202.44.54.48 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Thailand

运营商(isp): World Internetwork Corporation Co. Ltd

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspambots	CMS (WordPress or Joomla) login attempt.	2020-03-27 08:32:26
attackspam	CMS (WordPress or Joomla) login attempt.	2020-03-25 15:16:37
attack	202.44.54.48 - - \[12/Mar/2020:22:06:39 +0100\] "POST /wp-login.php HTTP/1.0" 200 6517 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" 202.44.54.48 - - \[12/Mar/2020:22:06:41 +0100\] "POST /wp-login.php HTTP/1.0" 200 6495 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" 202.44.54.48 - - \[12/Mar/2020:22:06:42 +0100\] "POST /xmlrpc.php HTTP/1.0" 200 736 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0"	2020-03-13 09:12:06
attackspam	202.44.54.48 - - [09/Mar/2020:13:22:33 +0100] "GET /wp-login.php HTTP/1.1" 200 5347 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 202.44.54.48 - - [09/Mar/2020:13:22:35 +0100] "POST /wp-login.php HTTP/1.1" 200 6246 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 202.44.54.48 - - [09/Mar/2020:13:22:37 +0100] "POST /xmlrpc.php HTTP/1.1" 200 438 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-03-10 04:34:29
attackspambots	202.44.54.48 - - \[15/Feb/2020:02:04:36 +0100\] "POST /wp-login.php HTTP/1.0" 200 6597 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" 202.44.54.48 - - \[15/Feb/2020:02:04:39 +0100\] "POST /wp-login.php HTTP/1.0" 200 6410 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" 202.44.54.48 - - \[15/Feb/2020:02:04:42 +0100\] "POST /xmlrpc.php HTTP/1.0" 200 736 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0"	2020-02-15 11:06:08
attack	Automatic report - Banned IP Access	2020-02-09 05:09:43
attackspam	06.02.2020 14:44:17 - Wordpress fail Detected by ELinOX-ALM	2020-02-07 00:42:48
attack	202.44.54.48 - - \[09/Jan/2020:22:24:31 +0100\] "POST /wp-login.php HTTP/1.0" 200 4404 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" 202.44.54.48 - - \[09/Jan/2020:22:24:34 +0100\] "POST /wp-login.php HTTP/1.0" 200 4402 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" 202.44.54.48 - - \[09/Jan/2020:22:24:36 +0100\] "POST /xmlrpc.php HTTP/1.0" 200 736 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0"	2020-01-10 07:10:33
attack	202.44.54.48 - - [09/Dec/2019:18:03:53 +0100] "GET /wp-login.php HTTP/1.1" 200 1896 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 202.44.54.48 - - [09/Dec/2019:18:03:55 +0100] "POST /wp-login.php HTTP/1.1" 200 2294 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 202.44.54.48 - - [09/Dec/2019:18:03:56 +0100] "GET /wp-login.php HTTP/1.1" 200 1896 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 202.44.54.48 - - [09/Dec/2019:18:03:58 +0100] "POST /wp-login.php HTTP/1.1" 200 2268 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 202.44.54.48 - - [09/Dec/2019:18:03:59 +0100] "GET /wp-login.php HTTP/1.1" 200 1896 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 202.44.54.48 - - [09/Dec/2019:18:04:00 +0100] "POST /wp-login.php HTTP/1.1" 200 2269 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2019-12-10 03:06:11
attackbots	WordPress login Brute force / Web App Attack on client site.	2019-11-24 19:46:13
attackbotsspam	[munged]::443 202.44.54.48 - - [12/Nov/2019:14:43:58 +0100] "POST /[munged]: HTTP/1.1" 200 9077 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" [munged]::443 202.44.54.48 - - [12/Nov/2019:14:44:03 +0100] "POST /[munged]: HTTP/1.1" 200 9077 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" [munged]::443 202.44.54.48 - - [12/Nov/2019:14:44:07 +0100] "POST /[munged]: HTTP/1.1" 200 9077 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" [munged]::443 202.44.54.48 - - [12/Nov/2019:14:44:38 +0100] "POST /[munged]: HTTP/1.1" 200 9077 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" [munged]::443 202.44.54.48 - - [12/Nov/2019:14:44:46 +0100] "POST /[munged]: HTTP/1.1" 200 9077 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" [munged]::443 202.44.54.48 - - [12/Nov/2019:14:44:51 +0100] "POST /[munged]: HTTP/1.1" 200 9077 "-" "Mozilla/5.0 (X11; Ubuntu; Li	2019-11-12 22:11:29
attackbots	WordPress wp-login brute force :: 202.44.54.48 0.152 BYPASS [26/Oct/2019:23:05:08 1100] [censored_1] "POST /wp-login.php HTTP/1.1" 200 3770 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2019-10-26 20:36:34
attack	WordPress wp-login brute force :: 202.44.54.48 0.036 BYPASS [08/Oct/2019:06:50:35 1100] [censored_2] "POST /wp-login.php HTTP/1.1" 200 4630 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2019-10-08 06:23:47
attackspambots	WordPress login Brute force / Web App Attack on client site.	2019-10-01 22:26:14
attackbots	xmlrpc attack	2019-08-31 19:48:52

相同子网IP讨论:

暂无关于此IP所属子网相关IP的讨论.

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 202.44.54.48
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 1562
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;202.44.54.48.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019083100 1800 900 604800 86400

;; Query time: 3 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Sat Aug 31 19:48:46 CST 2019
;; MSG SIZE  rcvd: 116

HOST信息:

Host 48.54.44.202.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 48.54.44.202.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
190.85.15.251	attackspam	Jan 4 09:42:36 eventyay sshd[4920]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.85.15.251 Jan 4 09:42:39 eventyay sshd[4920]: Failed password for invalid user administrator from 190.85.15.251 port 45435 ssh2 Jan 4 09:45:37 eventyay sshd[4943]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.85.15.251 ...	2020-01-04 16:48:27
14.183.14.65	attackbotsspam	SMTP/25/465/587 Probe, BadAuth, SPAM, Hack -	2020-01-04 16:59:40
65.49.20.120	attackbots	firewall-block, port(s): 443/udp	2020-01-04 17:02:16
217.61.5.122	attackspambots	Invalid user escovitz from 217.61.5.122 port 47404	2020-01-04 16:56:15
47.104.140.4	attackbots	B: f2b ssh aggressive 3x	2020-01-04 16:36:11
222.92.139.158	attackbotsspam	Jan 4 10:13:28 gw1 sshd[28971]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.92.139.158 Jan 4 10:13:29 gw1 sshd[28971]: Failed password for invalid user jefe from 222.92.139.158 port 53178 ssh2 ...	2020-01-04 16:37:37
125.224.208.108	attackbotsspam	1578113421 - 01/04/2020 05:50:21 Host: 125.224.208.108/125.224.208.108 Port: 445 TCP Blocked	2020-01-04 16:46:12
49.233.92.6	attackspambots	Jan 4 08:05:55 localhost sshd\[22785\]: Invalid user qyz from 49.233.92.6 port 33916 Jan 4 08:05:55 localhost sshd\[22785\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.233.92.6 Jan 4 08:05:57 localhost sshd\[22785\]: Failed password for invalid user qyz from 49.233.92.6 port 33916 ssh2	2020-01-04 16:35:34
115.160.160.74	attackbotsspam	Jan 4 09:55:13 MK-Soft-Root2 sshd[19964]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=115.160.160.74 Jan 4 09:55:15 MK-Soft-Root2 sshd[19964]: Failed password for invalid user zzz from 115.160.160.74 port 2028 ssh2 ...	2020-01-04 17:09:36
184.22.65.163	attackspam	1578113428 - 01/04/2020 05:50:28 Host: 184.22.65.163/184.22.65.163 Port: 445 TCP Blocked	2020-01-04 16:43:16
14.245.2.30	attackspambots	Unauthorized connection attempt detected from IP address 14.245.2.30 to port 445	2020-01-04 16:40:55
5.188.206.215	attack	ET CINS Active Threat Intelligence Poor Reputation IP group 6 - port: 3476 proto: TCP cat: Misc Attack	2020-01-04 17:03:59
37.49.230.28	attackbots	\[2020-01-04 03:14:29\] SECURITY\[2857\] res_security_log.c: SecurityEvent="FailedACL",EventTV="2020-01-04T03:14:29.234-0500",Severity="Error",Service="SIP",EventVersion="1",AccountID="099441519460055",SessionID="0x7f0fb405b8f8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/37.49.230.28/5060",ACLName="no_extension_match" \[2020-01-04 03:17:57\] SECURITY\[2857\] res_security_log.c: SecurityEvent="FailedACL",EventTV="2020-01-04T03:17:57.670-0500",Severity="Error",Service="SIP",EventVersion="1",AccountID="1000441519460055",SessionID="0x7f0fb404d4d8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/37.49.230.28/5060",ACLName="no_extension_match" \[2020-01-04 03:21:34\] SECURITY\[2857\] res_security_log.c: SecurityEvent="FailedACL",EventTV="2020-01-04T03:21:34.594-0500",Severity="Error",Service="SIP",EventVersion="1",AccountID="16441519460055",SessionID="0x7f0fb405b8f8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/37.49.230.28/5060",ACLName="no_extension	2020-01-04 16:27:01
59.50.140.41	attackbotsspam	Fail2Ban Ban Triggered	2020-01-04 16:39:40
62.85.26.17	attackbots	Unauthorized connection attempt detected from IP address 62.85.26.17 to port 445	2020-01-04 16:52:06

最近上报的IP列表

196.95.29.211	66.89.229.106	100.255.242.114	92.77.10.213
89.94.137.119	134.88.121.144	16.79.142.90	194.186.10.201
31.4.35.178	201.73.111.66	84.229.148.240	116.165.134.42
74.119.111.32	71.150.76.63	78.189.46.228	187.108.250.189
121.60.229.16	183.24.130.249	35.168.114.144	117.26.243.65