112.201.55.144

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Philippines

运营商(isp): Philippine Long Distance Telephone Company

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Sun, 21 Jul 2019 07:36:40 +0000 likely compromised host or open proxy. ddos rate spidering	2019-07-21 21:04:15

相同子网IP讨论:

暂无关于此IP所属子网相关IP的讨论.

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 112.201.55.144
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 3725
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;112.201.55.144.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019072100 1800 900 604800 86400

;; Query time: 3 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Sun Jul 21 21:04:06 CST 2019
;; MSG SIZE  rcvd: 118

HOST信息:

144.55.201.112.in-addr.arpa domain name pointer 112.201.55.144.pldt.net.

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
144.55.201.112.in-addr.arpa	name = 112.201.55.144.pldt.net.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
171.97.90.242	attack	Automatic report - Port Scan Attack	2019-10-04 02:45:00
152.136.26.44	attackspam	Oct 3 11:55:35 TORMINT sshd\[22027\]: Invalid user ask from 152.136.26.44 Oct 3 11:55:35 TORMINT sshd\[22027\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=152.136.26.44 Oct 3 11:55:37 TORMINT sshd\[22027\]: Failed password for invalid user ask from 152.136.26.44 port 46988 ssh2 ...	2019-10-04 02:49:36
95.172.79.236	attackspam	ICMP MP Probe, Scan -	2019-10-04 02:45:50
188.165.240.15	attackspambots	188.165.240.15 - - [03/Oct/2019:18:56:06 +0200] "GET /wp-login.php HTTP/1.1" 200 1122 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 188.165.240.15 - - [03/Oct/2019:18:56:07 +0200] "POST /wp-login.php HTTP/1.1" 200 1503 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 188.165.240.15 - - [03/Oct/2019:18:56:07 +0200] "GET /wp-login.php HTTP/1.1" 200 1122 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 188.165.240.15 - - [03/Oct/2019:18:56:07 +0200] "POST /wp-login.php HTTP/1.1" 200 1489 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 188.165.240.15 - - [03/Oct/2019:18:56:07 +0200] "GET /wp-login.php HTTP/1.1" 200 1122 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 188.165.240.15 - - [03/Oct/2019:18:56:08 +0200] "POST /wp-login.php HTTP/1.1" 200 1491 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2019-10-04 02:44:39
221.179.103.2	attackbots	Oct 3 05:46:35 hpm sshd\[16725\]: Invalid user oemedical from 221.179.103.2 Oct 3 05:46:35 hpm sshd\[16725\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=221.179.103.2 Oct 3 05:46:38 hpm sshd\[16725\]: Failed password for invalid user oemedical from 221.179.103.2 port 46221 ssh2 Oct 3 05:52:28 hpm sshd\[17271\]: Invalid user pi from 221.179.103.2 Oct 3 05:52:28 hpm sshd\[17271\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=221.179.103.2	2019-10-04 02:30:15
212.129.53.177	attackspam	Oct 3 17:12:51 game-panel sshd[2607]: Failed password for games from 212.129.53.177 port 51001 ssh2 Oct 3 17:16:48 game-panel sshd[2744]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=212.129.53.177 Oct 3 17:16:50 game-panel sshd[2744]: Failed password for invalid user nauthy from 212.129.53.177 port 19183 ssh2	2019-10-04 02:52:31
192.185.130.216	attack	192.185.130.216 - - [03/Oct/2019:19:28:23 +0200] "GET /wp-login.php HTTP/1.1" 200 1129 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 192.185.130.216 - - [03/Oct/2019:19:28:25 +0200] "POST /wp-login.php HTTP/1.1" 200 1524 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 192.185.130.216 - - [03/Oct/2019:19:28:25 +0200] "GET /wp-login.php HTTP/1.1" 200 1129 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 192.185.130.216 - - [03/Oct/2019:19:28:27 +0200] "POST /wp-login.php HTTP/1.1" 200 1507 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 192.185.130.216 - - [03/Oct/2019:19:28:27 +0200] "GET /wp-login.php HTTP/1.1" 200 1129 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 192.185.130.216 - - [03/Oct/2019:19:28:28 +0200] "POST /wp-login.php HTTP/1.1" 200 1503 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" .	2019-10-04 02:36:04
31.27.38.242	attack	" "	2019-10-04 02:29:46
140.224.103.179	attack	Automated reporting of SSH Vulnerability scanning	2019-10-04 02:22:11
119.158.109.218	attack	B: Magento admin pass /admin/ test (wrong country)	2019-10-04 02:30:37
202.213.5.11	attackspam	Oct 3 16:30:53 mail kernel: [1496786.392118] [UFW BLOCK] IN=eth0 OUT= MAC=fa:16:3e:d3:64:42:4c:5e:0c:c9:30:5f:08:00 SRC=202.213.5.11 DST=185.101.93.72 LEN=40 TOS=0x08 PREC=0x20 TTL=76 ID=38095 DF PROTO=TCP SPT=53790 DPT=443 WINDOW=29200 RES=0x00 SYN URGP=0 Oct 3 16:30:55 mail kernel: [1496788.038438] [UFW BLOCK] IN=eth0 OUT= MAC=fa:16:3e:d3:64:42:4c:5e:0c:c9:30:5f:08:00 SRC=202.213.5.11 DST=185.101.93.72 LEN=40 TOS=0x08 PREC=0x20 TTL=65 ID=26929 DF PROTO=TCP SPT=53882 DPT=80 WINDOW=29200 RES=0x00 SYN URGP=0 Oct 3 16:31:03 mail kernel: [1496796.532719] [UFW BLOCK] IN=eth0 OUT= MAC=fa:16:3e:d3:64:42:4c:5e:0c:c9:30:5f:08:00 SRC=202.213.5.11 DST=185.101.93.72 LEN=40 TOS=0x08 PREC=0x20 TTL=55 ID=18569 DF PROTO=TCP SPT=50275 DPT=443 WINDOW=29200 RES=0x00 SYN URGP=0 Oct 3 16:31:13 mail kernel: [1496806.445088] [UFW BLOCK] IN=eth0 OUT= MAC=fa:16:3e:d3:64:42:4c:5e:0c:c9:30:5f:08:00 SRC=202.213.5.11 DST=185.101.93.72 LEN=40 TOS=0x08 PREC=0x20 TTL=67 ID=59619 DF PROTO=TCP SPT=50667 DPT=80 WINDOW=29200 RES=0x00 SY	2019-10-04 02:33:21
129.211.141.207	attackspambots	2019-10-03T18:40:49.939281shield sshd\[13155\]: Invalid user sprayrock11 from 129.211.141.207 port 36684 2019-10-03T18:40:49.944917shield sshd\[13155\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.211.141.207 2019-10-03T18:40:52.004403shield sshd\[13155\]: Failed password for invalid user sprayrock11 from 129.211.141.207 port 36684 ssh2 2019-10-03T18:41:18.287585shield sshd\[13201\]: Invalid user sprayrock11 from 129.211.141.207 port 39960 2019-10-03T18:41:18.291962shield sshd\[13201\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.211.141.207	2019-10-04 02:50:07
95.172.68.64	attackbots	ICMP MP Probe, Scan -	2019-10-04 02:58:07
39.43.16.160	attackbots	39.43.16.160 - demo \[03/Oct/2019:04:56:46 -0700\] "GET /rss/catalog/notifystock/ HTTP/1.1" 401 2539.43.16.160 - root \[03/Oct/2019:04:59:21 -0700\] "GET /rss/catalog/notifystock/ HTTP/1.1" 401 2539.43.16.160 - ADMINISTRATORwww.ateprotools.com \[03/Oct/2019:05:23:03 -0700\] "GET /rss/catalog/notifystock/ HTTP/1.1" 401 25 ...	2019-10-04 02:43:51
142.93.204.221	attackbotsspam	Request to REST API ///wp-json/wp/v2/users/	2019-10-04 02:19:49

最近上报的IP列表

191.53.197.59	159.192.227.97	112.205.104.246	42.110.138.52
182.0.206.67	175.211.112.246	160.202.36.238	118.71.5.182
115.72.110.169	102.70.32.54	157.49.139.178	132.145.72.105
117.220.190.82	28.245.156.67	94.232.212.169	50.62.208.200
39.35.179.182	182.52.241.89	150.107.42.18	245.38.101.199