JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 116.99.121.212

116.99.121.212 was found in our database!

This IP was reported 14 times. Confidence of Abuse is 46%: ?

46%

ISP	Viettel Group
Usage Type	Fixed Line ISP
ASN	AS7552
Hostname(s)	dynamic-adsl.viettel.vn
Domain Name	viettel.com.vn
Country	🇻🇳 Viet Nam
City	Nha Trang, Khanh Hoa

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 116.99.121.212

Whois 116.99.121.212

IP Abuse Reports for 116.99.121.212:

This IP address has been reported a total of 14 times from 9 distinct sources. 116.99.121.212 was first reported on January 25th 2021, and the most recent report was 5 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
Anonymous	2026-06-09 04:44:25 (5 days ago)	[redacted] 116.99.121.212 - - [09/Jun/2026:06:43:42 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" " ... show more [redacted] 116.99.121.212 - - [09/Jun/2026:06:43:42 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack/12.5; WordPress/6.1; http://site62121903.com" [redacted] 116.99.121.212 - - [09/Jun/2026:06:43:52 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com (Jetpack 12.5; WordPress 6.1)" [redacted] 116.99.121.212 - - [09/Jun/2026:06:44:03 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com (Jetpack 12.0; WordPress 6.3)" [redacted] 116.99.121.212 - - [09/Jun/2026:06:44:14 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com (Jetpack 13.0; WordPress 6.3)" [redacted] 116.99.121.212 - - [09/Jun/2026:06:44:24 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com (Jetpack 12.1; WordPress 6.4)" ... show less	Hacking Web App Attack
🇺🇸 TPI-Abuse	2026-06-09 02:55:21 (5 days ago)	(mod_security) mod_security (id:240335) triggered by 116.99.121.212 (dynamic-ip-adsl.viettel.vn): 1 ... show more (mod_security) mod_security (id:240335) triggered by 116.99.121.212 (dynamic-ip-adsl.viettel.vn): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 08 22:55:13.409304 2026] [security2:error] [pid 3663:tid 3663] [client 116.99.121.212:58865] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 116.99.121.212 (+1 hits since last alert)\|insidepublications.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "insidepublications.com"] [uri "/xmlrpc.php"] [unique_id "aieAkVh9Qr5gqePMj_DJuAAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 WeekendWeb	2026-06-09 01:31:45 (5 days ago)	Wordpress Vunerability attack	Web App Attack
🇺🇸 TPI-Abuse	2026-06-08 07:35:27 (6 days ago)	(mod_security) mod_security (id:240335) triggered by 116.99.121.212 (dynamic-ip-adsl.viettel.vn): 1 ... show more (mod_security) mod_security (id:240335) triggered by 116.99.121.212 (dynamic-ip-adsl.viettel.vn): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 08 03:35:21.311119 2026] [security2:error] [pid 3171:tid 3171] [client 116.99.121.212:64735] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 116.99.121.212 (+1 hits since last alert)\|prayers4america.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "prayers4america.com"] [uri "/xmlrpc.php"] [unique_id "aiZwuY79598EhsspE6wUggAAADw"] show less	Brute-Force Bad Web Bot Web App Attack
🇦🇺 screwlooseit.com.au	2026-06-08 06:01:10 (6 days ago)	Blocked by CSF 13 firewall - Rule: XMLRPC VN/Vietnam/dynamic-adsl.viettel.vn	Web App Attack
Anonymous	2026-06-06 05:51:05 (1 week ago)	Bot / scanning and/or hacking attempts: POST /xmlrpc.php HTTP/1.1	Hacking Web App Attack
🇺🇸 TPI-Abuse	2026-06-06 03:21:04 (1 week ago)	(mod_security) mod_security (id:240335) triggered by 116.99.121.212 (dynamic-adsl.viettel.vn): 1 in ... show more (mod_security) mod_security (id:240335) triggered by 116.99.121.212 (dynamic-adsl.viettel.vn): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 05 23:20:58.240153 2026] [security2:error] [pid 2868:tid 2868] [client 116.99.121.212:60541] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 116.99.121.212 (+1 hits since last alert)\|ruthbalser.org\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "ruthbalser.org"] [uri "/xmlrpc.php"] [unique_id "aiOSGolzcRF_ufWUAIlZxwAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 abdubhai	2026-06-05 03:01:31 (1 week ago)	116.99.121.212 - - [05/Jun/2026: ...	Brute-Force
Anonymous	2026-06-02 07:49:17 (1 week ago)	Attac	Brute-Force
🇬🇧 noise.agency	2026-06-02 06:18:11 (1 week ago)	(wordpress) Failed wordpress login from 116.99.121.212 (VN/Vietnam/dynamic-ip-adsl.viettel.vn)	Brute-Force
🇺🇸 TPI-Abuse	2026-06-01 07:01:48 (1 week ago)	(mod_security) mod_security (id:240335) triggered by 116.99.121.212 (dynamic-adsl.viettel.vn): 1 in ... show more (mod_security) mod_security (id:240335) triggered by 116.99.121.212 (dynamic-adsl.viettel.vn): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 01 03:01:39.998349 2026] [security2:error] [pid 31742:tid 31742] [client 116.99.121.212:57157] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 116.99.121.212 (+1 hits since last alert)\|saynotoofland.org\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "saynotoofland.org"] [uri "/xmlrpc.php"] [unique_id "ah0uU8H-kNPDB0aeJf2t6QAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-01 06:30:11 (1 week ago)	Attac	Brute-Force
🇺🇸 TPI-Abuse	2026-06-01 05:31:04 (1 week ago)	(mod_security) mod_security (id:240335) triggered by 116.99.121.212 (dynamic-ip-adsl.viettel.vn): 1 ... show more (mod_security) mod_security (id:240335) triggered by 116.99.121.212 (dynamic-ip-adsl.viettel.vn): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 01 01:30:56.798934 2026] [security2:error] [pid 31172:tid 31172] [client 116.99.121.212:51336] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 116.99.121.212 (+1 hits since last alert)\|keychainfilms.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "keychainfilms.com"] [uri "/xmlrpc.php"] [unique_id "ah0ZEDgh1c1q9-lSv9K2DwAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇧🇬 lukanet	2021-01-25 06:40:10 (5 years ago)	Invalid user admin from 116.99.121.212 port 53214	Brute-Force SSH

Showing 1 to 14 of 14 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇸🇦 178.73.114.89

🇺🇸 124.198.131.39

🇪🇸 92.112.148.225

🇺🇦 82.25.216.112

🇸🇦 77.223.245.60

🇺🇸 43.153.32.5

🇮🇳 35.200.135.48

🇧🇪 34.140.10.34

🇧🇪 34.78.23.28

🇻🇳 27.79.5.139

🇮🇳 203.190.153.90

🇫🇷 194.226.169.22

🇷🇴 188.213.1.87

🇫🇷 185.188.249.30

🇺🇸 173.211.8.208

🇸🇬 172.217.32.144

🇩🇪 164.92.190.141

🇺🇸 136.107.153.194

🇨🇳 114.227.51.106

🇮🇹 95.251.116.213