201.149.55.53 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Mexico

Internet Service Provider: Megacable Comunicaciones de Mexico S.A. de C.V.

Hostname: unknown

Organization: unknown

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbotsspam	TCP (SYN) 201.149.55.53:46615 -> port 30850, len 44	2020-10-05 01:25:41
attack	firewall-block, port(s): 14455/tcp	2020-09-24 02:58:27
attack	Sep 5 19:14:17 hosting sshd[5326]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=201.149.55.53 user=root Sep 5 19:14:18 hosting sshd[5326]: Failed password for root from 201.149.55.53 port 46916 ssh2 Sep 5 19:16:37 hosting sshd[5645]: Invalid user useradmin from 201.149.55.53 port 45550 Sep 5 19:16:37 hosting sshd[5645]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=201.149.55.53 Sep 5 19:16:37 hosting sshd[5645]: Invalid user useradmin from 201.149.55.53 port 45550 Sep 5 19:16:40 hosting sshd[5645]: Failed password for invalid user useradmin from 201.149.55.53 port 45550 ssh2 ...	2020-09-06 00:24:07
attackbots	(sshd) Failed SSH login from 201.149.55.53 (MX/Mexico/53.55.149.201.in-addr.arpa): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Sep 5 03:07:44 server sshd[24962]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=201.149.55.53 user=root Sep 5 03:07:45 server sshd[24962]: Failed password for root from 201.149.55.53 port 56306 ssh2 Sep 5 03:23:55 server sshd[29497]: Invalid user oracle from 201.149.55.53 port 46760 Sep 5 03:23:57 server sshd[29497]: Failed password for invalid user oracle from 201.149.55.53 port 46760 ssh2 Sep 5 03:27:37 server sshd[30808]: Invalid user uftp from 201.149.55.53 port 51448	2020-09-05 15:55:09
attackbots	Port scan: Attack repeated for 24 hours	2020-09-05 08:32:00
attack	bruteforce detected	2020-08-22 07:17:14
attackspam	Aug 21 20:09:19 * sshd[25102]: Failed password for root from 201.149.55.53 port 36716 ssh2 Aug 21 20:16:55 * sshd[26379]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=201.149.55.53	2020-08-22 02:23:18
attackspambots	TCP (SYN) 201.149.55.53:57775 -> port 11408, len 44	2020-08-06 00:45:37
attack	Invalid user accounts from 201.149.55.53 port 49254	2020-07-30 16:58:30
attackspambots	Ssh brute force	2020-07-29 08:04:06
attackbots	<6 unauthorized SSH connections	2020-07-25 15:16:20
attackspam	Bruteforce detected by fail2ban	2020-07-18 17:03:37
attackspam	SSH Invalid Login	2020-07-08 06:14:45
attackspam	Fail2Ban - SSH Bruteforce Attempt	2020-07-05 04:52:28
attackspam	Jun 30 19:03:21 itv-usvr-02 sshd[8359]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=201.149.55.53 user=root Jun 30 19:03:22 itv-usvr-02 sshd[8359]: Failed password for root from 201.149.55.53 port 48310 ssh2 Jun 30 19:07:02 itv-usvr-02 sshd[8541]: Invalid user fluffy from 201.149.55.53 port 51622 Jun 30 19:07:02 itv-usvr-02 sshd[8541]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=201.149.55.53 Jun 30 19:07:02 itv-usvr-02 sshd[8541]: Invalid user fluffy from 201.149.55.53 port 51622 Jun 30 19:07:05 itv-usvr-02 sshd[8541]: Failed password for invalid user fluffy from 201.149.55.53 port 51622 ssh2	2020-07-01 09:29:49
attackspam	Mar 9 15:22:17 server sshd\[21619\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=201.149.55.53 user=root Mar 9 15:22:19 server sshd\[21619\]: Failed password for root from 201.149.55.53 port 44174 ssh2 Mar 9 15:24:00 server sshd\[21870\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=201.149.55.53 user=root Mar 9 15:24:02 server sshd\[21870\]: Failed password for root from 201.149.55.53 port 45136 ssh2 Mar 9 15:54:55 server sshd\[29051\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=201.149.55.53 user=nagios ...	2020-03-10 02:46:31

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 201.149.55.53
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 3731
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;201.149.55.53.			IN	A

;; AUTHORITY SECTION:
.			316	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020030902 1800 900 604800 86400

;; Query time: 69 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Mar 10 02:46:28 CST 2020
;; MSG SIZE  rcvd: 117

Host info

53.55.149.201.in-addr.arpa domain name pointer 53.55.149.201.in-addr.arpa.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
53.55.149.201.in-addr.arpa	name = 53.55.149.201.in-addr.arpa.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
118.27.12.50	attack	Sep 29 20:48:47 unicornsoft sshd\[3300\]: Invalid user userA from 118.27.12.50 Sep 29 20:48:47 unicornsoft sshd\[3300\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.27.12.50 Sep 29 20:48:49 unicornsoft sshd\[3300\]: Failed password for invalid user userA from 118.27.12.50 port 53808 ssh2	2019-09-30 08:05:46
113.254.118.156	attack	23/tcp [2019-09-29]1pkt	2019-09-30 07:44:14
35.240.181.249	attack	Lines containing failures of 35.240.181.249 (max 1000) Sep 27 23:10:50 localhost sshd[8711]: Invalid user gnbc from 35.240.181.249 port 33792 Sep 27 23:10:50 localhost sshd[8711]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=35.240.181.249 Sep 27 23:10:51 localhost sshd[8711]: Failed password for invalid user gnbc from 35.240.181.249 port 33792 ssh2 Sep 27 23:10:53 localhost sshd[8711]: Received disconnect from 35.240.181.249 port 33792:11: Bye Bye [preauth] Sep 27 23:10:53 localhost sshd[8711]: Disconnected from invalid user gnbc 35.240.181.249 port 33792 [preauth] Sep 27 23:23:21 localhost sshd[10611]: Invalid user ftpuser from 35.240.181.249 port 33536 Sep 27 23:23:21 localhost sshd[10611]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=35.240.181.249 Sep 27 23:23:23 localhost sshd[10611]: Failed password for invalid user ftpuser from 35.240.181.249 port 33536 ssh2 Sep 27 23:23:25 lo........ ------------------------------	2019-09-30 08:02:04
34.218.236.255	attackbotsspam	Lines containing failures of 34.218.236.255 Sep 28 01:44:27 shared03 sshd[10872]: Invalid user yt from 34.218.236.255 port 56196 Sep 28 01:44:27 shared03 sshd[10872]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=34.218.236.255 Sep 28 01:44:29 shared03 sshd[10872]: Failed password for invalid user yt from 34.218.236.255 port 56196 ssh2 Sep 28 01:44:30 shared03 sshd[10872]: Received disconnect from 34.218.236.255 port 56196:11: Bye Bye [preauth] Sep 28 01:44:30 shared03 sshd[10872]: Disconnected from invalid user yt 34.218.236.255 port 56196 [preauth] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=34.218.236.255	2019-09-30 08:09:50
222.186.180.147	attackbots	Sep 29 20:52:39 [HOSTNAME] sshd[364]: User removed from 222.186.180.147 not allowed because not listed in AllowUsers Sep 30 00:00:36 [HOSTNAME] sshd[21752]: User removed from 222.186.180.147 not allowed because not listed in AllowUsers Sep 30 00:43:41 [HOSTNAME] sshd[26687]: User removed from 222.186.180.147 not allowed because not listed in AllowUsers ...	2019-09-30 07:56:30
140.206.75.18	attackbotsspam	2019-09-30T00:04:09.093415abusebot-7.cloudsearch.cf sshd\[18343\]: Invalid user bv from 140.206.75.18 port 4566	2019-09-30 08:05:01
122.4.241.6	attackbotsspam	Sep 29 22:45:06 dev0-dcde-rnet sshd[31610]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.4.241.6 Sep 29 22:45:08 dev0-dcde-rnet sshd[31610]: Failed password for invalid user box1 from 122.4.241.6 port 57293 ssh2 Sep 29 22:48:43 dev0-dcde-rnet sshd[31623]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.4.241.6	2019-09-30 08:10:34
134.209.87.150	attackspambots	v+ssh-bruteforce	2019-09-30 07:59:20
94.23.70.116	attack	Sep 29 13:51:31 eddieflores sshd\[29398\]: Invalid user admin from 94.23.70.116 Sep 29 13:51:31 eddieflores sshd\[29398\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=94.23.70.116 Sep 29 13:51:32 eddieflores sshd\[29398\]: Failed password for invalid user admin from 94.23.70.116 port 34273 ssh2 Sep 29 13:58:04 eddieflores sshd\[29920\]: Invalid user crv from 94.23.70.116 Sep 29 13:58:04 eddieflores sshd\[29920\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=94.23.70.116	2019-09-30 08:01:28
222.186.175.163	attackbotsspam	Sep 30 01:59:35 Ubuntu-1404-trusty-64-minimal sshd\[29927\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.163 user=root Sep 30 01:59:37 Ubuntu-1404-trusty-64-minimal sshd\[29927\]: Failed password for root from 222.186.175.163 port 41228 ssh2 Sep 30 02:00:02 Ubuntu-1404-trusty-64-minimal sshd\[30077\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.163 user=root Sep 30 02:00:03 Ubuntu-1404-trusty-64-minimal sshd\[30077\]: Failed password for root from 222.186.175.163 port 56142 ssh2 Sep 30 02:00:08 Ubuntu-1404-trusty-64-minimal sshd\[30077\]: Failed password for root from 222.186.175.163 port 56142 ssh2	2019-09-30 08:01:05
82.202.249.117	attackspambots	Automatc Report - XMLRPC Attack	2019-09-30 08:15:57
87.233.227.228	attackbots	plussize.fitness 87.233.227.228 \[29/Sep/2019:23:05:47 +0200\] "POST /wp-login.php HTTP/1.1" 200 5629 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" plussize.fitness 87.233.227.228 \[29/Sep/2019:23:05:48 +0200\] "POST /wp-login.php HTTP/1.1" 200 5582 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0"	2019-09-30 08:14:44
192.99.247.232	attack	Sep 30 01:39:51 SilenceServices sshd[19438]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.99.247.232 Sep 30 01:39:53 SilenceServices sshd[19438]: Failed password for invalid user dfk from 192.99.247.232 port 54240 ssh2 Sep 30 01:43:32 SilenceServices sshd[20432]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.99.247.232	2019-09-30 08:00:09
5.196.29.194	attack	Sep 30 01:38:14 SilenceServices sshd[18946]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.196.29.194 Sep 30 01:38:16 SilenceServices sshd[18946]: Failed password for invalid user matt from 5.196.29.194 port 48925 ssh2 Sep 30 01:43:10 SilenceServices sshd[20314]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.196.29.194	2019-09-30 08:04:50
177.84.40.30	attackbotsspam	Automatic report - Port Scan Attack	2019-09-30 07:57:00

Recently Reported IPs

181.69.170.52	158.117.118.224	105.155.141.70	173.254.192.202
117.57.82.127	120.230.88.227	115.84.76.227	65.97.0.208
159.192.65.32	51.75.21.62	176.115.141.37	125.213.128.106
179.14.13.17	78.140.57.15	77.40.63.201	106.205.182.249
113.81.224.176	45.48.17.120	51.36.48.86	160.66.9.250