54.149.162.21 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: United States of America

Internet Service Provider: Amazon Technologies Inc.

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspam	IP 54.149.162.21 attacked honeypot on port: 80 at 7/15/2020 8:48:16 PM	2020-07-16 19:34:58

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 54.149.162.21
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 42753
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;54.149.162.21.			IN	A

;; AUTHORITY SECTION:
.			357	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020071601 1800 900 604800 86400

;; Query time: 47 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Jul 16 19:34:54 CST 2020
;; MSG SIZE  rcvd: 117

Host info

21.162.149.54.in-addr.arpa domain name pointer ec2-54-149-162-21.us-west-2.compute.amazonaws.com.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
21.162.149.54.in-addr.arpa	name = ec2-54-149-162-21.us-west-2.compute.amazonaws.com.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
105.110.65.21	attackbots	WordPress wp-login brute force :: 105.110.65.21 0.148 BYPASS [14/Sep/2019:07:16:20 1000] [censored_1] "POST /wp-login.php HTTP/1.1" 200 3972 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2019-09-14 09:37:17
94.231.176.106	attack	proto=tcp . spt=58302 . dpt=25 . (listed on Dark List de Sep 13) (967)	2019-09-14 09:19:10
212.15.169.6	attackbots	Sep 14 03:10:11 lnxmysql61 sshd[27480]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=212.15.169.6	2019-09-14 09:19:32
180.212.195.76	attackbotsspam	SSH scan ::	2019-09-14 09:58:56
87.241.241.183	attackbots	proto=tcp . spt=41056 . dpt=25 . (listed on Dark List de Sep 13) (955)	2019-09-14 09:45:02
144.217.4.14	attackbotsspam	detected by Fail2Ban	2019-09-14 09:17:44
89.3.236.207	attackbotsspam	(sshd) Failed SSH login from 89.3.236.207 (FR/France/ip-207.net-89-3-236.rev.numericable.fr): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: Sep 13 18:13:19 host sshd[23148]: Invalid user fabian from 89.3.236.207 port 51116	2019-09-14 09:40:09
103.83.118.2	attackspambots	IMAP brute force ...	2019-09-14 09:37:48
168.0.37.223	attackspam	proto=tcp . spt=45004 . dpt=25 . (listed on Blocklist de Sep 13) (958)	2019-09-14 09:39:05
207.38.86.247	attackbots	xmlrpc attack	2019-09-14 09:33:12
223.247.194.119	attackbots	Sep 13 21:38:33 ny01 sshd[10902]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=223.247.194.119 Sep 13 21:38:35 ny01 sshd[10902]: Failed password for invalid user mysql2 from 223.247.194.119 port 47378 ssh2 Sep 13 21:43:55 ny01 sshd[11768]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=223.247.194.119	2019-09-14 09:58:29
198.12.149.33	attack	WordPress wp-login brute force :: 198.12.149.33 0.060 BYPASS [14/Sep/2019:10:43:17 1000] [censored_4] "POST /wp-login.php HTTP/1.1" 200 3989 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2019-09-14 09:24:20
91.204.14.153	attackbots	Ein möglicherweise gefährlicher Request.Form-Wert wurde vom Client (mp$ContentZone$TxtMessage="	2019-09-14 09:53:52
81.130.193.35	attackspam	Sep 14 01:53:12 v22018053744266470 sshd[11353]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=host81-130-193-35.in-addr.btopenworld.com Sep 14 01:53:14 v22018053744266470 sshd[11353]: Failed password for invalid user daniel from 81.130.193.35 port 46101 ssh2 Sep 14 02:00:25 v22018053744266470 sshd[11860]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=host81-130-193-35.in-addr.btopenworld.com ...	2019-09-14 09:48:20
78.130.243.120	attackspam	Sep 14 03:40:00 plex sshd[18223]: Invalid user p@ssword from 78.130.243.120 port 57338	2019-09-14 09:50:29

Recently Reported IPs

24.240.96.218	123.23.172.235	103.14.160.238	240.67.2.30
250.249.41.204	117.23.201.198	112.179.67.146	121.145.92.204
195.161.2.74	226.49.218.54	120.67.153.51	227.224.134.200
127.226.40.49	9.172.93.188	39.65.223.61	73.44.11.59
172.104.237.189	120.149.127.167	8.45.151.223	240f:64:6939:1:e90d:fbe0:2c0a:8d38