54.144.131.7 - IPInfo

基本信息:

城市(city): Ashburn

省份(region): Virginia

国家(country): United States

运营商(isp): unknown

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

暂无关于此IP的讨论, 沙发请点上方按钮

相同子网IP讨论:

暂无关于此IP所属子网相关IP的讨论.

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 54.144.131.7
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 19022
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;54.144.131.7.			IN	A

;; AUTHORITY SECTION:
.			30	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2025092100 1800 900 604800 86400

;; Query time: 33 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Sep 21 19:47:49 CST 2025
;; MSG SIZE  rcvd: 105

HOST信息:

7.131.144.54.in-addr.arpa domain name pointer ec2-54-144-131-7.compute-1.amazonaws.com.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
7.131.144.54.in-addr.arpa	name = ec2-54-144-131-7.compute-1.amazonaws.com.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
37.187.60.182	attack	Brute-force attempt banned	2020-04-24 02:34:48
85.204.246.240	attackbotsspam	php WP PHPmyadamin ABUSE blocked for 12h	2020-04-24 03:05:47
113.214.25.170	attack	SSH bruteforce	2020-04-24 02:42:54
40.87.51.170	attack	RDP Bruteforce	2020-04-24 02:53:26
45.13.93.82	attackspam	[Thu Apr 23 15:09:04.785966 2020] [:error] [pid 207927] [client 45.13.93.82:52840] [client 45.13.93.82] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:anomaly_score. [file "/usr/share/modsecurity-crs/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "91"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 7)"] [severity "CRITICAL"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [hostname "ip.ws.126.net"] [uri "/"] [unique_id "XqHZuwJqoxKCH2r6QqWaWAAAAAE"] ...	2020-04-24 02:28:54
121.204.208.167	attackbots	2020-04-23T17:06:32.099444ionos.janbro.de sshd[56852]: Invalid user zx from 121.204.208.167 port 45355 2020-04-23T17:06:34.079735ionos.janbro.de sshd[56852]: Failed password for invalid user zx from 121.204.208.167 port 45355 ssh2 2020-04-23T17:10:33.601575ionos.janbro.de sshd[56861]: Invalid user tester from 121.204.208.167 port 37228 2020-04-23T17:10:33.876727ionos.janbro.de sshd[56861]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.204.208.167 2020-04-23T17:10:33.601575ionos.janbro.de sshd[56861]: Invalid user tester from 121.204.208.167 port 37228 2020-04-23T17:10:36.446029ionos.janbro.de sshd[56861]: Failed password for invalid user tester from 121.204.208.167 port 37228 ssh2 2020-04-23T17:14:36.035036ionos.janbro.de sshd[56865]: Invalid user if from 121.204.208.167 port 57334 2020-04-23T17:14:36.214269ionos.janbro.de sshd[56865]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.204.208.167 20 ...	2020-04-24 02:37:10
144.217.47.174	attackspam	Apr 23 18:28:36 vlre-nyc-1 sshd\[18808\]: Invalid user test2 from 144.217.47.174 Apr 23 18:28:36 vlre-nyc-1 sshd\[18808\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=144.217.47.174 Apr 23 18:28:38 vlre-nyc-1 sshd\[18808\]: Failed password for invalid user test2 from 144.217.47.174 port 47488 ssh2 Apr 23 18:38:26 vlre-nyc-1 sshd\[19003\]: Invalid user ubuntu from 144.217.47.174 Apr 23 18:38:26 vlre-nyc-1 sshd\[19003\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=144.217.47.174 ...	2020-04-24 02:45:24
59.148.173.231	attackbotsspam	Unauthorized SSH login attempts	2020-04-24 03:09:47
23.236.52.102	attackbots	Apr 23 09:43:51 hurricane sshd[30027]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=23.236.52.102 user=r.r Apr 23 09:43:53 hurricane sshd[30027]: Failed password for r.r from 23.236.52.102 port 51252 ssh2 Apr 23 09:43:53 hurricane sshd[30027]: Received disconnect from 23.236.52.102 port 51252:11: Bye Bye [preauth] Apr 23 09:43:53 hurricane sshd[30027]: Disconnected from 23.236.52.102 port 51252 [preauth] Apr 23 09:48:43 hurricane sshd[30120]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=23.236.52.102 user=r.r Apr 23 09:48:45 hurricane sshd[30120]: Failed password for r.r from 23.236.52.102 port 39106 ssh2 Apr 23 09:48:45 hurricane sshd[30120]: Received disconnect from 23.236.52.102 port 39106:11: Bye Bye [preauth] Apr 23 09:48:45 hurricane sshd[30120]: Disconnected from 23.236.52.102 port 39106 [preauth] Apr 23 09:50:17 hurricane sshd[30138]: pam_unix(sshd:auth): authentication failu........ -------------------------------	2020-04-24 03:06:16
121.46.26.126	attackbotsspam	$f2bV_matches	2020-04-24 02:54:36
86.188.246.2	attack	$f2bV_matches	2020-04-24 02:47:56
37.120.145.83	attackspambots	/ucp.php?mode=register&sid=0b48e01c1b6f1dba0d3124b8e302fac1	2020-04-24 02:27:49
177.191.178.18	attackspambots	Lines containing failures of 177.191.178.18 (max 1000) Apr 23 09:09:21 localhost sshd[29565]: User r.r from 177.191.178.18 not allowed because listed in DenyUsers Apr 23 09:09:21 localhost sshd[29565]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=177.191.178.18 user=r.r Apr 23 09:09:22 localhost sshd[29565]: Failed password for invalid user r.r from 177.191.178.18 port 52289 ssh2 Apr 23 09:09:23 localhost sshd[29565]: Received disconnect from 177.191.178.18 port 52289:11: Bye Bye [preauth] Apr 23 09:09:23 localhost sshd[29565]: Disconnected from invalid user r.r 177.191.178.18 port 52289 [preauth] Apr 23 09:25:37 localhost sshd[1899]: Invalid user fk from 177.191.178.18 port 35817 Apr 23 09:25:37 localhost sshd[1899]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=177.191.178.18 Apr 23 09:25:39 localhost sshd[1899]: Failed password for invalid user fk from 177.191.178.18 port 35817 ssh2........ ------------------------------	2020-04-24 02:41:03
14.161.18.170	attack	(imapd) Failed IMAP login from 14.161.18.170 (VN/Vietnam/static.vnpt.vn): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: Apr 23 21:14:04 ir1 dovecot[264309]: imap-login: Disconnected (auth failed, 1 attempts in 5 secs): user=, method=PLAIN, rip=14.161.18.170, lip=5.63.12.44, session=<8bSS9PejmcEOoRKq>	2020-04-24 02:59:06
115.238.129.140	attack	24368/tcp 10556/tcp 13080/tcp... [2020-04-21/23]19pkt,7pt.(tcp)	2020-04-24 02:50:17

最近上报的IP列表

142.250.0.188	105.178.23.65	105.178.23.125	222.49.15.235
196.251.84.120	8.212.128.95	82.156.83.107	14.212.60.193
2804:d41:b39:d6a9:e6c2:262a:dc25:934e	188.253.5.159	2600:8804:8040:f35:1814:7250:8cdf:fd17	104.248.243.181
182.133.1.33	182.133.1.179	2409:8962:1e32:13ab:1867:5520:7943:a094	13.89.125.27
98.16.108.135	28.232.234.39	20.64.106.41	192.254.97.84