18.130.139.154

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): United States

运营商(isp): Amazon Data Services UK

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Wordpress XMLRPC attack	2019-06-23 02:20:06

相同子网IP讨论:

暂无关于此IP所属子网相关IP的讨论.

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 18.130.139.154
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 44116
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;18.130.139.154.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019062202 1800 900 604800 86400

;; Query time: 3 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Sun Jun 23 02:19:56 CST 2019
;; MSG SIZE  rcvd: 118

HOST信息:

154.139.130.18.in-addr.arpa domain name pointer ec2-18-130-139-154.eu-west-2.compute.amazonaws.com.

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
154.139.130.18.in-addr.arpa	name = ec2-18-130-139-154.eu-west-2.compute.amazonaws.com.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
47.244.13.202	attackbotsspam	WEB SPAM: https://168cash.com.tw/	2020-02-13 13:33:23
185.147.215.14	attackspam	[2020-02-13 00:15:23] NOTICE[1148] chan_sip.c: Registration from '' failed for '185.147.215.14:58742' - Wrong password [2020-02-13 00:15:23] SECURITY[1163] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2020-02-13T00:15:23.493-0500",Severity="Error",Service="SIP",EventVersion="2",AccountID="4223",SessionID="0x7fd82c2348d8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/185.147.215.14/58742",Challenge="0a584148",ReceivedChallenge="0a584148",ReceivedHash="8665e75081da493211f6f56066041245" [2020-02-13 00:15:51] NOTICE[1148] chan_sip.c: Registration from '' failed for '185.147.215.14:53428' - Wrong password [2020-02-13 00:15:51] SECURITY[1163] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2020-02-13T00:15:51.683-0500",Severity="Error",Service="SIP",EventVersion="2",AccountID="4224",SessionID="0x7fd82c2aad18",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/185.147.21 ...	2020-02-13 13:57:24
154.9.166.117	attack	MYH,DEF GET http://meyer-pantalons.fr/magento/errors/adminer.php	2020-02-13 13:41:26
197.248.127.222	attackspam	$f2bV_matches	2020-02-13 13:30:15
45.166.108.186	spam	Used since many times for SPAM, PHISHING and SCAM on STOLLEN list we don't know where without our agreement, as usual with LIERS and ROBERS ! t-fen.info => FALSE Domain name, => 45.166.108.186 => truxgo.com ! t-fen.info => FALSE EMPTY Web Site USED ONLY for SPAM => SCAM at ... web.com, as usual for robbers and liers... t-fen.info and other as shown under are FALSE web sites to BURN/DELETE/STOP sending SPAM contact@cream-beauty.fr => from mafdid.com ([45.170.249.119]) => TOYHACK S. DE R.L, DE C.V., ownerid: MX-TSRC5-LACNIC => GoDaddy To STOP IMMEDIATELY such SPAM and SCAM ! Image as usual from https://image.noelshack.com... Exactly the same than : flexa56.fr electroFace.fr 21dor.fr arthrite.fr pression.fr clickbank.net truxgo.com https://www.mywot.com/scorecard/daver.com https://www.mywot.com/scorecard/web.com https://www.mywot.com/scorecard/truxgo.com https://www.mywot.com/scorecard/flexa56.fr https://www.mywot.com/scorecard/electroFace.fr https://www.mywot.com/scorecard/21dor.fr https://www.mywot.com/scorecard/arthrite.fr https://www.mywot.com/scorecard/pression.fr https://www.mywot.com/scorecard/clickbank.net https://www.mywot.com/scorecard/truxgo.com https://www.mywot.com/scorecard/ckcdnassets.com	2020-02-13 14:07:44
170.82.0.243	attack	MYH,DEF GET http://meyer-pantalons.fr/shop/errors/adminer.php	2020-02-13 13:39:26
139.155.1.252	attack	2020-02-13T05:54:43.814813centos sshd\[28019\]: Invalid user weblogic from 139.155.1.252 port 45138 2020-02-13T05:54:43.821617centos sshd\[28019\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.1.252 2020-02-13T05:54:45.286925centos sshd\[28019\]: Failed password for invalid user weblogic from 139.155.1.252 port 45138 ssh2	2020-02-13 13:47:24
186.91.201.27	attack	1581569700 - 02/13/2020 05:55:00 Host: 186.91.201.27/186.91.201.27 Port: 445 TCP Blocked	2020-02-13 13:34:29
61.73.231.204	attackspambots	Feb 13 06:48:36 MK-Soft-VM3 sshd[30753]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.73.231.204 Feb 13 06:48:38 MK-Soft-VM3 sshd[30753]: Failed password for invalid user top10 from 61.73.231.204 port 35166 ssh2 ...	2020-02-13 13:49:39
188.254.0.197	attackspambots	Feb 13 06:40:15 silence02 sshd[21710]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=188.254.0.197 Feb 13 06:40:17 silence02 sshd[21710]: Failed password for invalid user hadoop1 from 188.254.0.197 port 56056 ssh2 Feb 13 06:43:40 silence02 sshd[22039]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=188.254.0.197	2020-02-13 13:44:16
101.200.172.191	attackbotsspam	MultiHost/MultiPort Probe, Scan, Hack -	2020-02-13 13:33:06
107.152.205.47	attack	MYH,DEF GET http://meyer-pantalons.fr/includes/adminer.php	2020-02-13 13:39:55
154.9.165.81	attack	MYH,DEF GET http://meyer-pantalons.fr/downloader/adminer.php	2020-02-13 13:41:52
177.105.116.131	attackspam	Unauthorized connection attempt from IP address 177.105.116.131 on Port 445(SMB)	2020-02-13 13:59:30
173.254.231.134	attackbots	trying to access non-authorized port	2020-02-13 13:47:11

最近上报的IP列表

61.203.109.91	194.8.144.222	178.34.58.225	36.238.33.167
112.106.68.49	118.168.78.134	117.94.117.50	167.100.110.23
114.96.45.106	45.115.171.188	198.27.86.7	189.127.34.5
60.212.102.150	218.28.59.130	1.169.195.63	176.112.172.203
141.212.123.31	123.125.125.248	191.53.220.196	167.100.103.160