54.179.138.130

Basic Info

City: unknown

Region: unknown

Country: United States

Internet Service Provider: Amazon Technologies Inc.

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	2020-08-21T00:30:00.038482lavrinenko.info sshd[882]: Invalid user spark from 54.179.138.130 port 59706 2020-08-21T00:30:00.047858lavrinenko.info sshd[882]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.179.138.130 2020-08-21T00:30:00.038482lavrinenko.info sshd[882]: Invalid user spark from 54.179.138.130 port 59706 2020-08-21T00:30:02.289620lavrinenko.info sshd[882]: Failed password for invalid user spark from 54.179.138.130 port 59706 ssh2 2020-08-21T00:34:50.301937lavrinenko.info sshd[1042]: Invalid user postgres from 54.179.138.130 port 47292 ...	2020-08-21 05:59:34

Type

Details

Datetime

attack

2020-08-21T00:30:00.038482lavrinenko.info sshd[882]: Invalid user spark from 54.179.138.130 port 59706
2020-08-21T00:30:00.047858lavrinenko.info sshd[882]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.179.138.130
2020-08-21T00:30:00.038482lavrinenko.info sshd[882]: Invalid user spark from 54.179.138.130 port 59706
2020-08-21T00:30:02.289620lavrinenko.info sshd[882]: Failed password for invalid user spark from 54.179.138.130 port 59706 ssh2
2020-08-21T00:34:50.301937lavrinenko.info sshd[1042]: Invalid user postgres from 54.179.138.130 port 47292
...

2020-08-21 05:59:34

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 54.179.138.130
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 18711
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;54.179.138.130.			IN	A

;; AUTHORITY SECTION:
.			203	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020081701 1800 900 604800 86400

;; Query time: 66 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Aug 18 10:40:38 CST 2020
;; MSG SIZE  rcvd: 118

Host info

130.138.179.54.in-addr.arpa domain name pointer ec2-54-179-138-130.ap-southeast-1.compute.amazonaws.com.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
130.138.179.54.in-addr.arpa	name = ec2-54-179-138-130.ap-southeast-1.compute.amazonaws.com.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
124.156.103.34	attack	Automatic report - Banned IP Access	2019-07-24 04:06:04
45.55.235.208	attackspambots	Jul 23 20:20:55 mail sshd\[2260\]: Failed password for invalid user open from 45.55.235.208 port 53094 ssh2 Jul 23 20:38:18 mail sshd\[2488\]: Invalid user tanja from 45.55.235.208 port 35422 ...	2019-07-24 03:54:56
112.166.68.193	attackbotsspam	Invalid user jenkins from 112.166.68.193 port 50460 pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.166.68.193 Failed password for invalid user jenkins from 112.166.68.193 port 50460 ssh2 Invalid user satheesh from 112.166.68.193 port 40188 pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.166.68.193	2019-07-24 04:07:32
109.122.97.70	attackbots	ICMP MP Probe, Scan -	2019-07-24 04:04:49
202.29.57.103	attackbots	Splunk® : port scan detected: Jul 23 09:16:29 testbed kernel: Firewall: TCP_IN Blocked IN=eth0 OUT= MAC=82:c6:52:d1:6e:53:64:c3:d6:0b:ef:f0:08:00 SRC=202.29.57.103 DST=104.248.11.191 LEN=40 TOS=0x00 PREC=0x00 TTL=239 ID=54825 PROTO=TCP SPT=32767 DPT=8545 WINDOW=1024 RES=0x00 SYN URGP=0	2019-07-24 04:16:35
36.73.242.233	attackbots	" "	2019-07-24 04:25:01
213.174.152.182	attackbots	Automatic report - Banned IP Access	2019-07-24 04:02:58
14.176.127.218	attack	Unauthorized connection attempt from IP address 14.176.127.218 on Port 445(SMB)	2019-07-24 04:24:29
169.62.135.236	attackspam	Lines containing failures of 169.62.135.236 (max 1000) Jul 23 17:29:56 localhost sshd[18214]: Invalid user ftp from 169.62.135.236 port 56588 Jul 23 17:29:56 localhost sshd[18214]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=169.62.135.236 Jul 23 17:29:58 localhost sshd[18214]: Failed password for invalid user ftp from 169.62.135.236 port 56588 ssh2 Jul 23 17:29:59 localhost sshd[18214]: Received disconnect from 169.62.135.236 port 56588:11: Bye Bye [preauth] Jul 23 17:29:59 localhost sshd[18214]: Disconnected from invalid user ftp 169.62.135.236 port 56588 [preauth] Jul 23 17:54:41 localhost sshd[22578]: Invalid user argo from 169.62.135.236 port 49826 Jul 23 17:54:41 localhost sshd[22578]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=169.62.135.236 Jul 23 17:54:43 localhost sshd[22578]: Failed password for invalid user argo from 169.62.135.236 port 49826 ssh2 Jul 23 17:54:44 localh........ ------------------------------	2019-07-24 04:14:05
80.248.6.180	attack	Automatic report - Banned IP Access	2019-07-24 04:12:48
146.242.36.22	attackspambots	ICMP MP Probe, Scan -	2019-07-24 03:53:05
88.250.31.80	attackspambots	DATE:2019-07-23 11:06:27, IP:88.250.31.80, PORT:telnet - Telnet brute force auth on a honeypot server (epe-dc)	2019-07-24 04:17:40
145.90.8.1	attack	ICMP MP Probe, Scan -	2019-07-24 03:59:45
144.217.90.136	attackspambots	php WP PHPmyadamin ABUSE blocked for 12h	2019-07-24 04:07:02
91.121.179.17	attack	Invalid user connie from 91.121.179.17 port 38372	2019-07-24 03:45:20

Recently Reported IPs

154.102.246.169	148.118.236.135	158.140.201.253	56.114.153.204
199.76.85.57	28.236.134.13	130.98.67.135	75.98.249.134
112.233.30.130	73.73.178.9	159.6.158.111	122.181.54.114
255.173.102.21	117.214.15.109	201.71.12.254	124.122.41.8
114.232.225.146	36.92.107.2	231.180.200.73	14.243.185.250