JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 121.199.172.2

121.199.172.2 was found in our database!

This IP was reported 198 times. Confidence of Abuse is 76%: ?

76%

ISP	Aliyun Computing Co., LTD
Usage Type	Data Center/Web Hosting/Transit
ASN	AS37963
Domain Name	alibabacloud.com
Country	🇨🇳 China
City	Hangzhou, Zhejiang

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 121.199.172.2

Whois 121.199.172.2

IP Abuse Reports for 121.199.172.2:

This IP address has been reported a total of 198 times from 65 distinct sources. 121.199.172.2 was first reported on March 26th 2025, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇭🇰 PingMeMaybe	2026-06-15 18:25:19 (1 day ago)	Blocked by UFW on hk [44300/tcp] Source port: 47913 TTL: 236 Packet length: 40 TOS: 0x00 This repor ... show more Blocked by UFW on hk [44300/tcp] Source port: 47913 TTL: 236 Packet length: 40 TOS: 0x00 This report was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇫🇷 ISPLtd	2026-06-14 17:24:52 (2 days ago)	Jun 14 14:24:50 121.199.172.2 TCP SPT=57889 DPT=24673 SYN Jun 14 14:24:50 121.199.172.2 TCP SPT=5788 ... show more Jun 14 14:24:50 121.199.172.2 TCP SPT=57889 DPT=24673 SYN Jun 14 14:24:50 121.199.172.2 TCP SPT=57889 DPT=24141 SYN Jun 14 14:24:51 121.199.172.2 TCP SPT=57889 DPT=16561 ... show less	Port Scan
🇺🇸 kelliwic.net	2026-06-12 16:59:14 (4 days ago)	Port scan detected (F2B)	Port Scan
Anonymous	2026-06-12 00:07:56 (4 days ago)	This IP was detected by CrowdSec triggering crowdsecurity/postfix-non-smtp-command	Web App Attack Brute-Force
Anonymous	2026-06-09 19:31:31 (1 week ago)	Blocked by UFW (TCP on 4076) Source port: 53472 TTL: 246 Packet length: 40 TOS: 0x14 This report (f ... show more Blocked by UFW (TCP on 4076) Source port: 53472 TTL: 246 Packet length: 40 TOS: 0x14 This report (for 121.199.172.2) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇺🇸 ISPLtd	2026-06-09 03:01:02 (1 week ago)	Jun 8 21:01:00 121.199.172.2 TCP SPT=54057 DPT=21205 SYN Jun 8 21:01:01 121.199.172.2 TCP SPT=5405 ... show more Jun 8 21:01:00 121.199.172.2 TCP SPT=54057 DPT=21205 SYN Jun 8 21:01:01 121.199.172.2 TCP SPT=54057 DPT=51023 SYN Jun 8 21:01:01 121.199.172.2 TCP SPT=54057 DPT=7914 ... show less	Port Scan
🇸🇬 baltic-lab.com	2026-06-08 20:20:16 (1 week ago)	Firewall Detection, SG, Either a port scan or continued brute-force attack by a previously blocked o ... show more Firewall Detection, SG, Either a port scan or continued brute-force attack by a previously blocked offender ... show less	Brute-Force Port Scan
🇺🇸 baltic-lab.com	2026-06-08 03:46:07 (1 week ago)	2026-06-08T05:44:24.297720+02:00 us kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:57:66:9b:c8:08:8b: ... show more 2026-06-08T05:44:24.297720+02:00 us kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:57:66:9b:c8:08:8b:ff:ce:a1:08:00 SRC=121.199.172.2 DST=89.117.22.226 LEN=40 TOS=0x00 PREC=0x00 TTL=240 ID=17633 PROTO=TCP SPT=50251 DPT=4515 WINDOW=1024 RES=0x00 SYN URGP=0 2026-06-08T05:44:46.551944+02:00 us kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:57:66:9b:c8:08:8b:ff:ce:a1:08:00 SRC=121.199.172.2 DST=89.117.22.226 LEN=40 TOS=0x00 PREC=0x00 TTL=240 ID=46695 PROTO=TCP SPT=50251 DPT=7640 WINDOW=1024 RES=0x00 SYN URGP=0 2026-06-08T05:45:05.079708+02:00 us kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:57:66:9b:c8:08:8b:ff:ce:a1:08:00 SRC=121.199.172.2 DST=89.117.22.226 LEN=40 TOS=0x00 PREC=0x00 TTL=240 ID=11823 PROTO=TCP SPT=50251 DPT=3017 WINDOW=1024 RES=0x00 SYN URGP=0 2026-06-08T05:45:06.005120+02:00 us kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:57:66:9b:c8:08:8b:ff:ce:a1:08:00 SRC=121.199.172.2 DST=89.117.22.226 LEN=40 TOS=0x00 PREC=0x00 TTL=240 ID=55926 PROTO=TCP SPT=50251 DPT=9915 WINDOW=10 ... show less	Brute-Force Hacking
🇩🇪 sdos.es	2026-06-05 07:41:10 (1 week ago)	"Found User-Agent associated with security scanner - Matched Data: nmap scripting engine found withi ... show more "Found User-Agent associated with security scanner - Matched Data: nmap scripting engine found within REQUEST_HEADERS:User-Agent: mozilla/5.0 (compatible; nmap scripting engine; hs://nmap.org/book/nse.html)" show less	Web App Attack
🇰🇷 winter	2026-06-05 02:08:29 (1 week ago)	Connection attemp from 121.199.172.2 to port 22	Brute-Force SSH
🇬🇧 PeravixGroup	2026-06-02 19:00:52 (2 weeks ago)	Honeypot detection: Web application scanning / reconnaissance attempt on port 8080. Severity: LOW. A ... show more Honeypot detection: Web application scanning / reconnaissance attempt on port 8080. Severity: LOW. Aaran.cloud show less	Port Scan Bad Web Bot
🇫🇷 Little Iguana	2026-06-02 06:30:54 (2 weeks ago)	trying to access non-authorized port	Port Scan
🇬🇧 PeravixGroup	2026-06-01 03:52:53 (2 weeks ago)	Honeypot detection: Web application scanning / reconnaissance attempt on port 8080. Severity: LOW. A ... show more Honeypot detection: Web application scanning / reconnaissance attempt on port 8080. Severity: LOW. Aaran.cloud show less	Port Scan Bad Web Bot
🇫🇷 dusfor72	2026-05-29 22:58:08 (2 weeks ago)	aggressive portscan ...	Port Scan
🇺🇸 mutebot.net	2026-05-26 17:34:33 (3 weeks ago)	SRC=121.199.172.2, PROTO=TCP, SPT=56867, DPT=17766 SRC=121.199.172.2, PROTO=TCP, SPT=56867, DPT=5441 ... show more SRC=121.199.172.2, PROTO=TCP, SPT=56867, DPT=17766 SRC=121.199.172.2, PROTO=TCP, SPT=56867, DPT=54419 SRC=121.199.172.2, PROTO=TCP, SPT=56867, DPT=64038 SRC=121.199.172.2, PROTO=TCP, SPT=56867, DPT=26052 SRC=121.199.172.2, PROTO=TCP, SPT=56867, DPT=59308 show less	Port Scan

Showing 1 to 15 of 198 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇩🇪 213.209.159.227

🇺🇸 207.90.244.26

🇳🇱 203.159.90.204

🇪🇬 197.165.187.150

🇷🇸 178.220.151.234

🇿🇦 105.224.244.178

🇮🇳 223.181.23.200

🇦🇷 201.177.100.207

🇩🇰 194.239.23.78

🇵🇪 179.6.164.167

🇮🇳 157.48.211.42

🇨🇳 125.77.175.2

🇹🇳 102.31.158.122

🇵🇱 57.128.255.167

🇮🇳 49.36.24.101

🇩🇪 46.38.251.182

🇹🇷 46.31.78.80

🇸🇪 13.48.6.75

🇬🇧 5.226.140.43

🇨🇴 201.182.250.219