This IP address has been reported a total of
279
times from
195 distinct
sources.
49.238.167.125 was first reported on
, and the most recent report was
.
Recent Reports:
We have received reports of abusive activity from this IP address within the last week. It is
potentially still actively engaged in abusive activities.
Reporter
IoA Timestamp (UTC)
Comment
Categories
Anonymous
2026-07-02T11:25:47.145197+00:00 de-fra2-ntp1 sshd[2212027]: Invalid user test from 49.238.167.125 p ...
show more2026-07-02T11:25:47.145197+00:00 de-fra2-ntp1 sshd[2212027]: Invalid user test from 49.238.167.125 port 37302
2026-07-02T11:28:07.487308+00:00 de-fra2-ntp1 sshd[2212051]: Invalid user user from 49.238.167.125 port 51818
2026-07-02T11:39:30.726141+00:00 de-fra2-ntp1 sshd[2212437]: Invalid user user from 49.238.167.125 port 53568
...
show less
2026-07-02T08:14:54.606175-03:00 vmi2819241 sshd-session[2715922]: Failed password for invalid user ...
show more2026-07-02T08:14:54.606175-03:00 vmi2819241 sshd-session[2715922]: Failed password for invalid user root from 49.238.167.125 port 54122 ssh2
2026-07-02T08:21:38.381538-03:00 vmi2819241 sshd-session[2716979]: User root from 49.238.167.125 not allowed because not listed in AllowUsers
2026-07-02T08:21:38.486046-03:00 vmi2819241 sshd-session[2716979]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.238.167.125 user=root
2026-07-02T08:21:40.504229-03:00 vmi2819241 sshd-session[2716979]: Failed password for invalid user root from 49.238.167.125 port 38942 ssh2
...
show less
(sshd) Failed SSH login from 49.238.167.125 (KR/South Korea/-): 5 in the last 3600 secs; Ports: *; D ...
show more(sshd) Failed SSH login from 49.238.167.125 (KR/South Korea/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Jul 2 20:25:34 ded01 sshd[613493]: Invalid user ubuntu from 49.238.167.125 port 37116
Jul 2 20:25:36 ded01 sshd[613493]: Failed password for invalid user ubuntu from 49.238.167.125 port 37116 ssh2
Jul 2 20:39:26 ded01 sshd[623725]: Did not receive identification string from 49.238.167.125 port 59452
Jul 2 20:41:13 ded01 sshd[625830]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.238.167.125 user=root
Jul 2 20:41:15 ded01 sshd[625830]: Failed password for root from 49.238.167.125 port 34688 ssh2
show less
2026-07-02T11:53:34.741200+02:00 ieyasu.moretrix.com sshd-session[1624953]: User root from 49.238.16 ...
show more2026-07-02T11:53:34.741200+02:00 ieyasu.moretrix.com sshd-session[1624953]: User root from 49.238.167.125 not allowed because none of user's groups are listed in AllowGroups
2026-07-02T11:55:55.886255+02:00 ieyasu.moretrix.com sshd-session[1625031]: Connection from 49.238.167.125 port 34746 on 176.9.64.17 port 22 rdomain ""
2026-07-02T11:55:57.423848+02:00 ieyasu.moretrix.com sshd-session[1625031]: User root from 49.238.167.125 not allowed because none of user's groups are listed in AllowGroups
...
show less
20 attempts since 02.07.2026 10:48:02 CEST - last one: 2026-07-02T11:35:33.663825+02:00 alpha sshd-s ...
show more20 attempts since 02.07.2026 10:48:02 CEST - last one: 2026-07-02T11:35:33.663825+02:00 alpha sshd-session[326372]: Disconnected from invalid user snoopy 49.238.167.125 port 60922 [preauth]
show less
2026-07-02T10:33:29.386925+01:00 ozelot sshd-session[3556287]: pam_unix(sshd:auth): authentication f ...
show more2026-07-02T10:33:29.386925+01:00 ozelot sshd-session[3556287]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.238.167.125
2026-07-02T10:33:31.939831+01:00 ozelot sshd-session[3556287]: Failed password for invalid user conf from 49.238.167.125 port 60940 ssh2
2026-07-02T10:35:30.624841+01:00 ozelot sshd-session[3580028]: Invalid user snoopy from 49.238.167.125 port 43304
show less
Jul 2 09:29:07 proxy-epyc sshd[417200]: Failed password for invalid user lambda from 49.238.167.125 ...
show moreJul 2 09:29:07 proxy-epyc sshd[417200]: Failed password for invalid user lambda from 49.238.167.125 port 52142 ssh2
Jul 2 09:30:51 proxy-epyc sshd[417528]: Invalid user anket from 49.238.167.125 port 45042
Jul 2 09:30:51 proxy-epyc sshd[417528]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.238.167.125
Jul 2 09:30:53 proxy-epyc sshd[417528]: Failed password for invalid user anket from 49.238.167.125 port 45042 ssh2
Jul 2 09:32:41 proxy-epyc sshd[417857]: Invalid user clark from 49.238.167.125 port 47414
...
show less
Jul 2 08:57:29 proxy-epyc sshd[412353]: Failed password for invalid user gs from 49.238.167.125 por ...
show moreJul 2 08:57:29 proxy-epyc sshd[412353]: Failed password for invalid user gs from 49.238.167.125 port 45638 ssh2
Jul 2 09:02:22 proxy-epyc sshd[413067]: Invalid user photobook from 49.238.167.125 port 45862
Jul 2 09:02:22 proxy-epyc sshd[413067]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.238.167.125
Jul 2 09:02:24 proxy-epyc sshd[413067]: Failed password for invalid user photobook from 49.238.167.125 port 45862 ssh2
Jul 2 09:04:20 proxy-epyc sshd[413542]: Invalid user pdu from 49.238.167.125 port 39620
...
show less
2026-07-02T04:55:51.588360-04:00 lg sshd[704796]: Failed password for invalid user gs from 49.238.16 ...
show more2026-07-02T04:55:51.588360-04:00 lg sshd[704796]: Failed password for invalid user gs from 49.238.167.125 port 42144 ssh2
2026-07-02T05:01:35.808616-04:00 lg sshd[704806]: Invalid user photobook from 49.238.167.125 port 50580
2026-07-02T05:01:35.821472-04:00 lg sshd[704806]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.238.167.125
2026-07-02T05:01:37.675261-04:00 lg sshd[704806]: Failed password for invalid user photobook from 49.238.167.125 port 50580 ssh2
2026-07-02T05:03:34.694420-04:00 lg sshd[704810]: Invalid user pdu from 49.238.167.125 port 56968
...
show less
2026-07-02T10:01:07.135174+01:00 ozelot sshd-session[3155912]: pam_unix(sshd:auth): authentication f ...
show more2026-07-02T10:01:07.135174+01:00 ozelot sshd-session[3155912]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.238.167.125
2026-07-02T10:01:09.763794+01:00 ozelot sshd-session[3155912]: Failed password for invalid user photobook from 49.238.167.125 port 35042 ssh2
2026-07-02T10:03:12.924130+01:00 ozelot sshd-session[3180691]: Invalid user pdu from 49.238.167.125 port 46322
show less
Brute-Force
SSH
Anonymous
2026-07-02T10:53:04.128473 mail2.akcurate.de sshd-session[250206]: Invalid user gs from 49.238.167.1 ...
show more2026-07-02T10:53:04.128473 mail2.akcurate.de sshd-session[250206]: Invalid user gs from 49.238.167.125 port 41592
2026-07-02T10:53:04.431273 mail2.akcurate.de sshd-session[250206]: Disconnected from invalid user gs 49.238.167.125 port 41592 [preauth]
2026-07-02T11:01:47.806694 mail2.akcurate.de sshd-session[250962]: Invalid user photobook from 49.238.167.125 port 54280
...
show less
2026-07-02T09:52:43.957772+02:00 pokevador sshd[1558654]: Failed password for root from 49.238.167.1 ...
show more2026-07-02T09:52:43.957772+02:00 pokevador sshd[1558654]: Failed password for root from 49.238.167.125 port 56256 ssh2
2026-07-02T09:54:24.481061+02:00 pokevador sshd[1559810]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.238.167.125 user=root
2026-07-02T09:54:26.618744+02:00 pokevador sshd[1559810]: Failed password for root from 49.238.167.125 port 40180 ssh2
...
show less
2026-07-02T07:31:29.162574+00:00 vps2 sshd[2254214]: Disconnected from authenticating user root 49.2 ...
show more2026-07-02T07:31:29.162574+00:00 vps2 sshd[2254214]: Disconnected from authenticating user root 49.238.167.125 port 35272 [preauth]
2026-07-02T07:34:01.476239+00:00 vps2 sshd[2254380]: Disconnected from authenticating user root 49.238.167.125 port 48208 [preauth]
2026-07-02T07:35:45.623137+00:00 vps2 sshd[2254504]: Disconnected from authenticating user root 49.238.167.125 port 57248 [preauth]
...
show less
Brute-Force
SSH
Showing 1 to
15
of 279 reports
Think this IP has been falsely reported? You may request to have the associated
reports reviewed and removed.
Request Takedown ๐ฉ