54.85.201.89 - IPInfo

Basic Info

City: Ashburn

Region: Virginia

Country: United States

Internet Service Provider: Amazon Technologies Inc.

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	port scan	2020-09-25 08:21:26

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 54.85.201.89
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 51675
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;54.85.201.89.			IN	A

;; AUTHORITY SECTION:
.			516	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020092402 1800 900 604800 86400

;; Query time: 141 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Sep 25 08:21:23 CST 2020
;; MSG SIZE  rcvd: 116

Host info

89.201.85.54.in-addr.arpa domain name pointer ec2-54-85-201-89.compute-1.amazonaws.com.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
89.201.85.54.in-addr.arpa	name = ec2-54-85-201-89.compute-1.amazonaws.com.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
104.236.124.45	attackspam	Invalid user ubuntu from 104.236.124.45 port 51947	2020-07-14 14:21:07
159.69.189.220	attack	DDOS	2020-07-14 14:35:52
182.216.245.188	attack	$f2bV_matches	2020-07-14 14:13:03
69.28.234.130	attackspam	2020-07-14T06:02:28.506962shield sshd\[19098\]: Invalid user admin from 69.28.234.130 port 38064 2020-07-14T06:02:28.516200shield sshd\[19098\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=69.28.234.130 2020-07-14T06:02:30.077928shield sshd\[19098\]: Failed password for invalid user admin from 69.28.234.130 port 38064 ssh2 2020-07-14T06:06:50.296171shield sshd\[19916\]: Invalid user kay from 69.28.234.130 port 36134 2020-07-14T06:06:50.304500shield sshd\[19916\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=69.28.234.130	2020-07-14 14:23:26
203.177.138.155	attack	20/7/13@23:53:57: FAIL: Alarm-Network address from=203.177.138.155 ...	2020-07-14 14:38:39
45.252.249.73	attackbots	2020-07-14T00:58:54.262669server.mjenks.net sshd[1676725]: Invalid user practice from 45.252.249.73 port 49888 2020-07-14T00:58:54.268162server.mjenks.net sshd[1676725]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.252.249.73 2020-07-14T00:58:54.262669server.mjenks.net sshd[1676725]: Invalid user practice from 45.252.249.73 port 49888 2020-07-14T00:58:56.451827server.mjenks.net sshd[1676725]: Failed password for invalid user practice from 45.252.249.73 port 49888 ssh2 2020-07-14T01:01:42.617572server.mjenks.net sshd[1677093]: Invalid user theo from 45.252.249.73 port 33234 ...	2020-07-14 14:08:06
92.222.78.178	attackspambots	Jul 14 06:51:15 lukav-desktop sshd\[13268\]: Invalid user el from 92.222.78.178 Jul 14 06:51:15 lukav-desktop sshd\[13268\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=92.222.78.178 Jul 14 06:51:17 lukav-desktop sshd\[13268\]: Failed password for invalid user el from 92.222.78.178 port 43688 ssh2 Jul 14 06:54:20 lukav-desktop sshd\[13319\]: Invalid user peng from 92.222.78.178 Jul 14 06:54:20 lukav-desktop sshd\[13319\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=92.222.78.178	2020-07-14 14:17:29
222.186.173.154	attackspam	Jul 14 02:22:13 NPSTNNYC01T sshd[29436]: Failed password for root from 222.186.173.154 port 44630 ssh2 Jul 14 02:22:26 NPSTNNYC01T sshd[29436]: error: maximum authentication attempts exceeded for root from 222.186.173.154 port 44630 ssh2 [preauth] Jul 14 02:22:32 NPSTNNYC01T sshd[29450]: Failed password for root from 222.186.173.154 port 62264 ssh2 ...	2020-07-14 14:30:45
111.40.87.54	attackbots	Port Scan ...	2020-07-14 14:00:38
222.186.175.163	attackspam	SSH Login Bruteforce	2020-07-14 14:30:06
2.32.82.50	attack	SSH Brute-Force reported by Fail2Ban	2020-07-14 14:03:10
106.13.97.228	attack	$f2bV_matches	2020-07-14 14:26:20
188.166.9.210	attackbots	SSH Brute-force	2020-07-14 14:26:40
103.254.120.222	attackbots	Jul 14 09:05:00 ift sshd\[55458\]: Invalid user ts from 103.254.120.222Jul 14 09:05:03 ift sshd\[55458\]: Failed password for invalid user ts from 103.254.120.222 port 44928 ssh2Jul 14 09:08:26 ift sshd\[56035\]: Invalid user magento from 103.254.120.222Jul 14 09:08:29 ift sshd\[56035\]: Failed password for invalid user magento from 103.254.120.222 port 39608 ssh2Jul 14 09:11:51 ift sshd\[56692\]: Invalid user musa from 103.254.120.222 ...	2020-07-14 14:37:06
159.89.164.199	attackspam	Jul 14 08:05:18 user sshd[6348]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.89.164.199 Jul 14 08:05:20 user sshd[6348]: Failed password for invalid user alfred from 159.89.164.199 port 38380 ssh2	2020-07-14 14:32:50

Recently Reported IPs

32.201.59.44	104.219.251.35	95.223.61.100	223.90.227.160
75.177.9.201	37.80.55.201	89.236.41.101	2.96.87.126
20.55.201.39	94.103.198.100	191.137.0.91	113.156.129.115
77.83.98.83	84.54.223.248	32.3.155.82	35.46.11.232
84.117.90.79	86.162.217.244	41.181.39.59	36.85.100.236