54.70.117.67 - IPInfo

Basic Info

City: Boardman

Region: Oregon

Country: United States

Internet Service Provider: Amazon Technologies Inc.

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbotsspam	Unauthorized connection attempt detected from IP address 54.70.117.67 to port 8008	2019-12-29 03:32:38

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 54.70.117.67
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 25662
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;54.70.117.67.			IN	A

;; AUTHORITY SECTION:
.			438	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019122800 1800 900 604800 86400

;; Query time: 204 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Dec 29 03:32:34 CST 2019
;; MSG SIZE  rcvd: 116

Host info

67.117.70.54.in-addr.arpa domain name pointer ec2-54-70-117-67.us-west-2.compute.amazonaws.com.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
67.117.70.54.in-addr.arpa	name = ec2-54-70-117-67.us-west-2.compute.amazonaws.com.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
193.192.178.217	attackspambots	WordPress brute force	2019-07-20 06:09:00
187.20.134.136	attack	Invalid user sammy from 187.20.134.136 port 34500	2019-07-20 06:13:40
178.128.121.188	attackbots	Jul 19 23:34:00 localhost sshd\[8792\]: Invalid user oracle from 178.128.121.188 port 54188 Jul 19 23:34:00 localhost sshd\[8792\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.128.121.188 Jul 19 23:34:02 localhost sshd\[8792\]: Failed password for invalid user oracle from 178.128.121.188 port 54188 ssh2	2019-07-20 05:52:51
95.58.194.148	attack	[Aegis] @ 2019-07-19 21:04:40 0100 -> Attempted Administrator Privilege Gain: ET SCAN LibSSH Based Frequent SSH Connections Likely BruteForce Attack	2019-07-20 05:59:40
109.149.175.70	attackbots	60001/tcp [2019-07-19]1pkt	2019-07-20 05:49:16
172.217.37.1	attack	Misuse of DNS server	2019-07-20 06:22:14
179.42.193.119	attackbotsspam	Brute force attempt	2019-07-20 06:07:40
218.92.1.142	attackspam	Jul 19 17:45:21 TORMINT sshd\[10219\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.1.142 user=root Jul 19 17:45:24 TORMINT sshd\[10219\]: Failed password for root from 218.92.1.142 port 61826 ssh2 Jul 19 17:46:30 TORMINT sshd\[10233\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.1.142 user=root ...	2019-07-20 05:58:40
201.233.220.125	attackbotsspam	2019-07-20T04:47:58.261092enmeeting.mahidol.ac.th sshd\[19128\]: Invalid user ftpuser from 201.233.220.125 port 39274 2019-07-20T04:47:58.276214enmeeting.mahidol.ac.th sshd\[19128\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=cable201-233-220-125.epm.net.co 2019-07-20T04:48:00.518979enmeeting.mahidol.ac.th sshd\[19128\]: Failed password for invalid user ftpuser from 201.233.220.125 port 39274 ssh2 ...	2019-07-20 05:56:21
50.208.220.105	attackbotsspam	Lines containing failures of 50.208.220.105 Jul 19 16:54:35 s390x sshd[26161]: Connection from 50.208.220.105 port 56742 on 10.42.2.18 port 22 Jul 19 16:54:35 s390x sshd[26161]: Did not receive identification string from 50.208.220.105 port 56742 Jul 19 16:55:06 s390x sshd[26162]: Connection from 50.208.220.105 port 56882 on 10.42.2.18 port 22 Jul 19 16:55:06 s390x sshd[26162]: Received disconnect from 50.208.220.105 port 56882:11: Bye Bye [preauth] Jul 19 16:55:06 s390x sshd[26162]: Disconnected from 50.208.220.105 port 56882 [preauth] Jul 19 16:56:07 s390x sshd[26164]: Connection from 50.208.220.105 port 56962 on 10.42.2.18 port 22 Jul 19 16:56:08 s390x sshd[26164]: Invalid user admin from 50.208.220.105 port 56962 Jul 19 16:56:08 s390x sshd[26164]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=50.208.220.105 Jul 19 16:56:11 s390x sshd[26164]: Failed password for invalid user admin from 50.208.220.105 port 56962 ssh2 Jul 19 16:........ ------------------------------	2019-07-20 05:50:59
201.17.24.195	attack	Jul 19 18:08:51 debian sshd\[11120\]: Invalid user misha from 201.17.24.195 port 33720 Jul 19 18:08:51 debian sshd\[11120\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=201.17.24.195 Jul 19 18:08:53 debian sshd\[11120\]: Failed password for invalid user misha from 201.17.24.195 port 33720 ssh2 ...	2019-07-20 06:13:06
158.69.222.121	attack	Jul 20 00:03:29 legacy sshd[24961]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=158.69.222.121 Jul 20 00:03:31 legacy sshd[24961]: Failed password for invalid user mg from 158.69.222.121 port 44544 ssh2 Jul 20 00:07:55 legacy sshd[25093]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=158.69.222.121 ...	2019-07-20 06:17:55
125.213.135.226	attackbots	8728/tcp 22/tcp 8291/tcp... [2019-07-19]4pkt,3pt.(tcp)	2019-07-20 05:59:06
96.1.72.4	attackbots	Invalid user hg from 96.1.72.4 port 41538	2019-07-20 06:31:19
185.131.62.244	attackbotsspam	Brute force SMTP login attempts.	2019-07-20 05:59:58

Recently Reported IPs

35.193.129.95	78.232.141.32	12.221.2.130	180.29.194.197
2.110.41.186	66.126.96.145	77.211.76.75	222.106.6.80
65.209.37.159	58.225.99.248	14.21.168.186	213.108.116.120
171.249.84.65	3.22.59.49	211.192.157.4	60.146.246.135
150.147.88.163	87.31.58.254	200.0.91.29	100.43.218.71