175.139.16.53 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Malaysia

Internet Service Provider: Telekom Malaysia Berhad

Hostname: unknown

Organization: unknown

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspam	Lines containing failures of 175.139.16.53 Oct 18 13:25:41 omfg postfix-submission/smtpd[23676]: connect from unknown[175.139.16.53] Oct 18 13:25:42 omfg postfix-submission/smtpd[23677]: connect from unknown[175.139.16.53] Oct 18 13:25:44 omfg postfix-submission/smtpd[23679]: connect from unknown[175.139.16.53] Oct 18 13:25:44 omfg postfix-submission/smtpd[23680]: connect from unknown[175.139.16.53] Oct 18 13:25:45 omfg postfix-submission/smtpd[23676]: lost connection after CONNECT from unknown[175.139.16.53] Oct 18 13:25:45 omfg postfix-submission/smtpd[23676]: disconnect from unknown[175.139.16.53] commands=0/0 Oct 18 13:25:45 omfg postfix-submission/smtpd[23677]: lost connection after CONNECT from unknown[175.139.16.53] Oct 18 13:25:45 omfg postfix-submission/smtpd[23677]: disconnect from unknown[175.139.16.53] commands=0/0 Oct 18 13:25:45 omfg postfix-submission/smtpd[23679]: lost connection after CONNECT from unknown[175.139.16.53] Oct 18 13:25:45 omfg postfix-submi........ ------------------------------	2019-10-19 01:20:27

Type

Details

Datetime

attackspam

Lines containing failures of 175.139.16.53
Oct 18 13:25:41 omfg postfix-submission/smtpd[23676]: connect from unknown[175.139.16.53]
Oct 18 13:25:42 omfg postfix-submission/smtpd[23677]: connect from unknown[175.139.16.53]
Oct 18 13:25:44 omfg postfix-submission/smtpd[23679]: connect from unknown[175.139.16.53]
Oct 18 13:25:44 omfg postfix-submission/smtpd[23680]: connect from unknown[175.139.16.53]
Oct 18 13:25:45 omfg postfix-submission/smtpd[23676]: lost connection after CONNECT from unknown[175.139.16.53]
Oct 18 13:25:45 omfg postfix-submission/smtpd[23676]: disconnect from unknown[175.139.16.53] commands=0/0
Oct 18 13:25:45 omfg postfix-submission/smtpd[23677]: lost connection after CONNECT from unknown[175.139.16.53]
Oct 18 13:25:45 omfg postfix-submission/smtpd[23677]: disconnect from unknown[175.139.16.53] commands=0/0
Oct 18 13:25:45 omfg postfix-submission/smtpd[23679]: lost connection after CONNECT from unknown[175.139.16.53]
Oct 18 13:25:45 omfg postfix-submi........
------------------------------

2019-10-19 01:20:27

Comments on same subnet:

IP	Type	Details	Datetime
175.139.164.181	attackspambots	1,31-13/05 [bc01/m07] PostRequest-Spammer scoring: brussels	2020-06-23 20:46:00
175.139.165.28	attackspambots	WebFormToEmail Comment SPAM	2020-06-10 17:23:42
175.139.166.45	attack	[portscan] Port scan	2020-02-08 08:14:58
175.139.166.252	attackspambots	Jan 31 09:31:07 srv01 sshd[12096]: Invalid user admin from 175.139.166.252 port 49307 Jan 31 09:31:07 srv01 sshd[12096]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=175.139.166.252 Jan 31 09:31:07 srv01 sshd[12096]: Invalid user admin from 175.139.166.252 port 49307 Jan 31 09:31:09 srv01 sshd[12096]: Failed password for invalid user admin from 175.139.166.252 port 49307 ssh2 Jan 31 09:31:07 srv01 sshd[12096]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=175.139.166.252 Jan 31 09:31:07 srv01 sshd[12096]: Invalid user admin from 175.139.166.252 port 49307 Jan 31 09:31:09 srv01 sshd[12096]: Failed password for invalid user admin from 175.139.166.252 port 49307 ssh2 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=175.139.166.252	2020-01-31 23:32:03
175.139.166.139	attack	WP sniffing	2019-11-14 23:12:16
175.139.164.167	attackspambots	[portscan] Port scan	2019-11-02 00:33:06
175.139.160.85	attackbots	port scan and connect, tcp 8000 (http-alt)	2019-10-07 00:48:18
175.139.168.213	attackspam	MY - - [07 Aug 2019:04:47:36 +0300] GET redirect ?go=http: rkelevator.com.my HTTP 1.1 302 - - Mozilla 5.0 Windows NT 6.1; WOW64 AppleWebKit 537.36 KHTML, like Gecko Chrome 42.0.2311.135 Safari 537.36	2019-08-07 15:43:21
175.139.164.234	attack	Mar 22 16:44:18 vpn sshd[27687]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=175.139.164.234 Mar 22 16:44:20 vpn sshd[27687]: Failed password for invalid user carol from 175.139.164.234 port 57345 ssh2 Mar 22 16:49:59 vpn sshd[27732]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=175.139.164.234	2019-07-19 06:11:39
175.139.167.242	attack	Looking for resource vulnerabilities	2019-06-29 09:51:56
175.139.163.107	attackspambots	Request: "GET / HTTP/1.1"	2019-06-22 04:16:29

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 175.139.16.53
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 39901
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;175.139.16.53.			IN	A

;; AUTHORITY SECTION:
.			549	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019101800 1800 900 604800 86400

;; Query time: 55 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Oct 19 01:20:24 CST 2019
;; MSG SIZE  rcvd: 117

Host info

Host 53.16.139.175.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 53.16.139.175.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
58.118.188.6	attackbots	Sep 12 09:44:55 markkoudstaal sshd[23219]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.118.188.6 Sep 12 09:44:56 markkoudstaal sshd[23219]: Failed password for invalid user 123456 from 58.118.188.6 port 38938 ssh2 Sep 12 09:48:51 markkoudstaal sshd[23592]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.118.188.6	2019-09-12 21:56:37
51.77.137.211	attackbots	2019-09-12T13:56:10.501742abusebot-4.cloudsearch.cf sshd\[31016\]: Invalid user tsbot from 51.77.137.211 port 47814	2019-09-12 22:39:05
86.44.58.191	attackbotsspam	Sep 12 15:35:08 lnxweb61 sshd[3184]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=86.44.58.191	2019-09-12 21:55:08
206.189.122.133	attackbots	Sep 12 15:54:37 mout sshd[27247]: Invalid user ts from 206.189.122.133 port 54972	2019-09-12 22:17:58
163.172.30.246	attackspam	Sep 12 11:09:46 MK-Soft-VM6 sshd\[8122\]: Invalid user www from 163.172.30.246 port 44350 Sep 12 11:09:46 MK-Soft-VM6 sshd\[8122\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=163.172.30.246 Sep 12 11:09:48 MK-Soft-VM6 sshd\[8122\]: Failed password for invalid user www from 163.172.30.246 port 44350 ssh2 ...	2019-09-12 21:53:46
58.210.85.22	attackspambots	2019-09-12 16:37:44,155 fail2ban.actions [1529]: NOTICE [apache-modsecurity] Ban 58.210.85.22 ...	2019-09-12 22:10:07
177.190.192.190	attackspam	Sep 12 15:00:35 MK-Soft-Root2 sshd\[16998\]: Invalid user administrador from 177.190.192.190 port 37812 Sep 12 15:00:35 MK-Soft-Root2 sshd\[16998\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=177.190.192.190 Sep 12 15:00:37 MK-Soft-Root2 sshd\[16998\]: Failed password for invalid user administrador from 177.190.192.190 port 37812 ssh2 ...	2019-09-12 22:08:30
218.89.235.213	attack	Lines containing failures of 218.89.235.213 Sep 12 05:48:10 MAKserver06 sshd[17845]: Invalid user serveremachine from 218.89.235.213 port 60826 Sep 12 05:48:10 MAKserver06 sshd[17845]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.89.235.213 Sep 12 05:48:12 MAKserver06 sshd[17845]: Failed password for invalid user serveremachine from 218.89.235.213 port 60826 ssh2 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=218.89.235.213	2019-09-12 21:59:44
117.66.241.112	attackspambots	Sep 12 10:38:21 eventyay sshd[29774]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.66.241.112 Sep 12 10:38:23 eventyay sshd[29774]: Failed password for invalid user csgoserver from 117.66.241.112 port 33963 ssh2 Sep 12 10:45:06 eventyay sshd[29844]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.66.241.112 ...	2019-09-12 22:26:57
104.144.171.65	attackspambots	US - 1H : (430) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : US NAME ASN : ASN55286 IP : 104.144.171.65 CIDR : 104.144.160.0/19 PREFIX COUNT : 475 UNIQUE IP COUNT : 511744 WYKRYTE ATAKI Z ASN55286 : 1H - 1 3H - 1 6H - 6 12H - 8 24H - 13 INFO : Looking for resource vulnerabilities 403 Detected and Blocked by ADMIN - data recovery https://help-dysk.pl	2019-09-12 21:54:30
158.69.226.6	attackbots	\[2019-09-11 23:58:17\] SECURITY\[1849\] res_security_log.c: SecurityEvent="FailedACL",EventTV="2019-09-11T23:58:17.065-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="300011442922550329",SessionID="0x7fd9a86cbbd8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/158.69.226.6/50622",ACLName="no_extension_match" \[2019-09-12 00:01:16\] SECURITY\[1849\] res_security_log.c: SecurityEvent="FailedACL",EventTV="2019-09-12T00:01:16.838-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="200011442922550329",SessionID="0x7fd9a863a768",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/158.69.226.6/54856",ACLName="no_extension_match" \[2019-09-12 00:04:00\] SECURITY\[1849\] res_security_log.c: SecurityEvent="FailedACL",EventTV="2019-09-12T00:04:00.291-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="100011442922550329",SessionID="0x7fd9a863a768",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/158.69.226.6/61697",ACLName="	2019-09-12 22:48:36
121.233.120.151	attackbots	CN China - Failures: 20 ftpd	2019-09-12 22:34:42
106.75.10.4	attack	Sep 12 05:39:56 microserver sshd[31437]: Invalid user teamspeak3 from 106.75.10.4 port 38747 Sep 12 05:39:56 microserver sshd[31437]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.10.4 Sep 12 05:39:58 microserver sshd[31437]: Failed password for invalid user teamspeak3 from 106.75.10.4 port 38747 ssh2 Sep 12 05:43:01 microserver sshd[32038]: Invalid user admin from 106.75.10.4 port 52337 Sep 12 05:43:01 microserver sshd[32038]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.10.4 Sep 12 05:55:14 microserver sshd[33798]: Invalid user support from 106.75.10.4 port 50108 Sep 12 05:55:14 microserver sshd[33798]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.10.4 Sep 12 05:55:16 microserver sshd[33798]: Failed password for invalid user support from 106.75.10.4 port 50108 ssh2 Sep 12 05:58:26 microserver sshd[34097]: Invalid user administrator from 106.75.10.4 port 35437 S	2019-09-12 22:25:16
103.73.34.24	attack	Automatic report - Port Scan Attack	2019-09-12 22:16:56
178.62.194.63	attackbotsspam	Sep 12 14:09:04 hcbbdb sshd\[15384\]: Invalid user p@ssw0rd from 178.62.194.63 Sep 12 14:09:04 hcbbdb sshd\[15384\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.62.194.63 Sep 12 14:09:05 hcbbdb sshd\[15384\]: Failed password for invalid user p@ssw0rd from 178.62.194.63 port 46856 ssh2 Sep 12 14:14:35 hcbbdb sshd\[15974\]: Invalid user testing123 from 178.62.194.63 Sep 12 14:14:35 hcbbdb sshd\[15974\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.62.194.63	2019-09-12 22:20:13

Recently Reported IPs

95.62.214.29	211.112.64.16	87.236.92.138	81.28.100.215
151.24.1.133	14.232.29.93	145.239.69.74	10.213.179.44
183.45.177.45	103.84.83.59	87.248.85.11	193.112.9.189
185.53.88.90	211.20.26.164	195.97.30.100	110.180.129.28
95.9.2.195	203.55.115.202	151.253.165.70	105.155.219.147