54.254.164.180

Basic Info

City: unknown

Region: unknown

Country: Singapore

Internet Service Provider: Amazon Data Services Japan

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspambots	Unauthorized connection attempt detected from IP address 54.254.164.180 to port 2220 [J]	2020-01-28 03:52:11
attackbotsspam	Jan 25 04:28:16 server sshd\[5797\]: Invalid user zp from 54.254.164.180 Jan 25 04:28:16 server sshd\[5797\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=ec2-54-254-164-180.ap-southeast-1.compute.amazonaws.com Jan 25 04:28:18 server sshd\[5797\]: Failed password for invalid user zp from 54.254.164.180 port 48176 ssh2 Jan 25 07:55:58 server sshd\[21387\]: Invalid user dong from 54.254.164.180 Jan 25 07:55:58 server sshd\[21387\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=ec2-54-254-164-180.ap-southeast-1.compute.amazonaws.com ...	2020-01-25 14:12:04

Type

Details

Datetime

attackspambots

Unauthorized connection attempt detected from IP address 54.254.164.180 to port 2220 [J]

2020-01-28 03:52:11

attackbotsspam

Jan 25 04:28:16 server sshd\[5797\]: Invalid user zp from 54.254.164.180
Jan 25 04:28:16 server sshd\[5797\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=ec2-54-254-164-180.ap-southeast-1.compute.amazonaws.com 
Jan 25 04:28:18 server sshd\[5797\]: Failed password for invalid user zp from 54.254.164.180 port 48176 ssh2
Jan 25 07:55:58 server sshd\[21387\]: Invalid user dong from 54.254.164.180
Jan 25 07:55:58 server sshd\[21387\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=ec2-54-254-164-180.ap-southeast-1.compute.amazonaws.com 
...

2020-01-25 14:12:04

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 54.254.164.180
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 13159
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;54.254.164.180.			IN	A

;; AUTHORITY SECTION:
.			350	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020012500 1800 900 604800 86400

;; Query time: 98 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Jan 25 14:11:58 CST 2020
;; MSG SIZE  rcvd: 118

Host info

180.164.254.54.in-addr.arpa domain name pointer ec2-54-254-164-180.ap-southeast-1.compute.amazonaws.com.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
180.164.254.54.in-addr.arpa	name = ec2-54-254-164-180.ap-southeast-1.compute.amazonaws.com.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
51.68.230.54	attack	Mar 13 05:53:24 lukav-desktop sshd\[24639\]: Invalid user ftpuser from 51.68.230.54 Mar 13 05:53:24 lukav-desktop sshd\[24639\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.68.230.54 Mar 13 05:53:25 lukav-desktop sshd\[24639\]: Failed password for invalid user ftpuser from 51.68.230.54 port 39764 ssh2 Mar 13 05:56:36 lukav-desktop sshd\[24673\]: Invalid user ftpuser from 51.68.230.54 Mar 13 05:56:36 lukav-desktop sshd\[24673\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.68.230.54	2020-03-13 13:18:15
167.172.35.121	attack	Mar 13 04:32:02 XXX sshd[48082]: Invalid user XXXXXX from 167.172.35.121 port 52950	2020-03-13 13:15:28
178.62.99.41	attack	March 13 2020, 00:33:00 [sshd] - Banned from the Mad Pony WordPress hosting platform by Fail2ban.	2020-03-13 12:53:48
51.38.178.226	attackbotsspam	Mar 13 05:50:32 * sshd[31272]: Failed password for root from 51.38.178.226 port 42730 ssh2 Mar 13 05:56:39 * sshd[31983]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.38.178.226	2020-03-13 12:58:24
49.235.106.91	attackspambots	Mar 13 09:44:04 areeb-Workstation sshd[629]: Failed password for root from 49.235.106.91 port 47562 ssh2 ...	2020-03-13 13:43:41
118.25.47.217	attackspambots	Mar 13 04:50:26 SilenceServices sshd[2546]: Failed password for root from 118.25.47.217 port 51831 ssh2 Mar 13 04:53:47 SilenceServices sshd[3498]: Failed password for root from 118.25.47.217 port 26328 ssh2 Mar 13 04:57:01 SilenceServices sshd[4398]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.25.47.217	2020-03-13 13:02:47
217.182.206.141	attackspambots	Mar 13 05:58:39 vps647732 sshd[12237]: Failed password for root from 217.182.206.141 port 38622 ssh2 ...	2020-03-13 13:05:34
220.167.161.200	attack	Mar 13 04:50:37 Ubuntu-1404-trusty-64-minimal sshd\[13631\]: Invalid user lishuoguo from 220.167.161.200 Mar 13 04:50:37 Ubuntu-1404-trusty-64-minimal sshd\[13631\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=220.167.161.200 Mar 13 04:50:39 Ubuntu-1404-trusty-64-minimal sshd\[13631\]: Failed password for invalid user lishuoguo from 220.167.161.200 port 35434 ssh2 Mar 13 04:56:19 Ubuntu-1404-trusty-64-minimal sshd\[19904\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=220.167.161.200 user=root Mar 13 04:56:20 Ubuntu-1404-trusty-64-minimal sshd\[19904\]: Failed password for root from 220.167.161.200 port 53258 ssh2	2020-03-13 13:29:31
73.215.235.100	attackspam	SSH-bruteforce attempts	2020-03-13 12:57:40
121.229.59.100	attack	Brute-force attempt banned	2020-03-13 13:22:00
35.199.82.233	attackbots	SSH bruteforce (Triggered fail2ban)	2020-03-13 13:27:03
154.16.113.198	attackspam	Port Scan detected from 154.16.113.198 (US/United States/-). 4 hits in the last 285 seconds	2020-03-13 13:28:10
152.0.92.210	attackspam	serveres are UTC Lines containing failures of 152.0.92.210 Mar 12 23:45:34 tux2 sshd[11530]: Connection closed by 152.0.92.210 port 42682 [preauth] Mar 12 23:50:31 tux2 sshd[11816]: Failed password for r.r from 152.0.92.210 port 60540 ssh2 Mar 12 23:50:31 tux2 sshd[11816]: Received disconnect from 152.0.92.210 port 60540:11: Bye Bye [preauth] Mar 12 23:50:31 tux2 sshd[11816]: Disconnected from authenticating user r.r 152.0.92.210 port 60540 [preauth] Mar 12 23:59:25 tux2 sshd[12352]: Invalid user mongodb from 152.0.92.210 port 39790 Mar 12 23:59:25 tux2 sshd[12352]: Failed password for invalid user mongodb from 152.0.92.210 port 39790 ssh2 Mar 12 23:59:25 tux2 sshd[12352]: Received disconnect from 152.0.92.210 port 39790:11: Bye Bye [preauth] Mar 12 23:59:25 tux2 sshd[12352]: Disconnected from invalid user mongodb 152.0.92.210 port 39790 [preauth] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=152.0.92.210	2020-03-13 13:44:07
107.170.204.148	attackspam	Mar 13 04:57:19 jane sshd[28698]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=107.170.204.148 Mar 13 04:57:21 jane sshd[28698]: Failed password for invalid user ftp from 107.170.204.148 port 41942 ssh2 ...	2020-03-13 12:52:51
59.25.20.42	attack	Unauthorized connection attempt detected from IP address 59.25.20.42 to port 5555	2020-03-13 12:59:31

Recently Reported IPs

113.135.86.40	200.194.42.219	192.144.157.33	115.128.192.227
156.236.119.182	14.177.181.42	62.165.16.130	49.145.6.116
198.199.101.113	23.254.228.163	124.123.191.118	46.103.87.31
36.77.169.69	187.35.124.26	111.91.62.171	95.110.210.133
169.141.248.95	187.178.146.212	184.57.83.177	171.220.243.179