201.55.8.57 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Brazil

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
201.55.81.250	attackspambots	Portscan or hack attempt detected by psad/fwsnort	2020-01-12 06:28:37
201.55.81.254	attackspam	firewall-block, port(s): 445/tcp	2019-08-10 22:52:25

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 201.55.8.57
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 21273
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;201.55.8.57.			IN	A

;; AUTHORITY SECTION:
.			587	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022021800 1800 900 604800 86400

;; Query time: 57 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Feb 18 23:55:27 CST 2022
;; MSG SIZE  rcvd: 104

Host info

57.8.55.201.in-addr.arpa domain name pointer www.jucesp.sp.gov.br.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
57.8.55.201.in-addr.arpa	name = www.jucesp.sp.gov.br.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
124.219.102.38	attackspambots	Jun 5 20:29:41 scivo sshd[26496]: reveeclipse mapping checking getaddrinfo for 124-219-102-38.vdslpro.static.apol.com.tw [124.219.102.38] failed - POSSIBLE BREAK-IN ATTEMPT! Jun 5 20:29:41 scivo sshd[26496]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.219.102.38 user=r.r Jun 5 20:29:43 scivo sshd[26496]: Failed password for r.r from 124.219.102.38 port 33888 ssh2 Jun 5 20:29:43 scivo sshd[26496]: Received disconnect from 124.219.102.38: 11: Bye Bye [preauth] Jun 5 20:29:44 scivo sshd[26498]: reveeclipse mapping checking getaddrinfo for 124-219-102-38.vdslpro.static.apol.com.tw [124.219.102.38] failed - POSSIBLE BREAK-IN ATTEMPT! Jun 5 20:29:44 scivo sshd[26498]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.219.102.38 user=r.r Jun 5 20:29:46 scivo sshd[26498]: Failed password for r.r from 124.219.102.38 port 36674 ssh2 Jun 5 20:29:46 scivo sshd[26498]: Received discon........ -------------------------------	2020-06-05 20:20:01
159.65.146.110	attackbots	Jun 5 14:14:48 PorscheCustomer sshd[26814]: Failed password for root from 159.65.146.110 port 50784 ssh2 Jun 5 14:18:33 PorscheCustomer sshd[26900]: Failed password for root from 159.65.146.110 port 53082 ssh2 ...	2020-06-05 20:35:24
128.199.170.33	attackspam	Jun 5 13:04:01 sigma sshd\[23853\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.170.33 user=rootJun 5 13:05:38 sigma sshd\[23890\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.170.33 user=root ...	2020-06-05 20:30:29
142.93.151.98	attackspam	Jun 5 13:20:05 km20725 sshd[18132]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.151.98 user=r.r Jun 5 13:20:07 km20725 sshd[18132]: Failed password for r.r from 142.93.151.98 port 55260 ssh2 Jun 5 13:20:08 km20725 sshd[18132]: Received disconnect from 142.93.151.98 port 55260:11: Bye Bye [preauth] Jun 5 13:20:08 km20725 sshd[18132]: Disconnected from authenticating user r.r 142.93.151.98 port 55260 [preauth] Jun 5 13:44:36 km20725 sshd[19819]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.151.98 user=r.r Jun 5 13:44:38 km20725 sshd[19819]: Failed password for r.r from 142.93.151.98 port 54836 ssh2 Jun 5 13:44:40 km20725 sshd[19819]: Received disconnect from 142.93.151.98 port 54836:11: Bye Bye [preauth] Jun 5 13:44:40 km20725 sshd[19819]: Disconnected from authenticating user r.r 142.93.151.98 port 54836 [preauth] Jun 5 13:47:38 km20725 sshd[20600]: pam_unix(ss........ -------------------------------	2020-06-05 20:44:00
113.190.252.87	attack	113.190.252.87 - - [05/Jun/2020:14:03:57 +0200] "GET /wp-login.php HTTP/1.1" 200 6521 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 113.190.252.87 - - [05/Jun/2020:14:04:00 +0200] "POST /wp-login.php HTTP/1.1" 200 6772 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 113.190.252.87 - - [05/Jun/2020:14:04:01 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-06-05 20:20:48
217.80.182.81	attack	Lines containing failures of 217.80.182.81 Jun 5 13:49:07 meet sshd[17433]: Invalid user pi from 217.80.182.81 port 43074 Jun 5 13:49:07 meet sshd[17434]: Invalid user pi from 217.80.182.81 port 43076 Jun 5 13:49:09 meet sshd[17433]: Failed password for invalid user pi from 217.80.182.81 port 43074 ssh2 Jun 5 13:49:09 meet sshd[17434]: Failed password for invalid user pi from 217.80.182.81 port 43076 ssh2 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=217.80.182.81	2020-06-05 20:30:00
194.187.249.55	attackspambots	(From hacker@pandora.com) PLEASE FORWARD THIS EMAIL TO SOMEONE IN YOUR COMPANY WHO IS ALLOWED TO MAKE IMPORTANT DECISIONS! We have hacked your website http://www.hotzchiropractic.com and extracted your databases. How did this happen? Our team has found a vulnerability within your site that we were able to exploit. After finding the vulnerability we were able to get your database credentials and extract your entire database and move the information to an offshore server. What does this mean? We will systematically go through a series of steps of totally damaging your reputation. First your database will be leaked or sold to the highest bidder which they will use with whatever their intentions are. Next if there are e-mails found they will be e-mailed that their information has been sold or leaked and your site http://www.hotzchiropractic.com was at fault thusly damaging your reputation and having angry customers/associates with whatever angry customers/associates do. Lastly any links that you have	2020-06-05 20:26:45
113.52.139.131	attack	Automatic report - Port Scan	2020-06-05 20:12:56
58.212.197.220	attackspambots	Jun 5 12:00:39 jumpserver sshd[82765]: Failed password for root from 58.212.197.220 port 65297 ssh2 Jun 5 12:03:57 jumpserver sshd[82794]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.212.197.220 user=root Jun 5 12:03:59 jumpserver sshd[82794]: Failed password for root from 58.212.197.220 port 59140 ssh2 ...	2020-06-05 20:21:13
89.144.57.113	attackbots	spam	2020-06-05 20:18:58
106.13.184.22	attackbots	Jun 5 14:00:58 ns381471 sshd[14220]: Failed password for root from 106.13.184.22 port 46748 ssh2	2020-06-05 20:37:12
193.112.247.104	attackspam	Jun 5 14:01:36 amit sshd\[22033\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=193.112.247.104 user=root Jun 5 14:01:38 amit sshd\[22033\]: Failed password for root from 193.112.247.104 port 46800 ssh2 Jun 5 14:06:03 amit sshd\[18284\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=193.112.247.104 user=root ...	2020-06-05 20:43:35
81.51.200.217	attackspam	Unauthorized connection attempt detected from IP address 81.51.200.217 to port 22	2020-06-05 20:22:40
117.50.65.85	attackspambots	SSH Brute-Force attacks	2020-06-05 20:28:39
68.183.184.243	attackspambots	CMS (WordPress or Joomla) login attempt.	2020-06-05 20:44:32

Recently Reported IPs

201.55.8.125	201.55.248.10	201.57.198.144	201.55.89.18
201.6.30.163	201.6.4.61	201.56.7.148	201.62.124.223
201.6.4.15	201.62.115.52	201.62.54.192	201.62.63.240
201.62.63.169	201.63.118.147	201.67.17.72	201.63.135.178
201.69.186.213	201.69.243.108	201.67.88.196	201.69.146.139