49.69.53.154 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: ChinaNet Jiangsu Province Network

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbotsspam	Automatic report - Port Scan Attack	2019-08-12 08:36:08

Comments on same subnet:

IP	Type	Details	Datetime
49.69.53.155	attackbots	MultiHost/MultiPort Probe, Scan, Hack -	2020-02-18 13:08:06
49.69.53.228	attack	Jul 22 15:07:47 fv15 sshd[1968]: Bad protocol version identification '' from 49.69.53.228 port 45169 Jul 22 15:07:53 fv15 sshd[1977]: Failed password for invalid user nexthink from 49.69.53.228 port 45326 ssh2 Jul 22 15:07:54 fv15 sshd[1977]: Connection closed by 49.69.53.228 [preauth] Jul 22 15:08:00 fv15 sshd[2183]: Failed password for invalid user plexuser from 49.69.53.228 port 46850 ssh2 Jul 22 15:08:00 fv15 sshd[2183]: Connection closed by 49.69.53.228 [preauth] Jul 22 15:08:08 fv15 sshd[2390]: Failed password for invalid user ubnt from 49.69.53.228 port 48427 ssh2 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=49.69.53.228	2019-07-23 02:55:04

Type

Details

Datetime

49.69.53.155

attackbots

MultiHost/MultiPort Probe, Scan, Hack -

2020-02-18 13:08:06

49.69.53.228

attack

Jul 22 15:07:47 fv15 sshd[1968]: Bad protocol version identification '' from 49.69.53.228 port 45169
Jul 22 15:07:53 fv15 sshd[1977]: Failed password for invalid user nexthink from 49.69.53.228 port 45326 ssh2
Jul 22 15:07:54 fv15 sshd[1977]: Connection closed by 49.69.53.228 [preauth]
Jul 22 15:08:00 fv15 sshd[2183]: Failed password for invalid user plexuser from 49.69.53.228 port 46850 ssh2
Jul 22 15:08:00 fv15 sshd[2183]: Connection closed by 49.69.53.228 [preauth]
Jul 22 15:08:08 fv15 sshd[2390]: Failed password for invalid user ubnt from 49.69.53.228 port 48427 ssh2


........
-----------------------------------------------
https://www.blocklist.de/en/view.html?ip=49.69.53.228

2019-07-23 02:55:04

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 49.69.53.154
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 33879
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;49.69.53.154.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019081101 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Mon Aug 12 08:36:03 CST 2019
;; MSG SIZE  rcvd: 116

Host info

Host 154.53.69.49.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 154.53.69.49.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
132.232.213.209	attack	Dec 18 19:33:52 vps647732 sshd[27068]: Failed password for root from 132.232.213.209 port 56310 ssh2 Dec 18 19:40:35 vps647732 sshd[27396]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=132.232.213.209 ...	2019-12-19 02:52:22
137.74.198.126	attackspam	Fail2Ban Ban Triggered	2019-12-19 03:03:57
51.38.113.45	attack	Dec 18 08:38:31 php1 sshd\[28392\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.38.113.45 user=root Dec 18 08:38:33 php1 sshd\[28392\]: Failed password for root from 51.38.113.45 port 45722 ssh2 Dec 18 08:48:00 php1 sshd\[29429\]: Invalid user SYSMAN from 51.38.113.45 Dec 18 08:48:00 php1 sshd\[29429\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.38.113.45 Dec 18 08:48:02 php1 sshd\[29429\]: Failed password for invalid user SYSMAN from 51.38.113.45 port 35174 ssh2	2019-12-19 02:53:59
182.254.145.29	attack	Dec 18 16:33:59 MK-Soft-VM6 sshd[1546]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.254.145.29 Dec 18 16:34:01 MK-Soft-VM6 sshd[1546]: Failed password for invalid user kip from 182.254.145.29 port 55056 ssh2 ...	2019-12-19 02:58:01
40.92.66.44	attackbots	Dec 18 17:33:46 debian-2gb-vpn-nbg1-1 kernel: [1057990.031838] [UFW BLOCK] IN=eth0 OUT= MAC=96:00:00:38:96:44:d2:74:7f:6e:37:e3:08:00 SRC=40.92.66.44 DST=78.46.192.101 LEN=40 TOS=0x00 PREC=0x00 TTL=240 ID=61142 DF PROTO=TCP SPT=38190 DPT=25 WINDOW=0 RES=0x00 ACK RST URGP=0	2019-12-19 03:06:35
36.110.118.136	attackspam	k+ssh-bruteforce	2019-12-19 03:13:08
45.55.84.16	attackbots	Dec 18 08:58:36 auw2 sshd\[27062\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.55.84.16 user=root Dec 18 08:58:37 auw2 sshd\[27062\]: Failed password for root from 45.55.84.16 port 57623 ssh2 Dec 18 09:03:29 auw2 sshd\[27570\]: Invalid user lisa from 45.55.84.16 Dec 18 09:03:29 auw2 sshd\[27570\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.55.84.16 Dec 18 09:03:31 auw2 sshd\[27570\]: Failed password for invalid user lisa from 45.55.84.16 port 33241 ssh2	2019-12-19 03:15:23
200.245.177.10	attackbots	1576679536 - 12/18/2019 15:32:16 Host: 200.245.177.10/200.245.177.10 Port: 445 TCP Blocked	2019-12-19 02:55:13
94.23.27.21	attackbotsspam	Dec 18 08:48:48 php1 sshd\[20849\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=ns367620.ip-94-23-27.eu user=root Dec 18 08:48:50 php1 sshd\[20849\]: Failed password for root from 94.23.27.21 port 56580 ssh2 Dec 18 08:55:33 php1 sshd\[21742\]: Invalid user simply from 94.23.27.21 Dec 18 08:55:33 php1 sshd\[21742\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=ns367620.ip-94-23-27.eu Dec 18 08:55:35 php1 sshd\[21742\]: Failed password for invalid user simply from 94.23.27.21 port 36210 ssh2	2019-12-19 03:06:13
178.116.236.42	attackspambots	Dec 18 19:43:28 pkdns2 sshd\[25832\]: Invalid user test1 from 178.116.236.42Dec 18 19:43:30 pkdns2 sshd\[25832\]: Failed password for invalid user test1 from 178.116.236.42 port 38284 ssh2Dec 18 19:44:00 pkdns2 sshd\[25842\]: Invalid user vic from 178.116.236.42Dec 18 19:44:02 pkdns2 sshd\[25842\]: Failed password for invalid user vic from 178.116.236.42 port 40408 ssh2Dec 18 19:44:33 pkdns2 sshd\[25883\]: Invalid user giacomini from 178.116.236.42Dec 18 19:44:35 pkdns2 sshd\[25883\]: Failed password for invalid user giacomini from 178.116.236.42 port 42532 ssh2 ...	2019-12-19 03:05:50
118.127.10.152	attackspam	Dec 18 08:45:43 hpm sshd\[30820\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=fattony.subscriptiondata.com user=root Dec 18 08:45:46 hpm sshd\[30820\]: Failed password for root from 118.127.10.152 port 42440 ssh2 Dec 18 08:52:35 hpm sshd\[31434\]: Invalid user libuuid from 118.127.10.152 Dec 18 08:52:35 hpm sshd\[31434\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=fattony.subscriptiondata.com Dec 18 08:52:40 hpm sshd\[31434\]: Failed password for invalid user libuuid from 118.127.10.152 port 45926 ssh2	2019-12-19 02:59:12
2001:41d0:203:5309::	attack	Wordpress attack	2019-12-19 02:46:08
92.222.92.114	attack	$f2bV_matches	2019-12-19 03:05:14
81.215.228.183	attackspambots	detected by Fail2Ban	2019-12-19 02:53:37
129.204.83.118	attack	Dec 18 20:03:58 meumeu sshd[6618]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.204.83.118 Dec 18 20:04:01 meumeu sshd[6618]: Failed password for invalid user renai from 129.204.83.118 port 42274 ssh2 Dec 18 20:10:18 meumeu sshd[7512]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.204.83.118 ...	2019-12-19 03:12:09

Recently Reported IPs

36.224.43.253	123.110.42.33	58.209.19.106	219.78.63.184
69.226.244.247	182.120.20.37	189.41.109.74	156.196.165.112
125.123.120.52	118.98.223.101	77.87.77.56	200.103.194.227
110.232.249.208	46.241.17.30	123.131.247.223	175.23.210.200
115.49.220.245	159.65.147.20	198.71.228.33	49.88.112.90