201.49.2.120 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Brazil

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
201.49.226.30	attackbotsspam	srvr2: (mod_security) mod_security (id:920350) triggered by 201.49.226.30 (201-49-226-30.spdlink.com.br): 1 in the last 600 secs; Ports: ; Direction: inout; Trigger: LF_MODSEC; Logs: 2020/10/09 22:47:07 [error] 3679#0: 39343 [client 201.49.226.30] ModSecurity: Access denied with code 406 (phase 2). Matched "Operator `Rx' with parameter `^[\d.:]+$' against variable `REQUEST_HEADERS:Host' [redacted] [file "/etc/modsecurity.d/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "718"] [id "920350"] [rev ""] [msg "Host header is a numeric IP address"] [redacted] [severity "4"] [ver "OWASP_CRS/3.3.0"] [maturity "0"] [accuracy "0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/210/272"] [tag "PCI/6.5.10"] [redacted] [uri "/"] [unique_id "160227642721.781913"] [ref "o0,15v21,15"], client: 201.49.226.30, [redacted] request: "GET / HTTP/1.1" [redacted]	2020-10-11 01:01:49
201.49.226.30	attackbotsspam	srvr2: (mod_security) mod_security (id:920350) triggered by 201.49.226.30 (201-49-226-30.spdlink.com.br): 1 in the last 600 secs; Ports: ; Direction: inout; Trigger: LF_MODSEC; Logs: 2020/10/09 22:47:07 [error] 3679#0: 39343 [client 201.49.226.30] ModSecurity: Access denied with code 406 (phase 2). Matched "Operator `Rx' with parameter `^[\d.:]+$' against variable `REQUEST_HEADERS:Host' [redacted] [file "/etc/modsecurity.d/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "718"] [id "920350"] [rev ""] [msg "Host header is a numeric IP address"] [redacted] [severity "4"] [ver "OWASP_CRS/3.3.0"] [maturity "0"] [accuracy "0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/210/272"] [tag "PCI/6.5.10"] [redacted] [uri "/"] [unique_id "160227642721.781913"] [ref "o0,15v21,15"], client: 201.49.226.30, [redacted] request: "GET / HTTP/1.1" [redacted]	2020-10-10 16:52:56
201.49.227.251	attackbotsspam	Unauthorized connection attempt detected from IP address 201.49.227.251 to port 80	2020-07-22 18:06:42
201.49.231.53	attackbotsspam	Unauthorized connection attempt detected from IP address 201.49.231.53 to port 23	2020-07-09 06:58:24
201.49.226.183	attackspambots	Unauthorized connection attempt detected from IP address 201.49.226.183 to port 8080	2020-07-01 18:54:35
201.49.232.1	attackbotsspam	firewall-block, port(s): 8080/tcp	2020-06-26 19:42:47
201.49.225.52	attackbotsspam	Unauthorized connection attempt detected from IP address 201.49.225.52 to port 23	2020-06-22 08:00:08
201.49.227.74	attackspambots	20/6/20@16:14:58: FAIL: Alarm-Telnet address from=201.49.227.74 ...	2020-06-21 06:03:31
201.49.226.223	attackbots	Port probing on unauthorized port 8080	2020-05-27 23:08:34
201.49.231.160	attackspam	Unauthorized connection attempt detected from IP address 201.49.231.160 to port 8080	2020-04-29 04:39:04
201.49.234.161	attackbots	suspicious action Wed, 04 Mar 2020 10:35:52 -0300	2020-03-05 00:29:20
201.49.227.242	attackbots	Honeypot Attack, Port 23	2020-03-03 04:02:27
201.49.228.2	attack	web Attack on Website at 2020-02-05.	2020-02-06 15:44:19
201.49.229.36	attackspambots	Unauthorized connection attempt detected from IP address 201.49.229.36 to port 23 [J]	2020-02-01 00:49:21
201.49.230.171	attack	Unauthorized connection attempt detected from IP address 201.49.230.171 to port 8080 [J]	2020-01-28 23:07:57

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 201.49.2.120
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 17887
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;201.49.2.120.			IN	A

;; AUTHORITY SECTION:
.			599	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2023052800 1800 900 604800 86400

;; Query time: 94 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun May 28 14:20:40 CST 2023
;; MSG SIZE  rcvd: 105

Host info

Host 120.2.49.201.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 120.2.49.201.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
211.23.61.194	attack	Dec 14 17:17:34 ms-srv sshd[46793]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=211.23.61.194 Dec 14 17:17:37 ms-srv sshd[46793]: Failed password for invalid user hoge from 211.23.61.194 port 38270 ssh2	2020-02-16 01:43:43
163.172.189.32	attackbots	Sql/code injection probe	2020-02-16 01:22:17
114.237.109.95	attackbotsspam	Feb 15 14:50:56 grey postfix/smtpd\[13197\]: NOQUEUE: reject: RCPT from unknown\[114.237.109.95\]: 554 5.7.1 Service unavailable\; Client host \[114.237.109.95\] blocked using truncate.gbudb.net\; http://www.gbudb.com/truncate/ \[114.237.109.95\]\; from=\ to=\ proto=ESMTP helo=\ ...	2020-02-16 01:54:56
107.170.18.163	attackbotsspam	Feb 15 17:54:39 [host] sshd[11530]: Invalid user l Feb 15 17:54:39 [host] sshd[11530]: pam_unix(sshd: Feb 15 17:54:41 [host] sshd[11530]: Failed passwor	2020-02-16 01:25:32
211.25.10.194	attackspam	Apr 19 05:50:42 ms-srv sshd[61218]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=211.25.10.194 user=root Apr 19 05:50:44 ms-srv sshd[61218]: Failed password for invalid user root from 211.25.10.194 port 34606 ssh2	2020-02-16 01:23:22
178.128.153.185	attackspam	Feb 15 19:03:06 ncomp sshd[30860]: Invalid user shi from 178.128.153.185 Feb 15 19:03:06 ncomp sshd[30860]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.128.153.185 Feb 15 19:03:06 ncomp sshd[30860]: Invalid user shi from 178.128.153.185 Feb 15 19:03:09 ncomp sshd[30860]: Failed password for invalid user shi from 178.128.153.185 port 39014 ssh2	2020-02-16 01:56:38
211.250.113.129	attack	Mar 4 17:52:06 ms-srv sshd[32911]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=211.250.113.129 user=root Mar 4 17:52:08 ms-srv sshd[32911]: Failed password for invalid user root from 211.250.113.129 port 40464 ssh2	2020-02-16 01:21:53
158.69.192.83	attackbotsspam	Invalid user weng from 158.69.192.83 port 32775	2020-02-16 01:50:43
118.41.137.37	attackbots	MultiHost/MultiPort Probe, Scan, Hack -	2020-02-16 01:51:17
118.41.212.87	attackbotsspam	MultiHost/MultiPort Probe, Scan, Hack -	2020-02-16 01:31:05
211.252.17.254	attack	Jul 24 06:47:29 ms-srv sshd[34302]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=211.252.17.254 user=root Jul 24 06:47:30 ms-srv sshd[34302]: Failed password for invalid user root from 211.252.17.254 port 47158 ssh2	2020-02-16 01:16:09
171.237.227.221	attackbotsspam	Unauthorised access (Feb 15) SRC=171.237.227.221 LEN=52 TTL=107 ID=25020 DF TCP DPT=445 WINDOW=8192 SYN	2020-02-16 01:40:13
212.112.114.188	attackspambots	Feb 15 18:20:02 legacy sshd[2740]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=212.112.114.188 Feb 15 18:20:04 legacy sshd[2740]: Failed password for invalid user crescent1 from 212.112.114.188 port 54000 ssh2 Feb 15 18:23:15 legacy sshd[2873]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=212.112.114.188 ...	2020-02-16 01:38:43
41.66.244.86	attack	Feb 15 12:43:16 plusreed sshd[31651]: Invalid user derr from 41.66.244.86 ...	2020-02-16 01:53:03
211.252.19.254	attack	Jul 26 05:45:21 ms-srv sshd[33377]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=211.252.19.254 Jul 26 05:45:24 ms-srv sshd[33377]: Failed password for invalid user user from 211.252.19.254 port 42530 ssh2	2020-02-16 01:15:33

Recently Reported IPs

65.52.50.9	11.59.35.130	159.89.173.111	196.10.214.198
9.139.193.26	21.87.254.190	154.99.78.9	104.243.224.0
120.167.201.109	50.55.105.195	248.25.73.49	171.106.125.78
220.17.251.218	189.22.11.71	2606:2e00:8003:0010:0000:0000:0000:eb01	207.75.235.2
131.117.147.22	198.238.125.146	45.165.16.159	117.121.205.13