201.49.127.212

Basic Info

City: São Paulo

Region: Sao Paulo

Country: Brazil

Internet Service Provider: Optitel Ltda

Hostname: unknown

Organization: unknown

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspambots	Aug 3 07:52:19 hidden sshd[27516]: Failed password for hidden from 201.49.127.212 port 59460 ssh2 Aug 3 07:56:27 hidden sshd[28090]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=201.49.127.212 user=root Aug 3 07:56:29 hidden sshd[28090]: Failed password for hidden from 201.49.127.212 port 51326 ssh2	2020-08-03 16:16:23
attack	Jul 6 13:56:38 dignus sshd[21695]: Failed password for invalid user test from 201.49.127.212 port 57992 ssh2 Jul 6 13:59:35 dignus sshd[22046]: Invalid user tam from 201.49.127.212 port 38496 Jul 6 13:59:35 dignus sshd[22046]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=201.49.127.212 Jul 6 13:59:38 dignus sshd[22046]: Failed password for invalid user tam from 201.49.127.212 port 38496 ssh2 Jul 6 14:02:36 dignus sshd[22432]: Invalid user tomcat from 201.49.127.212 port 47248 ...	2020-07-07 05:44:49
attackspam	SSH Brute-Force reported by Fail2Ban	2020-07-01 23:58:39
attackbots	$f2bV_matches	2020-06-30 13:25:12
attack	bruteforce detected	2020-06-23 13:46:38
attackbots	$f2bV_matches	2020-06-03 13:20:37
attackspam	Jun 1 00:02:15 vmd17057 sshd[614]: Failed password for root from 201.49.127.212 port 39958 ssh2 ...	2020-06-01 08:24:07
attackspambots	...	2020-05-23 23:13:02
attackbots	May 22 05:56:20 srv01 sshd[14904]: Invalid user ansiblessh from 201.49.127.212 port 56742 May 22 05:56:20 srv01 sshd[14904]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=201.49.127.212 May 22 05:56:20 srv01 sshd[14904]: Invalid user ansiblessh from 201.49.127.212 port 56742 May 22 05:56:22 srv01 sshd[14904]: Failed password for invalid user ansiblessh from 201.49.127.212 port 56742 ssh2 May 22 05:59:50 srv01 sshd[15014]: Invalid user moz from 201.49.127.212 port 43444 ...	2020-05-22 12:00:34
attackspambots	May 13 23:01:51 minden010 sshd[25271]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=201.49.127.212 May 13 23:01:53 minden010 sshd[25271]: Failed password for invalid user administrator from 201.49.127.212 port 37964 ssh2 May 13 23:05:16 minden010 sshd[27292]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=201.49.127.212 ...	2020-05-14 08:32:20
attackbots	SSH Brute-Force. Ports scanning.	2020-05-06 23:56:04
attack	May 2 14:02:41 ns382633 sshd\[637\]: Invalid user two from 201.49.127.212 port 58674 May 2 14:02:41 ns382633 sshd\[637\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=201.49.127.212 May 2 14:02:43 ns382633 sshd\[637\]: Failed password for invalid user two from 201.49.127.212 port 58674 ssh2 May 2 14:13:29 ns382633 sshd\[2801\]: Invalid user kt from 201.49.127.212 port 49762 May 2 14:13:29 ns382633 sshd\[2801\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=201.49.127.212	2020-05-02 22:31:57
attack	Invalid user csgo from 201.49.127.212 port 36050	2020-05-01 13:04:36
attackbots	Apr 15 07:01:06 host5 sshd[14278]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=201.49.127.212 user=root Apr 15 07:01:08 host5 sshd[14278]: Failed password for root from 201.49.127.212 port 44352 ssh2 ...	2020-04-15 19:20:43
attackbotsspam	Apr 6 23:32:55 ws26vmsma01 sshd[224236]: Failed password for root from 201.49.127.212 port 50740 ssh2 ...	2020-04-07 08:25:26
attackspambots	Apr 2 15:50:14 sshd\[10727\]: User root from 201.49.127.212 not allowed because not listed in AllowUsersApr 2 15:50:16 sshd\[10727\]: Failed password for invalid user root from 201.49.127.212 port 47100 ssh2 ...	2020-04-02 22:38:17
attackbotsspam	$f2bV_matches	2020-04-02 18:33:39
attackspam	bruteforce detected	2020-04-01 02:18:29
attackspam	Mar 30 10:51:15 firewall sshd[24091]: Failed password for invalid user jh from 201.49.127.212 port 39182 ssh2 Mar 30 10:57:48 firewall sshd[24415]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=201.49.127.212 user=root Mar 30 10:57:50 firewall sshd[24415]: Failed password for root from 201.49.127.212 port 42652 ssh2 ...	2020-03-30 22:09:10
attackspambots	Invalid user pk from 201.49.127.212 port 56940	2020-03-29 07:48:38
attackspambots	Mar 28 13:41:11 sshd[12524]: Failed password for invalid user nsg from 201.49.127.212 port 35206 ssh2	2020-03-29 00:33:39
attack	5x Failed Password	2020-03-24 14:48:21
attack	Brute force attempt	2020-03-17 23:56:49
attackspambots	SSH bruteforce	2020-03-17 03:07:23
attackspam	2020-03-06T04:45:24.809188abusebot-7.cloudsearch.cf sshd[17476]: Invalid user steam from 201.49.127.212 port 36400 2020-03-06T04:45:24.814165abusebot-7.cloudsearch.cf sshd[17476]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=201.49.127.212 2020-03-06T04:45:24.809188abusebot-7.cloudsearch.cf sshd[17476]: Invalid user steam from 201.49.127.212 port 36400 2020-03-06T04:45:26.603786abusebot-7.cloudsearch.cf sshd[17476]: Failed password for invalid user steam from 201.49.127.212 port 36400 ssh2 2020-03-06T04:49:15.527296abusebot-7.cloudsearch.cf sshd[17661]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=201.49.127.212 user=root 2020-03-06T04:49:18.029463abusebot-7.cloudsearch.cf sshd[17661]: Failed password for root from 201.49.127.212 port 55734 ssh2 2020-03-06T04:53:04.904665abusebot-7.cloudsearch.cf sshd[17850]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=201. ...	2020-03-06 17:28:07
attackspambots	Feb 19 04:56:19 IngegnereFirenze sshd[19907]: Failed password for invalid user cpanellogin from 201.49.127.212 port 47208 ssh2 ...	2020-02-19 17:24:47
attackspambots	Feb 17 10:07:14 haigwepa sshd[13345]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=201.49.127.212 Feb 17 10:07:16 haigwepa sshd[13345]: Failed password for invalid user bsbk from 201.49.127.212 port 40682 ssh2 ...	2020-02-17 17:14:52
attackspam	$f2bV_matches	2020-02-11 05:50:53
attackspam	Invalid user ftpuser from 201.49.127.212 port 36676	2020-01-04 05:17:04
attackbots	Jan 2 07:28:14 sd-53420 sshd\[3896\]: Invalid user draxl from 201.49.127.212 Jan 2 07:28:14 sd-53420 sshd\[3896\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=201.49.127.212 Jan 2 07:28:15 sd-53420 sshd\[3896\]: Failed password for invalid user draxl from 201.49.127.212 port 52070 ssh2 Jan 2 07:30:42 sd-53420 sshd\[4687\]: Invalid user jaeger from 201.49.127.212 Jan 2 07:30:42 sd-53420 sshd\[4687\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=201.49.127.212 ...	2020-01-02 14:45:12

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 201.49.127.212
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 43507
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;201.49.127.212.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019041000 1800 900 604800 86400

;; Query time: 3 msec
;; SERVER: 67.207.67.3#53(67.207.67.3)
;; WHEN: Wed Apr 10 21:42:42 +08 2019
;; MSG SIZE  rcvd: 118

Host info

212.127.49.201.in-addr.arpa domain name pointer static-201-49-127-212.optitel.net.br.

Nslookup info:

Server:		67.207.67.3
Address:	67.207.67.3#53

Non-authoritative answer:
212.127.49.201.in-addr.arpa	name = static-201-49-127-212.optitel.net.br.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
182.253.68.122	attack	SSH Brute Force	2020-08-05 19:01:08
152.136.112.251	attackbotsspam	TCP (SYN) 152.136.112.251:45101 -> port 27672, len 44	2020-08-05 18:43:10
177.159.99.89	attackbotsspam	$f2bV_matches	2020-08-05 18:36:23
103.40.22.89	attack	SSH Brute Force	2020-08-05 19:03:31
66.249.73.152	attackbotsspam	Automatic report - Banned IP Access	2020-08-05 19:08:20
189.4.151.102	attackspam	" "	2020-08-05 18:48:53
148.72.207.135	attackbots	www.fahrschule-mihm.de 148.72.207.135 [03/Aug/2020:23:09:58 +0200] "POST /wp-login.php HTTP/1.1" 200 5994 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" www.fahrschule-mihm.de 148.72.207.135 [03/Aug/2020:23:09:59 +0200] "POST /xmlrpc.php HTTP/1.1" 200 4072 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-08-05 18:54:58
211.159.186.152	attack	Aug 5 12:28:22 PorscheCustomer sshd[11149]: Failed password for root from 211.159.186.152 port 60114 ssh2 Aug 5 12:31:16 PorscheCustomer sshd[11209]: Failed password for root from 211.159.186.152 port 38724 ssh2 ...	2020-08-05 18:35:33
222.186.173.215	attack	Aug 5 06:37:51 NPSTNNYC01T sshd[2649]: Failed password for root from 222.186.173.215 port 20132 ssh2 Aug 5 06:37:54 NPSTNNYC01T sshd[2649]: Failed password for root from 222.186.173.215 port 20132 ssh2 Aug 5 06:37:58 NPSTNNYC01T sshd[2649]: Failed password for root from 222.186.173.215 port 20132 ssh2 Aug 5 06:38:01 NPSTNNYC01T sshd[2649]: Failed password for root from 222.186.173.215 port 20132 ssh2 ...	2020-08-05 18:47:24
132.232.3.234	attackspambots	Aug 5 10:57:59 piServer sshd[22129]: Failed password for root from 132.232.3.234 port 55272 ssh2 Aug 5 11:02:09 piServer sshd[22490]: Failed password for root from 132.232.3.234 port 45594 ssh2 ...	2020-08-05 19:02:26
5.135.159.189	attackspam	retro-gamer.club 5.135.159.189 [03/Aug/2020:07:01:26 +0200] "POST /wp-login.php HTTP/1.1" 200 6062 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" retro-gamer.club 5.135.159.189 [03/Aug/2020:07:01:26 +0200] "POST /wp-login.php HTTP/1.1" 200 6032 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-08-05 18:43:33
104.236.100.42	attack	104.236.100.42 - - [05/Aug/2020:10:45:25 +0100] "POST /wp-login.php HTTP/1.1" 200 1948 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 104.236.100.42 - - [05/Aug/2020:10:45:27 +0100] "POST /wp-login.php HTTP/1.1" 200 1954 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 104.236.100.42 - - [05/Aug/2020:10:45:28 +0100] "POST /wp-login.php HTTP/1.1" 200 1909 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-08-05 19:01:25
113.31.102.201	attackbotsspam	2020-08-04T23:16:12.8242571495-001 sshd[2090]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=113.31.102.201 user=root 2020-08-04T23:16:14.5904291495-001 sshd[2090]: Failed password for root from 113.31.102.201 port 34876 ssh2 2020-08-04T23:22:11.2446031495-001 sshd[2387]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=113.31.102.201 user=root 2020-08-04T23:22:13.2923091495-001 sshd[2387]: Failed password for root from 113.31.102.201 port 38796 ssh2 2020-08-04T23:28:02.4385931495-001 sshd[2727]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=113.31.102.201 user=root 2020-08-04T23:28:05.0078761495-001 sshd[2727]: Failed password for root from 113.31.102.201 port 42718 ssh2 ...	2020-08-05 18:37:12
74.82.47.59	attack	Port scan: Attack repeated for 24 hours	2020-08-05 18:33:57
82.65.23.62	attackbots	sshd: Failed password for .... from 82.65.23.62 port 44518 ssh2 (12 attempts)	2020-08-05 19:07:52

Recently Reported IPs

187.189.48.7	153.226.216.146	81.171.98.189	117.241.120.27
5.172.151.106	178.128.236.154	79.173.208.175	103.200.42.101
220.184.82.106	156.222.69.65	201.144.30.83	96.248.86.218
31.192.139.182	112.133.232.68	123.206.210.160	37.75.11.170
164.52.24.168	49.35.127.3	51.254.49.106	24.43.189.115