必须是合法有效的IP地址, 可以是IPv4或者是IPv6, 例如127.0.0.1或者2001:DB8:0:0:8:800:200C:417A
基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Thailand

运营商(isp): World Internetwork Corporation Co. Ltd

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:
类型 评论内容 时间
attackspambots
CMS (WordPress or Joomla) login attempt.
2020-03-27 08:32:26
attackspam
CMS (WordPress or Joomla) login attempt.
2020-03-25 15:16:37
attack
202.44.54.48 - - \[12/Mar/2020:22:06:39 +0100\] "POST /wp-login.php HTTP/1.0" 200 6517 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0"
202.44.54.48 - - \[12/Mar/2020:22:06:41 +0100\] "POST /wp-login.php HTTP/1.0" 200 6495 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0"
202.44.54.48 - - \[12/Mar/2020:22:06:42 +0100\] "POST /xmlrpc.php HTTP/1.0" 200 736 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0"
2020-03-13 09:12:06
attackspam
202.44.54.48 - - [09/Mar/2020:13:22:33 +0100] "GET /wp-login.php HTTP/1.1" 200 5347 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
202.44.54.48 - - [09/Mar/2020:13:22:35 +0100] "POST /wp-login.php HTTP/1.1" 200 6246 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
202.44.54.48 - - [09/Mar/2020:13:22:37 +0100] "POST /xmlrpc.php HTTP/1.1" 200 438 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
2020-03-10 04:34:29
attackspambots
202.44.54.48 - - \[15/Feb/2020:02:04:36 +0100\] "POST /wp-login.php HTTP/1.0" 200 6597 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0"
202.44.54.48 - - \[15/Feb/2020:02:04:39 +0100\] "POST /wp-login.php HTTP/1.0" 200 6410 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0"
202.44.54.48 - - \[15/Feb/2020:02:04:42 +0100\] "POST /xmlrpc.php HTTP/1.0" 200 736 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0"
2020-02-15 11:06:08
attack
Automatic report - Banned IP Access
2020-02-09 05:09:43
attackspam
06.02.2020 14:44:17 - Wordpress fail 
Detected by ELinOX-ALM
2020-02-07 00:42:48
attack
202.44.54.48 - - \[09/Jan/2020:22:24:31 +0100\] "POST /wp-login.php HTTP/1.0" 200 4404 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0"
202.44.54.48 - - \[09/Jan/2020:22:24:34 +0100\] "POST /wp-login.php HTTP/1.0" 200 4402 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0"
202.44.54.48 - - \[09/Jan/2020:22:24:36 +0100\] "POST /xmlrpc.php HTTP/1.0" 200 736 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0"
2020-01-10 07:10:33
attack
202.44.54.48 - - [09/Dec/2019:18:03:53 +0100] "GET /wp-login.php HTTP/1.1" 200 1896 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
202.44.54.48 - - [09/Dec/2019:18:03:55 +0100] "POST /wp-login.php HTTP/1.1" 200 2294 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
202.44.54.48 - - [09/Dec/2019:18:03:56 +0100] "GET /wp-login.php HTTP/1.1" 200 1896 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
202.44.54.48 - - [09/Dec/2019:18:03:58 +0100] "POST /wp-login.php HTTP/1.1" 200 2268 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
202.44.54.48 - - [09/Dec/2019:18:03:59 +0100] "GET /wp-login.php HTTP/1.1" 200 1896 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
202.44.54.48 - - [09/Dec/2019:18:04:00 +0100] "POST /wp-login.php HTTP/1.1" 200 2269 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
...
2019-12-10 03:06:11
attackbots
WordPress login Brute force / Web App Attack on client site.
2019-11-24 19:46:13
attackbotsspam
[munged]::443 202.44.54.48 - - [12/Nov/2019:14:43:58 +0100] "POST /[munged]: HTTP/1.1" 200 9077 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
[munged]::443 202.44.54.48 - - [12/Nov/2019:14:44:03 +0100] "POST /[munged]: HTTP/1.1" 200 9077 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
[munged]::443 202.44.54.48 - - [12/Nov/2019:14:44:07 +0100] "POST /[munged]: HTTP/1.1" 200 9077 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
[munged]::443 202.44.54.48 - - [12/Nov/2019:14:44:38 +0100] "POST /[munged]: HTTP/1.1" 200 9077 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
[munged]::443 202.44.54.48 - - [12/Nov/2019:14:44:46 +0100] "POST /[munged]: HTTP/1.1" 200 9077 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
[munged]::443 202.44.54.48 - - [12/Nov/2019:14:44:51 +0100] "POST /[munged]: HTTP/1.1" 200 9077 "-" "Mozilla/5.0 (X11; Ubuntu; Li
2019-11-12 22:11:29
attackbots
WordPress wp-login brute force :: 202.44.54.48 0.152 BYPASS [26/Oct/2019:23:05:08  1100] [censored_1] "POST /wp-login.php HTTP/1.1" 200 3770 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
2019-10-26 20:36:34
attack
WordPress wp-login brute force :: 202.44.54.48 0.036 BYPASS [08/Oct/2019:06:50:35  1100] [censored_2] "POST /wp-login.php HTTP/1.1" 200 4630 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
2019-10-08 06:23:47
attackspambots
WordPress login Brute force / Web App Attack on client site.
2019-10-01 22:26:14
attackbots
xmlrpc attack
2019-08-31 19:48:52
相同子网IP讨论:
暂无关于此IP所属子网相关IP的讨论.
WHOIS信息:
b
DIG信息:
; <<>> DiG 9.10.3-P4-Ubuntu <<>> 202.44.54.48
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 1562
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;202.44.54.48.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019083100 1800 900 604800 86400

;; Query time: 3 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Sat Aug 31 19:48:46 CST 2019
;; MSG SIZE  rcvd: 116
HOST信息:
Host 48.54.44.202.in-addr.arpa. not found: 3(NXDOMAIN)
NSLOOKUP信息:
Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 48.54.44.202.in-addr.arpa: NXDOMAIN
相关IP信息:
最新评论:
IP 类型 评论内容 时间
207.74.77.190 attackbots
Sep  8 10:11:18 root sshd[29010]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=207.74.77.190 
...
2020-09-08 18:43:53
218.92.0.168 attackspam
(sshd) Failed SSH login from 218.92.0.168 (CN/China/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Sep  8 06:59:55 optimus sshd[7273]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.168  user=root
Sep  8 06:59:56 optimus sshd[7275]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.168  user=root
Sep  8 06:59:57 optimus sshd[7273]: Failed password for root from 218.92.0.168 port 64970 ssh2
Sep  8 06:59:59 optimus sshd[7275]: Failed password for root from 218.92.0.168 port 32704 ssh2
Sep  8 06:59:59 optimus sshd[7283]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.168  user=root
2020-09-08 19:06:56
116.247.81.99 attack
Sep  8 09:33:33 IngegnereFirenze sshd[21737]: User root from 116.247.81.99 not allowed because not listed in AllowUsers
...
2020-09-08 19:17:46
123.206.23.106 attack
Jul  9 13:55:55 server sshd[3438]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.206.23.106
Jul  9 13:55:57 server sshd[3438]: Failed password for invalid user je from 123.206.23.106 port 33790 ssh2
Jul  9 14:05:16 server sshd[4235]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.206.23.106
Jul  9 14:05:18 server sshd[4235]: Failed password for invalid user user from 123.206.23.106 port 42694 ssh2
2020-09-08 18:48:27
82.64.153.14 attack
...
2020-09-08 19:20:22
52.231.54.27 attack
firewall-block, port(s): 10543/tcp
2020-09-08 18:50:14
217.182.205.27 attack
Sep  8 12:41:49 srv-ubuntu-dev3 sshd[130127]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=217.182.205.27  user=root
Sep  8 12:41:50 srv-ubuntu-dev3 sshd[130127]: Failed password for root from 217.182.205.27 port 53580 ssh2
Sep  8 12:45:04 srv-ubuntu-dev3 sshd[130450]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=217.182.205.27  user=root
Sep  8 12:45:06 srv-ubuntu-dev3 sshd[130450]: Failed password for root from 217.182.205.27 port 58324 ssh2
Sep  8 12:48:26 srv-ubuntu-dev3 sshd[130864]: Invalid user tester from 217.182.205.27
Sep  8 12:48:26 srv-ubuntu-dev3 sshd[130864]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=217.182.205.27
Sep  8 12:48:26 srv-ubuntu-dev3 sshd[130864]: Invalid user tester from 217.182.205.27
Sep  8 12:48:28 srv-ubuntu-dev3 sshd[130864]: Failed password for invalid user tester from 217.182.205.27 port 34860 ssh2
Sep  8 12:51:43 srv-ubu
...
2020-09-08 19:05:14
116.196.81.216 attack
$f2bV_matches
2020-09-08 18:59:05
65.50.209.87 attackbots
SSH login attempts.
2020-09-08 18:42:43
115.159.198.41 attackbotsspam
Sep  8 11:51:14 ns382633 sshd\[3279\]: Invalid user harley from 115.159.198.41 port 50738
Sep  8 11:51:14 ns382633 sshd\[3279\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=115.159.198.41
Sep  8 11:51:16 ns382633 sshd\[3279\]: Failed password for invalid user harley from 115.159.198.41 port 50738 ssh2
Sep  8 12:01:00 ns382633 sshd\[5020\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=115.159.198.41  user=root
Sep  8 12:01:02 ns382633 sshd\[5020\]: Failed password for root from 115.159.198.41 port 33734 ssh2
2020-09-08 19:07:11
14.228.179.102 attack
Fail2Ban Ban Triggered
2020-09-08 19:10:56
54.37.71.235 attackspambots
SSH login attempts.
2020-09-08 19:07:40
194.180.224.103 attackspam
Cowrie Honeypot: 10 unauthorised SSH/Telnet login attempts between 2020-09-08T11:11:14Z and 2020-09-08T11:13:34Z
2020-09-08 19:22:05
222.179.101.18 attackspam
20/9/8@02:20:50: FAIL: IoT-SSH address from=222.179.101.18
...
2020-09-08 18:49:35
164.68.111.62 attackbotsspam
WordPress XMLRPC scan :: 164.68.111.62 1.664 - [08/Sep/2020:11:05:45  0000] [censored_1] "POST /xmlrpc.php HTTP/1.1" 503 18231 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" "HTTP/1.1"
2020-09-08 19:16:44

最近上报的IP列表

196.95.29.211 66.89.229.106 100.255.242.114 92.77.10.213
89.94.137.119 134.88.121.144 16.79.142.90 194.186.10.201
31.4.35.178 201.73.111.66 84.229.148.240 116.165.134.42
74.119.111.32 71.150.76.63 78.189.46.228 187.108.250.189
121.60.229.16 183.24.130.249 35.168.114.144 117.26.243.65