54.249.2.27 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: United States

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
54.249.234.248	attack	Sep 14 03:04:52 rancher-0 sshd[33677]: Invalid user 4rfvbgt5 from 54.249.234.248 port 50890 ...	2020-09-14 23:28:51
54.249.234.248	attack	Sep 14 03:04:52 rancher-0 sshd[33677]: Invalid user 4rfvbgt5 from 54.249.234.248 port 50890 ...	2020-09-14 15:16:38
54.249.234.248	attackspam	Sep 12 16:12:56 garuda sshd[342751]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=em3-54-249-234-248.ap-northeast-1.compute.amazonaws.com user=r.r Sep 12 16:12:58 garuda sshd[342751]: Failed password for r.r from 54.249.234.248 port 43092 ssh2 Sep 12 16:12:58 garuda sshd[342751]: Received disconnect from 54.249.234.248: 11: Bye Bye [preauth] Sep 12 16:22:34 garuda sshd[344849]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=em3-54-249-234-248.ap-northeast-1.compute.amazonaws.com user=r.r Sep 12 16:22:36 garuda sshd[344849]: Failed password for r.r from 54.249.234.248 port 41378 ssh2 Sep 12 16:22:36 garuda sshd[344849]: Received disconnect from 54.249.234.248: 11: Bye Bye [preauth] Sep 12 16:25:36 garuda sshd[345683]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=em3-54-249-234-248.ap-northeast-1.compute.amazonaws.com user=r.r Sep 12 16:25:38 g........ -------------------------------	2020-09-14 07:12:32
54.249.221.80	attackbotsspam	$f2bV_matches	2020-07-19 06:51:40
54.249.221.80	attackspambots	ssh brute force	2020-07-14 20:52:02

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 54.249.2.27
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 44101
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;54.249.2.27.			IN	A

;; AUTHORITY SECTION:
.			331	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022021300 1800 900 604800 86400

;; Query time: 17 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Feb 13 17:53:44 CST 2022
;; MSG SIZE  rcvd: 104

Host info

27.2.249.54.in-addr.arpa domain name pointer ec2-54-249-2-27.ap-northeast-1.compute.amazonaws.com.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
27.2.249.54.in-addr.arpa	name = ec2-54-249-2-27.ap-northeast-1.compute.amazonaws.com.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
103.76.175.130	attackspam	Apr 4 11:26:09 server sshd\[29285\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.76.175.130 user=root Apr 4 11:26:10 server sshd\[29285\]: Failed password for root from 103.76.175.130 port 49894 ssh2 Apr 4 11:34:36 server sshd\[31154\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.76.175.130 user=root Apr 4 11:34:38 server sshd\[31154\]: Failed password for root from 103.76.175.130 port 58842 ssh2 Apr 4 11:38:16 server sshd\[32189\]: Invalid user guoxiaochun from 103.76.175.130 Apr 4 11:38:16 server sshd\[32189\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.76.175.130 ...	2020-04-04 17:34:29
59.124.205.214	attack	Invalid user zh from 59.124.205.214 port 42506	2020-04-04 17:03:46
49.234.25.49	attack	Invalid user htu from 49.234.25.49 port 38608	2020-04-04 17:06:52
206.174.214.90	attackspam	(sshd) Failed SSH login from 206.174.214.90 (CA/Canada/h206-174-214-90.bigpipeinc.com): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Apr 4 10:27:57 amsweb01 sshd[31717]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=206.174.214.90 user=root Apr 4 10:27:59 amsweb01 sshd[31717]: Failed password for root from 206.174.214.90 port 48756 ssh2 Apr 4 10:32:19 amsweb01 sshd[32281]: Invalid user zhucm from 206.174.214.90 port 51918 Apr 4 10:32:22 amsweb01 sshd[32281]: Failed password for invalid user zhucm from 206.174.214.90 port 51918 ssh2 Apr 4 10:34:34 amsweb01 sshd[32647]: Invalid user xiaoyan from 206.174.214.90 port 35008	2020-04-04 17:33:09
115.159.55.43	attack	Apr 4 09:33:29 hosting sshd[29010]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=115.159.55.43 user=root Apr 4 09:33:30 hosting sshd[29010]: Failed password for root from 115.159.55.43 port 47937 ssh2 ...	2020-04-04 16:41:44
45.230.169.14	attack	(sshd) Failed SSH login from 45.230.169.14 (VE/Venezuela/-): 2 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Apr 4 09:30:31 ubnt-55d23 sshd[16536]: Invalid user www from 45.230.169.14 port 35913 Apr 4 09:30:33 ubnt-55d23 sshd[16536]: Failed password for invalid user www from 45.230.169.14 port 35913 ssh2	2020-04-04 17:09:00
222.186.180.8	attackspam	Apr 4 11:19:10 vmanager6029 sshd\[6878\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.180.8 user=root Apr 4 11:19:12 vmanager6029 sshd\[6876\]: error: PAM: Authentication failure for root from 222.186.180.8 Apr 4 11:19:14 vmanager6029 sshd\[6879\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.180.8 user=root	2020-04-04 17:20:55
107.170.37.74	attack	SSH Brute-Forcing (server1)	2020-04-04 16:44:17
140.238.224.141	attack	$f2bV_matches	2020-04-04 16:36:54
118.42.125.170	attack	$f2bV_matches	2020-04-04 17:17:09
141.98.81.37	attackspam	Apr 4 09:32:23 vpn01 sshd[6300]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=141.98.81.37 Apr 4 09:32:25 vpn01 sshd[6300]: Failed password for invalid user admin from 141.98.81.37 port 13118 ssh2 ...	2020-04-04 16:58:06
106.13.98.132	attackspam	$f2bV_matches	2020-04-04 16:46:01
139.199.1.166	attackspam	Apr 4 07:19:41 vps647732 sshd[12668]: Failed password for root from 139.199.1.166 port 47454 ssh2 ...	2020-04-04 17:12:56
113.161.66.214	attack	Invalid user dandimaria from 113.161.66.214 port 41114	2020-04-04 16:42:36
106.13.232.102	attackbotsspam	Invalid user sinusbot from 106.13.232.102 port 47162	2020-04-04 16:45:17

Recently Reported IPs

54.244.87.81	54.252.163.247	54.248.210.222	54.252.189.94
54.250.63.67	54.250.163.170	54.255.113.217	54.36.115.93
54.36.148.150	54.36.148.158	54.36.148.253	54.36.148.97
54.36.149.25	54.36.203.240	54.37.22.167	54.37.122.133
54.37.211.125	54.37.22.148	54.37.22.88	54.36.244.35