120.50.2.42 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: None

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
120.50.248.212	attack	[Thu Sep 26 00:39:27.153235 2019] [:error] [pid 197602] [client 120.50.248.212:57807] [client 120.50.248.212] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:anomaly_score. [file "/usr/share/modsecurity-crs/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "91"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 18)"] [severity "CRITICAL"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [hostname "127.0.0.1"] [uri "/cgi-bin/ViewLog.asp"] [unique_id "XYwy7-ptwnJV9Jbr-9UbYAAAAAY"] ...	2019-09-26 20:12:32
120.50.28.40	attackbotsspam	Unauthorized connection attempt from IP address 120.50.28.40 on Port 445(SMB)	2019-08-09 18:16:39
120.50.27.74	attackbots	"Account brute force using dictionary attack against Exchange Online"	2019-08-06 02:13:43

Type

Details

Datetime

120.50.248.212

attack

[Thu Sep 26 00:39:27.153235 2019] [:error] [pid 197602] [client 120.50.248.212:57807] [client 120.50.248.212] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:anomaly_score. [file "/usr/share/modsecurity-crs/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "91"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 18)"] [severity "CRITICAL"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [hostname "127.0.0.1"] [uri "/cgi-bin/ViewLog.asp"] [unique_id "XYwy7-ptwnJV9Jbr-9UbYAAAAAY"]
...

2019-09-26 20:12:32

120.50.28.40

attackbotsspam

Unauthorized connection attempt from IP address 120.50.28.40 on Port 445(SMB)

2019-08-09 18:16:39

120.50.27.74

attackbots

"Account brute force using dictionary attack against Exchange Online"

2019-08-06 02:13:43

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 120.50.2.42
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 9303
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;120.50.2.42.			IN	A

;; AUTHORITY SECTION:
.			379	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022030800 1800 900 604800 86400

;; Query time: 14 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Mar 08 19:31:21 CST 2022
;; MSG SIZE  rcvd: 104

Host info

42.2.50.120.in-addr.arpa domain name pointer caip.telnet-bd.com.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
42.2.50.120.in-addr.arpa	name = caip.telnet-bd.com.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
113.10.207.50	attack	Unauthorised access (Nov 6) SRC=113.10.207.50 LEN=40 TTL=239 ID=62815 TCP DPT=445 WINDOW=1024 SYN	2019-11-07 03:47:57
61.41.159.29	attackbots	Failed password for mysql from 61.41.159.29 port 32848 ssh2	2019-11-07 03:52:46
178.128.215.148	attackbots	2019-11-06T15:40:10.783031abusebot-5.cloudsearch.cf sshd\[8959\]: Invalid user elena from 178.128.215.148 port 42286	2019-11-07 03:31:42
157.245.168.172	attackbots	RDP Bruteforce	2019-11-07 03:45:04
51.77.140.111	attackspambots	Nov 6 19:37:16 server sshd\[21543\]: Invalid user fn from 51.77.140.111 Nov 6 19:37:16 server sshd\[21543\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.ip-51-77-140.eu Nov 6 19:37:18 server sshd\[21543\]: Failed password for invalid user fn from 51.77.140.111 port 50450 ssh2 Nov 6 19:45:10 server sshd\[23904\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.ip-51-77-140.eu user=root Nov 6 19:45:11 server sshd\[23904\]: Failed password for root from 51.77.140.111 port 54334 ssh2 ...	2019-11-07 03:33:04
5.229.194.240	attackbots	Automatic report - Port Scan Attack	2019-11-07 04:07:09
62.75.230.4	attackspambots	Failed password for admin from 62.75.230.4 port 16136 ssh2	2019-11-07 04:00:27
2.63.78.224	attackspam	Honeypot hit.	2019-11-07 03:55:52
31.28.4.94	attackbots	RDPBruteCAu	2019-11-07 03:39:27
129.28.88.12	attackbotsspam	Automatic report - Banned IP Access	2019-11-07 03:47:37
50.204.168.242	attackbots	Fail2Ban Ban Triggered	2019-11-07 03:41:19
157.230.240.34	attackbots	2019-11-06T14:35:20.530977abusebot-6.cloudsearch.cf sshd\[26801\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.230.240.34 user=root	2019-11-07 03:43:52
148.70.56.123	attackspambots	2019-11-06T14:35:43.191783abusebot-7.cloudsearch.cf sshd\[21244\]: Invalid user Admin\#321 from 148.70.56.123 port 49650	2019-11-07 03:30:51
80.211.254.101	attackbotsspam	RDPBruteElK	2019-11-07 03:42:54
89.248.168.176	attackspam	89.248.168.176 was recorded 5 times by 5 hosts attempting to connect to the following ports: 6080. Incident counter (4h, 24h, all-time): 5, 83, 149	2019-11-07 03:34:54

Recently Reported IPs

120.50.183.6	120.50.2.92	120.50.20.26	120.50.20.14
115.61.117.3	120.50.20.46	120.50.20.30	120.50.23.210
120.50.23.190	120.50.23.214	120.50.23.218	120.50.23.2
120.50.23.222	115.73.253.171	120.50.23.230	115.98.238.12
115.99.142.53	116.100.83.212	116.101.165.39	116.104.40.80