54.67.50.2 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: United States

Internet Service Provider: Amazon Technologies Inc.

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Connection by 54.67.50.2 on port: 6066 got caught by honeypot at 11/4/2019 5:21:21 AM	2019-11-04 21:22:23

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 54.67.50.2
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 17742
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;54.67.50.2.			IN	A

;; AUTHORITY SECTION:
.			530	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019110400 1800 900 604800 86400

;; Query time: 101 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Nov 04 21:22:15 CST 2019
;; MSG SIZE  rcvd: 114

Host info

2.50.67.54.in-addr.arpa domain name pointer ec2-54-67-50-2.us-west-1.compute.amazonaws.com.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
2.50.67.54.in-addr.arpa	name = ec2-54-67-50-2.us-west-1.compute.amazonaws.com.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
111.231.112.36	attack	Jul 31 01:21:28 www1 sshd\[21615\]: Invalid user pos02 from 111.231.112.36Jul 31 01:21:30 www1 sshd\[21615\]: Failed password for invalid user pos02 from 111.231.112.36 port 56988 ssh2Jul 31 01:25:31 www1 sshd\[22143\]: Invalid user dspace from 111.231.112.36Jul 31 01:25:33 www1 sshd\[22143\]: Failed password for invalid user dspace from 111.231.112.36 port 44716 ssh2Jul 31 01:29:41 www1 sshd\[22451\]: Invalid user damares from 111.231.112.36Jul 31 01:29:43 www1 sshd\[22451\]: Failed password for invalid user damares from 111.231.112.36 port 60448 ssh2 ...	2019-07-31 15:54:25
83.163.138.240	attackspam	firewall-block_invalid_GET_Request	2019-07-31 15:57:50
192.42.116.19	attackbotsspam	Reported by AbuseIPDB proxy server.	2019-07-31 16:29:19
182.18.188.132	attackspam	Jul 30 23:32:27 master sshd[15651]: Failed password for invalid user om from 182.18.188.132 port 56350 ssh2 Jul 31 00:13:02 master sshd[16119]: Failed password for root from 182.18.188.132 port 54916 ssh2 Jul 31 00:17:51 master sshd[16149]: Failed password for invalid user drupal from 182.18.188.132 port 46520 ssh2 Jul 31 00:22:28 master sshd[16167]: Failed password for invalid user ubuntu from 182.18.188.132 port 38016 ssh2 Jul 31 00:26:56 master sshd[16185]: Failed password for invalid user yf from 182.18.188.132 port 57928 ssh2 Jul 31 00:31:27 master sshd[16507]: Failed password for invalid user filecoupon from 182.18.188.132 port 49536 ssh2 Jul 31 00:36:05 master sshd[16523]: Failed password for invalid user andy from 182.18.188.132 port 41114 ssh2 Jul 31 00:40:39 master sshd[16543]: Failed password for invalid user qin from 182.18.188.132 port 32798 ssh2 Jul 31 00:45:07 master sshd[16572]: Failed password for invalid user python from 182.18.188.132 port 52528 ssh2 Jul 31 00:49:40 master sshd[16592]: Fail	2019-07-31 16:04:02
31.7.62.70	attackspambots	31.07.2019 10:15:58 - SMTP Spam without Auth on hMailserver Detected by ELinOX-hMail-A2F	2019-07-31 16:17:58
115.192.78.125	attack	Jul 30 16:37:10 cumulus sshd[11945]: Invalid user zapp from 115.192.78.125 port 46538 Jul 30 16:37:10 cumulus sshd[11945]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=115.192.78.125 Jul 30 16:37:12 cumulus sshd[11945]: Failed password for invalid user zapp from 115.192.78.125 port 46538 ssh2 Jul 30 16:37:12 cumulus sshd[11945]: Received disconnect from 115.192.78.125 port 46538:11: Bye Bye [preauth] Jul 30 16:37:12 cumulus sshd[11945]: Disconnected from 115.192.78.125 port 46538 [preauth] Jul 30 17:12:26 cumulus sshd[13016]: Invalid user 123456 from 115.192.78.125 port 50918 Jul 30 17:12:26 cumulus sshd[13016]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=115.192.78.125 Jul 30 17:12:27 cumulus sshd[13016]: Failed password for invalid user 123456 from 115.192.78.125 port 50918 ssh2 Jul 30 17:12:28 cumulus sshd[13016]: Received disconnect from 115.192.78.125 port 50918:11: Bye Bye [prea........ -------------------------------	2019-07-31 15:53:37
194.44.48.50	attackspambots	Failed password for invalid user david from 194.44.48.50 port 54526 ssh2 Invalid user test5 from 194.44.48.50 port 50496 pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=194.44.48.50 Failed password for invalid user test5 from 194.44.48.50 port 50496 ssh2 Invalid user thomas from 194.44.48.50 port 46298	2019-07-31 15:44:42
49.83.12.91	attackspam	Jul 30 21:42:35 Pluto sshd[25399]: Bad protocol version identification '' from 49.83.12.91 port 45822 Jul 30 21:42:43 Pluto sshd[25401]: Connection closed by 49.83.12.91 port 46436 [preauth] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=49.83.12.91	2019-07-31 16:13:53
210.210.178.59	attackspam	Jul 31 10:11:08 dedicated sshd[27172]: Invalid user db2inst3 from 210.210.178.59 port 34467	2019-07-31 16:17:20
222.252.30.117	attack	2019-07-30T23:36:57.815068abusebot-6.cloudsearch.cf sshd\[14716\]: Invalid user lever from 222.252.30.117 port 37160	2019-07-31 15:28:42
94.249.52.91	attackbots	DATE:2019-07-31 00:29:47, IP:94.249.52.91, PORT:telnet - Telnet brute force auth on a honeypot server (epe-dc)	2019-07-31 15:54:52
104.248.80.78	attack	Jul 7 06:35:35 dallas01 sshd[12745]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.80.78 Jul 7 06:35:37 dallas01 sshd[12745]: Failed password for invalid user com1 from 104.248.80.78 port 36430 ssh2 Jul 7 06:37:41 dallas01 sshd[12988]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.80.78 Jul 7 06:37:43 dallas01 sshd[12988]: Failed password for invalid user chao from 104.248.80.78 port 33438 ssh2	2019-07-31 16:25:17
66.70.189.209	attackspambots	Jul 31 03:23:41 xtremcommunity sshd\[1653\]: Invalid user redmine from 66.70.189.209 port 48792 Jul 31 03:23:41 xtremcommunity sshd\[1653\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=66.70.189.209 Jul 31 03:23:42 xtremcommunity sshd\[1653\]: Failed password for invalid user redmine from 66.70.189.209 port 48792 ssh2 Jul 31 03:28:03 xtremcommunity sshd\[1764\]: Invalid user vusa from 66.70.189.209 port 46137 Jul 31 03:28:03 xtremcommunity sshd\[1764\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=66.70.189.209 ...	2019-07-31 15:38:30
218.38.30.15	attack	firewall-block, port(s): 445/tcp	2019-07-31 16:27:01
210.182.83.172	attackspam	Jul 31 03:01:04 debian sshd\[10631\]: Invalid user vanessa from 210.182.83.172 port 56726 Jul 31 03:01:04 debian sshd\[10631\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=210.182.83.172 Jul 31 03:01:07 debian sshd\[10631\]: Failed password for invalid user vanessa from 210.182.83.172 port 56726 ssh2 ...	2019-07-31 15:42:21

Recently Reported IPs

87.236.20.239	52.13.107.136	103.242.0.249	180.251.115.44
27.78.78.6	148.70.158.215	117.50.98.207	103.87.154.195
80.82.64.176	67.55.25.57	185.10.68.198	46.16.130.172
109.197.192.18	36.75.141.238	212.129.50.2	77.37.150.9
106.13.204.251	64.39.99.194	142.93.214.130	67.198.130.28