139.99.121.149

Basic Info

City: unknown

Region: unknown

Country: Canada

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
139.99.121.6	attackspambots	139.99.121.6 - - [06/Oct/2020:00:21:41 +0100] "POST /wp-login.php HTTP/1.1" 200 2254 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 139.99.121.6 - - [06/Oct/2020:00:21:43 +0100] "POST /wp-login.php HTTP/1.1" 200 2257 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 139.99.121.6 - - [06/Oct/2020:00:21:45 +0100] "POST /wp-login.php HTTP/1.1" 200 2253 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-10-06 07:56:46
139.99.121.6	attackspambots	REQUESTED PAGE: /wp-login.php	2020-10-06 00:18:16
139.99.121.6	attackspambots	139.99.121.6 - - [05/Oct/2020:05:08:49 +0100] "POST /wp-login.php HTTP/1.1" 200 2254 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 139.99.121.6 - - [05/Oct/2020:05:08:51 +0100] "POST /wp-login.php HTTP/1.1" 200 2238 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 139.99.121.6 - - [05/Oct/2020:05:08:54 +0100] "POST /wp-login.php HTTP/1.1" 200 2282 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-10-05 16:17:49
139.99.121.6	attack	(mod_security) mod_security (id:20000005) triggered by 139.99.121.6 (SG/Singapore/ns558710.ip-139-99-121.net): 5 in the last 300 secs	2020-07-15 22:24:29
139.99.121.6	attack	Attempting to access Wordpress login on a honeypot or private system.	2020-07-12 13:55:47
139.99.121.6	attack	C1,DEF GET /wp-login.php	2020-07-06 12:27:35
139.99.121.6	attackbotsspam	139.99.121.6 - - [30/Jun/2020:14:22:02 +0200] "GET /wp-login.php HTTP/1.1" 200 6060 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 139.99.121.6 - - [30/Jun/2020:14:22:04 +0200] "POST /wp-login.php HTTP/1.1" 200 6311 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 139.99.121.6 - - [30/Jun/2020:14:22:05 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-06-30 23:47:38
139.99.121.227	attackbotsspam	20 attempts against mh-misbehave-ban on hill	2020-06-12 15:36:50
139.99.121.6	attackbotsspam	139.99.121.6 - - \[07/May/2020:14:49:37 +0200\] "POST /wp-login.php HTTP/1.0" 200 5932 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" 139.99.121.6 - - \[07/May/2020:14:49:40 +0200\] "POST /wp-login.php HTTP/1.0" 200 5745 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" 139.99.121.6 - - \[07/May/2020:14:49:41 +0200\] "POST /xmlrpc.php HTTP/1.0" 200 736 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0"	2020-05-07 23:58:04
139.99.121.6	attack	Automatic report - Banned IP Access	2020-05-03 17:19:20
139.99.121.6	attackbotsspam	WordPress login Brute force / Web App Attack on client site.	2019-11-14 20:00:43
139.99.121.6	attackspambots	139.99.121.6 - - \[29/Oct/2019:08:55:24 +0000\] "POST /wp-login.php HTTP/1.1" 200 4358 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" 139.99.121.6 - - \[29/Oct/2019:08:55:25 +0000\] "POST /xmlrpc.php HTTP/1.1" 200 403 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" ...	2019-10-29 17:36:26
139.99.121.6	attackbotsspam	139.99.121.6 - - \[24/Oct/2019:20:14:14 +0000\] "POST /wp-login.php HTTP/1.1" 200 4358 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" 139.99.121.6 - - \[24/Oct/2019:20:14:15 +0000\] "POST /xmlrpc.php HTTP/1.1" 200 403 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" ...	2019-10-25 06:38:12
139.99.121.6	attackbotsspam	Automatic report - XMLRPC Attack	2019-10-22 22:11:27
139.99.121.6	attackbots	ENG,WP GET /wp-login.php	2019-10-16 18:23:41

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 139.99.121.149
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 41988
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;139.99.121.149.			IN	A

;; AUTHORITY SECTION:
.			430	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022021702 1800 900 604800 86400

;; Query time: 56 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Feb 18 12:06:51 CST 2022
;; MSG SIZE  rcvd: 107

Host info

149.121.99.139.in-addr.arpa domain name pointer sonya.jagoanhosting.com.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
149.121.99.139.in-addr.arpa	name = sonya.jagoanhosting.com.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
27.185.1.10	attackbots	Portscan or hack attempt detected by psad/fwsnort	2019-11-30 03:05:06
149.56.1.38	attackspambots	Nov 29 19:45:28 vps666546 sshd\[9401\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=149.56.1.38 user=root Nov 29 19:45:30 vps666546 sshd\[9401\]: Failed password for root from 149.56.1.38 port 59052 ssh2 Nov 29 19:54:19 vps666546 sshd\[9685\]: Invalid user office from 149.56.1.38 port 49884 Nov 29 19:54:19 vps666546 sshd\[9685\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=149.56.1.38 Nov 29 19:54:21 vps666546 sshd\[9685\]: Failed password for invalid user office from 149.56.1.38 port 49884 ssh2 ...	2019-11-30 03:06:45
164.132.145.70	attackspam	$f2bV_matches	2019-11-30 03:02:31
141.98.81.38	attackbots	Nov 29 19:42:45 serwer sshd\[12391\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=141.98.81.38 user=admin Nov 29 19:42:47 serwer sshd\[12391\]: Failed password for admin from 141.98.81.38 port 42981 ssh2 Nov 29 19:42:47 serwer sshd\[12395\]: Invalid user ubnt from 141.98.81.38 port 35408 Nov 29 19:42:47 serwer sshd\[12395\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=141.98.81.38 ...	2019-11-30 03:12:38
221.186.182.226	attackbotsspam	2019-11-29T08:09:42.585181suse-nuc sshd[12231]: Invalid user kayla from 221.186.182.226 port 34642 ...	2019-11-30 03:01:39
2001:41d0:203:545c::	attackspam	xmlrpc attack	2019-11-30 02:59:43
45.95.32.141	attackspam	postfix	2019-11-30 02:56:57
139.59.89.7	attackbotsspam	2019-11-29T18:38:47.027087abusebot-5.cloudsearch.cf sshd\[1879\]: Invalid user otto from 139.59.89.7 port 49474	2019-11-30 03:20:51
118.178.119.198	attackbots	2019-11-29T19:13:35.360149abusebot-3.cloudsearch.cf sshd\[10257\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.178.119.198 user=root	2019-11-30 03:24:41
45.32.45.107	attackspambots	[FriNov2916:09:14.6218082019][:error][pid13622:tid47011297191680][client45.32.45.107:55638][client45.32.45.107]ModSecurity:Accessdeniedwithcode403$phase2$.Matchof"rx$\^w3c-\\|systran\\\\\\\\$\)"against"REQUEST_HEADERS:User-Agent"required.[file"/usr/local/apache.ea3/conf/modsec_rules/20_asl_useragents.conf"][line"233"][id"331039"][rev"1"][msg"Atomicorp.comWAFRules:SuspiciousUnusualUserAgent$Python-urllib$.DisablethisruleifyouusePython-urllib."][severity"CRITICAL"][hostname"giocheriamagic.ch"][uri"/wp-login.php"][unique_id"XeE0mjK5czkRv4JFpcsl3gAAAQE"][FriNov2916:09:17.9703222019][:error][pid13687:tid47011397158656][client45.32.45.107:55936][client45.32.45.107]ModSecurity:Accessdeniedwithcode403$phase2$.Matchof"rx$\^w3c-\\|systran\\\\\\\\$\)"against"REQUEST_HEADERS:User-Agent"required.[file"/usr/local/apache.ea3/conf/modsec_rules/20_asl_useragents.conf"][line"233"][id"331039"][rev"1"][msg"Atomicorp.comWAFRules:SuspiciousUnusualUserAgent$Python-urllib$.Disablethisrule	2019-11-30 03:11:38
185.209.0.91	attackspam	11/29/2019-19:53:10.290997 185.209.0.91 Protocol: 6 ET DROP Dshield Block Listed Source group 1	2019-11-30 03:15:12
179.191.238.250	attack	Nov 29 17:10:01 sauna sshd[94669]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=179.191.238.250 Nov 29 17:10:03 sauna sshd[94669]: Failed password for invalid user admina from 179.191.238.250 port 58055 ssh2 ...	2019-11-30 02:50:51
1.161.216.60	attackbotsspam	Honeypot attack, port: 23, PTR: 1-161-216-60.dynamic-ip.hinet.net.	2019-11-30 02:54:08
138.68.47.91	attack	WordPress login Brute force / Web App Attack on client site.	2019-11-30 03:16:41
45.133.18.243	attack	firewall-block, port(s): 111/tcp, 1010/tcp, 3113/tcp, 3311/tcp, 5005/tcp, 7002/tcp, 7070/tcp, 7890/tcp, 8002/tcp, 10389/tcp, 12000/tcp, 21389/tcp, 55389/tcp	2019-11-30 02:51:34

Recently Reported IPs

139.99.118.247	139.99.121.192	139.99.121.237	139.99.121.75
139.99.120.161	139.99.123.134	139.99.122.5	139.99.121.51
139.99.126.186	139.99.126.164	139.99.122.37	139.99.131.110
139.99.130.155	139.99.148.153	139.99.149.160	139.99.155.142
139.99.130.164	139.99.163.43	139.99.18.233	139.99.156.192