95.94.210.249 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Portugal

Internet Service Provider: Nos Comunicacoes S.A.

Hostname: unknown

Organization: unknown

Usage Type: Mobile ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspambots	Mar 17 01:03:55 host01 sshd[23801]: Failed password for root from 95.94.210.249 port 36640 ssh2 Mar 17 01:05:29 host01 sshd[24054]: Failed password for root from 95.94.210.249 port 36382 ssh2 ...	2020-03-17 08:07:59
attack	Mar 12 22:09:00 vps647732 sshd[30852]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=95.94.210.249 Mar 12 22:09:03 vps647732 sshd[30852]: Failed password for invalid user remote from 95.94.210.249 port 53416 ssh2 ...	2020-03-13 07:40:42
attack	SSH Brute-Force attacks	2020-03-03 03:31:50
attackspam	Lines containing failures of 95.94.210.249 Feb 26 11:15:45 dns01 sshd[19623]: Invalid user musicbot from 95.94.210.249 port 34716 Feb 26 11:15:45 dns01 sshd[19623]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=95.94.210.249 Feb 26 11:15:47 dns01 sshd[19623]: Failed password for invalid user musicbot from 95.94.210.249 port 34716 ssh2 Feb 26 11:15:47 dns01 sshd[19623]: Received disconnect from 95.94.210.249 port 34716:11: Bye Bye [preauth] Feb 26 11:15:47 dns01 sshd[19623]: Disconnected from invalid user musicbot 95.94.210.249 port 34716 [preauth] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=95.94.210.249	2020-03-01 22:25:18

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 95.94.210.249
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 42265
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;95.94.210.249.			IN	A

;; AUTHORITY SECTION:
.			585	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020030100 1800 900 604800 86400

;; Query time: 172 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Mar 01 22:25:12 CST 2020
;; MSG SIZE  rcvd: 117

Host info

249.210.94.95.in-addr.arpa domain name pointer a95-94-210-249.cpe.netcabo.pt.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
249.210.94.95.in-addr.arpa	name = a95-94-210-249.cpe.netcabo.pt.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
128.134.187.155	attack	Sep 14 20:33:58 sachi sshd\[29171\]: Invalid user informix from 128.134.187.155 Sep 14 20:33:58 sachi sshd\[29171\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.134.187.155 Sep 14 20:34:00 sachi sshd\[29171\]: Failed password for invalid user informix from 128.134.187.155 port 37706 ssh2 Sep 14 20:38:56 sachi sshd\[29535\]: Invalid user test from 128.134.187.155 Sep 14 20:38:56 sachi sshd\[29535\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.134.187.155	2019-09-15 14:42:42
45.82.153.35	attack	09/15/2019-00:38:24.519635 45.82.153.35 Protocol: 6 ET SCAN NMAP -sS window 1024	2019-09-15 14:16:00
165.22.91.44	attackbots	2019/09/15 05:08:01 [error] 1952#1952: *746 open() "/srv/automx/instance/cgi-bin/ViewLog.asp" failed (2: No such file or directory), client: 165.22.91.44, server: autoconfig.tuxlinux.eu, request: "POST /cgi-bin/ViewLog.asp HTTP/1.1", host: "127.0.0.1" ...	2019-09-15 14:07:24
151.243.22.14	attackspambots	" "	2019-09-15 14:42:23
68.183.234.68	attack	Sep 14 20:06:01 hcbb sshd\[9953\]: Invalid user jira from 68.183.234.68 Sep 14 20:06:01 hcbb sshd\[9953\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=68.183.234.68 Sep 14 20:06:03 hcbb sshd\[9953\]: Failed password for invalid user jira from 68.183.234.68 port 45642 ssh2 Sep 14 20:10:37 hcbb sshd\[10395\]: Invalid user teamspeak from 68.183.234.68 Sep 14 20:10:37 hcbb sshd\[10395\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=68.183.234.68	2019-09-15 14:10:41
94.102.49.190	attackspam	Sep 15 09:55:54 staklim-malang postfix/smtpd[2988]: lost connection after CONNECT from flower.census.shodan.io[94.102.49.190] ...	2019-09-15 14:04:07
222.186.52.78	attack	Sep 15 02:11:20 ny01 sshd[29156]: Failed password for root from 222.186.52.78 port 38400 ssh2 Sep 15 02:11:22 ny01 sshd[29156]: Failed password for root from 222.186.52.78 port 38400 ssh2 Sep 15 02:12:15 ny01 sshd[29315]: Failed password for root from 222.186.52.78 port 22073 ssh2	2019-09-15 14:14:44
121.157.82.202	attack	Invalid user xtra from 121.157.82.202 port 37508	2019-09-15 14:46:55
51.144.160.217	attack	Reported by AbuseIPDB proxy server.	2019-09-15 14:18:12
95.48.54.106	attackspambots	[ssh] SSH attack	2019-09-15 14:48:55
34.67.30.226	attack	Sep 14 19:06:54 lcdev sshd\[27437\]: Invalid user csgoserver from 34.67.30.226 Sep 14 19:06:54 lcdev sshd\[27437\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=226.30.67.34.bc.googleusercontent.com Sep 14 19:06:56 lcdev sshd\[27437\]: Failed password for invalid user csgoserver from 34.67.30.226 port 47176 ssh2 Sep 14 19:11:14 lcdev sshd\[27922\]: Invalid user ubnt from 34.67.30.226 Sep 14 19:11:14 lcdev sshd\[27922\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=226.30.67.34.bc.googleusercontent.com	2019-09-15 14:35:58
77.247.110.213	attack	$f2bV_matches	2019-09-15 14:50:10
52.53.245.164	attackbotsspam	Sep 15 09:09:22 www sshd\[25171\]: Invalid user aldikact from 52.53.245.164 Sep 15 09:09:22 www sshd\[25171\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.53.245.164 Sep 15 09:09:24 www sshd\[25171\]: Failed password for invalid user aldikact from 52.53.245.164 port 40832 ssh2 ...	2019-09-15 14:11:16
114.7.120.10	attackbots	Sep 15 06:53:50 www5 sshd\[62568\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=114.7.120.10 user=irc Sep 15 06:53:53 www5 sshd\[62568\]: Failed password for irc from 114.7.120.10 port 41888 ssh2 Sep 15 06:58:40 www5 sshd\[63320\]: Invalid user admin from 114.7.120.10 Sep 15 06:58:40 www5 sshd\[63320\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=114.7.120.10 ...	2019-09-15 14:09:46
104.248.179.60	attackbots	Sep 15 08:46:58 server sshd\[29741\]: Invalid user oracle-db from 104.248.179.60 port 60270 Sep 15 08:46:58 server sshd\[29741\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.179.60 Sep 15 08:47:00 server sshd\[29741\]: Failed password for invalid user oracle-db from 104.248.179.60 port 60270 ssh2 Sep 15 08:51:23 server sshd\[19281\]: Invalid user user from 104.248.179.60 port 47428 Sep 15 08:51:23 server sshd\[19281\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.179.60	2019-09-15 14:13:45

Recently Reported IPs

218.250.245.238	74.134.63.164	123.120.42.79	201.231.6.63
14.40.172.249	54.145.7.158	190.247.241.184	103.206.44.156
42.229.174.255	190.109.255.154	176.38.10.219	1.186.186.101
182.63.152.168	49.235.35.200	197.134.70.68	77.42.94.98
47.28.129.226	106.224.140.40	210.136.250.51	208.144.230.112