JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 177.12.49.118

177.12.49.118 was found in our database!

This IP was reported 5 times. Confidence of Abuse is 3%: ?

ISP	Predlink Rede de Telecomunicções Ltda
Usage Type	Fixed Line ISP
ASN	AS28665
Hostname(s)	fttx-1771249118.usr.predialnet.com.br
Domain Name	predialnet.com.br
Country	🇧🇷 Brazil
City	Niteroi, Rio de Janeiro

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 177.12.49.118

Whois 177.12.49.118

IP Abuse Reports for 177.12.49.118:

This IP address has been reported a total of 5 times from 4 distinct sources. 177.12.49.118 was first reported on January 31st 2025, and the most recent report was 4 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 tilellit.pro	2026-06-20 13:03:00 (4 days ago)	Fail2Ban banned 177.12.49.118 for security violations in jail wp-armour. Log: 2026/06/20 13:02:59 [e ... show more Fail2Ban banned 177.12.49.118 for security violations in jail wp-armour. Log: 2026/06/20 13:02:59 [error] FastCGI sent in stderr: "PHP message: [WP_ARMOUR_BAN] IP: 177.12.49.118 \| Target: wplogin" , client: 177.12.49.118, server: [REDACTED], request: "POST /wp-login.php HTTP/1.1", upstream: [REDACTED], host: [REDACTED], referrer: "https://comerciogallego.es/wp-login.php" ... show less	Web Spam
Anonymous	2025-11-21 01:19:26 (7 months ago)	scanning http requests from known botnet	Web App Attack
Anonymous	2025-11-15 20:55:19 (7 months ago)	scanning http requests from known botnet	Web App Attack
🇮🇩 hermawan	2025-10-17 16:07:48 (8 months ago)	[Fri Oct 17 23:05:06.269793 2025] [security2:error] [pid 2862371:tid 139817158432448] [client 177.12 ... show more [Fri Oct 17 23:05:06.269793 2025] [security2:error] [pid 2862371:tid 139817158432448] [client 177.12.49.118:32507] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/fax:+62341464827" at REQUEST_FILENAME. [file "/etc/modsecurity/coreruleset-4.16.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "69"] [id "448101"] [msg "BAD REQUEST FILENAME - Detected and Blocked"] [data "Matched Data: /fax:+62341464827 found within REQUEST_FILENAME: /index.php/fax:+62341464827 request_line = GET /index.php/fax:+62341464827 HTTP/2.0"] [severity "NOTICE"] [hostname "staklim-jatim.bmkg.go.id"] [uri "/index.php/fax:+62341464827"] [unique_id "aPJpMtSmqcQIkfMkCq2F3AADmAI"] [staklim-jatim.bmkg.go.id] [staklim-jatim.bmkg.go.id] top=[2862374] [Z1ag5Zy1+eQ] [aPJpMtSmqcQIkfMkCq2F3AADmAI] keep_alive=[1] [2025-10-17 23:05:06.269796] [R:aPJpMtSmqcQIkfMkCq2F3AADmAI] UA:'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36' Host:'staklim ... show less	Hacking Web App Attack
Anonymous	2025-01-31 03:36:12 (1 year ago)	Ports: 2077,2078,2082,2083,2086,2087,2095,2096; Direction: 0; Trigger: LF_DISTATTACK	Brute-Force SSH

Showing 1 to 5 of 5 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇳🇱 2a10:3c0:3:0:1:17:0:5

🇺🇸 216.25.89.92

🇺🇸 205.210.31.82

🇳🇱 176.65.139.88

🇮🇳 27.123.104.78

🇧🇷 20.206.91.91

🇳🇱 176.65.139.218

🇳🇱 176.65.139.217

🇬🇧 152.32.157.173

🇨🇦 149.56.85.158

🇮🇳 103.171.129.73

🇷🇴 80.94.92.55

🇩🇪 69.5.169.27

🇳🇱 45.148.10.152

🇮🇩 43.133.148.170

🇺🇸 20.80.88.160

🇨🇳 1.192.226.40

🇺🇸 2607:f8b0:4001:c61::127

🇺🇸 216.25.89.132

🇷🇺 213.180.203.113