175.139.146.66

Basic Info

City: unknown

Region: unknown

Country: Malaysia

Internet Service Provider: Telekom Malaysia Berhad

Hostname: unknown

Organization: unknown

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Mar 6 04:44:39 vpn sshd[21057]: Invalid user jerem from 175.139.146.66 Mar 6 04:44:39 vpn sshd[21057]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=175.139.146.66 Mar 6 04:44:41 vpn sshd[21057]: Failed password for invalid user jerem from 175.139.146.66 port 35407 ssh2 Mar 6 04:52:08 vpn sshd[21060]: Invalid user lee from 175.139.146.66 Mar 6 04:52:08 vpn sshd[21060]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=175.139.146.66	2019-07-19 06:13:20

Type

Details

Datetime

attack

Mar  6 04:44:39 vpn sshd[21057]: Invalid user jerem from 175.139.146.66
Mar  6 04:44:39 vpn sshd[21057]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=175.139.146.66
Mar  6 04:44:41 vpn sshd[21057]: Failed password for invalid user jerem from 175.139.146.66 port 35407 ssh2
Mar  6 04:52:08 vpn sshd[21060]: Invalid user lee from 175.139.146.66
Mar  6 04:52:08 vpn sshd[21060]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=175.139.146.66

2019-07-19 06:13:20

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 175.139.146.66
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 2869
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;175.139.146.66.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019071801 1800 900 604800 86400

;; Query time: 6 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Fri Jul 19 06:13:15 CST 2019
;; MSG SIZE  rcvd: 118

Host info

Host 66.146.139.175.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 66.146.139.175.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
188.166.220.17	attack	2019-10-09T05:54:35.460989shield sshd\[31528\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=188.166.220.17 user=root 2019-10-09T05:54:37.713783shield sshd\[31528\]: Failed password for root from 188.166.220.17 port 49152 ssh2 2019-10-09T05:58:50.663361shield sshd\[31836\]: Invalid user 123 from 188.166.220.17 port 40624 2019-10-09T05:58:50.668286shield sshd\[31836\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=188.166.220.17 2019-10-09T05:58:52.263324shield sshd\[31836\]: Failed password for invalid user 123 from 188.166.220.17 port 40624 ssh2	2019-10-09 14:03:17
165.227.49.242	attack	Apr 9 14:52:01 server sshd\[31528\]: Invalid user oracle from 165.227.49.242 Apr 9 14:52:01 server sshd\[31528\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=165.227.49.242 Apr 9 14:52:02 server sshd\[31528\]: Failed password for invalid user oracle from 165.227.49.242 port 34782 ssh2 ...	2019-10-09 14:16:43
45.114.143.201	attackbots	Oct 9 08:05:07 pkdns2 sshd\[13618\]: Address 45.114.143.201 maps to www.birdoncloud.com, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT!Oct 9 08:05:09 pkdns2 sshd\[13618\]: Failed password for root from 45.114.143.201 port 35472 ssh2Oct 9 08:09:28 pkdns2 sshd\[13800\]: Address 45.114.143.201 maps to www.birdoncloud.com, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT!Oct 9 08:09:31 pkdns2 sshd\[13800\]: Failed password for root from 45.114.143.201 port 46846 ssh2Oct 9 08:13:53 pkdns2 sshd\[13975\]: Address 45.114.143.201 maps to www.birdoncloud.com, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT!Oct 9 08:13:55 pkdns2 sshd\[13975\]: Failed password for root from 45.114.143.201 port 58228 ssh2 ...	2019-10-09 14:10:18
165.227.150.158	attack	May 13 10:37:13 server sshd\[152042\]: Invalid user zabbix from 165.227.150.158 May 13 10:37:13 server sshd\[152042\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=165.227.150.158 May 13 10:37:15 server sshd\[152042\]: Failed password for invalid user zabbix from 165.227.150.158 port 27606 ssh2 ...	2019-10-09 14:31:11
165.255.126.166	attackspambots	May 6 03:17:09 server sshd\[138545\]: Invalid user surf from 165.255.126.166 May 6 03:17:09 server sshd\[138545\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=165.255.126.166 May 6 03:17:11 server sshd\[138545\]: Failed password for invalid user surf from 165.255.126.166 port 25313 ssh2 ...	2019-10-09 14:05:09
211.169.249.156	attack	Oct 8 19:58:10 tdfoods sshd\[7538\]: Invalid user Virgin1@3 from 211.169.249.156 Oct 8 19:58:10 tdfoods sshd\[7538\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=211.169.249.156 Oct 8 19:58:13 tdfoods sshd\[7538\]: Failed password for invalid user Virgin1@3 from 211.169.249.156 port 34848 ssh2 Oct 8 20:03:02 tdfoods sshd\[7981\]: Invalid user Ranger@2017 from 211.169.249.156 Oct 8 20:03:02 tdfoods sshd\[7981\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=211.169.249.156	2019-10-09 14:13:12
112.85.42.72	attack	Oct 8 23:53:57 xentho sshd[14825]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.72 user=root Oct 8 23:53:59 xentho sshd[14825]: Failed password for root from 112.85.42.72 port 33052 ssh2 Oct 8 23:54:02 xentho sshd[14825]: Failed password for root from 112.85.42.72 port 33052 ssh2 Oct 8 23:53:57 xentho sshd[14825]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.72 user=root Oct 8 23:53:59 xentho sshd[14825]: Failed password for root from 112.85.42.72 port 33052 ssh2 Oct 8 23:54:02 xentho sshd[14825]: Failed password for root from 112.85.42.72 port 33052 ssh2 Oct 8 23:53:57 xentho sshd[14825]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.72 user=root Oct 8 23:53:59 xentho sshd[14825]: Failed password for root from 112.85.42.72 port 33052 ssh2 Oct 8 23:54:02 xentho sshd[14825]: Failed password for root from 112.85.42.72 po ...	2019-10-09 14:04:07
129.28.196.92	attackbots	Oct 9 08:09:53 legacy sshd[14671]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.28.196.92 Oct 9 08:09:55 legacy sshd[14671]: Failed password for invalid user Fernanda-123 from 129.28.196.92 port 54176 ssh2 Oct 9 08:14:28 legacy sshd[14786]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.28.196.92 ...	2019-10-09 14:21:53
182.61.43.47	attack	$f2bV_matches	2019-10-09 14:06:13
163.172.26.143	attackspam	Oct 9 07:49:20 vps01 sshd[26098]: Failed password for root from 163.172.26.143 port 53668 ssh2	2019-10-09 14:05:57
5.149.158.66	attackbots	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/5.149.158.66/ RU - 1H : (187) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : RU NAME ASN : ASN60731 IP : 5.149.158.66 CIDR : 5.149.158.0/24 PREFIX COUNT : 1 UNIQUE IP COUNT : 256 WYKRYTE ATAKI Z ASN60731 : 1H - 1 3H - 1 6H - 1 12H - 1 24H - 1 DateTime : 2019-10-09 05:55:35 INFO : Port Scan TELNET Detected and Blocked by ADMIN - data recovery	2019-10-09 14:35:01
23.129.64.196	attack	Oct 9 07:02:52 rotator sshd\[21443\]: Failed password for root from 23.129.64.196 port 43766 ssh2Oct 9 07:02:54 rotator sshd\[21443\]: Failed password for root from 23.129.64.196 port 43766 ssh2Oct 9 07:02:57 rotator sshd\[21443\]: Failed password for root from 23.129.64.196 port 43766 ssh2Oct 9 07:03:00 rotator sshd\[21443\]: Failed password for root from 23.129.64.196 port 43766 ssh2Oct 9 07:03:03 rotator sshd\[21443\]: Failed password for root from 23.129.64.196 port 43766 ssh2Oct 9 07:03:06 rotator sshd\[21443\]: Failed password for root from 23.129.64.196 port 43766 ssh2 ...	2019-10-09 14:07:40
203.48.246.66	attackbots	2019-10-09T05:50:21.282295lon01.zurich-datacenter.net sshd\[12700\]: Invalid user Qwerty1@3$ from 203.48.246.66 port 35418 2019-10-09T05:50:21.287927lon01.zurich-datacenter.net sshd\[12700\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=203.48.246.66 2019-10-09T05:50:23.235618lon01.zurich-datacenter.net sshd\[12700\]: Failed password for invalid user Qwerty1@3$ from 203.48.246.66 port 35418 ssh2 2019-10-09T05:55:40.239939lon01.zurich-datacenter.net sshd\[12796\]: Invalid user QweQwe1 from 203.48.246.66 port 47834 2019-10-09T05:55:40.246631lon01.zurich-datacenter.net sshd\[12796\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=203.48.246.66 ...	2019-10-09 14:28:30
113.62.176.97	attackbots	Oct 9 05:52:15 hcbbdb sshd\[17769\]: Invalid user P@ssword from 113.62.176.97 Oct 9 05:52:15 hcbbdb sshd\[17769\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=113.62.176.97 Oct 9 05:52:16 hcbbdb sshd\[17769\]: Failed password for invalid user P@ssword from 113.62.176.97 port 22451 ssh2 Oct 9 05:56:00 hcbbdb sshd\[18180\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=113.62.176.97 user=root Oct 9 05:56:02 hcbbdb sshd\[18180\]: Failed password for root from 113.62.176.97 port 37918 ssh2	2019-10-09 14:06:45
201.228.121.230	attackspam	Oct 9 06:58:59 MK-Soft-VM7 sshd[21374]: Failed password for root from 201.228.121.230 port 43136 ssh2 ...	2019-10-09 14:11:03

Recently Reported IPs

174.81.195.8	174.77.73.152	174.142.204.91	174.47.77.190
174.21.77.104	182.61.169.230	174.138.68.32	174.138.61.66
174.138.20.221	174.129.207.220	174.106.148.41	174.102.94.75
173.77.254.219	173.72.65.196	173.249.8.161	173.63.63.163
173.29.150.134	36.225.14.190	35.136.5.9	173.249.59.120