202.44.54.48 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Thailand

运营商(isp): World Internetwork Corporation Co. Ltd

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspambots	CMS (WordPress or Joomla) login attempt.	2020-03-27 08:32:26
attackspam	CMS (WordPress or Joomla) login attempt.	2020-03-25 15:16:37
attack	202.44.54.48 - - \[12/Mar/2020:22:06:39 +0100\] "POST /wp-login.php HTTP/1.0" 200 6517 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" 202.44.54.48 - - \[12/Mar/2020:22:06:41 +0100\] "POST /wp-login.php HTTP/1.0" 200 6495 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" 202.44.54.48 - - \[12/Mar/2020:22:06:42 +0100\] "POST /xmlrpc.php HTTP/1.0" 200 736 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0"	2020-03-13 09:12:06
attackspam	202.44.54.48 - - [09/Mar/2020:13:22:33 +0100] "GET /wp-login.php HTTP/1.1" 200 5347 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 202.44.54.48 - - [09/Mar/2020:13:22:35 +0100] "POST /wp-login.php HTTP/1.1" 200 6246 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 202.44.54.48 - - [09/Mar/2020:13:22:37 +0100] "POST /xmlrpc.php HTTP/1.1" 200 438 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-03-10 04:34:29
attackspambots	202.44.54.48 - - \[15/Feb/2020:02:04:36 +0100\] "POST /wp-login.php HTTP/1.0" 200 6597 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" 202.44.54.48 - - \[15/Feb/2020:02:04:39 +0100\] "POST /wp-login.php HTTP/1.0" 200 6410 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" 202.44.54.48 - - \[15/Feb/2020:02:04:42 +0100\] "POST /xmlrpc.php HTTP/1.0" 200 736 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0"	2020-02-15 11:06:08
attack	Automatic report - Banned IP Access	2020-02-09 05:09:43
attackspam	06.02.2020 14:44:17 - Wordpress fail Detected by ELinOX-ALM	2020-02-07 00:42:48
attack	202.44.54.48 - - \[09/Jan/2020:22:24:31 +0100\] "POST /wp-login.php HTTP/1.0" 200 4404 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" 202.44.54.48 - - \[09/Jan/2020:22:24:34 +0100\] "POST /wp-login.php HTTP/1.0" 200 4402 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" 202.44.54.48 - - \[09/Jan/2020:22:24:36 +0100\] "POST /xmlrpc.php HTTP/1.0" 200 736 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0"	2020-01-10 07:10:33
attack	202.44.54.48 - - [09/Dec/2019:18:03:53 +0100] "GET /wp-login.php HTTP/1.1" 200 1896 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 202.44.54.48 - - [09/Dec/2019:18:03:55 +0100] "POST /wp-login.php HTTP/1.1" 200 2294 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 202.44.54.48 - - [09/Dec/2019:18:03:56 +0100] "GET /wp-login.php HTTP/1.1" 200 1896 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 202.44.54.48 - - [09/Dec/2019:18:03:58 +0100] "POST /wp-login.php HTTP/1.1" 200 2268 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 202.44.54.48 - - [09/Dec/2019:18:03:59 +0100] "GET /wp-login.php HTTP/1.1" 200 1896 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 202.44.54.48 - - [09/Dec/2019:18:04:00 +0100] "POST /wp-login.php HTTP/1.1" 200 2269 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2019-12-10 03:06:11
attackbots	WordPress login Brute force / Web App Attack on client site.	2019-11-24 19:46:13
attackbotsspam	[munged]::443 202.44.54.48 - - [12/Nov/2019:14:43:58 +0100] "POST /[munged]: HTTP/1.1" 200 9077 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" [munged]::443 202.44.54.48 - - [12/Nov/2019:14:44:03 +0100] "POST /[munged]: HTTP/1.1" 200 9077 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" [munged]::443 202.44.54.48 - - [12/Nov/2019:14:44:07 +0100] "POST /[munged]: HTTP/1.1" 200 9077 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" [munged]::443 202.44.54.48 - - [12/Nov/2019:14:44:38 +0100] "POST /[munged]: HTTP/1.1" 200 9077 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" [munged]::443 202.44.54.48 - - [12/Nov/2019:14:44:46 +0100] "POST /[munged]: HTTP/1.1" 200 9077 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" [munged]::443 202.44.54.48 - - [12/Nov/2019:14:44:51 +0100] "POST /[munged]: HTTP/1.1" 200 9077 "-" "Mozilla/5.0 (X11; Ubuntu; Li	2019-11-12 22:11:29
attackbots	WordPress wp-login brute force :: 202.44.54.48 0.152 BYPASS [26/Oct/2019:23:05:08 1100] [censored_1] "POST /wp-login.php HTTP/1.1" 200 3770 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2019-10-26 20:36:34
attack	WordPress wp-login brute force :: 202.44.54.48 0.036 BYPASS [08/Oct/2019:06:50:35 1100] [censored_2] "POST /wp-login.php HTTP/1.1" 200 4630 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2019-10-08 06:23:47
attackspambots	WordPress login Brute force / Web App Attack on client site.	2019-10-01 22:26:14
attackbots	xmlrpc attack	2019-08-31 19:48:52

相同子网IP讨论:

暂无关于此IP所属子网相关IP的讨论.

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 202.44.54.48
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 1562
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;202.44.54.48.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019083100 1800 900 604800 86400

;; Query time: 3 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Sat Aug 31 19:48:46 CST 2019
;; MSG SIZE  rcvd: 116

HOST信息:

Host 48.54.44.202.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 48.54.44.202.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
103.27.238.202	attackbotsspam	Oct 29 14:56:20 hcbbdb sshd\[19342\]: Invalid user nxuser from 103.27.238.202 Oct 29 14:56:20 hcbbdb sshd\[19342\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.27.238.202 Oct 29 14:56:22 hcbbdb sshd\[19342\]: Failed password for invalid user nxuser from 103.27.238.202 port 35202 ssh2 Oct 29 15:02:25 hcbbdb sshd\[19980\]: Invalid user teste from 103.27.238.202 Oct 29 15:02:25 hcbbdb sshd\[19980\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.27.238.202	2019-10-29 23:15:31
182.151.175.177	attackbots	2019-10-29T12:32:38.469951 sshd[13835]: Invalid user tom from 182.151.175.177 port 54674 2019-10-29T12:32:38.483683 sshd[13835]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.151.175.177 2019-10-29T12:32:38.469951 sshd[13835]: Invalid user tom from 182.151.175.177 port 54674 2019-10-29T12:32:40.542624 sshd[13835]: Failed password for invalid user tom from 182.151.175.177 port 54674 ssh2 2019-10-29T12:37:03.132571 sshd[13878]: Invalid user support from 182.151.175.177 port 34276 ...	2019-10-29 23:34:30
88.249.39.59	attackbots	Port Scan	2019-10-29 23:17:05
151.80.36.188	attackspambots	...	2019-10-29 23:26:09
186.95.196.115	attackbots	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/186.95.196.115/ VE - 1H : (42) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : VE NAME ASN : ASN8048 IP : 186.95.196.115 CIDR : 186.95.192.0/19 PREFIX COUNT : 467 UNIQUE IP COUNT : 2731520 ATTACKS DETECTED ASN8048 : 1H - 2 3H - 5 6H - 11 12H - 20 24H - 40 DateTime : 2019-10-29 12:37:44 INFO : Port Scan TELNET Detected and Blocked by ADMIN - data recovery	2019-10-29 23:01:47
106.53.110.176	attackspambots	$f2bV_matches	2019-10-29 22:59:59
186.226.190.54	attackbots	Port Scan	2019-10-29 23:36:12
60.209.169.44	attackspam	Telnet Server BruteForce Attack	2019-10-29 23:04:46
192.207.205.98	attack	Invalid user m1 from 192.207.205.98 port 49926	2019-10-29 23:28:45
179.95.241.214	attackbotsspam	2019-10-29T15:05:51.013146shield sshd\[9201\]: Invalid user asdf1234 from 179.95.241.214 port 55179 2019-10-29T15:05:51.018582shield sshd\[9201\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=179.95.241.214 2019-10-29T15:05:53.000393shield sshd\[9201\]: Failed password for invalid user asdf1234 from 179.95.241.214 port 55179 ssh2 2019-10-29T15:11:53.281350shield sshd\[10202\]: Invalid user miner-new from 179.95.241.214 port 46764 2019-10-29T15:11:53.286636shield sshd\[10202\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=179.95.241.214	2019-10-29 23:31:02
14.225.17.9	attackbots	2019-10-29T14:54:48.216426hub.schaetter.us sshd\[8524\]: Invalid user aa123456 from 14.225.17.9 port 40582 2019-10-29T14:54:48.229023hub.schaetter.us sshd\[8524\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.225.17.9 2019-10-29T14:54:50.527068hub.schaetter.us sshd\[8524\]: Failed password for invalid user aa123456 from 14.225.17.9 port 40582 ssh2 2019-10-29T14:59:49.579559hub.schaetter.us sshd\[8559\]: Invalid user elsingor from 14.225.17.9 port 51580 2019-10-29T14:59:49.589475hub.schaetter.us sshd\[8559\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.225.17.9 ...	2019-10-29 23:38:43
74.220.215.69	attackspambots	SQL Injection Attempts	2019-10-29 23:13:50
61.69.150.113	attackbotsspam	Automatic report - Port Scan Attack	2019-10-29 23:03:27
94.177.224.127	attack	Oct 29 14:37:36 rotator sshd\[1771\]: Invalid user marthe from 94.177.224.127Oct 29 14:37:38 rotator sshd\[1771\]: Failed password for invalid user marthe from 94.177.224.127 port 35500 ssh2Oct 29 14:41:45 rotator sshd\[2599\]: Invalid user christian from 94.177.224.127Oct 29 14:41:48 rotator sshd\[2599\]: Failed password for invalid user christian from 94.177.224.127 port 46964 ssh2Oct 29 14:45:42 rotator sshd\[3406\]: Invalid user teste from 94.177.224.127Oct 29 14:45:44 rotator sshd\[3406\]: Failed password for invalid user teste from 94.177.224.127 port 58430 ssh2 ...	2019-10-29 23:40:26
182.72.154.30	attackbotsspam	Oct 29 14:54:32 sauna sshd[74596]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.72.154.30 Oct 29 14:54:34 sauna sshd[74596]: Failed password for invalid user password! from 182.72.154.30 port 7871 ssh2 ...	2019-10-29 23:32:14

最近上报的IP列表

196.95.29.211	66.89.229.106	100.255.242.114	92.77.10.213
89.94.137.119	134.88.121.144	16.79.142.90	194.186.10.201
31.4.35.178	201.73.111.66	84.229.148.240	116.165.134.42
74.119.111.32	71.150.76.63	78.189.46.228	187.108.250.189
121.60.229.16	183.24.130.249	35.168.114.144	117.26.243.65