110.249.201.20

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: China Unicom

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
110.249.201.121	attack	Forbidden directory scan :: 2020/09/08 16:56:05 [error] 1010#1010: *1802036 access forbidden by rule, client: 110.249.201.121, server: [censored_2], request: "GET /news/tag/depth:4 HTTP/1.1", host: "www.[censored_2]"	2020-09-09 19:46:38
110.249.201.121	attack	Forbidden directory scan :: 2020/09/08 16:56:05 [error] 1010#1010: *1802036 access forbidden by rule, client: 110.249.201.121, server: [censored_2], request: "GET /news/tag/depth:4 HTTP/1.1", host: "www.[censored_2]"	2020-09-09 13:44:16
110.249.201.121	attack	Forbidden directory scan :: 2020/09/08 16:56:05 [error] 1010#1010: *1802036 access forbidden by rule, client: 110.249.201.121, server: [censored_2], request: "GET /news/tag/depth:4 HTTP/1.1", host: "www.[censored_2]"	2020-09-09 05:56:37

Type

Details

Datetime

110.249.201.121

attack

Forbidden directory scan :: 2020/09/08 16:56:05 [error] 1010#1010: *1802036 access forbidden by rule, client: 110.249.201.121, server: [censored_2], request: "GET /news/tag/depth:4 HTTP/1.1", host: "www.[censored_2]"

2020-09-09 19:46:38

110.249.201.121

attack

Forbidden directory scan :: 2020/09/08 16:56:05 [error] 1010#1010: *1802036 access forbidden by rule, client: 110.249.201.121, server: [censored_2], request: "GET /news/tag/depth:4 HTTP/1.1", host: "www.[censored_2]"

2020-09-09 13:44:16

110.249.201.121

attack

Forbidden directory scan :: 2020/09/08 16:56:05 [error] 1010#1010: *1802036 access forbidden by rule, client: 110.249.201.121, server: [censored_2], request: "GET /news/tag/depth:4 HTTP/1.1", host: "www.[censored_2]"

2020-09-09 05:56:37

Whois info:

% [whois.apnic.net]
% Whois data copyright terms    http://www.apnic.net/db/dbcopyright.html

% Information related to '110.240.0.0 - 110.255.255.255'

% Abuse contact for '110.240.0.0 - 110.255.255.255' is 'zhaoyz3@chinaunicom.cn'

inetnum:        110.240.0.0 - 110.255.255.255
netname:        UNICOM-HE
descr:          China Unicom Hebei province network
descr:          China Unicom
country:        CN
admin-c:        CH1302-AP
tech-c:         KL984-AP
abuse-c:        AC1718-AP
status:         ALLOCATED PORTABLE
remarks:        service provider
remarks:        --------------------------------------------------------
remarks:        To report network abuse, please contact mnt-irt
remarks:        For troubleshooting, please contact tech-c and admin-c
remarks:        Report invalid contact via www.apnic.net/invalidcontact
remarks:        --------------------------------------------------------
mnt-by:         APNIC-HM
mnt-lower:      MAINT-CNCGROUP
mnt-lower:      MAINT-CNCGROUP-HE
mnt-routes:     MAINT-CNCGROUP-RR
mnt-irt:        IRT-CU-CN
last-modified:  2023-10-21T03:38:51Z
source:         APNIC

irt:            IRT-CU-CN
address:        No.21,Financial Street
address:        Beijing,100033
address:        P.R.China
e-mail:         zhaoyz3@chinaunicom.cn
abuse-mailbox:  zhaoyz3@chinaunicom.cn
admin-c:        CH1302-AP
tech-c:         CH1302-AP
auth:           # Filtered
remarks:        zhaoyz3@chinaunicom.cn was validated on 2026-05-08
mnt-by:         MAINT-CNCGROUP
last-modified:  2026-05-09T04:50:16Z
source:         APNIC

role:           ABUSE CUCN
country:        ZZ
address:        No.21,Financial Street
address:        Beijing,100033
address:        P.R.China
phone:          +000000000
e-mail:         zhaoyz3@chinaunicom.cn
admin-c:        CH1302-AP
tech-c:         CH1302-AP
nic-hdl:        AC1718-AP
remarks:        Generated from irt object IRT-CU-CN
remarks:        zhaoyz3@chinaunicom.cn was validated on 2026-05-08
abuse-mailbox:  zhaoyz3@chinaunicom.cn
mnt-by:         APNIC-ABUSE
last-modified:  2026-05-08T01:31:32Z
source:         APNIC

person:         ChinaUnicom Hostmaster
nic-hdl:        CH1302-AP
e-mail:         hqs-ipabuse@chinaunicom.cn
address:        No.21,Jin-Rong Street
address:        Beijing,100033
address:        P.R.China
phone:          +86-10-66259764
fax-no:         +86-10-66259764
country:        CN
mnt-by:         MAINT-CNCGROUP
last-modified:  2017-08-17T06:13:16Z
source:         APNIC

person:         Kong Lingfei
nic-hdl:        KL984-AP
e-mail:         konglf5@chinaunicom.cn
address:        45, Guang An Street, Shi Jiazhuang City, HeBei Province,050011,CN
phone:          +86-311-86681601
fax-no:         +86-311-86689210
country:        cn
mnt-by:         MAINT-CNCGROUP-HE
last-modified:  2009-02-06T02:31:32Z
source:         APNIC

% Information related to '110.240.0.0/12AS4837'

route:          110.240.0.0/12
descr:          China Unicom Hebei Province Network
country:        CN
origin:         AS4837
mnt-by:         MAINT-CNCGROUP-RR
last-modified:  2009-05-22T06:21:10Z
source:         APNIC

% This query was served by the APNIC Whois Service version 1.88.48 (WHOIS-AU4)

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 110.249.201.20
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 43694
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;110.249.201.20.			IN	A

;; AUTHORITY SECTION:
.			29	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2026062101 1800 900 604800 86400

;; Query time: 8 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Jun 22 09:50:41 CST 2026
;; MSG SIZE  rcvd: 107

Host info

20.201.249.110.in-addr.arpa domain name pointer bytespider-110-249-201-20.crawl.bytedance.com.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
20.201.249.110.in-addr.arpa	name = bytespider-110-249-201-20.crawl.bytedance.com.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
2001:b011:4003:4681:a0fd:2c77:92f0:8566	attackspambots	2020-08-05T12:49:34.484272hermes postfix/smtpd[360639]: NOQUEUE: reject: RCPT from 2001-b011-4003-4681-a0fd-2c77-92f0-8566.dynamic-ip6.hinet.net[2001:b011:4003:4681:a0fd:2c77:92f0:8566]: 554 5.7.1 Service unavailable; Client host [2001:b011:4003:4681:a0fd:2c77:92f0:8566] blocked using zen.spamhaus.org; https://www.spamhaus.org/sbl/query/SBLCSS; from= to= proto=ESMTP helo= ...	2020-08-05 18:15:38
52.130.85.229	attackspambots	Cowrie Honeypot: 3 unauthorised SSH/Telnet login attempts between 2020-08-05T07:17:33Z and 2020-08-05T07:22:16Z	2020-08-05 17:41:08
132.232.119.203	attack	Aug 5 09:03:21 gw1 sshd[8620]: Failed password for root from 132.232.119.203 port 46864 ssh2 ...	2020-08-05 18:00:55
58.37.28.240	attackspam	20 attempts against mh-ssh on glow	2020-08-05 17:57:33
200.150.202.184	attack	langenachtfulda.de 200.150.202.184 [31/Jul/2020:11:16:08 +0200] "POST /wp-login.php HTTP/1.1" 200 6291 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" langenachtfulda.de 200.150.202.184 [31/Jul/2020:11:16:09 +0200] "POST /xmlrpc.php HTTP/1.1" 200 4068 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-08-05 17:52:11
125.133.92.3	attackbots	Aug 5 09:06:45 ns381471 sshd[10416]: Failed password for root from 125.133.92.3 port 34686 ssh2	2020-08-05 18:00:09
45.129.33.7	attack	TCP (SYN) 45.129.33.7:49905 -> port 5980, len 44	2020-08-05 17:42:53
45.129.33.9	attackbots	Aug 5 11:43:06 debian-2gb-nbg1-2 kernel: \[18879047.613195\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=45.129.33.9 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=247 ID=11686 PROTO=TCP SPT=50256 DPT=11227 WINDOW=1024 RES=0x00 SYN URGP=0	2020-08-05 17:44:12
49.235.83.136	attack	Aug 5 08:36:46 XXX sshd[62461]: Invalid user dev04 from 49.235.83.136 port 39520	2020-08-05 17:55:53
107.23.220.51	attack	107.23.220.51 - - \[05/Aug/2020:11:48:23 +0200\] "POST /wp-login.php HTTP/1.0" 200 6728 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" 107.23.220.51 - - \[05/Aug/2020:11:48:25 +0200\] "POST /wp-login.php HTTP/1.0" 200 6558 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" 107.23.220.51 - - \[05/Aug/2020:11:48:27 +0200\] "POST /wp-login.php HTTP/1.0" 200 6552 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0"	2020-08-05 18:01:31
195.146.59.157	attackspam	Unauthorized connection attempt detected from IP address 195.146.59.157 to port 918	2020-08-05 18:06:00
222.186.180.223	attackbotsspam	Aug 5 11:47:45 dev0-dcde-rnet sshd[688]: Failed password for root from 222.186.180.223 port 35998 ssh2 Aug 5 11:47:56 dev0-dcde-rnet sshd[688]: Failed password for root from 222.186.180.223 port 35998 ssh2 Aug 5 11:47:59 dev0-dcde-rnet sshd[688]: Failed password for root from 222.186.180.223 port 35998 ssh2 Aug 5 11:47:59 dev0-dcde-rnet sshd[688]: error: maximum authentication attempts exceeded for root from 222.186.180.223 port 35998 ssh2 [preauth]	2020-08-05 17:58:54
202.9.46.52	attackbots	Automatic report - Port Scan Attack	2020-08-05 17:45:37
54.75.27.101	attackbots	05.08.2020 05:49:48 - Wordpress fail Detected by ELinOX-ALM	2020-08-05 18:09:58
182.50.151.13	attackspam	Looking for old copies of wordpress configuration	2020-08-05 18:04:06

Recently Reported IPs

2606:4700:10::6814:6336	2606:4700:10::6814:4599	47.95.204.194	20.197.62.205
122.192.133.90	121.234.219.90	2606:4700:10::6814:6353	2606:4700:10::6814:4377
14.207.194.143	192.168.50.91	192.220.250.2	192.220.250.11
111.90.217.60	2606:4700:10::6814:8700	167.172.134.198	2605:fe80:2b:111:1c00:8aff:fe00:919
173.232.153.97	34.78.154.63	81.19.216.86	31.14.254.123