47.12.2.121 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: United States

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
47.12.246.241	attackbots	SERVER-WEBAPP DD-WRT httpd cgi-bin remote command execution attempt - port: 80 proto: TCP cat: Attempted Administrator Privilege Gain	2020-04-17 07:13:40

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 47.12.2.121
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 17950
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;47.12.2.121.			IN	A

;; AUTHORITY SECTION:
.			209	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022020700 1800 900 604800 86400

;; Query time: 59 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Feb 07 22:18:33 CST 2022
;; MSG SIZE  rcvd: 104

Host info

121.2.12.47.in-addr.arpa domain name pointer 047-012-002-121.res.spectrum.com.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
121.2.12.47.in-addr.arpa	name = 047-012-002-121.res.spectrum.com.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
92.43.170.11	attack	[Tue Jun 30 10:54:47.002031 2020] [:error] [pid 3647:tid 139691177268992] [client 92.43.170.11:58982] [client 92.43.170.11] ModSecurity: Access denied with code 403 (phase 2). Pattern match "^[\\\\d.:]+$" at REQUEST_HEADERS:Host. [file "/etc/modsecurity/owasp-modsecurity-crs-3.2.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "696"] [id "920350"] [msg "Host header is a numeric IP address"] [data "103.27.207.197"] [severity "WARNING"] [ver "OWASP_CRS/3.2.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "OWASP_CRS"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/IP_HOST"] [tag "WASCTC/WASC-21"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "103.27.207.197"] [uri "/favicon.ico"] [unique_id "Xvq3hp5-VmYWBSWxGQF6ZwAAAfE"], referer: http://103.27.207.197/ ...	2020-06-30 14:09:25
138.197.89.212	attack	TCP (SYN) 138.197.89.212:41286 -> port 23465, len 44	2020-06-30 13:55:03
113.173.216.121	attack	(eximsyntax) Exim syntax errors from 113.173.216.121 (VN/Vietnam/static.vnpt.vn): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: 2020-06-30 08:24:41 SMTP call from [113.173.216.121] dropped: too many syntax or protocol errors (last command was "?\034?\032?\027?\031?\034?\033?\030?\032?\026?\016?\r?\v?\f? ?")	2020-06-30 14:10:21
123.30.149.76	attackspambots	Jun 29 23:14:54 dignus sshd[25181]: Failed password for invalid user hsm from 123.30.149.76 port 48781 ssh2 Jun 29 23:17:20 dignus sshd[25516]: Invalid user deploy from 123.30.149.76 port 37781 Jun 29 23:17:20 dignus sshd[25516]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.30.149.76 Jun 29 23:17:22 dignus sshd[25516]: Failed password for invalid user deploy from 123.30.149.76 port 37781 ssh2 Jun 29 23:19:55 dignus sshd[25827]: Invalid user coin from 123.30.149.76 port 55018 ...	2020-06-30 14:23:19
61.97.248.227	attackbots	Jun 30 06:03:51 onepixel sshd[2326890]: Invalid user gbm from 61.97.248.227 port 42386 Jun 30 06:03:51 onepixel sshd[2326890]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.97.248.227 Jun 30 06:03:51 onepixel sshd[2326890]: Invalid user gbm from 61.97.248.227 port 42386 Jun 30 06:03:52 onepixel sshd[2326890]: Failed password for invalid user gbm from 61.97.248.227 port 42386 ssh2 Jun 30 06:06:14 onepixel sshd[2328682]: Invalid user root2 from 61.97.248.227 port 49648	2020-06-30 14:18:40
189.234.6.44	attack	2020-06-30T05:52:27.453460vps773228.ovh.net sshd[4613]: Invalid user kea from 189.234.6.44 port 38778 2020-06-30T05:52:27.473191vps773228.ovh.net sshd[4613]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=189.234.6.44 2020-06-30T05:52:27.453460vps773228.ovh.net sshd[4613]: Invalid user kea from 189.234.6.44 port 38778 2020-06-30T05:52:29.746248vps773228.ovh.net sshd[4613]: Failed password for invalid user kea from 189.234.6.44 port 38778 ssh2 2020-06-30T05:55:08.278183vps773228.ovh.net sshd[4639]: Invalid user test from 189.234.6.44 port 53360 ...	2020-06-30 13:48:10
159.89.145.59	attack	Jun 30 07:48:57 abendstille sshd\[27380\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.89.145.59 user=root Jun 30 07:49:00 abendstille sshd\[27380\]: Failed password for root from 159.89.145.59 port 58422 ssh2 Jun 30 07:52:23 abendstille sshd\[31135\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.89.145.59 user=root Jun 30 07:52:25 abendstille sshd\[31135\]: Failed password for root from 159.89.145.59 port 58172 ssh2 Jun 30 07:55:44 abendstille sshd\[2075\]: Invalid user smtp from 159.89.145.59 Jun 30 07:55:44 abendstille sshd\[2075\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.89.145.59 ...	2020-06-30 14:32:27
111.230.241.110	attack	Jun 30 03:54:41 powerpi2 sshd[23168]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.230.241.110 Jun 30 03:54:41 powerpi2 sshd[23168]: Invalid user trinity from 111.230.241.110 port 47218 Jun 30 03:54:44 powerpi2 sshd[23168]: Failed password for invalid user trinity from 111.230.241.110 port 47218 ssh2 ...	2020-06-30 14:08:31
120.53.9.188	attackspam	Jun 30 08:11:43 fhem-rasp sshd[12867]: Connection closed by 120.53.9.188 port 39180 [preauth] ...	2020-06-30 14:29:56
37.187.72.146	attackbotsspam	37.187.72.146 - - [30/Jun/2020:06:58:26 +0100] "POST /wp-login.php HTTP/1.1" 200 5742 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2490.80 Safari/537.36" 37.187.72.146 - - [30/Jun/2020:07:01:02 +0100] "POST /wp-login.php HTTP/1.1" 200 5742 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2490.80 Safari/537.36" 37.187.72.146 - - [30/Jun/2020:07:03:13 +0100] "POST /wp-login.php HTTP/1.1" 200 5742 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2490.80 Safari/537.36" ...	2020-06-30 14:05:37
94.198.110.205	attackbots	2020-06-30T05:52:58.976396dmca.cloudsearch.cf sshd[31632]: Invalid user julie from 94.198.110.205 port 46845 2020-06-30T05:52:58.983169dmca.cloudsearch.cf sshd[31632]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=94.198.110.205 2020-06-30T05:52:58.976396dmca.cloudsearch.cf sshd[31632]: Invalid user julie from 94.198.110.205 port 46845 2020-06-30T05:53:01.280233dmca.cloudsearch.cf sshd[31632]: Failed password for invalid user julie from 94.198.110.205 port 46845 ssh2 2020-06-30T05:58:19.728773dmca.cloudsearch.cf sshd[31813]: Invalid user user from 94.198.110.205 port 57286 2020-06-30T05:58:19.734906dmca.cloudsearch.cf sshd[31813]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=94.198.110.205 2020-06-30T05:58:19.728773dmca.cloudsearch.cf sshd[31813]: Invalid user user from 94.198.110.205 port 57286 2020-06-30T05:58:21.766043dmca.cloudsearch.cf sshd[31813]: Failed password for invalid user user from 94.198 ...	2020-06-30 14:33:01
106.13.149.227	attackbotsspam	(sshd) Failed SSH login from 106.13.149.227 (CN/China/-): 5 in the last 3600 secs	2020-06-30 14:15:50
159.65.9.31	attackspambots	Jun 30 04:55:26 ip-172-31-61-156 sshd[14024]: Invalid user ard from 159.65.9.31 Jun 30 04:55:28 ip-172-31-61-156 sshd[14024]: Failed password for invalid user ard from 159.65.9.31 port 36124 ssh2 Jun 30 04:55:26 ip-172-31-61-156 sshd[14024]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.65.9.31 Jun 30 04:55:26 ip-172-31-61-156 sshd[14024]: Invalid user ard from 159.65.9.31 Jun 30 04:55:28 ip-172-31-61-156 sshd[14024]: Failed password for invalid user ard from 159.65.9.31 port 36124 ssh2 ...	2020-06-30 13:57:28
51.254.220.61	attackbotsspam	(sshd) Failed SSH login from 51.254.220.61 (FR/France/61.ip-51-254-220.eu): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Jun 30 06:21:31 amsweb01 sshd[11738]: Invalid user postgres from 51.254.220.61 port 39508 Jun 30 06:21:33 amsweb01 sshd[11738]: Failed password for invalid user postgres from 51.254.220.61 port 39508 ssh2 Jun 30 06:44:02 amsweb01 sshd[17100]: Invalid user flf from 51.254.220.61 port 52909 Jun 30 06:44:05 amsweb01 sshd[17100]: Failed password for invalid user flf from 51.254.220.61 port 52909 ssh2 Jun 30 06:46:26 amsweb01 sshd[17562]: Invalid user boris from 51.254.220.61 port 47045	2020-06-30 14:17:36
134.175.19.71	attack	Failed password for invalid user hlds from 134.175.19.71 port 43360 ssh2	2020-06-30 13:56:35

Recently Reported IPs

2.139.68.127	106.67.53.72	49.205.123.104	115.55.242.182
89.232.202.108	185.230.102.26	109.92.174.168	182.74.187.98
218.232.111.54	159.223.42.71	213.232.123.200	38.77.43.9
102.41.121.68	131.65.149.208	177.191.144.14	120.85.182.3
78.37.150.209	13.124.222.227	89.44.128.182	54.149.71.19