City: Ashburn
Region: Virginia
Country: United States
Internet Service Provider: unknown
Hostname: unknown
Organization: unknown
Usage Type: unknown
#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/resources/registry/whois/tou/
#
# If you see inaccuracies in the results, please report at
# https://www.arin.net/resources/registry/whois/inaccuracy_reporting/
#
# Copyright 1997-2026, American Registry for Internet Numbers, Ltd.
#
# start
NetRange: 13.200.0.0 - 13.239.255.255
CIDR: 13.200.0.0/13, 13.224.0.0/12, 13.208.0.0/12
NetName: AT-88-Z
NetHandle: NET-13-200-0-0-1
Parent: NET13 (NET-13-0-0-0-0)
NetType: Direct Allocation
OriginAS:
Organization: Amazon Technologies Inc. (AT-88-Z)
RegDate: 2019-10-01
Updated: 2021-02-10
Ref: https://rdap.arin.net/registry/ip/13.200.0.0
OrgName: Amazon Technologies Inc.
OrgId: AT-88-Z
Address: 410 Terry Ave N.
City: Seattle
StateProv: WA
PostalCode: 98109
Country: US
RegDate: 2011-12-08
Updated: 2024-01-24
Comment: All abuse reports MUST include:
Comment: * src IP
Comment: * dest IP (your IP)
Comment: * dest port
Comment: * Accurate date/timestamp and timezone of activity
Comment: * Intensity/frequency (short log extracts)
Comment: * Your contact details (phone and email) Without these we will be unable to identify the correct owner of the IP address at that point in time.
Ref: https://rdap.arin.net/registry/entity/AT-88-Z
OrgRoutingHandle: ARMP-ARIN
OrgRoutingName: AWS RPKI Management POC
OrgRoutingPhone: +1-206-555-0000
OrgRoutingEmail: aws-rpki-routing-poc@amazon.com
OrgRoutingRef: https://rdap.arin.net/registry/entity/ARMP-ARIN
OrgRoutingHandle: IPROU3-ARIN
OrgRoutingName: IP Routing
OrgRoutingPhone: +1-206-555-0000
OrgRoutingEmail: aws-routing-poc@amazon.com
OrgRoutingRef: https://rdap.arin.net/registry/entity/IPROU3-ARIN
OrgTechHandle: ANO24-ARIN
OrgTechName: Amazon EC2 Network Operations
OrgTechPhone: +1-206-555-0000
OrgTechEmail: amzn-noc-contact@amazon.com
OrgTechRef: https://rdap.arin.net/registry/entity/ANO24-ARIN
OrgNOCHandle: AANO1-ARIN
OrgNOCName: Amazon AWS Network Operations
OrgNOCPhone: +1-206-555-0000
OrgNOCEmail: amzn-noc-contact@amazon.com
OrgNOCRef: https://rdap.arin.net/registry/entity/AANO1-ARIN
OrgAbuseHandle: AEA8-ARIN
OrgAbuseName: Amazon EC2 Abuse
OrgAbusePhone: +1-206-555-0000
OrgAbuseEmail: trustandsafety@support.aws.com
OrgAbuseRef: https://rdap.arin.net/registry/entity/AEA8-ARIN
# end
# start
NetRange: 13.216.0.0 - 13.223.255.255
CIDR: 13.216.0.0/13
NetName: AMAZON-IAD
NetHandle: NET-13-216-0-0-1
Parent: AT-88-Z (NET-13-200-0-0-1)
NetType: Reallocated
OriginAS:
Organization: Amazon Data Services Northern Virginia (ADSN-1)
RegDate: 2024-09-27
Updated: 2024-09-27
Ref: https://rdap.arin.net/registry/ip/13.216.0.0
OrgName: Amazon Data Services Northern Virginia
OrgId: ADSN-1
Address: 13200 Woodland Park Road
City: Herndon
StateProv: VA
PostalCode: 20171
Country: US
RegDate: 2018-04-25
Updated: 2025-08-14
Ref: https://rdap.arin.net/registry/entity/ADSN-1
OrgTechHandle: ANO24-ARIN
OrgTechName: Amazon EC2 Network Operations
OrgTechPhone: +1-206-555-0000
OrgTechEmail: amzn-noc-contact@amazon.com
OrgTechRef: https://rdap.arin.net/registry/entity/ANO24-ARIN
OrgAbuseHandle: AEA8-ARIN
OrgAbuseName: Amazon EC2 Abuse
OrgAbusePhone: +1-206-555-0000
OrgAbuseEmail: trustandsafety@support.aws.com
OrgAbuseRef: https://rdap.arin.net/registry/entity/AEA8-ARIN
OrgNOCHandle: AANO1-ARIN
OrgNOCName: Amazon AWS Network Operations
OrgNOCPhone: +1-206-555-0000
OrgNOCEmail: amzn-noc-contact@amazon.com
OrgNOCRef: https://rdap.arin.net/registry/entity/AANO1-ARIN
# end
#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/resources/registry/whois/tou/
#
# If you see inaccuracies in the results, please report at
# https://www.arin.net/resources/registry/whois/inaccuracy_reporting/
#
# Copyright 1997-2026, American Registry for Internet Numbers, Ltd.
#; <<>> DiG 9.10.3-P4-Ubuntu <<>> 13.218.54.153
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 20844
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;13.218.54.153. IN A
;; AUTHORITY SECTION:
. 30 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2026030701 1800 900 604800 86400
;; Query time: 6 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Mar 08 05:00:27 CST 2026
;; MSG SIZE rcvd: 106153.54.218.13.in-addr.arpa domain name pointer ec2-13-218-54-153.compute-1.amazonaws.com.Server: 183.60.83.19
Address: 183.60.83.19#53
Non-authoritative answer:
153.54.218.13.in-addr.arpa name = ec2-13-218-54-153.compute-1.amazonaws.com.
Authoritative answers can be found from:| IP | Type | Details | Datetime |
|---|---|---|---|
| 222.186.175.167 | attackbots | Jan 10 18:53:42 vps691689 sshd[17623]: Failed password for root from 222.186.175.167 port 30702 ssh2 Jan 10 18:53:54 vps691689 sshd[17623]: error: maximum authentication attempts exceeded for root from 222.186.175.167 port 30702 ssh2 [preauth] ... |
2020-01-11 01:57:57 |
| 42.159.132.238 | attack | Jan 10 15:05:58 amit sshd\[29925\]: Invalid user qum from 42.159.132.238 Jan 10 15:05:58 amit sshd\[29925\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.159.132.238 Jan 10 15:06:00 amit sshd\[29925\]: Failed password for invalid user qum from 42.159.132.238 port 40884 ssh2 ... |
2020-01-11 01:56:46 |
| 222.186.190.2 | attack | 2020-01-10T19:00:19.851085ns386461 sshd\[9590\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.190.2 user=root 2020-01-10T19:00:21.950503ns386461 sshd\[9590\]: Failed password for root from 222.186.190.2 port 12802 ssh2 2020-01-10T19:00:24.830576ns386461 sshd\[9590\]: Failed password for root from 222.186.190.2 port 12802 ssh2 2020-01-10T19:00:28.458580ns386461 sshd\[9590\]: Failed password for root from 222.186.190.2 port 12802 ssh2 2020-01-10T19:00:31.162408ns386461 sshd\[9590\]: Failed password for root from 222.186.190.2 port 12802 ssh2 ... |
2020-01-11 02:03:28 |
| 159.203.27.98 | attackspam | SSH/22 MH Probe, BF, Hack - |
2020-01-11 02:32:49 |
| 178.221.29.194 | attackbotsspam | Lines containing failures of 178.221.29.194 Jan 10 14:02:58 shared07 sshd[13110]: Invalid user admin from 178.221.29.194 port 58326 Jan 10 14:02:58 shared07 sshd[13110]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.221.29.194 Jan 10 14:03:00 shared07 sshd[13110]: Failed password for invalid user admin from 178.221.29.194 port 58326 ssh2 Jan 10 14:03:00 shared07 sshd[13110]: Connection closed by invalid user admin 178.221.29.194 port 58326 [preauth] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=178.221.29.194 |
2020-01-11 02:11:42 |
| 195.70.38.40 | attackspambots | Jan 10 13:54:27 ks10 sshd[1122697]: Failed password for root from 195.70.38.40 port 59762 ssh2 ... |
2020-01-11 02:07:56 |
| 23.129.64.233 | attackbotsspam | Unauthorized IMAP connection attempt |
2020-01-11 02:27:08 |
| 198.98.53.133 | attack | $f2bV_matches |
2020-01-11 01:52:30 |
| 180.76.246.38 | attack | Jan 9 02:45:25 tuxlinux sshd[32018]: Invalid user lis from 180.76.246.38 port 43590 Jan 9 02:45:25 tuxlinux sshd[32018]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.76.246.38 Jan 9 02:45:25 tuxlinux sshd[32018]: Invalid user lis from 180.76.246.38 port 43590 Jan 9 02:45:25 tuxlinux sshd[32018]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.76.246.38 Jan 9 02:45:25 tuxlinux sshd[32018]: Invalid user lis from 180.76.246.38 port 43590 Jan 9 02:45:25 tuxlinux sshd[32018]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.76.246.38 Jan 9 02:45:26 tuxlinux sshd[32018]: Failed password for invalid user lis from 180.76.246.38 port 43590 ssh2 ... |
2020-01-11 01:54:05 |
| 51.91.212.79 | attackspambots | Jan 10 19:08:13 debian-2gb-nbg1-2 kernel: \[939002.876838\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=51.91.212.79 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=241 ID=54321 PROTO=TCP SPT=51543 DPT=1025 WINDOW=65535 RES=0x00 SYN URGP=0 |
2020-01-11 02:24:08 |
| 93.115.148.228 | attackspambots | Caught in portsentry honeypot |
2020-01-11 02:04:00 |
| 185.176.27.254 | attackspam | ET DROP Dshield Block Listed Source group 1 - port: 36322 proto: TCP cat: Misc Attack |
2020-01-11 02:17:48 |
| 123.206.100.165 | attackbotsspam | Unauthorized connection attempt detected from IP address 123.206.100.165 to port 22 [T] |
2020-01-11 02:01:14 |
| 46.38.144.231 | attackspambots | Jan 10 18:02:58 blackbee postfix/smtpd\[22640\]: warning: unknown\[46.38.144.231\]: SASL LOGIN authentication failed: authentication failure Jan 10 18:03:19 blackbee postfix/smtpd\[22640\]: warning: unknown\[46.38.144.231\]: SASL LOGIN authentication failed: authentication failure Jan 10 18:03:38 blackbee postfix/smtpd\[22640\]: warning: unknown\[46.38.144.231\]: SASL LOGIN authentication failed: authentication failure Jan 10 18:04:02 blackbee postfix/smtpd\[22680\]: warning: unknown\[46.38.144.231\]: SASL LOGIN authentication failed: authentication failure Jan 10 18:04:25 blackbee postfix/smtpd\[22680\]: warning: unknown\[46.38.144.231\]: SASL LOGIN authentication failed: authentication failure ... |
2020-01-11 02:22:01 |
| 159.203.201.42 | attack | Unauthorized connection attempt from IP address 159.203.201.42 on Port 3389(RDP) |
2020-01-11 02:34:34 |