54.85.201.89 - IPInfo

Basic Info

City: Ashburn

Region: Virginia

Country: United States

Internet Service Provider: Amazon Technologies Inc.

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	port scan	2020-09-25 08:21:26

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 54.85.201.89
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 51675
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;54.85.201.89.			IN	A

;; AUTHORITY SECTION:
.			516	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020092402 1800 900 604800 86400

;; Query time: 141 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Sep 25 08:21:23 CST 2020
;; MSG SIZE  rcvd: 116

Host info

89.201.85.54.in-addr.arpa domain name pointer ec2-54-85-201-89.compute-1.amazonaws.com.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
89.201.85.54.in-addr.arpa	name = ec2-54-85-201-89.compute-1.amazonaws.com.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
103.230.49.41	attackspambots	Automatic report - Port Scan Attack	2019-12-24 08:10:36
181.49.254.230	attackbotsspam	Dec 24 00:38:31 markkoudstaal sshd[24886]: Failed password for root from 181.49.254.230 port 41030 ssh2 Dec 24 00:41:22 markkoudstaal sshd[25119]: Failed password for root from 181.49.254.230 port 37464 ssh2	2019-12-24 08:08:51
151.80.42.234	attackbotsspam	$f2bV_matches	2019-12-24 08:24:06
185.36.81.29	attack	Dec 23 17:47:26 web1 postfix/smtpd[14839]: warning: unknown[185.36.81.29]: SASL LOGIN authentication failed: authentication failure ...	2019-12-24 08:11:23
185.209.0.51	attack	ET DROP Dshield Block Listed Source group 1 - port: 6900 proto: TCP cat: Misc Attack	2019-12-24 08:23:34
82.196.15.195	attack	Dec 23 23:52:31 localhost sshd\[83657\]: Invalid user ridner from 82.196.15.195 port 58132 Dec 23 23:52:31 localhost sshd\[83657\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=82.196.15.195 Dec 23 23:52:33 localhost sshd\[83657\]: Failed password for invalid user ridner from 82.196.15.195 port 58132 ssh2 Dec 23 23:56:45 localhost sshd\[83764\]: Invalid user 123456 from 82.196.15.195 port 34150 Dec 23 23:56:45 localhost sshd\[83764\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=82.196.15.195 ...	2019-12-24 08:05:27
142.93.56.12	attackspam	Dec 24 00:09:10 zx01vmsma01 sshd[149273]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.56.12 Dec 24 00:09:11 zx01vmsma01 sshd[149273]: Failed password for invalid user myrtille from 142.93.56.12 port 45308 ssh2 ...	2019-12-24 08:16:05
85.140.113.202	attack	Unauthorized connection attempt detected from IP address 85.140.113.202 to port 445	2019-12-24 08:17:50
114.32.8.15	attackbotsspam	firewall-block, port(s): 8080/tcp	2019-12-24 08:36:46
212.47.238.207	attackspambots	Dec 23 23:47:03 pornomens sshd\[26520\]: Invalid user user from 212.47.238.207 port 42658 Dec 23 23:47:03 pornomens sshd\[26520\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=212.47.238.207 Dec 23 23:47:05 pornomens sshd\[26520\]: Failed password for invalid user user from 212.47.238.207 port 42658 ssh2 ...	2019-12-24 08:31:01
51.38.179.179	attackbotsspam	Dec 24 00:47:44 sso sshd[12491]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.38.179.179 Dec 24 00:47:46 sso sshd[12491]: Failed password for invalid user stewart from 51.38.179.179 port 53916 ssh2 ...	2019-12-24 08:21:05
95.84.128.25	attack	Dec 23 23:46:13 exim[24839]: [1\31] 1ijWSq-0006Sd-4F H=broadband-95-84-128-25.ip.moscow.rt.ru [95.84.128.25] F= rejected after DATA: This message scored 103.5 spam points.	2019-12-24 08:34:22
189.7.129.60	attack	Dec 24 00:47:36 MK-Soft-VM7 sshd[7397]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=189.7.129.60 Dec 24 00:47:38 MK-Soft-VM7 sshd[7397]: Failed password for invalid user admin from 189.7.129.60 port 51285 ssh2 ...	2019-12-24 08:28:09
112.85.42.176	attackspam	Dec 24 01:11:44 MK-Soft-VM6 sshd[16795]: Failed password for root from 112.85.42.176 port 31749 ssh2 Dec 24 01:11:48 MK-Soft-VM6 sshd[16795]: Failed password for root from 112.85.42.176 port 31749 ssh2 ...	2019-12-24 08:13:27
86.192.220.63	attack	Dec 24 05:30:17 gw1 sshd[8531]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=86.192.220.63 Dec 24 05:30:19 gw1 sshd[8531]: Failed password for invalid user efrainb from 86.192.220.63 port 35764 ssh2 ...	2019-12-24 08:39:34

Recently Reported IPs

32.201.59.44	104.219.251.35	95.223.61.100	223.90.227.160
75.177.9.201	37.80.55.201	89.236.41.101	2.96.87.126
20.55.201.39	94.103.198.100	191.137.0.91	113.156.129.115
77.83.98.83	84.54.223.248	32.3.155.82	35.46.11.232
84.117.90.79	86.162.217.244	41.181.39.59	36.85.100.236