城市(city): Tokyo
省份(region): Tokyo
国家(country): Japan
运营商(isp): unknown
主机名(hostname): unknown
机构(organization): unknown
使用类型(Usage Type): unknown
#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/resources/registry/whois/tou/
#
# If you see inaccuracies in the results, please report at
# https://www.arin.net/resources/registry/whois/inaccuracy_reporting/
#
# Copyright 1997-2026, American Registry for Internet Numbers, Ltd.
#
# start
NetRange: 54.64.0.0 - 54.95.255.255
CIDR: 54.64.0.0/11
NetName: AMAZON-2011L
NetHandle: NET-54-64-0-0-1
Parent: NET54 (NET-54-0-0-0-0)
NetType: Direct Allocation
OriginAS:
Organization: Amazon Technologies Inc. (AT-88-Z)
RegDate: 2014-06-20
Updated: 2021-02-10
Ref: https://rdap.arin.net/registry/ip/54.64.0.0
OrgName: Amazon Technologies Inc.
OrgId: AT-88-Z
Address: 410 Terry Ave N.
City: Seattle
StateProv: WA
PostalCode: 98109
Country: US
RegDate: 2011-12-08
Updated: 2024-01-24
Comment: All abuse reports MUST include:
Comment: * src IP
Comment: * dest IP (your IP)
Comment: * dest port
Comment: * Accurate date/timestamp and timezone of activity
Comment: * Intensity/frequency (short log extracts)
Comment: * Your contact details (phone and email) Without these we will be unable to identify the correct owner of the IP address at that point in time.
Ref: https://rdap.arin.net/registry/entity/AT-88-Z
OrgNOCHandle: AANO1-ARIN
OrgNOCName: Amazon AWS Network Operations
OrgNOCPhone: +1-206-555-0000
OrgNOCEmail: amzn-noc-contact@amazon.com
OrgNOCRef: https://rdap.arin.net/registry/entity/AANO1-ARIN
OrgTechHandle: ANO24-ARIN
OrgTechName: Amazon EC2 Network Operations
OrgTechPhone: +1-206-555-0000
OrgTechEmail: amzn-noc-contact@amazon.com
OrgTechRef: https://rdap.arin.net/registry/entity/ANO24-ARIN
OrgRoutingHandle: ARMP-ARIN
OrgRoutingName: AWS RPKI Management POC
OrgRoutingPhone: +1-206-555-0000
OrgRoutingEmail: aws-rpki-routing-poc@amazon.com
OrgRoutingRef: https://rdap.arin.net/registry/entity/ARMP-ARIN
OrgRoutingHandle: IPROU3-ARIN
OrgRoutingName: IP Routing
OrgRoutingPhone: +1-206-555-0000
OrgRoutingEmail: aws-routing-poc@amazon.com
OrgRoutingRef: https://rdap.arin.net/registry/entity/IPROU3-ARIN
OrgAbuseHandle: AEA8-ARIN
OrgAbuseName: Amazon EC2 Abuse
OrgAbusePhone: +1-206-555-0000
OrgAbuseEmail: trustandsafety@support.aws.com
OrgAbuseRef: https://rdap.arin.net/registry/entity/AEA8-ARIN
# end
# start
NetRange: 54.95.0.0 - 54.95.255.255
CIDR: 54.95.0.0/16
NetName: AMAZON-NRT
NetHandle: NET-54-95-0-0-1
Parent: AMAZON-2011L (NET-54-64-0-0-1)
NetType: Reallocated
OriginAS:
Organization: Amazon Data Services Japan (AMAZO-49)
RegDate: 2018-07-20
Updated: 2021-02-10
Ref: https://rdap.arin.net/registry/ip/54.95.0.0
OrgName: Amazon Data Services Japan
OrgId: AMAZO-49
Address: Meguro Central Square
Address: 3-1-1 Kamiosaki,Shinagawa-ku
City: Tokyo
StateProv:
PostalCode: 141-0021
Country: JP
RegDate: 2012-08-01
Updated: 2023-03-14
Comment: The activity you have detected originates from a dynamic hosting environment.
Comment: For fastest response, please submit abuse reports at http://aws-portal.amazon.com/gp/aws/html-forms-controller/contactus/AWSAbuse
Comment: For more information regarding EC2 see:
Comment: http://ec2.amazonaws.com/
Comment: All reports MUST include:
Comment: * src IP
Comment: * dest IP (your IP)
Comment: * dest port
Comment: * Accurate date/timestamp and timezone of activity
Comment: * Intensity/frequency (short log extracts)
Comment: * Your contact details (phone and email) Without these we will be unable to identify the correct owner of the IP address at that point in time.
Ref: https://rdap.arin.net/registry/entity/AMAZO-49
OrgAbuseHandle: AEA8-ARIN
OrgAbuseName: Amazon EC2 Abuse
OrgAbusePhone: +1-206-555-0000
OrgAbuseEmail: trustandsafety@support.aws.com
OrgAbuseRef: https://rdap.arin.net/registry/entity/AEA8-ARIN
OrgNOCHandle: AANO1-ARIN
OrgNOCName: Amazon AWS Network Operations
OrgNOCPhone: +1-206-555-0000
OrgNOCEmail: amzn-noc-contact@amazon.com
OrgNOCRef: https://rdap.arin.net/registry/entity/AANO1-ARIN
OrgTechHandle: ANO24-ARIN
OrgTechName: Amazon EC2 Network Operations
OrgTechPhone: +1-206-555-0000
OrgTechEmail: amzn-noc-contact@amazon.com
OrgTechRef: https://rdap.arin.net/registry/entity/ANO24-ARIN
# end
#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/resources/registry/whois/tou/
#
# If you see inaccuracies in the results, please report at
# https://www.arin.net/resources/registry/whois/inaccuracy_reporting/
#
# Copyright 1997-2026, American Registry for Internet Numbers, Ltd.
#; <<>> DiG 9.10.3-P4-Ubuntu <<>> 54.95.91.184
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 35028
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;54.95.91.184. IN A
;; AUTHORITY SECTION:
. 29 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2026030502 1800 900 604800 86400
;; Query time: 7 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Mar 06 03:00:03 CST 2026
;; MSG SIZE rcvd: 105184.91.95.54.in-addr.arpa domain name pointer ec2-54-95-91-184.ap-northeast-1.compute.amazonaws.com.Server: 183.60.83.19
Address: 183.60.83.19#53
Non-authoritative answer:
184.91.95.54.in-addr.arpa name = ec2-54-95-91-184.ap-northeast-1.compute.amazonaws.com.
Authoritative answers can be found from:| IP | 类型 | 评论内容 | 时间 |
|---|---|---|---|
| 52.155.97.244 | attack | Repeated RDP login failures. Last user: x |
2020-04-30 07:17:17 |
| 195.7.0.28 | attack | firewall-block, port(s): 8161/tcp |
2020-04-30 07:12:38 |
| 195.54.167.17 | attackbotsspam | Apr 30 00:38:54 debian-2gb-nbg1-2 kernel: \[10458853.937091\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=195.54.167.17 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=246 ID=45526 PROTO=TCP SPT=58837 DPT=27361 WINDOW=1024 RES=0x00 SYN URGP=0 |
2020-04-30 07:15:51 |
| 161.35.0.47 | attackspam | Apr 30 00:50:51 plex sshd[19415]: Invalid user scott from 161.35.0.47 port 49156 |
2020-04-30 07:19:39 |
| 129.226.179.187 | attack | Apr 30 00:36:08 eventyay sshd[22887]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.226.179.187 Apr 30 00:36:10 eventyay sshd[22887]: Failed password for invalid user drive from 129.226.179.187 port 39196 ssh2 Apr 30 00:40:17 eventyay sshd[23064]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.226.179.187 ... |
2020-04-30 07:24:49 |
| 5.189.157.109 | attackspambots | 5.189.157.109 - - [29/Apr/2020:22:11:16 +0200] "POST /wp-login.php HTTP/1.1" 200 1790 "-" "-" 5.189.157.109 - - [29/Apr/2020:22:11:32 +0200] "POST /wp-login.php HTTP/1.1" 200 1790 "-" "-" 5.189.157.109 - - [29/Apr/2020:22:11:48 +0200] "POST /wp-login.php HTTP/1.1" 200 1790 "-" "-" 5.189.157.109 - - [29/Apr/2020:22:12:04 +0200] "POST /wp-login.php HTTP/1.1" 200 1790 "-" "-" 5.189.157.109 - - [29/Apr/2020:22:12:20 +0200] "POST /wp-login.php HTTP/1.1" 200 1790 "-" "-" 5.189.157.109 - - [29/Apr/2020:22:12:36 +0200] "POST /wp-login.php HTTP/1.1" 200 1790 "-" "-" ... |
2020-04-30 07:23:12 |
| 222.186.175.148 | attackbots | Apr 29 23:11:30 localhost sshd[84798]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.148 user=root Apr 29 23:11:32 localhost sshd[84798]: Failed password for root from 222.186.175.148 port 44446 ssh2 Apr 29 23:11:35 localhost sshd[84798]: Failed password for root from 222.186.175.148 port 44446 ssh2 Apr 29 23:11:30 localhost sshd[84798]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.148 user=root Apr 29 23:11:32 localhost sshd[84798]: Failed password for root from 222.186.175.148 port 44446 ssh2 Apr 29 23:11:35 localhost sshd[84798]: Failed password for root from 222.186.175.148 port 44446 ssh2 Apr 29 23:11:30 localhost sshd[84798]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.148 user=root Apr 29 23:11:32 localhost sshd[84798]: Failed password for root from 222.186.175.148 port 44446 ssh2 Apr 29 23:11:35 localhost sshd[84 ... |
2020-04-30 07:12:11 |
| 180.76.150.238 | attackbots | Invalid user ts from 180.76.150.238 port 37432 |
2020-04-30 07:11:17 |
| 202.67.40.194 | attackspam | Port probing on unauthorized port 445 |
2020-04-30 06:51:11 |
| 52.168.77.91 | attackbots | Repeated RDP login failures. Last user: aa |
2020-04-30 06:48:40 |
| 112.116.155.205 | attackspambots | SASL PLAIN auth failed: ruser=... |
2020-04-30 07:02:11 |
| 209.141.61.247 | attack | Apr 29 23:15:04 debian-2gb-nbg1-2 kernel: \[10453824.122364\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=209.141.61.247 DST=195.201.40.59 LEN=57 TOS=0x00 PREC=0x00 TTL=239 ID=54321 PROTO=UDP SPT=50774 DPT=53413 LEN=37 |
2020-04-30 07:17:02 |
| 111.231.119.188 | attackbots | Apr 30 00:28:50 srv01 sshd[3775]: Invalid user ogura from 111.231.119.188 port 38020 Apr 30 00:28:50 srv01 sshd[3775]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.231.119.188 Apr 30 00:28:50 srv01 sshd[3775]: Invalid user ogura from 111.231.119.188 port 38020 Apr 30 00:28:52 srv01 sshd[3775]: Failed password for invalid user ogura from 111.231.119.188 port 38020 ssh2 Apr 30 00:29:54 srv01 sshd[3823]: Invalid user acme from 111.231.119.188 port 50172 ... |
2020-04-30 06:53:14 |
| 221.181.24.246 | attackspambots | Unauthorised connection attempt detected at AUO MAIN. System is sshd. Protected by AUO Stack Web Application Firewall (WAF) |
2020-04-30 07:18:21 |
| 68.183.80.108 | attack | Apr 29 22:13:23 zimbra postfix/smtps/smtpd[1665]: lost connection after CONNECT from do-prod-ap-central-scanner-0402-2.do.binaryedge.ninja[68.183.80.108] Apr 29 22:13:25 zimbra postfix/smtps/smtpd[1665]: lost connection after CONNECT from do-prod-ap-central-scanner-0402-2.do.binaryedge.ninja[68.183.80.108] Apr 29 22:13:26 zimbra postfix/smtps/smtpd[1665]: lost connection after CONNECT from do-prod-ap-central-scanner-0402-2.do.binaryedge.ninja[68.183.80.108] Apr 29 22:13:27 zimbra postfix/smtps/smtpd[1665]: lost connection after CONNECT from do-prod-ap-central-scanner-0402-2.do.binaryedge.ninja[68.183.80.108] ... |
2020-04-30 06:48:21 |