JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 138.121.47.11

138.121.47.11 was found in our database!

This IP was reported 69 times. Confidence of Abuse is 0%: ?

ISP	Eagle Redes de Telecomunicacoes Ltda
Usage Type	Fixed Line ISP
ASN	AS264280
Hostname(s)	11-47-121-138.eagleredes.net.br
Domain Name	eagleredes.com.br
Country	🇧🇷 Brazil
City	Capivari, Sao Paulo

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 138.121.47.11

Whois 138.121.47.11

IP Abuse Reports for 138.121.47.11:

This IP address has been reported a total of 69 times from 29 distinct sources. 138.121.47.11 was first reported on November 12th 2023, and the most recent report was 5 months ago.

Old Reports: The most recent abuse report for this IP address is from 5 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2025-12-26 11:59:28 (5 months ago)	(mod_security) mod_security (id:210350) triggered by 138.121.47.11 (11-47-121-138.eagleredes.net.br) ... show more (mod_security) mod_security (id:210350) triggered by 138.121.47.11 (11-47-121-138.eagleredes.net.br): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Dec 26 06:59:07.686714 2025] [security2:error] [pid 8919:tid 8919] [client 138.121.47.11:60785] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|priceimprovement.iainrealtor.com\|F\|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "priceimprovement.iainrealtor.com"] [uri "/"] [unique_id "aU54i0hAnc9keLOhfMa_2wAAABE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 ipblock.com	2025-06-27 17:51:00 (11 months ago)	IPBlock protected site ID [4055-d][s=07]. Exploit request, vulnerability scanner.	Hacking Bad Web Bot Web App Attack
🇩🇪 stinpriza	2025-05-22 07:02:14 (1 year ago)	(XMLRPC) xmlrpc banned 138.121.47.11 (BR/Brazil/11-47-121-138.eagleredes.net.br): 1 in the last 3600 ... show more (XMLRPC) xmlrpc banned 138.121.47.11 (BR/Brazil/11-47-121-138.eagleredes.net.br): 1 in the last 3600 secs show less	Web App Attack
🇬🇧 rori.rapidtravelgroup.com	2025-05-17 07:20:02 (1 year ago)	Fail2Ban+ban+on+nginx-botsearch	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2025-01-08 15:18:21 (1 year ago)	(mod_security) mod_security (id:225170) triggered by 138.121.47.11 (11-47-121-138.eagleredes.net.br) ... show more (mod_security) mod_security (id:225170) triggered by 138.121.47.11 (11-47-121-138.eagleredes.net.br): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jan 08 10:18:16.257796 2025] [security2:error] [pid 831286:tid 831299] [client 138.121.47.11:53935] [client 138.121.47.11] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|www.wdmtexas.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.wdmtexas.com"] [uri "/wp-json/wp/v2/users/1"] [unique_id "Z36XOP7b_skKWYI9fy8D3wAAAIY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2024-12-13 18:19:50 (1 year ago)	(mod_security) mod_security (id:225170) triggered by 138.121.47.11 (11-47-121-138.eagleredes.net.br) ... show more (mod_security) mod_security (id:225170) triggered by 138.121.47.11 (11-47-121-138.eagleredes.net.br): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Dec 13 13:19:43.226695 2024] [security2:error] [pid 2293940:tid 2293940] [client 138.121.47.11:51111] [client 138.121.47.11] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|grabagame.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "grabagame.com"] [uri "/wp-json/wp/v2/users/1"] [unique_id "Z1x6v6BCNjQ-X8bFXttlcQAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2024-12-11 13:06:04 (1 year ago)	(mod_security) mod_security (id:225170) triggered by 138.121.47.11 (11-47-121-138.eagleredes.net.br) ... show more (mod_security) mod_security (id:225170) triggered by 138.121.47.11 (11-47-121-138.eagleredes.net.br): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Dec 11 08:05:58.406497 2024] [security2:error] [pid 27090:tid 27098] [client 138.121.47.11:64979] [client 138.121.47.11] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|www.quantumgaze.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.quantumgaze.com"] [uri "/wp-json/wp/v2/users/1"] [unique_id "Z1mONscsjV9Q9jQB1enNogAAAIY"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2024-11-25 06:04:19 (1 year ago)	Fail2Ban - Nginx Bot Probes	Web App Attack
🇦🇺 MAGIC	2024-11-22 17:03:16 (1 year ago)	VM1 Bad user agents ignoring web crawling rules. Draing bandwidth	DDoS Attack Bad Web Bot
🇺🇦 URAN Publishing Service	2024-11-12 20:44:18 (1 year ago)	138.121.47.11 - - [12/Nov/2024:22:44:15 +0200] "GET /wp-login.php HTTP/1.1" 404 2614 "-" "Mozilla/5. ... show more 138.121.47.11 - - [12/Nov/2024:22:44:15 +0200] "GET /wp-login.php HTTP/1.1" 404 2614 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like Gecko" 138.121.47.11 - - [12/Nov/2024:22:44:17 +0200] "GET /xmlrpc.php HTTP/1.1" 404 366 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like Gecko" ... show less	Web App Attack
🇦🇺 MAGIC	2024-11-07 10:05:11 (1 year ago)	VM1 Bad user agents ignoring web crawling rules. Draing bandwidth	DDoS Attack Bad Web Bot
Anonymous	2024-11-03 06:57:53 (1 year ago)	Fail2Ban - Nginx Bot Probes	Web App Attack
🇦🇺 MAGIC	2024-10-21 07:06:17 (1 year ago)	VM1 Bad user agents ignoring web crawling rules. Draing bandwidth	DDoS Attack Bad Web Bot
🇺🇸 TPI-Abuse	2024-10-20 20:40:20 (1 year ago)	(mod_security) mod_security (id:225170) triggered by 138.121.47.11 (11-47-121-138.eagleredes.net.br) ... show more (mod_security) mod_security (id:225170) triggered by 138.121.47.11 (11-47-121-138.eagleredes.net.br): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Oct 20 16:40:12.637998 2024] [security2:error] [pid 15294:tid 15294] [client 138.121.47.11:50181] [client 138.121.47.11] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|www.newdirectionsinmusic.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.newdirectionsinmusic.com"] [uri "/wp-json/wp/v2/users/1"] [unique_id "ZxVqrPj1Zoe0U8RtMnFUtQAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2024-10-19 00:01:19 (1 year ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH

Showing 1 to 15 of 69 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇮🇳 203.192.232.180

🇺🇸 192.3.127.40

🇦🇲 176.32.193.16

🇺🇸 172.253.86.27

🇻🇳 163.223.211.27

🇨🇴 152.200.205.179

🇹🇼 128.14.239.38

🇨🇳 113.206.180.68

🇮🇩 103.113.120.118

🇱🇹 62.60.130.129

🇺🇸 47.251.93.194

🇨🇳 14.103.116.192

🇳🇱 5.83.143.123

🇳🇱 176.65.139.128

🇺🇸 160.153.176.197

🇸🇪 158.173.241.6

🇧🇴 138.84.37.114

🇺🇸 135.119.73.164

🇺🇸 134.209.120.216

🇰🇷 52.78.113.181