城市(city): Ashburn
省份(region): Virginia
国家(country): United States
运营商(isp): unknown
主机名(hostname): unknown
机构(organization): unknown
使用类型(Usage Type): unknown
#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/resources/registry/whois/tou/
#
# If you see inaccuracies in the results, please report at
# https://www.arin.net/resources/registry/whois/inaccuracy_reporting/
#
# Copyright 1997-2026, American Registry for Internet Numbers, Ltd.
#
# start
NetRange: 54.144.0.0 - 54.221.255.255
CIDR: 54.208.0.0/13, 54.160.0.0/11, 54.192.0.0/12, 54.144.0.0/12, 54.216.0.0/14, 54.220.0.0/15
NetName: AMAZON
NetHandle: NET-54-144-0-0-1
Parent: NET54 (NET-54-0-0-0-0)
NetType: Direct Allocation
OriginAS:
Organization: Amazon Technologies Inc. (AT-88-Z)
RegDate: 2014-10-23
Updated: 2021-02-10
Ref: https://rdap.arin.net/registry/ip/54.144.0.0
OrgName: Amazon Technologies Inc.
OrgId: AT-88-Z
Address: 410 Terry Ave N.
City: Seattle
StateProv: WA
PostalCode: 98109
Country: US
RegDate: 2011-12-08
Updated: 2026-04-17
Comment: All abuse reports MUST include:
Comment: * src IP
Comment: * dest IP (your IP)
Comment: * dest port
Comment: * Accurate date/timestamp and timezone of activity
Comment: * Intensity/frequency (short log extracts)
Comment: * Your contact details (phone and email) Without these we will be unable to identify the correct owner of the IP address at that point in time.
Ref: https://rdap.arin.net/registry/entity/AT-88-Z
OrgRoutingHandle: IPROU3-ARIN
OrgRoutingName: IP Routing
OrgRoutingPhone: +1-206-555-0000
OrgRoutingEmail: aws-routing-poc@amazon.com
OrgRoutingRef: https://rdap.arin.net/registry/entity/IPROU3-ARIN
OrgDNSHandle: DNS1131-ARIN
OrgDNSName: DNS
OrgDNSPhone: +1-202-555-0000
OrgDNSEmail: ipmanagement+dns@amazon.com
OrgDNSRef: https://rdap.arin.net/registry/entity/DNS1131-ARIN
OrgRoutingHandle: ARMP-ARIN
OrgRoutingName: AWS RPKI Management POC
OrgRoutingPhone: +1-206-555-0000
OrgRoutingEmail: aws-rpki-routing-poc@amazon.com
OrgRoutingRef: https://rdap.arin.net/registry/entity/ARMP-ARIN
OrgNOCHandle: AANO1-ARIN
OrgNOCName: Amazon AWS Network Operations
OrgNOCPhone: +1-206-555-0000
OrgNOCEmail: amzn-noc-contact@amazon.com
OrgNOCRef: https://rdap.arin.net/registry/entity/AANO1-ARIN
OrgAbuseHandle: AEA8-ARIN
OrgAbuseName: Amazon EC2 Abuse
OrgAbusePhone: +1-206-555-0000
OrgAbuseEmail: trustandsafety@support.aws.com
OrgAbuseRef: https://rdap.arin.net/registry/entity/AEA8-ARIN
OrgTechHandle: ANO24-ARIN
OrgTechName: Amazon EC2 Network Operations
OrgTechPhone: +1-206-555-0000
OrgTechEmail: amzn-noc-contact@amazon.com
OrgTechRef: https://rdap.arin.net/registry/entity/ANO24-ARIN
# end
# start
NetRange: 54.144.0.0 - 54.147.255.255
CIDR: 54.144.0.0/14
NetName: AMAZON-IAD
NetHandle: NET-54-144-0-0-2
Parent: AMAZON (NET-54-144-0-0-1)
NetType: Reallocated
OriginAS:
Organization: Amazon Data Services Northern Virginia (ADSN-1)
RegDate: 2018-07-20
Updated: 2018-07-20
Ref: https://rdap.arin.net/registry/ip/54.144.0.0
OrgName: Amazon Data Services Northern Virginia
OrgId: ADSN-1
Address: 13200 Woodland Park Road
City: Herndon
StateProv: VA
PostalCode: 20171
Country: US
RegDate: 2018-04-25
Updated: 2025-08-14
Ref: https://rdap.arin.net/registry/entity/ADSN-1
OrgAbuseHandle: AEA8-ARIN
OrgAbuseName: Amazon EC2 Abuse
OrgAbusePhone: +1-206-555-0000
OrgAbuseEmail: trustandsafety@support.aws.com
OrgAbuseRef: https://rdap.arin.net/registry/entity/AEA8-ARIN
OrgTechHandle: ANO24-ARIN
OrgTechName: Amazon EC2 Network Operations
OrgTechPhone: +1-206-555-0000
OrgTechEmail: amzn-noc-contact@amazon.com
OrgTechRef: https://rdap.arin.net/registry/entity/ANO24-ARIN
OrgNOCHandle: AANO1-ARIN
OrgNOCName: Amazon AWS Network Operations
OrgNOCPhone: +1-206-555-0000
OrgNOCEmail: amzn-noc-contact@amazon.com
OrgNOCRef: https://rdap.arin.net/registry/entity/AANO1-ARIN
# end
#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/resources/registry/whois/tou/
#
# If you see inaccuracies in the results, please report at
# https://www.arin.net/resources/registry/whois/inaccuracy_reporting/
#
# Copyright 1997-2026, American Registry for Internet Numbers, Ltd.
#; <<>> DiG 9.10.3-P4-Ubuntu <<>> 54.144.98.172
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 34003
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;54.144.98.172. IN A
;; AUTHORITY SECTION:
. 30 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2026052601 1800 900 604800 86400
;; Query time: 10 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed May 27 05:00:17 CST 2026
;; MSG SIZE rcvd: 106172.98.144.54.in-addr.arpa domain name pointer ec2-54-144-98-172.compute-1.amazonaws.com.Server: 183.60.83.19
Address: 183.60.83.19#53
Non-authoritative answer:
172.98.144.54.in-addr.arpa name = ec2-54-144-98-172.compute-1.amazonaws.com.
Authoritative answers can be found from:| IP | 类型 | 评论内容 | 时间 |
|---|---|---|---|
| 37.152.178.196 | attack | Apr 9 11:58:22 lanister sshd[15314]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=37.152.178.196 user=root Apr 9 11:58:24 lanister sshd[15314]: Failed password for root from 37.152.178.196 port 36890 ssh2 Apr 9 12:02:48 lanister sshd[15432]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=37.152.178.196 user=root Apr 9 12:02:50 lanister sshd[15432]: Failed password for root from 37.152.178.196 port 45334 ssh2 |
2020-04-10 00:30:59 |
| 92.63.194.22 | attackspam | Apr 9 18:15:04 ns3164893 sshd[32518]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=92.63.194.22 Apr 9 18:15:05 ns3164893 sshd[32518]: Failed password for invalid user admin from 92.63.194.22 port 32989 ssh2 ... |
2020-04-10 00:19:44 |
| 197.47.162.233 | attack | Unauthorized connection attempt from IP address 197.47.162.233 on Port 445(SMB) |
2020-04-10 01:09:08 |
| 223.223.190.131 | attack | $f2bV_matches |
2020-04-10 00:33:16 |
| 119.129.172.36 | attackspambots | 1586437267 - 04/09/2020 15:01:07 Host: 119.129.172.36/119.129.172.36 Port: 445 TCP Blocked |
2020-04-10 01:02:09 |
| 200.174.197.145 | attackspam | Apr 9 17:19:48 ns382633 sshd\[22446\]: Invalid user lzj from 200.174.197.145 port 1365 Apr 9 17:19:48 ns382633 sshd\[22446\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.174.197.145 Apr 9 17:19:51 ns382633 sshd\[22446\]: Failed password for invalid user lzj from 200.174.197.145 port 1365 ssh2 Apr 9 17:32:41 ns382633 sshd\[25448\]: Invalid user lzj from 200.174.197.145 port 11863 Apr 9 17:32:41 ns382633 sshd\[25448\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.174.197.145 |
2020-04-10 00:33:47 |
| 103.110.166.13 | attackbotsspam | Apr 9 13:31:23 scw-6657dc sshd[25569]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.110.166.13 Apr 9 13:31:23 scw-6657dc sshd[25569]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.110.166.13 Apr 9 13:31:25 scw-6657dc sshd[25569]: Failed password for invalid user dev from 103.110.166.13 port 57380 ssh2 ... |
2020-04-10 00:23:48 |
| 101.50.126.96 | attackbots | Apr 9 07:27:52 server1 sshd\[16207\]: Invalid user www from 101.50.126.96 Apr 9 07:27:52 server1 sshd\[16207\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=101.50.126.96 Apr 9 07:27:54 server1 sshd\[16207\]: Failed password for invalid user www from 101.50.126.96 port 55676 ssh2 Apr 9 07:31:40 server1 sshd\[17684\]: Invalid user informix from 101.50.126.96 Apr 9 07:31:40 server1 sshd\[17684\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=101.50.126.96 ... |
2020-04-10 01:10:00 |
| 49.235.56.205 | attackbots | prod11 ... |
2020-04-10 00:30:34 |
| 190.145.192.106 | attackbots | Brute-force attempt banned |
2020-04-10 00:34:18 |
| 47.91.79.19 | attackbotsspam | k+ssh-bruteforce |
2020-04-10 00:40:09 |
| 106.13.206.183 | attackspam | Apr 9 14:30:13 kmh-wmh-003-nbg03 sshd[9446]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.206.183 user=r.r Apr 9 14:30:15 kmh-wmh-003-nbg03 sshd[9446]: Failed password for r.r from 106.13.206.183 port 35724 ssh2 Apr 9 14:30:15 kmh-wmh-003-nbg03 sshd[9446]: Received disconnect from 106.13.206.183 port 35724:11: Bye Bye [preauth] Apr 9 14:30:15 kmh-wmh-003-nbg03 sshd[9446]: Disconnected from 106.13.206.183 port 35724 [preauth] Apr 9 14:54:44 kmh-wmh-003-nbg03 sshd[11991]: Invalid user cyrus from 106.13.206.183 port 37422 Apr 9 14:54:44 kmh-wmh-003-nbg03 sshd[11991]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.206.183 Apr 9 14:54:46 kmh-wmh-003-nbg03 sshd[11991]: Failed password for invalid user cyrus from 106.13.206.183 port 37422 ssh2 Apr 9 14:54:46 kmh-wmh-003-nbg03 sshd[11991]: Received disconnect from 106.13.206.183 port 37422:11: Bye Bye [preauth] Apr 9 14:5........ ------------------------------- |
2020-04-10 00:26:42 |
| 120.79.211.86 | attackbots | "Restricted File Access Attempt - Matched Data: wp-config.php found within REQUEST_FILENAME: /wp-config.php5" |
2020-04-10 01:07:19 |
| 37.59.232.6 | attackbots | 2020-04-09 04:38:22 server sshd[91440]: Failed password for invalid user ubuntu from 37.59.232.6 port 36752 ssh2 |
2020-04-10 00:16:29 |
| 64.227.13.104 | attackbots | Apr 9 15:38:54 vpn01 sshd[17970]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=64.227.13.104 Apr 9 15:38:56 vpn01 sshd[17970]: Failed password for invalid user robert from 64.227.13.104 port 58080 ssh2 ... |
2020-04-10 00:36:16 |