JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 121.196.167.250

121.196.167.250 was found in our database!

This IP was reported 129 times. Confidence of Abuse is 100%: ?

100%

ISP	Aliyun Computing Co., LTD
Usage Type	Data Center/Web Hosting/Transit
ASN	AS37963
Domain Name	alibabacloud.com
Country	🇨🇳 China
City	Hangzhou, Zhejiang

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 121.196.167.250

Whois 121.196.167.250

IP Abuse Reports for 121.196.167.250:

This IP address has been reported a total of 129 times from 80 distinct sources. 121.196.167.250 was first reported on June 26th 2026, and the most recent report was 3 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇮 tjs	2026-06-29 10:40:00 (3 hours ago)	web attack, shell attempt	Hacking Web App Attack
🇺🇸 xmission.com	2026-06-28 23:15:05 (14 hours ago)	Blocked by UFW (TCP on 2222) Source port: 53185 TTL: 47 Packet length: 40 TOS: 0x00 This report (fo ... show more Blocked by UFW (TCP on 2222) Source port: 53185 TTL: 47 Packet length: 40 TOS: 0x00 This report (for 121.196.167.250) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇮🇪 AutosOnShow	2026-06-28 23:12:05 (15 hours ago)	blocked for webapp attack \| path requested: / \| seen at 2026-06-28 23:11:28.264 \|	Web App Attack
🇫🇷 zulzeen	2026-06-28 22:43:07 (15 hours ago)	[incypit-web] Blocked by SysWarden Firewall [GEO] (SSH Attack)	SSH Brute-Force
🇺🇸 RAP	2026-06-28 20:18:31 (17 hours ago)	2026-06-28 20:18:31 UTC Unauthorized activity to TCP port 23. Telnet	Port Scan
🇺🇸 xmission.com	2026-06-28 19:33:56 (18 hours ago)	Blocked by UFW (TCP on 2222) Source port: 51818 TTL: 45 Packet length: 40 TOS: 0x08 This report (fo ... show more Blocked by UFW (TCP on 2222) Source port: 51818 TTL: 45 Packet length: 40 TOS: 0x08 This report (for 121.196.167.250) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇺🇸 cwytech	2026-06-28 19:12:50 (19 hours ago)	Fleet-wide ban from the Ghostfleet 👻. Triggered by scenario: cwy/web-asn-lockdown-high.	Bad Web Bot Web App Attack
🇩🇪 Admins@FBN	2026-06-28 19:12:09 (19 hours ago)	FW-PortScan: Traffic Blocked srcport=42375 dstport=2222	Port Scan
🇺🇸 LotPhantom	2026-06-28 19:05:07 (19 hours ago)	2026-06-28T19:04:51.387477+00:00 bridginggaps kernel: [UFW BLOCK] IN=eth0 OUT= MAC=2e:bc:64:1d:2c:e1 ... show more 2026-06-28T19:04:51.387477+00:00 bridginggaps kernel: [UFW BLOCK] IN=eth0 OUT= MAC=2e:bc:64:1d:2c:e1:fe:00:00:00:01:01:08:00 SRC=121.196.167.250 DST=157.230.217.55 LEN=40 TOS=0x00 PREC=0x00 TTL=40 ID=23619 PROTO=TCP SPT=49663 DPT=23 WINDOW=65535 RES=0x00 SYN URGP=0 2026-06-28T19:04:51.387516+00:00 bridginggaps kernel: [UFW BLOCK] IN=eth0 OUT= MAC=2e:bc:64:1d:2c:e1:fe:00:00:00:01:01:08:00 SRC=121.196.167.250 DST=157.230.217.55 LEN=40 TOS=0x00 PREC=0x00 TTL=40 ID=23619 PROTO=TCP SPT=49663 DPT=23 WINDOW=65535 RES=0x00 SYN URGP=0 ... show less	Port Scan Hacking
🇺🇸 MPL	2026-06-28 17:52:44 (20 hours ago)	tcp port scan (16 or more attempts)	Port Scan
🇳🇵 radheykrishna.com.np	2026-06-28 17:10:10 (21 hours ago)	Jun 28 22:55:09 kernel: [6156474.236530] [UFW BLOCK] IN=ens160 OUT= SRC=121.196.167.250 LEN=40 TOS=0 ... show more Jun 28 22:55:09 kernel: [6156474.236530] [UFW BLOCK] IN=ens160 OUT= SRC=121.196.167.250 LEN=40 TOS=0x00 PREC=0x00 TTL=43 ID=3164 PROTO=TCP SPT=53227 DPT=2222 WINDOW=65535 RES=0x00 SYN URGP=0 ... show less	Port Scan
🇺🇸 drewf.ink	2026-06-28 16:43:49 (21 hours ago)	[16:43] Attempted telnet login on port 23 with username admin	Brute-Force Exploited Host
🇳🇱 BIV	2026-06-28 15:16:19 (22 hours ago)	Honeypot multi-source hit. Sources: tpot:Cowrie,tpot:P0f,tpot:Suricata. Ports: 23. Automated tiered ... show more Honeypot multi-source hit. Sources: tpot:Cowrie,tpot:P0f,tpot:Suricata. Ports: 23. Automated tiered (T-Pot+DShield). show less	Port Scan Hacking Brute-Force SSH
🇺🇸 MPL	2026-06-28 15:00:08 (23 hours ago)	tcp ports: 2222,23 (4 or more attempts)	Port Scan
🇺🇸 xmission.com	2026-06-28 14:52:31 (23 hours ago)	Blocked by UFW (TCP on 2222) Source port: 63270 TTL: 47 Packet length: 40 TOS: 0x00 This report (fo ... show more Blocked by UFW (TCP on 2222) Source port: 63270 TTL: 47 Packet length: 40 TOS: 0x00 This report (for 121.196.167.250) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan

Showing 1 to 15 of 129 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇬🇧 185.245.126.79

🇩🇪 169.150.201.9

🇺🇸 167.71.240.77

🇧🇩 103.7.120.22

🇺🇸 65.49.1.225

🇮🇳 49.204.74.149

🇸🇬 43.160.200.19

🇺🇸 20.98.140.180

🇬🇧 5.226.140.98

🇲🇽 189.147.19.238

🇺🇾 186.51.192.4

🇦🇷 181.117.136.108

🇺🇸 161.178.3.105

🇮🇳 115.247.159.106

🇮🇳 103.175.180.101

🇨🇮 102.209.222.243

🇺🇸 100.29.192.70

🇸🇬 74.114.28.29

🇺🇸 65.49.1.182

🇱🇹 62.60.130.219