202.44.54.48 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Thailand

运营商(isp): World Internetwork Corporation Co. Ltd

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspambots	CMS (WordPress or Joomla) login attempt.	2020-03-27 08:32:26
attackspam	CMS (WordPress or Joomla) login attempt.	2020-03-25 15:16:37
attack	202.44.54.48 - - \[12/Mar/2020:22:06:39 +0100\] "POST /wp-login.php HTTP/1.0" 200 6517 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" 202.44.54.48 - - \[12/Mar/2020:22:06:41 +0100\] "POST /wp-login.php HTTP/1.0" 200 6495 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" 202.44.54.48 - - \[12/Mar/2020:22:06:42 +0100\] "POST /xmlrpc.php HTTP/1.0" 200 736 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0"	2020-03-13 09:12:06
attackspam	202.44.54.48 - - [09/Mar/2020:13:22:33 +0100] "GET /wp-login.php HTTP/1.1" 200 5347 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 202.44.54.48 - - [09/Mar/2020:13:22:35 +0100] "POST /wp-login.php HTTP/1.1" 200 6246 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 202.44.54.48 - - [09/Mar/2020:13:22:37 +0100] "POST /xmlrpc.php HTTP/1.1" 200 438 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-03-10 04:34:29
attackspambots	202.44.54.48 - - \[15/Feb/2020:02:04:36 +0100\] "POST /wp-login.php HTTP/1.0" 200 6597 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" 202.44.54.48 - - \[15/Feb/2020:02:04:39 +0100\] "POST /wp-login.php HTTP/1.0" 200 6410 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" 202.44.54.48 - - \[15/Feb/2020:02:04:42 +0100\] "POST /xmlrpc.php HTTP/1.0" 200 736 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0"	2020-02-15 11:06:08
attack	Automatic report - Banned IP Access	2020-02-09 05:09:43
attackspam	06.02.2020 14:44:17 - Wordpress fail Detected by ELinOX-ALM	2020-02-07 00:42:48
attack	202.44.54.48 - - \[09/Jan/2020:22:24:31 +0100\] "POST /wp-login.php HTTP/1.0" 200 4404 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" 202.44.54.48 - - \[09/Jan/2020:22:24:34 +0100\] "POST /wp-login.php HTTP/1.0" 200 4402 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" 202.44.54.48 - - \[09/Jan/2020:22:24:36 +0100\] "POST /xmlrpc.php HTTP/1.0" 200 736 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0"	2020-01-10 07:10:33
attack	202.44.54.48 - - [09/Dec/2019:18:03:53 +0100] "GET /wp-login.php HTTP/1.1" 200 1896 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 202.44.54.48 - - [09/Dec/2019:18:03:55 +0100] "POST /wp-login.php HTTP/1.1" 200 2294 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 202.44.54.48 - - [09/Dec/2019:18:03:56 +0100] "GET /wp-login.php HTTP/1.1" 200 1896 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 202.44.54.48 - - [09/Dec/2019:18:03:58 +0100] "POST /wp-login.php HTTP/1.1" 200 2268 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 202.44.54.48 - - [09/Dec/2019:18:03:59 +0100] "GET /wp-login.php HTTP/1.1" 200 1896 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 202.44.54.48 - - [09/Dec/2019:18:04:00 +0100] "POST /wp-login.php HTTP/1.1" 200 2269 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2019-12-10 03:06:11
attackbots	WordPress login Brute force / Web App Attack on client site.	2019-11-24 19:46:13
attackbotsspam	[munged]::443 202.44.54.48 - - [12/Nov/2019:14:43:58 +0100] "POST /[munged]: HTTP/1.1" 200 9077 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" [munged]::443 202.44.54.48 - - [12/Nov/2019:14:44:03 +0100] "POST /[munged]: HTTP/1.1" 200 9077 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" [munged]::443 202.44.54.48 - - [12/Nov/2019:14:44:07 +0100] "POST /[munged]: HTTP/1.1" 200 9077 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" [munged]::443 202.44.54.48 - - [12/Nov/2019:14:44:38 +0100] "POST /[munged]: HTTP/1.1" 200 9077 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" [munged]::443 202.44.54.48 - - [12/Nov/2019:14:44:46 +0100] "POST /[munged]: HTTP/1.1" 200 9077 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" [munged]::443 202.44.54.48 - - [12/Nov/2019:14:44:51 +0100] "POST /[munged]: HTTP/1.1" 200 9077 "-" "Mozilla/5.0 (X11; Ubuntu; Li	2019-11-12 22:11:29
attackbots	WordPress wp-login brute force :: 202.44.54.48 0.152 BYPASS [26/Oct/2019:23:05:08 1100] [censored_1] "POST /wp-login.php HTTP/1.1" 200 3770 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2019-10-26 20:36:34
attack	WordPress wp-login brute force :: 202.44.54.48 0.036 BYPASS [08/Oct/2019:06:50:35 1100] [censored_2] "POST /wp-login.php HTTP/1.1" 200 4630 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2019-10-08 06:23:47
attackspambots	WordPress login Brute force / Web App Attack on client site.	2019-10-01 22:26:14
attackbots	xmlrpc attack	2019-08-31 19:48:52

相同子网IP讨论:

暂无关于此IP所属子网相关IP的讨论.

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 202.44.54.48
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 1562
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;202.44.54.48.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019083100 1800 900 604800 86400

;; Query time: 3 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Sat Aug 31 19:48:46 CST 2019
;; MSG SIZE  rcvd: 116

HOST信息:

Host 48.54.44.202.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 48.54.44.202.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
65.31.127.80	attackbots	Failed password for root from 65.31.127.80 port 43092 ssh2	2020-08-04 05:26:21
121.224.151.59	attackbotsspam	xmlrpc attack	2020-08-04 05:21:24
116.0.23.224	attack	Port scan on 1 port(s): 21	2020-08-04 05:26:43
171.34.78.111	attackspambots	Aug 3 22:32:46 ip40 sshd[8386]: Failed password for root from 171.34.78.111 port 2818 ssh2 ...	2020-08-04 05:29:31
139.198.17.144	attackbotsspam	Aug 4 02:27:27 dhoomketu sshd[2132857]: Invalid user Qaz.1234 from 139.198.17.144 port 57920 Aug 4 02:27:27 dhoomketu sshd[2132857]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.198.17.144 Aug 4 02:27:27 dhoomketu sshd[2132857]: Invalid user Qaz.1234 from 139.198.17.144 port 57920 Aug 4 02:27:29 dhoomketu sshd[2132857]: Failed password for invalid user Qaz.1234 from 139.198.17.144 port 57920 ssh2 Aug 4 02:30:25 dhoomketu sshd[2132893]: Invalid user 1qwe12 from 139.198.17.144 port 45188 ...	2020-08-04 05:20:35
77.247.181.162	attackbots	2020-08-03T15:36:37.954440morrigan.ad5gb.com sshd[2118271]: Invalid user admin from 77.247.181.162 port 44284 2020-08-03T15:36:40.212832morrigan.ad5gb.com sshd[2118271]: Failed password for invalid user admin from 77.247.181.162 port 44284 ssh2	2020-08-04 05:38:54
159.192.143.249	attackbotsspam	2020-08-03T22:46:04.551973vps773228.ovh.net sshd[6278]: Failed password for root from 159.192.143.249 port 39700 ssh2 2020-08-03T22:50:32.886289vps773228.ovh.net sshd[6302]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.192.143.249 user=root 2020-08-03T22:50:34.716455vps773228.ovh.net sshd[6302]: Failed password for root from 159.192.143.249 port 34544 ssh2 2020-08-03T22:54:55.734287vps773228.ovh.net sshd[6330]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.192.143.249 user=root 2020-08-03T22:54:58.005751vps773228.ovh.net sshd[6330]: Failed password for root from 159.192.143.249 port 56812 ssh2 ...	2020-08-04 05:17:29
211.239.124.243	attackbotsspam	Aug 3 23:04:32 OPSO sshd\[17925\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=211.239.124.243 user=root Aug 3 23:04:34 OPSO sshd\[17925\]: Failed password for root from 211.239.124.243 port 48939 ssh2 Aug 3 23:07:20 OPSO sshd\[18576\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=211.239.124.243 user=root Aug 3 23:07:21 OPSO sshd\[18576\]: Failed password for root from 211.239.124.243 port 40461 ssh2 Aug 3 23:10:06 OPSO sshd\[19132\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=211.239.124.243 user=root	2020-08-04 05:24:15
68.183.156.109	attack	Aug 3 23:26:07 mout sshd[32136]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=68.183.156.109 user=root Aug 3 23:26:08 mout sshd[32136]: Failed password for root from 68.183.156.109 port 33946 ssh2	2020-08-04 05:33:39
180.126.241.155	attackspambots	URL Probing: /g6bajcx.php	2020-08-04 05:40:50
106.12.120.19	attackbots	Aug 3 22:51:58 buvik sshd[2085]: Failed password for root from 106.12.120.19 port 37762 ssh2 Aug 3 22:55:27 buvik sshd[2708]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.120.19 user=root Aug 3 22:55:29 buvik sshd[2708]: Failed password for root from 106.12.120.19 port 58582 ssh2 ...	2020-08-04 05:02:29
61.216.40.209	attackspam	08/03/2020-16:37:05.404255 61.216.40.209 Protocol: 6 ET CINS Active Threat Intelligence Poor Reputation IP group 63	2020-08-04 05:23:58
222.186.180.130	attackbots	Aug 3 21:35:51 scw-6657dc sshd[28636]: Failed password for root from 222.186.180.130 port 44972 ssh2 Aug 3 21:35:51 scw-6657dc sshd[28636]: Failed password for root from 222.186.180.130 port 44972 ssh2 Aug 3 21:35:54 scw-6657dc sshd[28636]: Failed password for root from 222.186.180.130 port 44972 ssh2 ...	2020-08-04 05:36:00
91.222.59.14	attackbotsspam	(smtpauth) Failed SMTP AUTH login from 91.222.59.14 (PL/Poland/-): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: 2020-08-04 01:07:21 plain authenticator failed for ([91.222.59.14]) [91.222.59.14]: 535 Incorrect authentication data (set_id=rd)	2020-08-04 05:08:49
198.46.214.3	attackspam	10,31-07/07 [bc04/m145] PostRequest-Spammer scoring: vaduz	2020-08-04 05:03:36

最近上报的IP列表

196.95.29.211	66.89.229.106	100.255.242.114	92.77.10.213
89.94.137.119	134.88.121.144	16.79.142.90	194.186.10.201
31.4.35.178	201.73.111.66	84.229.148.240	116.165.134.42
74.119.111.32	71.150.76.63	78.189.46.228	187.108.250.189
121.60.229.16	183.24.130.249	35.168.114.144	117.26.243.65