175.139.242.49

Basic Info

City: unknown

Region: unknown

Country: Malaysia

Internet Service Provider: Telekom Malaysia Berhad

Hostname: unknown

Organization: unknown

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	(sshd) Failed SSH login from 175.139.242.49 (MY/Malaysia/-): 5 in the last 3600 secs	2020-08-24 23:04:48
attackspambots	Jun 14 22:41:54 sigma sshd\[19315\]: Invalid user chang from 175.139.242.49Jun 14 22:41:56 sigma sshd\[19315\]: Failed password for invalid user chang from 175.139.242.49 port 27523 ssh2 ...	2020-06-15 09:30:59
attack	Fail2Ban Ban Triggered	2019-10-29 18:32:53
attack	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/175.139.242.49/ MY - 1H : (17) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : MY NAME ASN : ASN4788 IP : 175.139.242.49 CIDR : 175.139.192.0/18 PREFIX COUNT : 272 UNIQUE IP COUNT : 2955520 ATTACKS DETECTED ASN4788 : 1H - 4 3H - 5 6H - 9 12H - 9 24H - 11 DateTime : 2019-10-27 08:31:16 INFO : Port SSH 22 Scan Detected and Blocked by ADMIN - data recovery	2019-10-27 15:36:03
attackspambots	2019-10-26T16:05:18.423382lon01.zurich-datacenter.net sshd\[31571\]: Invalid user muriel from 175.139.242.49 port 24836 2019-10-26T16:05:18.431293lon01.zurich-datacenter.net sshd\[31571\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=175.139.242.49 2019-10-26T16:05:20.686173lon01.zurich-datacenter.net sshd\[31571\]: Failed password for invalid user muriel from 175.139.242.49 port 24836 ssh2 2019-10-26T16:09:38.740246lon01.zurich-datacenter.net sshd\[31641\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=175.139.242.49 user=root 2019-10-26T16:09:40.688403lon01.zurich-datacenter.net sshd\[31641\]: Failed password for root from 175.139.242.49 port 50938 ssh2 ...	2019-10-27 03:39:30
attackspam	2019-10-26T08:12:11.944066abusebot-2.cloudsearch.cf sshd\[21359\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=175.139.242.49 user=root	2019-10-26 16:27:39
attack	Invalid user srashid from 175.139.242.49 port 5408	2019-10-18 07:04:56
attackbotsspam	Oct 14 11:00:19 plusreed sshd[13468]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=175.139.242.49 user=root Oct 14 11:00:21 plusreed sshd[13468]: Failed password for root from 175.139.242.49 port 13110 ssh2 ...	2019-10-15 00:20:29
attackbotsspam	Oct 13 22:02:21 vpn01 sshd[26487]: Failed password for root from 175.139.242.49 port 56328 ssh2 ...	2019-10-14 04:15:44
attackspambots	Oct 12 06:43:58 firewall sshd[12360]: Failed password for root from 175.139.242.49 port 21878 ssh2 Oct 12 06:48:26 firewall sshd[12504]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=175.139.242.49 user=root Oct 12 06:48:28 firewall sshd[12504]: Failed password for root from 175.139.242.49 port 7307 ssh2 ...	2019-10-12 18:57:48
attack	2019-10-07T01:24:14.598397tmaserv sshd\[13613\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=175.139.242.49 user=root 2019-10-07T01:24:16.572982tmaserv sshd\[13613\]: Failed password for root from 175.139.242.49 port 28833 ssh2 2019-10-07T01:28:25.709405tmaserv sshd\[13790\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=175.139.242.49 user=root 2019-10-07T01:28:27.809978tmaserv sshd\[13790\]: Failed password for root from 175.139.242.49 port 18111 ssh2 2019-10-07T01:32:38.117887tmaserv sshd\[13983\]: Invalid user 123 from 175.139.242.49 port 23627 2019-10-07T01:32:38.122709tmaserv sshd\[13983\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=175.139.242.49 ...	2019-10-07 06:41:41
attack	Sep 27 18:04:15 meumeu sshd[30275]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=175.139.242.49 Sep 27 18:04:16 meumeu sshd[30275]: Failed password for invalid user qbf77101 from 175.139.242.49 port 32233 ssh2 Sep 27 18:08:54 meumeu sshd[30916]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=175.139.242.49 ...	2019-09-28 01:35:07
attackbots	Sep 26 02:31:08 plusreed sshd[20177]: Invalid user gpu from 175.139.242.49 ...	2019-09-26 14:36:37
attackspambots	Brute force attempt	2019-09-26 06:14:18
attack	2019-09-23T20:54:51.8032741495-001 sshd\[33912\]: Invalid user 1qaz2wsx from 175.139.242.49 port 48214 2019-09-23T20:54:51.8062701495-001 sshd\[33912\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=175.139.242.49 2019-09-23T20:54:53.6078231495-001 sshd\[33912\]: Failed password for invalid user 1qaz2wsx from 175.139.242.49 port 48214 ssh2 2019-09-23T20:59:18.7412811495-001 sshd\[34277\]: Invalid user qwerasdfzxcv from 175.139.242.49 port 6341 2019-09-23T20:59:18.7485801495-001 sshd\[34277\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=175.139.242.49 2019-09-23T20:59:20.8715961495-001 sshd\[34277\]: Failed password for invalid user qwerasdfzxcv from 175.139.242.49 port 6341 ssh2 ...	2019-09-24 09:14:51
attack	Sep 23 03:58:44 monocul sshd[10801]: Invalid user git from 175.139.242.49 port 40448 ...	2019-09-23 12:12:50
attack	Sep 22 21:56:35 monocul sshd[15476]: Invalid user ea from 175.139.242.49 port 19241 ...	2019-09-23 06:06:15
attackbots	Automated report - ssh fail2ban: Sep 21 14:54:01 authentication failure Sep 21 14:54:03 wrong password, user=123Admin, port=43952, ssh2 Sep 21 14:58:35 authentication failure	2019-09-21 21:35:46
attack	(sshd) Failed SSH login from 175.139.242.49 (MY/Malaysia/Kedah/Sungai Petani/-/[AS4788 TM Net, Internet Service Provider]): 1 in the last 3600 secs	2019-09-17 15:55:27
attackspam	[Aegis] @ 2019-09-16 02:55:15 0100 -> Attempted Administrator Privilege Gain: ET SCAN LibSSH Based Frequent SSH Connections Likely BruteForce Attack	2019-09-16 09:56:20
attackbots	Automatic report - Banned IP Access	2019-09-14 20:45:12
attackspambots	SSH Brute Force, server-1 sshd[24770]: Failed password for invalid user ubuntu from 175.139.242.49 port 47422 ssh2	2019-09-13 19:13:51
attack	Automated report - ssh fail2ban: Sep 10 09:39:39 authentication failure Sep 10 09:39:41 wrong password, user=ftpuser, port=22506, ssh2 Sep 10 09:46:08 authentication failure	2019-09-10 16:42:08
attackbots	Automatic report - Banned IP Access	2019-09-08 20:19:43
attack	Sep 7 13:37:52 php1 sshd\[15382\]: Invalid user debian from 175.139.242.49 Sep 7 13:37:52 php1 sshd\[15382\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=175.139.242.49 Sep 7 13:37:54 php1 sshd\[15382\]: Failed password for invalid user debian from 175.139.242.49 port 33839 ssh2 Sep 7 13:42:29 php1 sshd\[16378\]: Invalid user user from 175.139.242.49 Sep 7 13:42:29 php1 sshd\[16378\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=175.139.242.49	2019-09-08 07:47:11
attack	Sep 5 19:22:51 hiderm sshd\[11743\]: Invalid user odoo from 175.139.242.49 Sep 5 19:22:51 hiderm sshd\[11743\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=175.139.242.49 Sep 5 19:22:54 hiderm sshd\[11743\]: Failed password for invalid user odoo from 175.139.242.49 port 20092 ssh2 Sep 5 19:28:09 hiderm sshd\[12226\]: Invalid user testuser from 175.139.242.49 Sep 5 19:28:09 hiderm sshd\[12226\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=175.139.242.49	2019-09-06 14:11:56
attackspambots	Sep 3 10:11:15 plex sshd[20278]: Invalid user hs from 175.139.242.49 port 1938	2019-09-03 16:26:57
attackbotsspam	Sep 2 22:24:01 ws19vmsma01 sshd[105993]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=175.139.242.49 Sep 2 22:24:03 ws19vmsma01 sshd[105993]: Failed password for invalid user pgsql from 175.139.242.49 port 40988 ssh2 ...	2019-09-03 10:45:10
attackspambots	Aug 26 10:45:28 kapalua sshd\[10425\]: Invalid user keegan from 175.139.242.49 Aug 26 10:45:28 kapalua sshd\[10425\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=175.139.242.49 Aug 26 10:45:30 kapalua sshd\[10425\]: Failed password for invalid user keegan from 175.139.242.49 port 27262 ssh2 Aug 26 10:50:17 kapalua sshd\[10877\]: Invalid user aiken from 175.139.242.49 Aug 26 10:50:17 kapalua sshd\[10877\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=175.139.242.49	2019-08-27 04:54:18
attack	Aug 25 07:07:44 srv206 sshd[9964]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=175.139.242.49 user=root Aug 25 07:07:46 srv206 sshd[9964]: Failed password for root from 175.139.242.49 port 34834 ssh2 ...	2019-08-25 14:04:53

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 175.139.242.49
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 6944
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;175.139.242.49.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019081801 1800 900 604800 86400

;; Query time: 3 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Mon Aug 19 10:13:05 CST 2019
;; MSG SIZE  rcvd: 118

Host info

Host 49.242.139.175.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 49.242.139.175.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
196.218.57.180	attackbots	MultiHost/MultiPort Probe, Scan, Hack -	2020-02-17 15:57:45
212.27.48.6	attack	SSH login attempts.	2020-02-17 15:40:50
196.218.57.108	attack	MultiHost/MultiPort Probe, Scan, Hack -	2020-02-17 16:03:32
72.30.35.9	attack	SSH login attempts.	2020-02-17 15:54:56
178.128.228.127	attackbots	" "	2020-02-17 15:56:15
192.34.61.49	attackbotsspam	(sshd) Failed SSH login from 192.34.61.49 (US/United States/zap-asia.com): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Feb 17 08:03:53 elude sshd[32175]: Invalid user PlcmSpIp from 192.34.61.49 port 57459 Feb 17 08:03:54 elude sshd[32175]: Failed password for invalid user PlcmSpIp from 192.34.61.49 port 57459 ssh2 Feb 17 08:18:44 elude sshd[711]: Invalid user Test from 192.34.61.49 port 43563 Feb 17 08:18:45 elude sshd[711]: Failed password for invalid user Test from 192.34.61.49 port 43563 ssh2 Feb 17 08:22:02 elude sshd[971]: Invalid user testtest from 192.34.61.49 port 58224	2020-02-17 16:01:33
196.218.58.210	attackbotsspam	MultiHost/MultiPort Probe, Scan, Hack -	2020-02-17 15:42:40
39.108.233.215	attackspam	Portscan or hack attempt detected by psad/fwsnort	2020-02-17 15:41:34
167.71.186.128	attack	web-1 [ssh] SSH Attack	2020-02-17 15:43:32
203.59.218.120	attackbotsspam	SSH login attempts.	2020-02-17 15:46:58
46.165.245.154	attackbotsspam	02/17/2020-05:58:06.781922 46.165.245.154 Protocol: 6 ET TOR Known Tor Exit Node Traffic group 67	2020-02-17 15:45:16
200.185.193.34	attackspam	MultiHost/MultiPort Probe, Scan, Hack -	2020-02-17 15:33:07
62.234.156.66	attack	Automatic report - Banned IP Access	2020-02-17 16:00:17
195.130.217.172	attack	SSH login attempts.	2020-02-17 15:48:08
120.70.99.15	attackspambots	SSH login attempts.	2020-02-17 16:04:14

Recently Reported IPs

139.198.18.73	139.190.222.166	115.159.214.247	133.64.7.125
100.200.187.253	106.13.169.46	93.46.8.152	83.218.160.57
116.117.151.102	197.35.14.13	77.3.166.171	209.250.250.241
175.42.146.42	158.195.185.247	106.13.44.78	45.14.148.101
151.53.123.103	112.10.11.177	128.199.55.13	144.254.171.230