49.7.20.70 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
49.7.20.28	attack	Automatic report - Banned IP Access	2020-09-04 00:48:59
49.7.20.28	attack	Port Scan: TCP/443	2020-09-03 16:13:27
49.7.20.28	attack	Port Scan: TCP/443	2020-09-03 08:21:48
49.7.20.86	attackbotsspam	Dangerous	2020-08-18 05:09:48
49.7.20.28	attackbots	404 NOT FOUND	2020-08-14 12:45:26
49.7.20.28	attack	Malicious brute force vulnerability hacking attacks	2020-06-24 21:19:56
49.7.20.28	attackbots	IP: 49.7.20.28 Ports affected http protocol over TLS/SSL (443) World Wide Web HTTP (80) Abuse Confidence rating 35% Found in DNSBL('s) ASN Details AS23724 IDC China Telecommunications Corporation China (CN) CIDR 49.7.0.0/16 Log Date: 7/03/2020 5:59:58 AM UTC	2020-03-07 15:39:15
49.7.20.96	attackspambots	IP: 49.7.20.96 Ports affected World Wide Web HTTP (80) Found in DNSBL('s) ASN Details AS23724 IDC China Telecommunications Corporation China (CN) CIDR 49.7.0.0/16 Log Date: 28/02/2020 4:42:31 PM UTC	2020-02-29 01:36:31
49.7.20.161	attackspam	The IP has triggered Cloudflare WAF. CF-Ray: 54330e29e9a3e819 \| WAF_Rule_ID: asn \| WAF_Kind: firewall \| CF_Action: jschallenge \| Country: CN \| CF_IPClass: noRecord \| Protocol: HTTP/1.1 \| Method: GET \| Host: img.skk.moe \| User-Agent: Mozilla/5.0 (Windows NT 5.1) AppleWebKit/534.30 (KHTML, like Gecko) Chrome/12.0.742.122 Safari/534.30 \| CF_DC: LAX. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).	2019-12-12 04:57:49
49.7.20.7	attackspam	The IP has triggered Cloudflare WAF. CF-Ray: 5430747a7e05eb25 \| WAF_Rule_ID: asn \| WAF_Kind: firewall \| CF_Action: jschallenge \| Country: CN \| CF_IPClass: noRecord \| Protocol: HTTP/1.1 \| Method: GET \| Host: img.skk.moe \| User-Agent: Mozilla/5.0 (Windows NT 5.1) AppleWebKit/534.30 (KHTML, like Gecko) Chrome/12.0.742.122 Safari/534.30 \| CF_DC: LAX. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).	2019-12-12 04:06:55
49.7.20.22	attackbotsspam	The IP has triggered Cloudflare WAF. CF-Ray: 54340382ba31e7f9 \| WAF_Rule_ID: asn \| WAF_Kind: firewall \| CF_Action: jschallenge \| Country: CN \| CF_IPClass: noRecord \| Protocol: HTTP/1.1 \| Method: GET \| Host: img.skk.moe \| User-Agent: Mozilla/5.0 (Windows NT 5.1) AppleWebKit/534.30 (KHTML, like Gecko) Chrome/12.0.742.122 Safari/534.30 \| CF_DC: LAX. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).	2019-12-12 00:15:26
49.7.20.177	attack	The IP has triggered Cloudflare WAF. CF-Ray: 540fb9f34fb3e50e \| WAF_Rule_ID: asn \| WAF_Kind: firewall \| CF_Action: challenge \| Country: CN \| CF_IPClass: noRecord \| Protocol: HTTP/1.1 \| Method: GET \| Host: img.skk.moe \| User-Agent: Mozilla/5.0 (Windows NT 5.1) AppleWebKit/534.30 (KHTML, like Gecko) Chrome/12.0.742.122 Safari/534.30 \| CF_DC: LAX. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).	2019-12-08 03:22:51
49.7.20.173	attackspambots	The IP has triggered Cloudflare WAF. CF-Ray: 540f7019ae38e82d \| WAF_Rule_ID: asn \| WAF_Kind: firewall \| CF_Action: challenge \| Country: CN \| CF_IPClass: noRecord \| Protocol: HTTP/1.1 \| Method: GET \| Host: img.skk.moe \| User-Agent: Mozilla/5.0 (Windows NT 5.1) AppleWebKit/534.30 (KHTML, like Gecko) Chrome/12.0.742.122 Safari/534.30 \| CF_DC: LAX. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).	2019-12-08 00:26:18

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 49.7.20.70
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 38856
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;49.7.20.70.			IN	A

;; AUTHORITY SECTION:
.			116	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022020700 1800 900 604800 86400

;; Query time: 14 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Feb 08 00:58:36 CST 2022
;; MSG SIZE  rcvd: 103

Host info

70.20.7.49.in-addr.arpa domain name pointer sogouspider-49-7-20-70.crawl.sogou.com.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
70.20.7.49.in-addr.arpa	name = sogouspider-49-7-20-70.crawl.sogou.com.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
27.72.148.233	attack	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-06-26 08:58:40,006 INFO [amun_request_handler] PortScan Detected on Port: 445 (27.72.148.233)	2019-06-27 07:00:53
199.249.230.119	attack	frenzy	2019-06-27 07:06:39
71.56.218.201	attack	Jun 27 00:58:17 vmd17057 sshd\[20208\]: Invalid user benjamin from 71.56.218.201 port 44018 Jun 27 00:58:17 vmd17057 sshd\[20208\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=71.56.218.201 Jun 27 00:58:20 vmd17057 sshd\[20208\]: Failed password for invalid user benjamin from 71.56.218.201 port 44018 ssh2 ...	2019-06-27 07:25:05
125.129.83.208	attackbots	2019-06-27T00:58:54.869015test01.cajus.name sshd\[10554\]: Invalid user resto from 125.129.83.208 port 32864 2019-06-27T00:58:54.885187test01.cajus.name sshd\[10554\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=125.129.83.208 2019-06-27T00:58:56.795219test01.cajus.name sshd\[10554\]: Failed password for invalid user resto from 125.129.83.208 port 32864 ssh2	2019-06-27 07:11:27
111.230.180.237	attackspam	Invalid user aaron from 111.230.180.237 port 57842 pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.230.180.237 Failed password for invalid user aaron from 111.230.180.237 port 57842 ssh2 Invalid user one from 111.230.180.237 port 45636 pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.230.180.237	2019-06-27 07:09:09
107.175.36.165	attackspam	Unauthorised access (Jun 26) SRC=107.175.36.165 LEN=52 TTL=119 ID=21258 DF TCP DPT=445 WINDOW=8192 SYN	2019-06-27 06:48:42
68.183.186.222	attackspam	Jun 27 01:31:58 vtv3 sshd\[19367\]: Invalid user suelette from 68.183.186.222 port 51113 Jun 27 01:31:58 vtv3 sshd\[19367\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=68.183.186.222 Jun 27 01:32:00 vtv3 sshd\[19367\]: Failed password for invalid user suelette from 68.183.186.222 port 51113 ssh2 Jun 27 01:34:25 vtv3 sshd\[20375\]: Invalid user store from 68.183.186.222 port 18634 Jun 27 01:34:25 vtv3 sshd\[20375\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=68.183.186.222 Jun 27 01:44:49 vtv3 sshd\[25315\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=68.183.186.222 user=root Jun 27 01:44:52 vtv3 sshd\[25315\]: Failed password for root from 68.183.186.222 port 12490 ssh2 Jun 27 01:46:37 vtv3 sshd\[26605\]: Invalid user www from 68.183.186.222 port 29794 Jun 27 01:46:37 vtv3 sshd\[26605\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh rus	2019-06-27 07:12:33
185.220.101.28	attackspam	frenzy	2019-06-27 07:23:56
59.127.172.234	attack	Jun 26 22:59:16 *** sshd[20534]: Invalid user glassfish from 59.127.172.234	2019-06-27 07:03:13
1.202.226.15	attackspambots	3389BruteforceFW21	2019-06-27 07:28:14
114.231.136.29	attackspambots	2019-06-27T00:40:28.106942 X postfix/smtpd[37072]: warning: unknown[114.231.136.29]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 2019-06-27T00:40:35.363000 X postfix/smtpd[36635]: warning: unknown[114.231.136.29]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 2019-06-27T00:58:48.011919 X postfix/smtpd[39029]: warning: unknown[114.231.136.29]: SASL LOGIN authentication failed: UGFzc3dvcmQ6	2019-06-27 07:14:45
187.58.65.21	attack	Invalid user guest from 187.58.65.21 port 9407 pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=187.58.65.21 Failed password for invalid user guest from 187.58.65.21 port 9407 ssh2 Invalid user worldpress from 187.58.65.21 port 43638 pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=187.58.65.21	2019-06-27 06:53:01
167.99.230.57	attack	Jun 27 00:59:12 localhost sshd\[12879\]: Invalid user user3 from 167.99.230.57 port 54070 Jun 27 00:59:12 localhost sshd\[12879\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.99.230.57 Jun 27 00:59:13 localhost sshd\[12879\]: Failed password for invalid user user3 from 167.99.230.57 port 54070 ssh2	2019-06-27 07:05:08
92.50.32.99	attackspambots	TCP port 25 (SMTP) attempt blocked by hMailServer IP-check. Abuse score 65%	2019-06-27 07:05:24
51.15.7.60	attack	frenzy	2019-06-27 07:34:35

Recently Reported IPs

105.184.201.48	177.11.19.254	179.91.229.237	14.118.239.103
113.177.123.102	113.128.188.106	187.72.8.17	195.181.92.43
105.27.197.122	123.23.65.74	178.205.244.154	114.240.231.232
212.119.41.37	43.154.89.23	65.20.161.236	85.11.20.166
189.3.25.98	203.159.80.251	62.76.41.46	94.232.45.208