City: unknown
Region: unknown
Country: China
Internet Service Provider: unknown
Hostname: unknown
Organization: unknown
Usage Type: unknown
| IP | Type | Details | Datetime |
|---|---|---|---|
| 49.7.20.28 | attack | Automatic report - Banned IP Access |
2020-09-04 00:48:59 |
| 49.7.20.28 | attack | Port Scan: TCP/443 |
2020-09-03 16:13:27 |
| 49.7.20.28 | attack | Port Scan: TCP/443 |
2020-09-03 08:21:48 |
| 49.7.20.86 | attackbotsspam | Dangerous |
2020-08-18 05:09:48 |
| 49.7.20.28 | attackbots | 404 NOT FOUND |
2020-08-14 12:45:26 |
| 49.7.20.28 | attack | Malicious brute force vulnerability hacking attacks |
2020-06-24 21:19:56 |
| 49.7.20.28 | attackbots | IP: 49.7.20.28
Ports affected
http protocol over TLS/SSL (443)
World Wide Web HTTP (80)
Abuse Confidence rating 35%
Found in DNSBL('s)
ASN Details
AS23724 IDC China Telecommunications Corporation
China (CN)
CIDR 49.7.0.0/16
Log Date: 7/03/2020 5:59:58 AM UTC |
2020-03-07 15:39:15 |
| 49.7.20.96 | attackspambots | IP: 49.7.20.96
Ports affected
World Wide Web HTTP (80)
Found in DNSBL('s)
ASN Details
AS23724 IDC China Telecommunications Corporation
China (CN)
CIDR 49.7.0.0/16
Log Date: 28/02/2020 4:42:31 PM UTC |
2020-02-29 01:36:31 |
| 49.7.20.161 | attackspam | The IP has triggered Cloudflare WAF. CF-Ray: 54330e29e9a3e819 | WAF_Rule_ID: asn | WAF_Kind: firewall | CF_Action: jschallenge | Country: CN | CF_IPClass: noRecord | Protocol: HTTP/1.1 | Method: GET | Host: img.skk.moe | User-Agent: Mozilla/5.0 (Windows NT 5.1) AppleWebKit/534.30 (KHTML, like Gecko) Chrome/12.0.742.122 Safari/534.30 | CF_DC: LAX. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB). |
2019-12-12 04:57:49 |
| 49.7.20.7 | attackspam | The IP has triggered Cloudflare WAF. CF-Ray: 5430747a7e05eb25 | WAF_Rule_ID: asn | WAF_Kind: firewall | CF_Action: jschallenge | Country: CN | CF_IPClass: noRecord | Protocol: HTTP/1.1 | Method: GET | Host: img.skk.moe | User-Agent: Mozilla/5.0 (Windows NT 5.1) AppleWebKit/534.30 (KHTML, like Gecko) Chrome/12.0.742.122 Safari/534.30 | CF_DC: LAX. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB). |
2019-12-12 04:06:55 |
| 49.7.20.22 | attackbotsspam | The IP has triggered Cloudflare WAF. CF-Ray: 54340382ba31e7f9 | WAF_Rule_ID: asn | WAF_Kind: firewall | CF_Action: jschallenge | Country: CN | CF_IPClass: noRecord | Protocol: HTTP/1.1 | Method: GET | Host: img.skk.moe | User-Agent: Mozilla/5.0 (Windows NT 5.1) AppleWebKit/534.30 (KHTML, like Gecko) Chrome/12.0.742.122 Safari/534.30 | CF_DC: LAX. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB). |
2019-12-12 00:15:26 |
| 49.7.20.177 | attack | The IP has triggered Cloudflare WAF. CF-Ray: 540fb9f34fb3e50e | WAF_Rule_ID: asn | WAF_Kind: firewall | CF_Action: challenge | Country: CN | CF_IPClass: noRecord | Protocol: HTTP/1.1 | Method: GET | Host: img.skk.moe | User-Agent: Mozilla/5.0 (Windows NT 5.1) AppleWebKit/534.30 (KHTML, like Gecko) Chrome/12.0.742.122 Safari/534.30 | CF_DC: LAX. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB). |
2019-12-08 03:22:51 |
| 49.7.20.173 | attackspambots | The IP has triggered Cloudflare WAF. CF-Ray: 540f7019ae38e82d | WAF_Rule_ID: asn | WAF_Kind: firewall | CF_Action: challenge | Country: CN | CF_IPClass: noRecord | Protocol: HTTP/1.1 | Method: GET | Host: img.skk.moe | User-Agent: Mozilla/5.0 (Windows NT 5.1) AppleWebKit/534.30 (KHTML, like Gecko) Chrome/12.0.742.122 Safari/534.30 | CF_DC: LAX. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB). |
2019-12-08 00:26:18 |
b; <<>> DiG 9.10.3-P4-Ubuntu <<>> 49.7.20.89
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 12632
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;49.7.20.89. IN A
;; AUTHORITY SECTION:
. 30 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2025021800 1800 900 604800 86400
;; Query time: 49 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Feb 19 00:13:19 CST 2025
;; MSG SIZE rcvd: 10389.20.7.49.in-addr.arpa domain name pointer sogouspider-49-7-20-89.crawl.sogou.com.Server: 183.60.83.19
Address: 183.60.83.19#53
Non-authoritative answer:
89.20.7.49.in-addr.arpa name = sogouspider-49-7-20-89.crawl.sogou.com.
Authoritative answers can be found from:| IP | Type | Details | Datetime |
|---|---|---|---|
| 113.23.4.87 | attackbotsspam | Honeypot attack, port: 445, PTR: PTR record not found |
2020-02-25 13:32:49 |
| 62.234.186.27 | attackspambots | 2020-02-05T05:49:23.533881suse-nuc sshd[2454]: Invalid user roupen from 62.234.186.27 port 43948 ... |
2020-02-25 14:03:26 |
| 185.156.73.52 | attackbots | 02/25/2020-00:31:19.684767 185.156.73.52 Protocol: 6 ET SCAN NMAP -sS window 1024 |
2020-02-25 14:07:09 |
| 62.234.2.59 | attack | Feb 25 06:37:47 MK-Soft-VM4 sshd[11471]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=62.234.2.59 Feb 25 06:37:49 MK-Soft-VM4 sshd[11471]: Failed password for invalid user gmodserver from 62.234.2.59 port 42688 ssh2 ... |
2020-02-25 13:52:20 |
| 190.113.157.243 | attackbots | Honeypot attack, port: 81, PTR: 190-113-157-243.supercanal.com.ar. |
2020-02-25 14:05:55 |
| 114.207.177.43 | attack | Unauthorized connection attempt detected from IP address 114.207.177.43 to port 23 [J] |
2020-02-25 13:24:44 |
| 112.186.3.67 | attack | Unauthorized connection attempt detected from IP address 112.186.3.67 to port 23 [J] |
2020-02-25 13:26:58 |
| 181.10.18.188 | attackspambots | Feb 25 05:40:43 ArkNodeAT sshd\[30878\]: Invalid user a from 181.10.18.188 Feb 25 05:40:43 ArkNodeAT sshd\[30878\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=181.10.18.188 Feb 25 05:40:45 ArkNodeAT sshd\[30878\]: Failed password for invalid user a from 181.10.18.188 port 33352 ssh2 |
2020-02-25 13:28:33 |
| 223.71.167.163 | attack | 1582603963 - 02/25/2020 05:12:43 Host: 223.71.167.163/223.71.167.163 Port: 79 TCP Blocked ... |
2020-02-25 14:03:52 |
| 222.186.31.83 | attackspam | 25.02.2020 05:58:26 SSH access blocked by firewall |
2020-02-25 13:59:34 |
| 179.33.137.117 | attackspam | Feb 25 06:28:11 |
2020-02-25 13:32:34 |
| 212.64.7.134 | attackspambots | Feb 24 18:49:08 web1 sshd\[32557\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=212.64.7.134 user=root Feb 24 18:49:10 web1 sshd\[32557\]: Failed password for root from 212.64.7.134 port 59414 ssh2 Feb 24 18:58:35 web1 sshd\[1193\]: Invalid user nginx from 212.64.7.134 Feb 24 18:58:35 web1 sshd\[1193\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=212.64.7.134 Feb 24 18:58:37 web1 sshd\[1193\]: Failed password for invalid user nginx from 212.64.7.134 port 53038 ssh2 |
2020-02-25 13:45:57 |
| 213.153.79.98 | attackspam | Feb 25 00:20:08 v22019058497090703 sshd[20218]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=213.153.79.98 ... |
2020-02-25 13:25:43 |
| 61.228.90.19 | attackbots | Unauthorized connection attempt detected from IP address 61.228.90.19 to port 23 [J] |
2020-02-25 13:51:01 |
| 212.95.137.164 | attack | Feb 24 18:57:14 mail sshd\[47606\]: Invalid user admin from 212.95.137.164 Feb 24 18:57:14 mail sshd\[47606\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=212.95.137.164 ... |
2020-02-25 13:27:41 |