5.59.149.94 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Russian Federation

Internet Service Provider: CoProSys a.s.

Hostname: unknown

Organization: unknown

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbotsspam	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-09-10 18:07:52,818 INFO [amun_request_handler] PortScan Detected on Port: 445 (5.59.149.94)	2019-09-11 08:05:12

Comments on same subnet:

IP	Type	Details	Datetime
5.59.149.42	attackbotsspam	Unauthorized connection attempt from IP address 5.59.149.42 on Port 445(SMB)	2020-05-26 01:03:35

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 5.59.149.94
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 59119
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;5.59.149.94.			IN	A

;; AUTHORITY SECTION:
.			2729	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019091003 1800 900 604800 86400

;; Query time: 1 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Wed Sep 11 08:05:04 CST 2019
;; MSG SIZE  rcvd: 115

Host info

Host 94.149.59.5.in-addr.arpa not found: 2(SERVFAIL)

Nslookup info:

;; Got SERVFAIL reply from 67.207.67.2, trying next server
Server:		67.207.67.3
Address:	67.207.67.3#53

** server can't find 94.149.59.5.in-addr.arpa: SERVFAIL

Related IP info:

Related comments:

IP	Type	Details	Datetime
167.99.159.60	attack	Sep 20 22:31:20 server sshd\[32708\]: Invalid user c from 167.99.159.60 port 42054 Sep 20 22:31:20 server sshd\[32708\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.99.159.60 Sep 20 22:31:22 server sshd\[32708\]: Failed password for invalid user c from 167.99.159.60 port 42054 ssh2 Sep 20 22:35:06 server sshd\[29274\]: Invalid user trevor from 167.99.159.60 port 53490 Sep 20 22:35:06 server sshd\[29274\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.99.159.60	2019-09-21 06:01:22
185.233.186.156	attackspambots	Fail2Ban - SSH Bruteforce Attempt	2019-09-21 06:12:49
185.40.4.85	attack	SMB Server BruteForce Attack	2019-09-21 06:10:26
222.186.180.20	attack	Sep 20 23:57:53 rotator sshd\[11750\]: Failed password for root from 222.186.180.20 port 45112 ssh2Sep 20 23:57:57 rotator sshd\[11750\]: Failed password for root from 222.186.180.20 port 45112 ssh2Sep 20 23:58:01 rotator sshd\[11750\]: Failed password for root from 222.186.180.20 port 45112 ssh2Sep 20 23:58:06 rotator sshd\[11750\]: Failed password for root from 222.186.180.20 port 45112 ssh2Sep 20 23:58:10 rotator sshd\[11750\]: Failed password for root from 222.186.180.20 port 45112 ssh2Sep 20 23:58:21 rotator sshd\[11753\]: Failed password for root from 222.186.180.20 port 59014 ssh2 ...	2019-09-21 06:07:16
119.29.234.236	attackspam	2019-09-20T23:33:52.390239tmaserv sshd\[29150\]: Failed password for invalid user oracle10 from 119.29.234.236 port 49178 ssh2 2019-09-20T23:48:22.096214tmaserv sshd\[29942\]: Invalid user pokemon from 119.29.234.236 port 58276 2019-09-20T23:48:22.100884tmaserv sshd\[29942\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.29.234.236 2019-09-20T23:48:24.317669tmaserv sshd\[29942\]: Failed password for invalid user pokemon from 119.29.234.236 port 58276 ssh2 2019-09-20T23:53:07.246893tmaserv sshd\[30178\]: Invalid user marketing from 119.29.234.236 port 42496 2019-09-20T23:53:07.251151tmaserv sshd\[30178\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.29.234.236 ...	2019-09-21 05:32:24
47.103.35.67	attackspam	(Sep 20) LEN=40 TOS=0x10 PREC=0x40 TTL=44 ID=40070 TCP DPT=8080 WINDOW=3397 SYN (Sep 20) LEN=40 TOS=0x10 PREC=0x40 TTL=44 ID=61293 TCP DPT=8080 WINDOW=59496 SYN (Sep 20) LEN=40 TOS=0x10 PREC=0x40 TTL=44 ID=6180 TCP DPT=8080 WINDOW=59496 SYN (Sep 20) LEN=40 TOS=0x10 PREC=0x40 TTL=44 ID=19359 TCP DPT=8080 WINDOW=8558 SYN (Sep 19) LEN=40 TOS=0x10 PREC=0x40 TTL=44 ID=36061 TCP DPT=8080 WINDOW=59496 SYN (Sep 18) LEN=40 TOS=0x10 PREC=0x40 TTL=44 ID=48279 TCP DPT=8080 WINDOW=59496 SYN (Sep 18) LEN=40 TOS=0x10 PREC=0x40 TTL=44 ID=7029 TCP DPT=8080 WINDOW=59496 SYN (Sep 17) LEN=40 TOS=0x10 PREC=0x40 TTL=44 ID=27116 TCP DPT=8080 WINDOW=8558 SYN (Sep 17) LEN=40 TOS=0x10 PREC=0x40 TTL=44 ID=11376 TCP DPT=8080 WINDOW=34510 SYN (Sep 17) LEN=40 TOS=0x10 PREC=0x40 TTL=44 ID=58213 TCP DPT=8080 WINDOW=8558 SYN (Sep 16) LEN=40 TOS=0x10 PREC=0x40 TTL=44 ID=4780 TCP DPT=8080 WINDOW=3397 SYN (Sep 15) LEN=40 TOS=0x10 PREC=0x40 TTL=44 ID=43521 TCP DPT=8080 WINDOW=8558 SYN ...	2019-09-21 06:02:00
65.124.94.138	attackspambots	Sep 20 21:22:46 nextcloud sshd\[5746\]: Invalid user vt from 65.124.94.138 Sep 20 21:22:46 nextcloud sshd\[5746\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=65.124.94.138 Sep 20 21:22:48 nextcloud sshd\[5746\]: Failed password for invalid user vt from 65.124.94.138 port 50744 ssh2 ...	2019-09-21 05:50:44
159.65.24.7	attack	Sep 20 11:42:43 kapalua sshd\[7412\]: Invalid user mailer from 159.65.24.7 Sep 20 11:42:43 kapalua sshd\[7412\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.65.24.7 Sep 20 11:42:45 kapalua sshd\[7412\]: Failed password for invalid user mailer from 159.65.24.7 port 35268 ssh2 Sep 20 11:46:41 kapalua sshd\[7769\]: Invalid user dj from 159.65.24.7 Sep 20 11:46:41 kapalua sshd\[7769\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.65.24.7	2019-09-21 06:00:18
202.29.33.74	attackbots	Sep 20 20:27:00 apollo sshd\[8826\]: Invalid user copier from 202.29.33.74Sep 20 20:27:02 apollo sshd\[8826\]: Failed password for invalid user copier from 202.29.33.74 port 40246 ssh2Sep 20 20:39:52 apollo sshd\[8841\]: Invalid user sonny from 202.29.33.74 ...	2019-09-21 05:48:39
27.154.100.226	attackspambots	Too many connections or unauthorized access detected from Arctic banned ip	2019-09-21 05:49:56
148.204.211.136	attack	Sep 20 11:16:24 aiointranet sshd\[25074\]: Failed password for invalid user julia from 148.204.211.136 port 35968 ssh2 Sep 20 11:21:02 aiointranet sshd\[25422\]: Invalid user sistemas from 148.204.211.136 Sep 20 11:21:02 aiointranet sshd\[25422\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.204.211.136 Sep 20 11:21:03 aiointranet sshd\[25422\]: Failed password for invalid user sistemas from 148.204.211.136 port 46188 ssh2 Sep 20 11:25:37 aiointranet sshd\[25779\]: Invalid user yan from 148.204.211.136	2019-09-21 05:39:15
145.239.90.235	attackspambots	2019-09-20T23:45:00.802763lon01.zurich-datacenter.net sshd\[6473\]: Invalid user qody from 145.239.90.235 port 51372 2019-09-20T23:45:00.809881lon01.zurich-datacenter.net sshd\[6473\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=235.ip-145-239-90.eu 2019-09-20T23:45:02.517864lon01.zurich-datacenter.net sshd\[6473\]: Failed password for invalid user qody from 145.239.90.235 port 51372 ssh2 2019-09-20T23:49:11.281553lon01.zurich-datacenter.net sshd\[6555\]: Invalid user spier from 145.239.90.235 port 37554 2019-09-20T23:49:11.288967lon01.zurich-datacenter.net sshd\[6555\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=235.ip-145-239-90.eu ...	2019-09-21 06:01:41
165.227.115.93	attackspambots	Sep 20 19:56:24 venus sshd\[1400\]: Invalid user fossil from 165.227.115.93 port 35034 Sep 20 19:56:24 venus sshd\[1400\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=165.227.115.93 Sep 20 19:56:26 venus sshd\[1400\]: Failed password for invalid user fossil from 165.227.115.93 port 35034 ssh2 ...	2019-09-21 05:49:07
134.175.141.166	attackbotsspam	"Fail2Ban detected SSH brute force attempt"	2019-09-21 05:56:14
80.211.137.127	attackbotsspam	Sep 20 23:21:46 eventyay sshd[32700]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.211.137.127 Sep 20 23:21:48 eventyay sshd[32700]: Failed password for invalid user gua from 80.211.137.127 port 48550 ssh2 Sep 20 23:26:00 eventyay sshd[338]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.211.137.127 ...	2019-09-21 05:35:59

Recently Reported IPs

38.104.82.140	123.20.136.135	124.236.120.58	195.9.187.114
182.61.182.193	118.169.244.139	77.245.149.11	128.199.175.6
95.210.2.65	45.187.146.96	86.241.222.217	112.21.50.98
27.39.142.168	78.189.10.71	197.133.191.177	119.123.101.254
52.186.168.121	192.99.244.145	118.169.242.149	45.180.192.157