Must be a valid IPv4 or IPv6 ip address, e.g. 127.0.0.1 or 2001:DB8:0:0:8:800:200C:417A
Basic Info

City: unknown

Region: unknown

Country: United States of America

Internet Service Provider: Amazon Data Services NoVa

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:
Type Details Datetime
attack
Jul 16 05:55:44 *hidden* sshd[55058]: Invalid user lk from 54.243.44.99 port 54380 Jul 16 05:55:44 *hidden* sshd[55058]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.243.44.99 Jul 16 05:55:44 *hidden* sshd[55058]: Invalid user lk from 54.243.44.99 port 54380 Jul 16 05:55:44 *hidden* sshd[55058]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.243.44.99 Jul 16 05:55:44 *hidden* sshd[55058]: Invalid user lk from 54.243.44.99 port 54380 Jul 16 05:55:44 *hidden* sshd[55058]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.243.44.99 Jul 16 05:55:46 *hidden* sshd[55058]: Failed password for invalid user lk from 54.243.44.99 port 54380 ssh2
2020-07-16 12:11:49
Comments on same subnet:
No discussion about this subnet yet..
Whois info:
b
Dig info:
; <<>> DiG 9.10.3-P4-Ubuntu <<>> 54.243.44.99
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 20719
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;54.243.44.99.			IN	A

;; AUTHORITY SECTION:
.			586	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020071600 1800 900 604800 86400

;; Query time: 99 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Jul 16 12:11:45 CST 2020
;; MSG SIZE  rcvd: 116
Host info
99.44.243.54.in-addr.arpa domain name pointer ec2-54-243-44-99.compute-1.amazonaws.com.
Nslookup info:
Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
99.44.243.54.in-addr.arpa	name = ec2-54-243-44-99.compute-1.amazonaws.com.

Authoritative answers can be found from:
Related IP info:
Related comments:
IP Type Details Datetime
211.72.15.95 attack
Unauthorized connection attempt from IP address 211.72.15.95 on Port 445(SMB)
2020-05-14 03:53:43
191.193.63.42 attack
Unauthorized connection attempt from IP address 191.193.63.42 on Port 445(SMB)
2020-05-14 03:39:02
103.246.240.26 attackspambots
2020-05-13T10:29:26.9050691495-001 sshd[30741]: Invalid user test from 103.246.240.26 port 55900
2020-05-13T10:29:29.3230171495-001 sshd[30741]: Failed password for invalid user test from 103.246.240.26 port 55900 ssh2
2020-05-13T10:33:32.6388811495-001 sshd[30875]: Invalid user backup from 103.246.240.26 port 33668
2020-05-13T10:33:32.6459841495-001 sshd[30875]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.246.240.26
2020-05-13T10:33:32.6388811495-001 sshd[30875]: Invalid user backup from 103.246.240.26 port 33668
2020-05-13T10:33:34.8306511495-001 sshd[30875]: Failed password for invalid user backup from 103.246.240.26 port 33668 ssh2
...
2020-05-14 03:45:57
123.207.250.132 attack
prod6
...
2020-05-14 03:42:37
200.98.139.219 attackspam
Invalid user idynamic from 200.98.139.219 port 45872
2020-05-14 03:48:39
110.82.227.230 attack
Probing for vulnerable services
2020-05-14 03:39:31
62.210.219.124 attackbotsspam
20 attempts against mh-ssh on cloud
2020-05-14 03:47:35
193.70.0.173 attack
May 13 18:39:15 vps sshd[10697]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=193.70.0.173 
May 13 18:39:18 vps sshd[10697]: Failed password for invalid user testuser from 193.70.0.173 port 42044 ssh2
May 13 18:44:47 vps sshd[10967]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=193.70.0.173 
...
2020-05-14 03:30:46
123.108.35.186 attackspambots
May 14 02:37:57 web1 sshd[28012]: Invalid user dragos from 123.108.35.186 port 35424
May 14 02:37:57 web1 sshd[28012]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.108.35.186
May 14 02:37:57 web1 sshd[28012]: Invalid user dragos from 123.108.35.186 port 35424
May 14 02:38:00 web1 sshd[28012]: Failed password for invalid user dragos from 123.108.35.186 port 35424 ssh2
May 14 02:51:37 web1 sshd[31283]: Invalid user postgres from 123.108.35.186 port 54688
May 14 02:51:37 web1 sshd[31283]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.108.35.186
May 14 02:51:37 web1 sshd[31283]: Invalid user postgres from 123.108.35.186 port 54688
May 14 02:51:39 web1 sshd[31283]: Failed password for invalid user postgres from 123.108.35.186 port 54688 ssh2
May 14 02:55:43 web1 sshd[32290]: Invalid user bot from 123.108.35.186 port 39992
...
2020-05-14 03:33:39
222.128.29.230 attackspambots
Icarus honeypot on github
2020-05-14 03:23:05
162.243.137.150 attack
20/5/13@08:32:18: FAIL: Alarm-Telnet address from=162.243.137.150
...
2020-05-14 03:41:40
116.193.222.130 attackbotsspam
DATE:2020-05-13 14:32:23, IP:116.193.222.130, PORT:telnet Telnet brute force auth on honeypot server (epe-honey1-hq)
2020-05-14 03:36:33
92.87.96.104 attackbotsspam
Automatic report - Port Scan Attack
2020-05-14 03:35:12
106.12.196.237 attackbotsspam
" "
2020-05-14 03:42:59
196.52.43.56 attackspam
Automatic report - Banned IP Access
2020-05-14 03:58:00

Recently Reported IPs

52.249.188.160 190.92.57.182 95.239.27.231 12.108.161.119
195.194.226.51 51.202.186.40 145.254.210.222 31.163.163.8
166.108.252.141 133.186.32.234 74.97.75.12 88.56.243.12
68.213.169.188 182.122.44.174 161.86.130.61 117.218.53.136
5.60.176.92 60.176.196.81 24.251.84.131 20.35.77.43