175.139.242.49

Basic Info

City: unknown

Region: unknown

Country: Malaysia

Internet Service Provider: Telekom Malaysia Berhad

Hostname: unknown

Organization: unknown

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	(sshd) Failed SSH login from 175.139.242.49 (MY/Malaysia/-): 5 in the last 3600 secs	2020-08-24 23:04:48
attackspambots	Jun 14 22:41:54 sigma sshd\[19315\]: Invalid user chang from 175.139.242.49Jun 14 22:41:56 sigma sshd\[19315\]: Failed password for invalid user chang from 175.139.242.49 port 27523 ssh2 ...	2020-06-15 09:30:59
attack	Fail2Ban Ban Triggered	2019-10-29 18:32:53
attack	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/175.139.242.49/ MY - 1H : (17) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : MY NAME ASN : ASN4788 IP : 175.139.242.49 CIDR : 175.139.192.0/18 PREFIX COUNT : 272 UNIQUE IP COUNT : 2955520 ATTACKS DETECTED ASN4788 : 1H - 4 3H - 5 6H - 9 12H - 9 24H - 11 DateTime : 2019-10-27 08:31:16 INFO : Port SSH 22 Scan Detected and Blocked by ADMIN - data recovery	2019-10-27 15:36:03
attackspambots	2019-10-26T16:05:18.423382lon01.zurich-datacenter.net sshd\[31571\]: Invalid user muriel from 175.139.242.49 port 24836 2019-10-26T16:05:18.431293lon01.zurich-datacenter.net sshd\[31571\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=175.139.242.49 2019-10-26T16:05:20.686173lon01.zurich-datacenter.net sshd\[31571\]: Failed password for invalid user muriel from 175.139.242.49 port 24836 ssh2 2019-10-26T16:09:38.740246lon01.zurich-datacenter.net sshd\[31641\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=175.139.242.49 user=root 2019-10-26T16:09:40.688403lon01.zurich-datacenter.net sshd\[31641\]: Failed password for root from 175.139.242.49 port 50938 ssh2 ...	2019-10-27 03:39:30
attackspam	2019-10-26T08:12:11.944066abusebot-2.cloudsearch.cf sshd\[21359\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=175.139.242.49 user=root	2019-10-26 16:27:39
attack	Invalid user srashid from 175.139.242.49 port 5408	2019-10-18 07:04:56
attackbotsspam	Oct 14 11:00:19 plusreed sshd[13468]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=175.139.242.49 user=root Oct 14 11:00:21 plusreed sshd[13468]: Failed password for root from 175.139.242.49 port 13110 ssh2 ...	2019-10-15 00:20:29
attackbotsspam	Oct 13 22:02:21 vpn01 sshd[26487]: Failed password for root from 175.139.242.49 port 56328 ssh2 ...	2019-10-14 04:15:44
attackspambots	Oct 12 06:43:58 firewall sshd[12360]: Failed password for root from 175.139.242.49 port 21878 ssh2 Oct 12 06:48:26 firewall sshd[12504]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=175.139.242.49 user=root Oct 12 06:48:28 firewall sshd[12504]: Failed password for root from 175.139.242.49 port 7307 ssh2 ...	2019-10-12 18:57:48
attack	2019-10-07T01:24:14.598397tmaserv sshd\[13613\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=175.139.242.49 user=root 2019-10-07T01:24:16.572982tmaserv sshd\[13613\]: Failed password for root from 175.139.242.49 port 28833 ssh2 2019-10-07T01:28:25.709405tmaserv sshd\[13790\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=175.139.242.49 user=root 2019-10-07T01:28:27.809978tmaserv sshd\[13790\]: Failed password for root from 175.139.242.49 port 18111 ssh2 2019-10-07T01:32:38.117887tmaserv sshd\[13983\]: Invalid user 123 from 175.139.242.49 port 23627 2019-10-07T01:32:38.122709tmaserv sshd\[13983\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=175.139.242.49 ...	2019-10-07 06:41:41
attack	Sep 27 18:04:15 meumeu sshd[30275]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=175.139.242.49 Sep 27 18:04:16 meumeu sshd[30275]: Failed password for invalid user qbf77101 from 175.139.242.49 port 32233 ssh2 Sep 27 18:08:54 meumeu sshd[30916]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=175.139.242.49 ...	2019-09-28 01:35:07
attackbots	Sep 26 02:31:08 plusreed sshd[20177]: Invalid user gpu from 175.139.242.49 ...	2019-09-26 14:36:37
attackspambots	Brute force attempt	2019-09-26 06:14:18
attack	2019-09-23T20:54:51.8032741495-001 sshd\[33912\]: Invalid user 1qaz2wsx from 175.139.242.49 port 48214 2019-09-23T20:54:51.8062701495-001 sshd\[33912\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=175.139.242.49 2019-09-23T20:54:53.6078231495-001 sshd\[33912\]: Failed password for invalid user 1qaz2wsx from 175.139.242.49 port 48214 ssh2 2019-09-23T20:59:18.7412811495-001 sshd\[34277\]: Invalid user qwerasdfzxcv from 175.139.242.49 port 6341 2019-09-23T20:59:18.7485801495-001 sshd\[34277\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=175.139.242.49 2019-09-23T20:59:20.8715961495-001 sshd\[34277\]: Failed password for invalid user qwerasdfzxcv from 175.139.242.49 port 6341 ssh2 ...	2019-09-24 09:14:51
attack	Sep 23 03:58:44 monocul sshd[10801]: Invalid user git from 175.139.242.49 port 40448 ...	2019-09-23 12:12:50
attack	Sep 22 21:56:35 monocul sshd[15476]: Invalid user ea from 175.139.242.49 port 19241 ...	2019-09-23 06:06:15
attackbots	Automated report - ssh fail2ban: Sep 21 14:54:01 authentication failure Sep 21 14:54:03 wrong password, user=123Admin, port=43952, ssh2 Sep 21 14:58:35 authentication failure	2019-09-21 21:35:46
attack	(sshd) Failed SSH login from 175.139.242.49 (MY/Malaysia/Kedah/Sungai Petani/-/[AS4788 TM Net, Internet Service Provider]): 1 in the last 3600 secs	2019-09-17 15:55:27
attackspam	[Aegis] @ 2019-09-16 02:55:15 0100 -> Attempted Administrator Privilege Gain: ET SCAN LibSSH Based Frequent SSH Connections Likely BruteForce Attack	2019-09-16 09:56:20
attackbots	Automatic report - Banned IP Access	2019-09-14 20:45:12
attackspambots	SSH Brute Force, server-1 sshd[24770]: Failed password for invalid user ubuntu from 175.139.242.49 port 47422 ssh2	2019-09-13 19:13:51
attack	Automated report - ssh fail2ban: Sep 10 09:39:39 authentication failure Sep 10 09:39:41 wrong password, user=ftpuser, port=22506, ssh2 Sep 10 09:46:08 authentication failure	2019-09-10 16:42:08
attackbots	Automatic report - Banned IP Access	2019-09-08 20:19:43
attack	Sep 7 13:37:52 php1 sshd\[15382\]: Invalid user debian from 175.139.242.49 Sep 7 13:37:52 php1 sshd\[15382\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=175.139.242.49 Sep 7 13:37:54 php1 sshd\[15382\]: Failed password for invalid user debian from 175.139.242.49 port 33839 ssh2 Sep 7 13:42:29 php1 sshd\[16378\]: Invalid user user from 175.139.242.49 Sep 7 13:42:29 php1 sshd\[16378\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=175.139.242.49	2019-09-08 07:47:11
attack	Sep 5 19:22:51 hiderm sshd\[11743\]: Invalid user odoo from 175.139.242.49 Sep 5 19:22:51 hiderm sshd\[11743\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=175.139.242.49 Sep 5 19:22:54 hiderm sshd\[11743\]: Failed password for invalid user odoo from 175.139.242.49 port 20092 ssh2 Sep 5 19:28:09 hiderm sshd\[12226\]: Invalid user testuser from 175.139.242.49 Sep 5 19:28:09 hiderm sshd\[12226\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=175.139.242.49	2019-09-06 14:11:56
attackspambots	Sep 3 10:11:15 plex sshd[20278]: Invalid user hs from 175.139.242.49 port 1938	2019-09-03 16:26:57
attackbotsspam	Sep 2 22:24:01 ws19vmsma01 sshd[105993]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=175.139.242.49 Sep 2 22:24:03 ws19vmsma01 sshd[105993]: Failed password for invalid user pgsql from 175.139.242.49 port 40988 ssh2 ...	2019-09-03 10:45:10
attackspambots	Aug 26 10:45:28 kapalua sshd\[10425\]: Invalid user keegan from 175.139.242.49 Aug 26 10:45:28 kapalua sshd\[10425\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=175.139.242.49 Aug 26 10:45:30 kapalua sshd\[10425\]: Failed password for invalid user keegan from 175.139.242.49 port 27262 ssh2 Aug 26 10:50:17 kapalua sshd\[10877\]: Invalid user aiken from 175.139.242.49 Aug 26 10:50:17 kapalua sshd\[10877\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=175.139.242.49	2019-08-27 04:54:18
attack	Aug 25 07:07:44 srv206 sshd[9964]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=175.139.242.49 user=root Aug 25 07:07:46 srv206 sshd[9964]: Failed password for root from 175.139.242.49 port 34834 ssh2 ...	2019-08-25 14:04:53

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 175.139.242.49
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 6944
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;175.139.242.49.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019081801 1800 900 604800 86400

;; Query time: 3 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Mon Aug 19 10:13:05 CST 2019
;; MSG SIZE  rcvd: 118

Host info

Host 49.242.139.175.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 49.242.139.175.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
45.55.222.162	attack	$f2bV_matches	2020-08-29 08:23:33
118.24.114.205	attackbots	Aug 29 02:11:30 pve1 sshd[20388]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.24.114.205 Aug 29 02:11:32 pve1 sshd[20388]: Failed password for invalid user asi from 118.24.114.205 port 44486 ssh2 ...	2020-08-29 08:31:50
110.185.160.106	attackbotsspam	Icarus honeypot on github	2020-08-29 08:15:10
92.222.90.130	attackbots	2020-08-29T00:26:39.331382n23.at sshd[1948178]: Invalid user jyu from 92.222.90.130 port 38338 2020-08-29T00:26:41.592871n23.at sshd[1948178]: Failed password for invalid user jyu from 92.222.90.130 port 38338 ssh2 2020-08-29T00:33:50.455927n23.at sshd[1953898]: Invalid user djones from 92.222.90.130 port 51596 ...	2020-08-29 08:27:12
2.187.249.155	attackspam	Automatic report - Port Scan Attack	2020-08-29 08:04:47
101.231.146.34	attack	Aug 29 01:25:52 myvps sshd[19576]: Failed password for root from 101.231.146.34 port 48632 ssh2 Aug 29 01:43:28 myvps sshd[30943]: Failed password for root from 101.231.146.34 port 60479 ssh2 ...	2020-08-29 08:07:09
217.182.192.217	attackspam	$f2bV_matches	2020-08-29 08:04:08
180.76.107.10	attack	2020-08-29T00:05:45+0200 Failed SSH Authentication/Brute Force Attack.(Server 2)	2020-08-29 08:10:45
59.45.76.90	attackspam	Invalid user guij from 59.45.76.90 port 62167	2020-08-29 08:32:44
130.105.48.80	attack	Spammer_1	2020-08-29 12:06:29
119.45.54.166	attackbotsspam	"$f2bV_matches"	2020-08-29 08:08:56
212.83.186.26	attack	Aug 29 00:29:09 eventyay sshd[20584]: Failed password for root from 212.83.186.26 port 19191 ssh2 Aug 29 00:32:37 eventyay sshd[20659]: Failed password for root from 212.83.186.26 port 54842 ssh2 Aug 29 00:36:11 eventyay sshd[20737]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=212.83.186.26 ...	2020-08-29 08:17:27
218.92.0.138	attack	Aug 29 00:29:54 localhost sshd[47635]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.138 user=root Aug 29 00:29:56 localhost sshd[47635]: Failed password for root from 218.92.0.138 port 60241 ssh2 Aug 29 00:30:00 localhost sshd[47635]: Failed password for root from 218.92.0.138 port 60241 ssh2 Aug 29 00:29:54 localhost sshd[47635]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.138 user=root Aug 29 00:29:56 localhost sshd[47635]: Failed password for root from 218.92.0.138 port 60241 ssh2 Aug 29 00:30:00 localhost sshd[47635]: Failed password for root from 218.92.0.138 port 60241 ssh2 Aug 29 00:29:54 localhost sshd[47635]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.138 user=root Aug 29 00:29:56 localhost sshd[47635]: Failed password for root from 218.92.0.138 port 60241 ssh2 Aug 29 00:30:00 localhost sshd[47635]: Failed password fo ...	2020-08-29 08:31:07
136.232.184.46	attack	Unauthorized connection attempt from IP address 136.232.184.46 on Port 445(SMB)	2020-08-29 12:03:24
149.202.164.82	attackbots	Aug 29 01:32:10 server sshd[36623]: Failed password for root from 149.202.164.82 port 34602 ssh2 Aug 29 01:35:48 server sshd[38499]: Failed password for invalid user lobo from 149.202.164.82 port 40710 ssh2 Aug 29 01:39:36 server sshd[40601]: Failed password for invalid user ola from 149.202.164.82 port 46818 ssh2	2020-08-29 08:21:54

Recently Reported IPs

139.198.18.73	139.190.222.166	115.159.214.247	133.64.7.125
100.200.187.253	106.13.169.46	93.46.8.152	83.218.160.57
116.117.151.102	197.35.14.13	77.3.166.171	209.250.250.241
175.42.146.42	158.195.185.247	106.13.44.78	45.14.148.101
151.53.123.103	112.10.11.177	128.199.55.13	144.254.171.230