201.149.55.53 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Mexico

运营商(isp): Megacable Comunicaciones de Mexico S.A. de C.V.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Fixed Line ISP

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbotsspam	TCP (SYN) 201.149.55.53:46615 -> port 30850, len 44	2020-10-05 01:25:41
attack	firewall-block, port(s): 14455/tcp	2020-09-24 02:58:27
attack	Sep 5 19:14:17 hosting sshd[5326]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=201.149.55.53 user=root Sep 5 19:14:18 hosting sshd[5326]: Failed password for root from 201.149.55.53 port 46916 ssh2 Sep 5 19:16:37 hosting sshd[5645]: Invalid user useradmin from 201.149.55.53 port 45550 Sep 5 19:16:37 hosting sshd[5645]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=201.149.55.53 Sep 5 19:16:37 hosting sshd[5645]: Invalid user useradmin from 201.149.55.53 port 45550 Sep 5 19:16:40 hosting sshd[5645]: Failed password for invalid user useradmin from 201.149.55.53 port 45550 ssh2 ...	2020-09-06 00:24:07
attackbots	(sshd) Failed SSH login from 201.149.55.53 (MX/Mexico/53.55.149.201.in-addr.arpa): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Sep 5 03:07:44 server sshd[24962]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=201.149.55.53 user=root Sep 5 03:07:45 server sshd[24962]: Failed password for root from 201.149.55.53 port 56306 ssh2 Sep 5 03:23:55 server sshd[29497]: Invalid user oracle from 201.149.55.53 port 46760 Sep 5 03:23:57 server sshd[29497]: Failed password for invalid user oracle from 201.149.55.53 port 46760 ssh2 Sep 5 03:27:37 server sshd[30808]: Invalid user uftp from 201.149.55.53 port 51448	2020-09-05 15:55:09
attackbots	Port scan: Attack repeated for 24 hours	2020-09-05 08:32:00
attack	bruteforce detected	2020-08-22 07:17:14
attackspam	Aug 21 20:09:19 * sshd[25102]: Failed password for root from 201.149.55.53 port 36716 ssh2 Aug 21 20:16:55 * sshd[26379]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=201.149.55.53	2020-08-22 02:23:18
attackspambots	TCP (SYN) 201.149.55.53:57775 -> port 11408, len 44	2020-08-06 00:45:37
attack	Invalid user accounts from 201.149.55.53 port 49254	2020-07-30 16:58:30
attackspambots	Ssh brute force	2020-07-29 08:04:06
attackbots	<6 unauthorized SSH connections	2020-07-25 15:16:20
attackspam	Bruteforce detected by fail2ban	2020-07-18 17:03:37
attackspam	SSH Invalid Login	2020-07-08 06:14:45
attackspam	Fail2Ban - SSH Bruteforce Attempt	2020-07-05 04:52:28
attackspam	Jun 30 19:03:21 itv-usvr-02 sshd[8359]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=201.149.55.53 user=root Jun 30 19:03:22 itv-usvr-02 sshd[8359]: Failed password for root from 201.149.55.53 port 48310 ssh2 Jun 30 19:07:02 itv-usvr-02 sshd[8541]: Invalid user fluffy from 201.149.55.53 port 51622 Jun 30 19:07:02 itv-usvr-02 sshd[8541]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=201.149.55.53 Jun 30 19:07:02 itv-usvr-02 sshd[8541]: Invalid user fluffy from 201.149.55.53 port 51622 Jun 30 19:07:05 itv-usvr-02 sshd[8541]: Failed password for invalid user fluffy from 201.149.55.53 port 51622 ssh2	2020-07-01 09:29:49
attackspam	Mar 9 15:22:17 server sshd\[21619\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=201.149.55.53 user=root Mar 9 15:22:19 server sshd\[21619\]: Failed password for root from 201.149.55.53 port 44174 ssh2 Mar 9 15:24:00 server sshd\[21870\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=201.149.55.53 user=root Mar 9 15:24:02 server sshd\[21870\]: Failed password for root from 201.149.55.53 port 45136 ssh2 Mar 9 15:54:55 server sshd\[29051\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=201.149.55.53 user=nagios ...	2020-03-10 02:46:31

相同子网IP讨论:

暂无关于此IP所属子网相关IP的讨论.

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 201.149.55.53
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 3731
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;201.149.55.53.			IN	A

;; AUTHORITY SECTION:
.			316	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020030902 1800 900 604800 86400

;; Query time: 69 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Mar 10 02:46:28 CST 2020
;; MSG SIZE  rcvd: 117

HOST信息:

53.55.149.201.in-addr.arpa domain name pointer 53.55.149.201.in-addr.arpa.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
53.55.149.201.in-addr.arpa	name = 53.55.149.201.in-addr.arpa.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
145.239.95.83	attackspambots	2020-02-08T08:03:26.480879-07:00 suse-nuc sshd[10126]: Invalid user nfv from 145.239.95.83 port 56442 ...	2020-02-09 00:03:25
122.51.86.120	attackspambots	Feb 8 15:29:03 nextcloud sshd\[27624\]: Invalid user gcm from 122.51.86.120 Feb 8 15:29:03 nextcloud sshd\[27624\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.51.86.120 Feb 8 15:29:05 nextcloud sshd\[27624\]: Failed password for invalid user gcm from 122.51.86.120 port 41862 ssh2	2020-02-09 00:37:33
129.226.129.144	attackspambots	Feb 8 06:17:32 web1 sshd\[7218\]: Invalid user mho from 129.226.129.144 Feb 8 06:17:32 web1 sshd\[7218\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.226.129.144 Feb 8 06:17:34 web1 sshd\[7218\]: Failed password for invalid user mho from 129.226.129.144 port 38604 ssh2 Feb 8 06:20:11 web1 sshd\[7461\]: Invalid user xhc from 129.226.129.144 Feb 8 06:20:11 web1 sshd\[7461\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.226.129.144	2020-02-09 00:30:53
1.165.175.61	attack	"SERVER-WEBAPP MVPower DVR Shell arbitrary command execution attempt"	2020-02-08 23:59:59
222.254.1.162	attack	Feb 8 21:29:31 lcl-usvr-02 sshd[14132]: Invalid user admin from 222.254.1.162 port 50765 Feb 8 21:29:31 lcl-usvr-02 sshd[14132]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.254.1.162 Feb 8 21:29:31 lcl-usvr-02 sshd[14132]: Invalid user admin from 222.254.1.162 port 50765 Feb 8 21:29:33 lcl-usvr-02 sshd[14132]: Failed password for invalid user admin from 222.254.1.162 port 50765 ssh2 Feb 8 21:29:37 lcl-usvr-02 sshd[14185]: Invalid user admin from 222.254.1.162 port 50822 ...	2020-02-09 00:17:21
50.115.181.98	attack	Feb 8 06:04:20 auw2 sshd\[31818\]: Invalid user ax from 50.115.181.98 Feb 8 06:04:20 auw2 sshd\[31818\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=d50-115-181-98.static.datacom.cgocable.net Feb 8 06:04:22 auw2 sshd\[31818\]: Failed password for invalid user ax from 50.115.181.98 port 11418 ssh2 Feb 8 06:05:43 auw2 sshd\[31939\]: Invalid user kyn from 50.115.181.98 Feb 8 06:05:43 auw2 sshd\[31939\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=d50-115-181-98.static.datacom.cgocable.net	2020-02-09 00:23:02
129.213.100.212	attackspambots	Feb 8 17:26:50 sd-53420 sshd\[23340\]: Invalid user vup from 129.213.100.212 Feb 8 17:26:50 sd-53420 sshd\[23340\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.213.100.212 Feb 8 17:26:52 sd-53420 sshd\[23340\]: Failed password for invalid user vup from 129.213.100.212 port 52676 ssh2 Feb 8 17:30:00 sd-53420 sshd\[23609\]: Invalid user czo from 129.213.100.212 Feb 8 17:30:00 sd-53420 sshd\[23609\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.213.100.212 ...	2020-02-09 00:36:26
106.13.140.121	attackspam	Feb 8 17:02:28 legacy sshd[20848]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.140.121 Feb 8 17:02:30 legacy sshd[20848]: Failed password for invalid user gwm from 106.13.140.121 port 52908 ssh2 Feb 8 17:07:11 legacy sshd[21096]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.140.121 ...	2020-02-09 00:16:46
106.12.222.209	attackbots	2020-02-08T09:08:37.3841211495-001 sshd[6142]: Invalid user ofg from 106.12.222.209 port 35952 2020-02-08T09:08:37.3911441495-001 sshd[6142]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.222.209 2020-02-08T09:08:37.3841211495-001 sshd[6142]: Invalid user ofg from 106.12.222.209 port 35952 2020-02-08T09:08:39.8945111495-001 sshd[6142]: Failed password for invalid user ofg from 106.12.222.209 port 35952 ssh2 2020-02-08T09:12:35.3645001495-001 sshd[6359]: Invalid user yoa from 106.12.222.209 port 59348 2020-02-08T09:12:35.3731181495-001 sshd[6359]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.222.209 2020-02-08T09:12:35.3645001495-001 sshd[6359]: Invalid user yoa from 106.12.222.209 port 59348 2020-02-08T09:12:37.5502051495-001 sshd[6359]: Failed password for invalid user yoa from 106.12.222.209 port 59348 ssh2 2020-02-08T09:16:33.6973501495-001 sshd[6573]: Invalid user ksa from 106.12.222. ...	2020-02-09 00:06:32
1.71.129.49	attack	Invalid user ddu from 1.71.129.49 port 54107 pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=1.71.129.49 Failed password for invalid user ddu from 1.71.129.49 port 54107 ssh2 Invalid user sme from 1.71.129.49 port 38181 pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=1.71.129.49	2020-02-09 00:06:17
106.12.71.159	attack	Feb 8 11:27:45 firewall sshd[22893]: Invalid user xyl from 106.12.71.159 Feb 8 11:27:47 firewall sshd[22893]: Failed password for invalid user xyl from 106.12.71.159 port 52126 ssh2 Feb 8 11:29:51 firewall sshd[23008]: Invalid user rhs from 106.12.71.159 ...	2020-02-09 00:07:50
174.219.131.238	attack	Brute forcing email accounts	2020-02-09 00:03:13
89.248.174.213	attackbots	port	2020-02-08 23:54:55
185.143.223.171	attackspambots	IP: 185.143.223.171 Ports affected Simple Mail Transfer (25) Abuse Confidence rating 100% Found in DNSBL('s) ASN Details AS204718 Information Technologies LLC Russia (RU) CIDR 185.143.223.0/24 Log Date: 8/02/2020 1:37:47 PM UTC	2020-02-08 23:57:08
180.76.135.15	attackbots	Feb 8 16:05:34 legacy sshd[17358]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.76.135.15 Feb 8 16:05:37 legacy sshd[17358]: Failed password for invalid user iex from 180.76.135.15 port 46420 ssh2 Feb 8 16:10:49 legacy sshd[17717]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.76.135.15 ...	2020-02-09 00:26:14

最近上报的IP列表

181.69.170.52	158.117.118.224	105.155.141.70	173.254.192.202
117.57.82.127	120.230.88.227	115.84.76.227	65.97.0.208
159.192.65.32	51.75.21.62	176.115.141.37	125.213.128.106
179.14.13.17	78.140.57.15	77.40.63.201	106.205.182.249
113.81.224.176	45.48.17.120	51.36.48.86	160.66.9.250