JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 49.70.172.162

49.70.172.162 was found in our database!

This IP was reported 10 times. Confidence of Abuse is 0%: ?

ISP	CHINANET jiangsu province network
Usage Type	Fixed Line ISP
ASN	AS4134
Domain Name	chinatelecom.cn
Country	🇨🇳 China
City	Nanjing, Jiangsu

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 49.70.172.162

Whois 49.70.172.162

IP Abuse Reports for 49.70.172.162:

This IP address has been reported a total of 10 times from 6 distinct sources. 49.70.172.162 was first reported on September 3rd 2024, and the most recent report was 1 year ago.

Old Reports: The most recent abuse report for this IP address is from 1 year ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 Packets-Decreaser.NET	2025-04-29 21:27:58 (1 year ago)	Incoming Layer 7 Flood Detected	DDoS Attack Web Spam
🇦🇺 MAGIC	2024-09-22 01:07:47 (1 year ago)	VM1 Bad user agents ignoring web crawling rules. Draing bandwidth	DDoS Attack Bad Web Bot
🇩🇪 Packets-Decreaser.NET	2024-09-20 23:12:10 (1 year ago)	Incoming Layer 7 Flood Detected	DDoS Attack Web Spam
Anonymous	2024-09-19 17:08:32 (1 year ago)	Brute Force Login Attempts	Hacking Brute-Force
🇲🇹 Malta	2024-09-18 22:31:02 (1 year ago)	49.70.172.162 - - [19/Sep/2024:00:31:02 +0200] "POST /xmlrpc.php HTTP/1.1" "Mozilla/5.0 (X11; Linux ... show more 49.70.172.162 - - [19/Sep/2024:00:31:02 +0200] "POST /xmlrpc.php HTTP/1.1" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.138 Safari/537.36" Brute-force password attempt show less	Hacking Brute-Force Web App Attack
Anonymous	2024-09-17 22:25:39 (1 year ago)	supergamecollector.com 49.70.172.162 [18/Sep/2024:00:25:36 +0200] "POST /xmlrpc.php HTTP/1.1" 200 43 ... show more supergamecollector.com 49.70.172.162 [18/Sep/2024:00:25:36 +0200] "POST /xmlrpc.php HTTP/1.1" 200 4354 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.138 Safari/537.36" supergamecollector.com 49.70.172.162 [18/Sep/2024:00:25:38 +0200] "POST /xmlrpc.php HTTP/1.1" 200 4354 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.138 Safari/537.36" show less	Web App Attack
🇲🇹 Malta	2024-09-17 10:35:42 (1 year ago)	49.70.172.162 - - [17/Sep/2024:12:35:42 +0200] "POST /xmlrpc.php HTTP/1.1" "Mozilla/5.0 (X11; Linux ... show more 49.70.172.162 - - [17/Sep/2024:12:35:42 +0200] "POST /xmlrpc.php HTTP/1.1" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.138 Safari/537.36" Brute-force password attempt show less	Hacking Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2024-09-09 22:32:16 (1 year ago)	(mod_security) mod_security (id:240335) triggered by 49.70.172.162 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:240335) triggered by 49.70.172.162 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Sep 09 18:32:08.495340 2024] [security2:error] [pid 18506:tid 18506] [client 49.70.172.162:58962] [client 49.70.172.162] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 49.70.172.162 (+1 hits since last alert)\|nebraskaadaptivesports.org\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "nebraskaadaptivesports.org"] [uri "/xmlrpc.php"] [unique_id "Zt93aDEvvUDQ4WXek4xoUgAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2024-09-05 06:20:05 (1 year ago)	(mod_security) mod_security (id:240335) triggered by 49.70.172.162 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:240335) triggered by 49.70.172.162 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Sep 05 02:19:56.747317 2024] [security2:error] [pid 566980:tid 566980] [client 49.70.172.162:38728] [client 49.70.172.162] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 49.70.172.162 (+1 hits since last alert)\|amp712.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "amp712.com"] [uri "/xmlrpc.php"] [unique_id "ZtlNjBYmy7XFhaoazWPKIAAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇲🇹 Malta	2024-09-03 20:13:19 (1 year ago)	49.70.172.162 - - [03/Sep/2024:22:13:19 +0200] "POST /xmlrpc.php HTTP/1.1" "Mozilla/5.0 (Macintosh; ... show more 49.70.172.162 - - [03/Sep/2024:22:13:19 +0200] "POST /xmlrpc.php HTTP/1.1" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.6422.60 Safari/537.36" Brute-force password attempt show less	Hacking Brute-Force Web App Attack

Showing 1 to 10 of 10 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 2601:406:4603:4510:e088:4b62:e07e:6657

🇳🇱 213.177.179.67

🇷🇴 2.57.121.112

🇦🇷 186.96.192.120

🇦🇷 181.116.220.140

🇻🇳 160.187.240.90

🇺🇸 92.118.112.56

🇱🇹 45.227.254.183

🇨🇦 23.234.84.156

🇮🇳 182.95.57.194

🇳🇱 178.16.53.245

🇦🇷 170.245.232.44

🇹🇭 147.50.227.79

🇨🇳 118.248.198.32

🇰🇪 105.27.148.94

🇨🇳 60.166.83.98

🇨🇳 222.176.200.18

🇨🇳 182.119.226.237

🇳🇱 176.65.139.173

🇺🇸 172.253.209.150