18.136.200.12 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Singapore

运营商(isp): Amazon Data Services Singapore

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	18.136.200.12 - - [21/Jul/2020:18:50:06 +1000] "POST /wp-login.php HTTP/1.0" 200 5963 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 18.136.200.12 - - [21/Jul/2020:18:59:49 +1000] "POST /wp-login.php HTTP/1.1" 200 1925 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 18.136.200.12 - - [21/Jul/2020:18:59:51 +1000] "POST /wp-login.php HTTP/1.1" 200 1880 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 18.136.200.12 - - [22/Jul/2020:01:05:27 +1000] "POST /wp-login.php HTTP/1.1" 200 1936 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 18.136.200.12 - - [22/Jul/2020:16:24:34 +1000] "POST /wp-login.php HTTP/1.0" 200 6261 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-07-22 14:30:06

类型

评论内容

时间

attack

18.136.200.12 - - [21/Jul/2020:18:50:06 +1000] "POST /wp-login.php HTTP/1.0" 200 5963 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
18.136.200.12 - - [21/Jul/2020:18:59:49 +1000] "POST /wp-login.php HTTP/1.1" 200 1925 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
18.136.200.12 - - [21/Jul/2020:18:59:51 +1000] "POST /wp-login.php HTTP/1.1" 200 1880 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
18.136.200.12 - - [22/Jul/2020:01:05:27 +1000] "POST /wp-login.php HTTP/1.1" 200 1936 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
18.136.200.12 - - [22/Jul/2020:16:24:34 +1000] "POST /wp-login.php HTTP/1.0" 200 6261 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
...

2020-07-22 14:30:06

相同子网IP讨论:

IP	类型	评论内容	时间
18.136.200.250	attackspam	Unauthorized connection attempt detected from IP address 18.136.200.250 to port 80 [J]	2020-02-04 01:22:29

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 18.136.200.12
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 13059
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;18.136.200.12.			IN	A

;; AUTHORITY SECTION:
.			488	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020072200 1800 900 604800 86400

;; Query time: 57 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Jul 22 14:29:56 CST 2020
;; MSG SIZE  rcvd: 117

HOST信息:

12.200.136.18.in-addr.arpa domain name pointer ec2-18-136-200-12.ap-southeast-1.compute.amazonaws.com.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
12.200.136.18.in-addr.arpa	name = ec2-18-136-200-12.ap-southeast-1.compute.amazonaws.com.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
186.42.175.250	attack	Honeypot attack, port: 445, PTR: 250.175.42.186.static.anycast.cnt-grms.ec.	2020-01-11 07:48:06
222.186.30.209	attackbots	Unauthorized connection attempt detected from IP address 222.186.30.209 to port 22 [T]	2020-01-11 07:55:03
81.174.128.10	attackbotsspam	Jan 11 00:00:58 mout sshd[1509]: Invalid user device from 81.174.128.10 port 40786	2020-01-11 08:03:54
120.25.177.51	attackspambots	Honeypot attack, port: 445, PTR: PTR record not found	2020-01-11 08:10:20
188.147.107.118	attack	Jan 10 22:08:51 grey postfix/smtpd\[31082\]: NOQUEUE: reject: RCPT from 188.147.107.118.nat.umts.dynamic.t-mobile.pl\[188.147.107.118\]: 554 5.7.1 Service unavailable\; Client host \[188.147.107.118\] blocked using dul.dnsbl.sorbs.net\; Dynamic IP Addresses See: http://www.sorbs.net/lookup.shtml\?188.147.107.118\; from=\ to=\ proto=ESMTP helo=\<188.147.107.118.nat.umts.dynamic.t-mobile.pl\> ...	2020-01-11 08:09:21
117.204.240.246	attackbotsspam	Jan 10 23:55:04 server sshd\[16377\]: Invalid user admin from 117.204.240.246 Jan 10 23:55:04 server sshd\[16377\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.204.240.246 Jan 10 23:55:06 server sshd\[16377\]: Failed password for invalid user admin from 117.204.240.246 port 1891 ssh2 Jan 11 00:08:40 server sshd\[19892\]: Invalid user admin from 117.204.240.246 Jan 11 00:08:40 server sshd\[19892\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.204.240.246 ...	2020-01-11 08:13:12
117.22.252.106	attack	Honeypot attack, port: 445, PTR: PTR record not found	2020-01-11 07:59:05
179.176.40.170	attack	Jan 10 22:08:58 grey postfix/smtpd\[27501\]: NOQUEUE: reject: RCPT from 179.176.40.170.dynamic.adsl.gvt.net.br\[179.176.40.170\]: 554 5.7.1 Service unavailable\; Client host \[179.176.40.170\] blocked using dul.dnsbl.sorbs.net\; Dynamic IP Addresses See: http://www.sorbs.net/lookup.shtml\?179.176.40.170\; from=\ to=\ proto=ESMTP helo=\<179.176.40.170.dynamic.adsl.gvt.net.br\> ...	2020-01-11 08:06:40
80.82.65.90	attack	01/10/2020-18:47:56.236321 80.82.65.90 Protocol: 6 ET DROP Dshield Block Listed Source group 1	2020-01-11 08:08:27
78.189.137.234	attack	Honeypot attack, port: 81, PTR: 78.189.137.234.static.ttnet.com.tr.	2020-01-11 08:01:06
51.75.37.173	attack	Jan 10 22:05:07 SilenceServices sshd[4278]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.75.37.173 Jan 10 22:05:09 SilenceServices sshd[4278]: Failed password for invalid user teamspeak from 51.75.37.173 port 54352 ssh2 Jan 10 22:08:26 SilenceServices sshd[6967]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.75.37.173	2020-01-11 08:19:40
142.93.211.44	attack	Jan 11 00:13:53 MK-Soft-VM7 sshd[31067]: Failed password for root from 142.93.211.44 port 38260 ssh2 Jan 11 00:17:01 MK-Soft-VM7 sshd[31126]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.211.44 ...	2020-01-11 07:46:29
78.19.129.72	attack	Jan 10 22:09:14 grey postfix/smtpd\[29390\]: NOQUEUE: reject: RCPT from unknown\[78.19.129.72\]: 554 5.7.1 Service unavailable\; Client host \[78.19.129.72\] blocked using truncate.gbudb.net\; http://www.gbudb.com/truncate/ \[78.19.129.72\]\; from=\ to=\ proto=ESMTP helo=\ ...	2020-01-11 07:54:11
177.226.235.18	attackbotsspam	Jan 10 22:08:42 grey postfix/smtpd\[30319\]: NOQUEUE: reject: RCPT from unknown\[177.226.235.18\]: 554 5.7.1 Service unavailable\; Client host \[177.226.235.18\] blocked using cbl.abuseat.org\; Blocked - see http://www.abuseat.org/lookup.cgi\?ip=177.226.235.18\; from=\ to=\ proto=ESMTP helo=\ ...	2020-01-11 08:12:09
80.144.109.193	attackspambots	none	2020-01-11 08:20:46

最近上报的IP列表

92.112.3.46	88.83.53.120	81.214.125.132	72.4.44.28
68.54.14.153	66.42.29.248	126.203.36.122	231.30.239.133
89.49.134.235	81.73.138.144	195.103.81.161	53.64.18.243
27.78.22.33	27.68.62.238	23.16.119.43	14.43.102.100
211.63.188.152	197.89.15.210	189.201.130.50	185.200.34.70