulo from 144.64.3.101 port 52800 May 13 08:48:45 sip sshd[240091]: Failed password for invalid user romulo from 144.64.3.101 port 52800 ssh2 May 13 08:52:14 sip sshd[240121]: Invalid user daxia from 144.64.3.101 port 50594 ...	2020-05-13 15:18:26
192.241.197.141	attack	(sshd) Failed SSH login from 192.241.197.141 (US/United States/-): 2 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: May 13 08:17:23 ubnt-55d23 sshd[10954]: Invalid user postgres from 192.241.197.141 port 48392 May 13 08:17:26 ubnt-55d23 sshd[10954]: Failed password for invalid user postgres from 192.241.197.141 port 48392 ssh2	2020-05-13 15:23:36
142.44.133.94	attackbots	CMS (WordPress or Joomla) login attempt.	2020-05-13 15:03:39
171.243.245.219	attack	May 13 05:56:02 ncomp sshd[30926]: Invalid user dircreate from 171.243.245.219 May 13 05:56:02 ncomp sshd[30926]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=171.243.245.219 May 13 05:56:02 ncomp sshd[30926]: Invalid user dircreate from 171.243.245.219 May 13 05:56:04 ncomp sshd[30926]: Failed password for invalid user dircreate from 171.243.245.219 port 27805 ssh2	2020-05-13 15:18:10
198.211.110.116	attackbots	sshd jail - ssh hack attempt	2020-05-13 15:39:36
138.197.129.38	attack	May 13 06:45:12 srv01 sshd[20874]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.129.38 user=root May 13 06:45:14 srv01 sshd[20874]: Failed password for root from 138.197.129.38 port 52834 ssh2 May 13 06:48:50 srv01 sshd[20969]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.129.38 user=postgres May 13 06:48:52 srv01 sshd[20969]: Failed password for postgres from 138.197.129.38 port 54150 ssh2 May 13 06:52:21 srv01 sshd[21141]: Invalid user radio from 138.197.129.38 port 55470 ...	2020-05-13 15:12:34
106.13.104.8	attackspam	May 13 12:13:04 itv-usvr-02 sshd[4982]: Invalid user readnews from 106.13.104.8 port 35802 May 13 12:13:04 itv-usvr-02 sshd[4982]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.104.8 May 13 12:13:04 itv-usvr-02 sshd[4982]: Invalid user readnews from 106.13.104.8 port 35802 May 13 12:13:06 itv-usvr-02 sshd[4982]: Failed password for invalid user readnews from 106.13.104.8 port 35802 ssh2 May 13 12:15:23 itv-usvr-02 sshd[5060]: Invalid user debian from 106.13.104.8 port 60236	2020-05-13 14:53:24

Recently Reported IPs

184.60.38.185	63.127.103.55	118.232.12.130	78.178.147.232
79.23.39.40	58.245.132.161	49.151.35.225	213.136.68.63
2.229.41.205	103.89.176.73	89.64.22.9	61.244.201.237
222.91.97.134	95.47.239.168	64.34.163.220	58.187.54.13
223.16.132.239	186.224.220.18	206.227.39.148	119.147.172.232