JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 212.47.129.170

212.47.129.170 was found in our database!

This IP was reported 11 times. Confidence of Abuse is 36%: ?

36%

ISP	Aztelekom LLC
Usage Type	Fixed Line ISP
ASN	AS8814
Domain Name	aztelekom.az
Country	🇦🇿 Azerbaijan
City	Baku, Baki

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 212.47.129.170

Whois 212.47.129.170

IP Abuse Reports for 212.47.129.170:

This IP address has been reported a total of 11 times from 7 distinct sources. 212.47.129.170 was first reported on October 9th 2024, and the most recent report was 3 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-18 14:59:13 (3 hours ago)	(mod_security) mod_security (id:240335) triggered by 212.47.129.170 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:240335) triggered by 212.47.129.170 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 18 10:59:06.824705 2026] [security2:error] [pid 15874:tid 15874] [client 212.47.129.170:1315] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 212.47.129.170 (+1 hits since last alert)\|blacksheepoffroad.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "blacksheepoffroad.com"] [uri "/xmlrpc.php"] [unique_id "ajQHuhp_4aGVek4t9JGAHwAAABY"] show less	Brute-Force Bad Web Bot Web App Attack
🇦🇺 clapper	2026-06-18 11:52:59 (6 hours ago)	(mod_security) mod_security (id:350202) triggered by 212.47.129.170 (AZ/Azerbaijan/-): 5 in the last ... show more (mod_security) mod_security (id:350202) triggered by 212.47.129.170 (AZ/Azerbaijan/-): 5 in the last 600 secs; ID: rub show less	Brute-Force Bad Web Bot
🇺🇸 TPI-Abuse	2026-06-18 08:50:47 (9 hours ago)	(mod_security) mod_security (id:240335) triggered by 212.47.129.170 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:240335) triggered by 212.47.129.170 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 18 04:50:39.623152 2026] [security2:error] [pid 29026:tid 29163] [client 212.47.129.170:3604] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 212.47.129.170 (+1 hits since last alert)\|tnccivic.org\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "tnccivic.org"] [uri "/xmlrpc.php"] [unique_id "ajOxXw_XsRlZ6Z_5A6iHlAAAAIo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-18 05:43:48 (12 hours ago)	(mod_security) mod_security (id:240335) triggered by 212.47.129.170 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:240335) triggered by 212.47.129.170 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 18 01:43:43.627488 2026] [security2:error] [pid 26764:tid 26789] [client 212.47.129.170:11593] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 212.47.129.170 (+1 hits since last alert)\|browbrew.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "browbrew.com"] [uri "/xmlrpc.php"] [unique_id "ajOFjxqoOQHsfFE0ewfVgAAAAJY"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 dbmwebdesign	2026-06-18 04:10:36 (14 hours ago)	WordPress login brute-force detected by Fail2Ban in plesk-wordpress jail	Brute-Force Web App Attack
🇩🇪 pltcldvlpr	2026-06-18 04:00:42 (14 hours ago)	CMS/framework probe: 212.47.129.170 - - [18/Jun/2026:06:00:41 +0200] "POST /xmlrpc.php HTTP/1.1" 301 ... show more CMS/framework probe: 212.47.129.170 - - [18/Jun/2026:06:00:41 +0200] "POST /xmlrpc.php HTTP/1.1" 301 178 "-" "WordPress.com; https://wordpress.com" asn=8814 org="Aztelekom LLC" country=AZ ... show less	Web App Attack
🇫🇷 dynamix	2026-06-17 19:10:19 (23 hours ago)	WordPress XMLRPC Brute Force Attack	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-06-17 17:44:04 (1 day ago)	(mod_security) mod_security (id:240335) triggered by 212.47.129.170 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:240335) triggered by 212.47.129.170 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 17 13:43:56.586636 2026] [security2:error] [pid 15529:tid 15529] [client 212.47.129.170:4746] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 212.47.129.170 (+1 hits since last alert)\|greenlight.us\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "greenlight.us"] [uri "/xmlrpc.php"] [unique_id "ajLc3Nq9qks63G4Jbz7nXgAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-11-24 19:27:26 (6 months ago)	scanning http requests from known botnet	Web App Attack
Anonymous	2025-11-17 08:55:49 (7 months ago)	scanning http requests from known botnet	Web App Attack
🇩🇪 NetworkOperationsTeam	2024-10-09 16:33:07 (1 year ago)	SMS Bombing. Trying to authenticate. API Abuse rate limit exceeded	Hacking Brute-Force Web App Attack

Showing 1 to 11 of 11 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇳🇱 193.32.249.165

🇮🇹 188.219.104.210

🇳🇱 176.65.132.149

🇹🇼 111.70.11.78

🇺🇸 108.62.62.183

🇺🇸 47.24.27.63

🇱🇹 46.29.234.126

🇳🇱 45.148.10.141

🇺🇸 162.216.150.215

🇮🇩 103.154.231.122

🇫🇷 91.196.152.221

🇺🇸 40.121.200.75

🇺🇸 198.46.134.48

🇹🇬 156.38.73.89

🇧🇷 136.248.121.226

🇨🇳 123.138.18.10

🇨🇦 104.255.152.29

🇳🇱 45.198.224.143

🇳🇬 41.242.115.83

🇨🇳 36.111.40.138