54.201.107.29 - IPInfo

Basic Info

City: Boardman

Region: Oregon

Country: United States

Internet Service Provider: Amazon.com Inc.

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbots	09/26/2019-05:58:02.648085 54.201.107.29 Protocol: 6 SURICATA TLS invalid handshake message	2019-09-26 12:32:42
attack	09/25/2019-23:00:02.598910 54.201.107.29 Protocol: 6 SURICATA TLS invalid handshake message	2019-09-26 05:08:43
attack	09/24/2019-17:19:02.678946 54.201.107.29 Protocol: 6 SURICATA TLS invalid handshake message	2019-09-24 23:35:24
attack	09/23/2019-20:54:22.117544 54.201.107.29 Protocol: 6 SURICATA TLS invalid handshake message	2019-09-24 03:15:54

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 54.201.107.29
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 52128
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;54.201.107.29.			IN	A

;; AUTHORITY SECTION:
.			497	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019092301 1800 900 604800 86400

;; Query time: 568 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Sep 24 03:15:51 CST 2019
;; MSG SIZE  rcvd: 117

Host info

29.107.201.54.in-addr.arpa domain name pointer ec2-54-201-107-29.us-west-2.compute.amazonaws.com.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
29.107.201.54.in-addr.arpa	name = ec2-54-201-107-29.us-west-2.compute.amazonaws.com.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
66.70.160.187	attack	fail2ban honeypot	2019-11-24 08:39:40
32.220.54.46	attackbots	2019-11-23T23:17:23.552564abusebot.cloudsearch.cf sshd\[28904\]: Invalid user mark from 32.220.54.46 port 40826	2019-11-24 08:50:51
217.46.233.121	attackbotsspam	2019-11-23T23:52:31.486832abusebot-4.cloudsearch.cf sshd\[11566\]: Invalid user uucp from 217.46.233.121 port 41257	2019-11-24 08:25:56
60.160.143.78	attackbots	badbot	2019-11-24 08:35:00
181.57.192.246	attackspam	Nov 23 23:44:14 lnxmysql61 sshd[4978]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=181.57.192.246 Nov 23 23:44:14 lnxmysql61 sshd[4978]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=181.57.192.246	2019-11-24 08:23:00
27.69.242.187	attackbotsspam	Nov 24 01:29:48 MK-Soft-VM3 sshd[32021]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=27.69.242.187 Nov 24 01:29:50 MK-Soft-VM3 sshd[32021]: Failed password for invalid user ftpuser from 27.69.242.187 port 52042 ssh2 ...	2019-11-24 08:31:09
106.13.132.100	attackbotsspam	2019-11-23T18:40:07.0991111495-001 sshd\[22680\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.132.100 user=root 2019-11-23T18:40:08.7875051495-001 sshd\[22680\]: Failed password for root from 106.13.132.100 port 48782 ssh2 2019-11-23T18:46:40.6765081495-001 sshd\[22893\]: Invalid user yousch from 106.13.132.100 port 50876 2019-11-23T18:46:40.6842061495-001 sshd\[22893\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.132.100 2019-11-23T18:46:42.9898901495-001 sshd\[22893\]: Failed password for invalid user yousch from 106.13.132.100 port 50876 ssh2 2019-11-23T18:53:03.9037011495-001 sshd\[23131\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.132.100 user=root ...	2019-11-24 08:47:55
81.22.45.39	attack	2019-11-24T01:15:04.403539+01:00 lumpi kernel: [4376867.679092] INPUT:DROP:SPAMHAUS_EDROP:IN=eth0 OUT= MAC=52:54:a2:01:a5:04:d2:74:7f:6e:37:e3:08:00 SRC=81.22.45.39 DST=172.31.1.100 LEN=40 TOS=0x00 PREC=0x00 TTL=244 ID=28362 PROTO=TCP SPT=54841 DPT=4444 WINDOW=1024 RES=0x00 SYN URGP=0 2019-11-24T01:15:04.448534+01:00 lumpi kernel: [4376867.724059] INPUT:DROP:SPAMHAUS_EDROP:IN=eth0 OUT= MAC=52:54:a2:01:a5:04:d2:74:7f:6e:37:e3:08:00 SRC=81.22.45.39 DST=172.31.1.100 LEN=40 TOS=0x00 PREC=0x00 TTL=243 ID=35846 PROTO=TCP SPT=54841 DPT=4133 WINDOW=1024 RES=0x00 SYN URGP=0 ...	2019-11-24 08:37:52
182.61.163.126	attackspam	2019-11-24T00:22:54.690765shield sshd\[6747\]: Invalid user bardet from 182.61.163.126 port 51188 2019-11-24T00:22:54.697137shield sshd\[6747\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.61.163.126 2019-11-24T00:22:56.786670shield sshd\[6747\]: Failed password for invalid user bardet from 182.61.163.126 port 51188 ssh2 2019-11-24T00:30:03.619835shield sshd\[8915\]: Invalid user vz from 182.61.163.126 port 59696 2019-11-24T00:30:03.624054shield sshd\[8915\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.61.163.126	2019-11-24 08:30:36
120.138.114.184	attackspambots	2019-11-23T15:43:25.296575suse-nuc sshd[28814]: Invalid user pi from 120.138.114.184 port 33860 ...	2019-11-24 08:58:51
216.58.208.46	attackspambots	TCP Port Scanning	2019-11-24 08:45:19
51.75.123.195	attackspam	Nov 23 14:10:52 hanapaa sshd\[23290\]: Invalid user topher from 51.75.123.195 Nov 23 14:10:52 hanapaa sshd\[23290\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=195.ip-51-75-123.eu Nov 23 14:10:55 hanapaa sshd\[23290\]: Failed password for invalid user topher from 51.75.123.195 port 36702 ssh2 Nov 23 14:17:11 hanapaa sshd\[23812\]: Invalid user test0000 from 51.75.123.195 Nov 23 14:17:11 hanapaa sshd\[23812\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=195.ip-51-75-123.eu	2019-11-24 08:20:01
217.65.110.67	attack	Nov 24 00:44:51 MK-Soft-Root2 sshd[22826]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=217.65.110.67 Nov 24 00:44:53 MK-Soft-Root2 sshd[22826]: Failed password for invalid user test from 217.65.110.67 port 12469 ssh2 ...	2019-11-24 08:43:33
81.4.106.78	attackspambots	Nov 24 01:27:41 vps647732 sshd[24878]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=81.4.106.78 Nov 24 01:27:43 vps647732 sshd[24878]: Failed password for invalid user 123 from 81.4.106.78 port 48094 ssh2 ...	2019-11-24 08:42:11
5.196.217.177	attack	Rude login attack (38 tries in 1d)	2019-11-24 08:34:41

Recently Reported IPs

131.118.57.175	117.193.122.225	217.64.38.214	1.2.60.117
139.190.19.208	24.117.247.12	140.91.62.198	212.231.31.148
207.24.50.95	2.106.50.123	209.208.99.150	191.126.145.114
92.134.25.201	212.129.138.67	2.72.203.185	119.189.52.240
41.30.249.172	194.226.171.214	196.32.6.165	93.25.73.201