212.19.99.12 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Italy

Internet Service Provider: Leonet srl

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspam	212.19.99.12 - - [30/Aug/2020:22:35:00 +0200] "GET /wp-login.php HTTP/1.1" 200 2566 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 212.19.99.12 - - [30/Aug/2020:22:35:00 +0200] "POST /wp-login.php HTTP/1.1" 200 2698 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 212.19.99.12 - - [30/Aug/2020:22:35:00 +0200] "GET /wp-login.php HTTP/1.1" 200 2566 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 212.19.99.12 - - [30/Aug/2020:22:35:01 +0200] "POST /wp-login.php HTTP/1.1" 200 2672 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 212.19.99.12 - - [30/Aug/2020:22:35:01 +0200] "GET /wp-login.php HTTP/1.1" 200 2566 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 212.19.99.12 - - [30/Aug/2020:22:35:01 +0200] "POST /wp-login.php HTTP/1.1" 200 2673 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/6 ...	2020-08-31 07:18:30
attackspambots	WordPress wp-login brute force :: 212.19.99.12 0.140 - [27/Aug/2020:13:01:55 0000] [censored_1] "POST /wp-login.php HTTP/1.1" 200 2411 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" "HTTP/1.1"	2020-08-27 22:34:15
attackbotsspam	212.19.99.12 - - [23/Aug/2020:13:18:57 +0200] "GET /wp-login.php HTTP/1.1" 200 9040 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 212.19.99.12 - - [23/Aug/2020:13:18:58 +0200] "POST /wp-login.php HTTP/1.1" 200 9291 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 212.19.99.12 - - [23/Aug/2020:13:18:59 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-08-23 19:42:33
attackbots	php WP PHPmyadamin ABUSE blocked for 12h	2020-08-22 21:57:09
attackspam	212.19.99.12 - - [20/Aug/2020:05:55:03 +0200] "GET /wp-login.php HTTP/1.1" 200 8691 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 212.19.99.12 - - [20/Aug/2020:05:55:05 +0200] "POST /wp-login.php HTTP/1.1" 200 8921 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 212.19.99.12 - - [20/Aug/2020:05:55:06 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-08-20 12:58:34
attack	212.19.99.12 - - [19/Aug/2020:04:56:32 +0100] "POST /wp-login.php HTTP/1.1" 200 2261 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 212.19.99.12 - - [19/Aug/2020:04:56:33 +0100] "POST /wp-login.php HTTP/1.1" 200 2258 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 212.19.99.12 - - [19/Aug/2020:04:56:34 +0100] "POST /xmlrpc.php HTTP/1.1" 403 219 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-08-19 12:09:50
attack	Automatic report generated by Wazuh	2020-08-12 15:39:44
attack	212.19.99.12 - - [08/Aug/2020:09:35:46 +0100] "POST /wp-login.php HTTP/1.1" 200 2435 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 212.19.99.12 - - [08/Aug/2020:09:35:47 +0100] "POST /wp-login.php HTTP/1.1" 200 2415 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 212.19.99.12 - - [08/Aug/2020:09:35:48 +0100] "POST /wp-login.php HTTP/1.1" 200 2415 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-08-08 17:37:33

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 212.19.99.12
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 38644
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;212.19.99.12.			IN	A

;; AUTHORITY SECTION:
.			452	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020080800 1800 900 604800 86400

;; Query time: 91 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Aug 08 17:37:30 CST 2020
;; MSG SIZE  rcvd: 116

Host info

Host 12.99.19.212.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 12.99.19.212.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
148.72.65.10	attack	Dec 18 07:24:20 vpn01 sshd[7721]: Failed password for daemon from 148.72.65.10 port 34474 ssh2 Dec 18 07:29:54 vpn01 sshd[7998]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.72.65.10 ...	2019-12-18 15:34:13
145.239.94.191	attackbotsspam	Dec 18 01:49:01 linuxvps sshd\[61156\]: Invalid user usuario from 145.239.94.191 Dec 18 01:49:01 linuxvps sshd\[61156\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=145.239.94.191 Dec 18 01:49:03 linuxvps sshd\[61156\]: Failed password for invalid user usuario from 145.239.94.191 port 36983 ssh2 Dec 18 01:54:22 linuxvps sshd\[64449\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=145.239.94.191 user=root Dec 18 01:54:23 linuxvps sshd\[64449\]: Failed password for root from 145.239.94.191 port 41121 ssh2	2019-12-18 15:31:11
83.212.126.156	attackbots	Dec 18 08:21:29 dcd-gentoo sshd[6754]: Invalid user spark02 from 83.212.126.156 port 43341 Dec 18 08:23:39 dcd-gentoo sshd[6899]: Invalid user spark03 from 83.212.126.156 port 33340 Dec 18 08:25:49 dcd-gentoo sshd[7032]: Invalid user spark04 from 83.212.126.156 port 51471 ...	2019-12-18 15:26:07
218.92.0.156	attack	2019-12-17T21:10:21.812271homeassistant sshd[2934]: Failed password for root from 218.92.0.156 port 54369 ssh2 2019-12-18T07:22:29.612153homeassistant sshd[18735]: Failed none for root from 218.92.0.156 port 59858 ssh2 2019-12-18T07:22:29.825414homeassistant sshd[18735]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.156 user=root ...	2019-12-18 15:29:10
213.156.102.198	attackbotsspam	Honeypot attack, port: 23, PTR: 102-198.echostar.pl.	2019-12-18 15:32:25
185.176.27.254	attackspam	12/18/2019-02:16:45.601922 185.176.27.254 Protocol: 6 ET SCAN NMAP -sS window 1024	2019-12-18 15:30:48
138.197.21.218	attackbots	Dec 18 08:31:00 vpn01 sshd[10660]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.21.218 Dec 18 08:31:01 vpn01 sshd[10660]: Failed password for invalid user kloprogge from 138.197.21.218 port 44856 ssh2 ...	2019-12-18 15:31:24
77.81.180.2	attackbots	Honeypot attack, port: 23, PTR: PTR record not found	2019-12-18 15:29:49
84.164.176.182	attackbots	20 attempts against mh-ssh on ice.magehost.pro	2019-12-18 15:24:27
182.61.133.172	attack	$f2bV_matches_ltvn	2019-12-18 15:41:55
211.195.117.212	attackspam	Dec 17 21:37:54 eddieflores sshd\[16053\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=211.195.117.212 user=root Dec 17 21:37:56 eddieflores sshd\[16053\]: Failed password for root from 211.195.117.212 port 27143 ssh2 Dec 17 21:44:24 eddieflores sshd\[16720\]: Invalid user aleanndra from 211.195.117.212 Dec 17 21:44:24 eddieflores sshd\[16720\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=211.195.117.212 Dec 17 21:44:26 eddieflores sshd\[16720\]: Failed password for invalid user aleanndra from 211.195.117.212 port 35142 ssh2	2019-12-18 15:52:52
5.115.81.143	attackspam	Unauthorized connection attempt from IP address 5.115.81.143 on Port 445(SMB)	2019-12-18 15:23:42
182.16.249.130	attack	Dec 18 07:59:12 MK-Soft-VM7 sshd[24077]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.16.249.130 Dec 18 07:59:15 MK-Soft-VM7 sshd[24077]: Failed password for invalid user admin from 182.16.249.130 port 10023 ssh2 ...	2019-12-18 15:24:00
60.168.86.47	attackspambots	SSH invalid-user multiple login try	2019-12-18 15:19:24
106.51.79.83	attack	Unauthorized connection attempt from IP address 106.51.79.83 on Port 445(SMB)	2019-12-18 15:25:49

Recently Reported IPs

47.105.133.211	103.153.76.116	123.21.14.44	93.158.66.43
93.158.66.48	117.6.129.157	93.158.66.47	93.158.66.46
93.158.66.45	93.158.66.41	177.52.249.155	14.226.69.248
178.159.5.203	189.8.91.170	182.68.186.167	14.229.146.0
64.91.136.223	46.173.75.216	223.252.80.36	79.129.5.159