城市(city): San Jose
省份(region): California
国家(country): United States
运营商(isp): unknown
主机名(hostname): unknown
机构(organization): unknown
使用类型(Usage Type): unknown
#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/resources/registry/whois/tou/
#
# If you see inaccuracies in the results, please report at
# https://www.arin.net/resources/registry/whois/inaccuracy_reporting/
#
# Copyright 1997-2025, American Registry for Internet Numbers, Ltd.
#
# start
NetRange: 18.32.0.0 - 18.255.255.255
CIDR: 18.32.0.0/11, 18.128.0.0/9, 18.64.0.0/10
NetName: AT-88-Z
NetHandle: NET-18-32-0-0-1
Parent: NET18 (NET-18-0-0-0-0)
NetType: Direct Allocation
OriginAS:
Organization: Amazon Technologies Inc. (AT-88-Z)
RegDate: 2019-10-07
Updated: 2021-02-10
Ref: https://rdap.arin.net/registry/ip/18.32.0.0
OrgName: Amazon Technologies Inc.
OrgId: AT-88-Z
Address: 410 Terry Ave N.
City: Seattle
StateProv: WA
PostalCode: 98109
Country: US
RegDate: 2011-12-08
Updated: 2024-01-24
Comment: All abuse reports MUST include:
Comment: * src IP
Comment: * dest IP (your IP)
Comment: * dest port
Comment: * Accurate date/timestamp and timezone of activity
Comment: * Intensity/frequency (short log extracts)
Comment: * Your contact details (phone and email) Without these we will be unable to identify the correct owner of the IP address at that point in time.
Ref: https://rdap.arin.net/registry/entity/AT-88-Z
OrgAbuseHandle: AEA8-ARIN
OrgAbuseName: Amazon EC2 Abuse
OrgAbusePhone: +1-206-555-0000
OrgAbuseEmail: trustandsafety@support.aws.com
OrgAbuseRef: https://rdap.arin.net/registry/entity/AEA8-ARIN
OrgNOCHandle: AANO1-ARIN
OrgNOCName: Amazon AWS Network Operations
OrgNOCPhone: +1-206-555-0000
OrgNOCEmail: amzn-noc-contact@amazon.com
OrgNOCRef: https://rdap.arin.net/registry/entity/AANO1-ARIN
OrgRoutingHandle: ARMP-ARIN
OrgRoutingName: AWS RPKI Management POC
OrgRoutingPhone: +1-206-555-0000
OrgRoutingEmail: aws-rpki-routing-poc@amazon.com
OrgRoutingRef: https://rdap.arin.net/registry/entity/ARMP-ARIN
OrgRoutingHandle: IPROU3-ARIN
OrgRoutingName: IP Routing
OrgRoutingPhone: +1-206-555-0000
OrgRoutingEmail: aws-routing-poc@amazon.com
OrgRoutingRef: https://rdap.arin.net/registry/entity/IPROU3-ARIN
OrgTechHandle: ANO24-ARIN
OrgTechName: Amazon EC2 Network Operations
OrgTechPhone: +1-206-555-0000
OrgTechEmail: amzn-noc-contact@amazon.com
OrgTechRef: https://rdap.arin.net/registry/entity/ANO24-ARIN
# end
# start
NetRange: 18.144.0.0 - 18.144.255.255
CIDR: 18.144.0.0/16
NetName: AMAZON-SFO
NetHandle: NET-18-144-0-0-2
Parent: AT-88-Z (NET-18-32-0-0-1)
NetType: Reallocated
OriginAS:
Organization: Amazon.com, Inc. (AMAZO-48)
RegDate: 2017-09-14
Updated: 2021-02-10
Ref: https://rdap.arin.net/registry/ip/18.144.0.0
OrgName: Amazon.com, Inc.
OrgId: AMAZO-48
Address: 1200 12th Ave South
City: Seattle
StateProv: WA
PostalCode: 98144
Country: US
RegDate: 2011-08-11
Updated: 2021-07-22
Comment: The activity you have detected originates from a dynamic hosting environment.
Comment: For fastest response, please submit abuse reports at http://aws-portal.amazon.com/gp/aws/html-forms-controller/contactus/AWSAbuse
Comment: For more information regarding EC2 see:
Comment: http://ec2.amazonaws.com/
Comment: All reports MUST include:
Comment: * src IP
Comment: * dest IP (your IP)
Comment: * dest port
Comment: * Accurate date/timestamp and timezone of activity
Comment: * Intensity/frequency (short log extracts)
Comment: * Your contact details (phone and email) Without these we will be unable to identify the correct owner of the IP address at that point in time.
Ref: https://rdap.arin.net/registry/entity/AMAZO-48
OrgRoutingHandle: ARMP-ARIN
OrgRoutingName: AWS RPKI Management POC
OrgRoutingPhone: +1-206-555-0000
OrgRoutingEmail: aws-rpki-routing-poc@amazon.com
OrgRoutingRef: https://rdap.arin.net/registry/entity/ARMP-ARIN
OrgAbuseHandle: AEA8-ARIN
OrgAbuseName: Amazon EC2 Abuse
OrgAbusePhone: +1-206-555-0000
OrgAbuseEmail: trustandsafety@support.aws.com
OrgAbuseRef: https://rdap.arin.net/registry/entity/AEA8-ARIN
OrgNOCHandle: AANO1-ARIN
OrgNOCName: Amazon AWS Network Operations
OrgNOCPhone: +1-206-555-0000
OrgNOCEmail: amzn-noc-contact@amazon.com
OrgNOCRef: https://rdap.arin.net/registry/entity/AANO1-ARIN
OrgRoutingHandle: IPROU3-ARIN
OrgRoutingName: IP Routing
OrgRoutingPhone: +1-206-555-0000
OrgRoutingEmail: aws-routing-poc@amazon.com
OrgRoutingRef: https://rdap.arin.net/registry/entity/IPROU3-ARIN
OrgTechHandle: ANO24-ARIN
OrgTechName: Amazon EC2 Network Operations
OrgTechPhone: +1-206-555-0000
OrgTechEmail: amzn-noc-contact@amazon.com
OrgTechRef: https://rdap.arin.net/registry/entity/ANO24-ARIN
# end
#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/resources/registry/whois/tou/
#
# If you see inaccuracies in the results, please report at
# https://www.arin.net/resources/registry/whois/inaccuracy_reporting/
#
# Copyright 1997-2025, American Registry for Internet Numbers, Ltd.
#; <<>> DiG 9.10.3-P4-Ubuntu <<>> 18.144.174.134
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 5621
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;18.144.174.134. IN A
;; AUTHORITY SECTION:
. 30 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2025120100 1800 900 604800 86400
;; Query time: 17 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Dec 01 22:53:03 CST 2025
;; MSG SIZE rcvd: 107134.174.144.18.in-addr.arpa domain name pointer ec2-18-144-174-134.us-west-1.compute.amazonaws.com.b'134.174.144.18.in-addr.arpa name = ec2-18-144-174-134.us-west-1.compute.amazonaws.com.
Authoritative answers can be found from:
'| IP | 类型 | 评论内容 | 时间 |
|---|---|---|---|
| 170.238.46.6 | attackspam | Oct 20 22:27:38 lnxmail61 sshd[24974]: Failed password for root from 170.238.46.6 port 40126 ssh2 Oct 20 22:27:38 lnxmail61 sshd[24974]: Failed password for root from 170.238.46.6 port 40126 ssh2 |
2019-10-21 05:09:40 |
| 200.40.135.214 | attackspam | Honeypot attack, port: 445, PTR: PTR record not found |
2019-10-21 05:10:26 |
| 103.138.148.63 | attackspambots | Oct 20 21:22:28 hcbbdb sshd\[32230\]: Invalid user sarath from 103.138.148.63 Oct 20 21:22:28 hcbbdb sshd\[32230\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.138.148.63 Oct 20 21:22:30 hcbbdb sshd\[32230\]: Failed password for invalid user sarath from 103.138.148.63 port 36062 ssh2 Oct 20 21:26:19 hcbbdb sshd\[32627\]: Invalid user mahalkita from 103.138.148.63 Oct 20 21:26:19 hcbbdb sshd\[32627\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.138.148.63 |
2019-10-21 05:28:38 |
| 99.185.76.161 | attackbots | Oct 20 22:57:47 [host] sshd[25760]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=99.185.76.161 user=root Oct 20 22:57:49 [host] sshd[25760]: Failed password for root from 99.185.76.161 port 59414 ssh2 Oct 20 23:01:41 [host] sshd[25919]: Invalid user agavni from 99.185.76.161 |
2019-10-21 05:35:36 |
| 196.245.254.193 | attackspam | Looking for resource vulnerabilities |
2019-10-21 05:33:29 |
| 171.6.164.24 | attack | Oct 17 05:22:19 django sshd[114186]: reveeclipse mapping checking getaddrinfo for mx-ll-171.6.164-24.dynamic.3bb.in.th [171.6.164.24] failed - POSSIBLE BREAK-IN ATTEMPT! Oct 17 05:22:19 django sshd[114186]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=171.6.164.24 user=r.r Oct 17 05:22:21 django sshd[114186]: Failed password for r.r from 171.6.164.24 port 1812 ssh2 Oct 17 05:22:21 django sshd[114187]: Received disconnect from 171.6.164.24: 11: Bye Bye Oct 17 05:26:38 django sshd[114745]: reveeclipse mapping checking getaddrinfo for mx-ll-171.6.164-24.dynamic.3bb.in.th [171.6.164.24] failed - POSSIBLE BREAK-IN ATTEMPT! Oct 17 05:26:38 django sshd[114745]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=171.6.164.24 user=r.r Oct 17 05:26:39 django sshd[114745]: Failed password for r.r from 171.6.164.24 port 6022 ssh2 Oct 17 05:26:39 django sshd[114746]: Received disconnect from 171.6.164......... ------------------------------- |
2019-10-21 05:26:02 |
| 202.83.215.105 | attackspambots | Honeypot attack, port: 445, PTR: PTR record not found |
2019-10-21 05:15:59 |
| 122.15.82.83 | attackbots | 2019-10-20T20:59:05.943842shield sshd\[30986\]: Invalid user sa123344 from 122.15.82.83 port 33194 2019-10-20T20:59:05.949600shield sshd\[30986\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.15.82.83 2019-10-20T20:59:07.562291shield sshd\[30986\]: Failed password for invalid user sa123344 from 122.15.82.83 port 33194 ssh2 2019-10-20T21:03:42.078763shield sshd\[31744\]: Invalid user proxy from 122.15.82.83 port 42344 2019-10-20T21:03:42.082998shield sshd\[31744\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.15.82.83 |
2019-10-21 05:15:05 |
| 139.59.22.169 | attack | Oct 20 22:58:42 [host] sshd[25806]: Invalid user fengruijia from 139.59.22.169 Oct 20 22:58:42 [host] sshd[25806]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.22.169 Oct 20 22:58:44 [host] sshd[25806]: Failed password for invalid user fengruijia from 139.59.22.169 port 44284 ssh2 |
2019-10-21 05:00:59 |
| 58.48.252.18 | attackbotsspam | Honeypot attack, port: 23, PTR: PTR record not found |
2019-10-21 05:25:15 |
| 62.234.73.249 | attackspam | Oct 20 11:02:14 tdfoods sshd\[25201\]: Invalid user user from 62.234.73.249 Oct 20 11:02:14 tdfoods sshd\[25201\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=62.234.73.249 Oct 20 11:02:16 tdfoods sshd\[25201\]: Failed password for invalid user user from 62.234.73.249 port 50504 ssh2 Oct 20 11:06:41 tdfoods sshd\[25563\]: Invalid user utentedeb from 62.234.73.249 Oct 20 11:06:41 tdfoods sshd\[25563\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=62.234.73.249 |
2019-10-21 05:06:53 |
| 185.40.13.48 | attack | " " |
2019-10-21 05:36:13 |
| 106.13.150.14 | attackbotsspam | F2B jail: sshd. Time: 2019-10-20 22:48:50, Reported by: VKReport |
2019-10-21 05:03:37 |
| 120.72.83.204 | attackspam | Honeypot attack, port: 445, PTR: PTR record not found |
2019-10-21 05:17:34 |
| 46.38.144.32 | attackbots | Oct 20 23:27:48 vmanager6029 postfix/smtpd\[3222\]: warning: unknown\[46.38.144.32\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 20 23:31:12 vmanager6029 postfix/smtpd\[3258\]: warning: unknown\[46.38.144.32\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 |
2019-10-21 05:31:27 |