JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 121.199.173.172

121.199.173.172 was found in our database!

This IP was reported 204 times. Confidence of Abuse is 74%: ?

74%

ISP	Aliyun Computing Co., LTD
Usage Type	Data Center/Web Hosting/Transit
ASN	AS37963
Domain Name	alibabacloud.com
Country	🇨🇳 China
City	Hangzhou, Zhejiang

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 121.199.173.172

Whois 121.199.173.172

IP Abuse Reports for 121.199.173.172:

This IP address has been reported a total of 204 times from 61 distinct sources. 121.199.173.172 was first reported on March 12th 2025, and the most recent report was 2 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 terraforge.fun	2026-06-14 08:13:46 (2 days ago)	Blocked by on us-1-terraforge [44517/tcp] \| SPT: 44778 \| TTL: 240 \| LEN: 40 \| TOS: 0x00 • Reported b ... show more Blocked by on us-1-terraforge [44517/tcp] \| SPT: 44778 \| TTL: 240 \| LEN: 40 \| TOS: 0x00 • Reported by: terraforge.fun show less	Port Scan
🇺🇸 ISPLtd	2026-06-11 00:18:38 (5 days ago)	Jun 10 18:18:34 121.199.173.172 TCP SPT=57113 DPT=33043 SYN Jun 10 18:18:37 121.199.173.172 TCP SPT= ... show more Jun 10 18:18:34 121.199.173.172 TCP SPT=57113 DPT=33043 SYN Jun 10 18:18:37 121.199.173.172 TCP SPT=57113 DPT=46290 SYN Jun 10 18:18:38 121.199.173.172 TCP SPT=57113 DPT=38694 ... show less	Port Scan
🇺🇸 micropedro	2026-06-10 19:30:17 (5 days ago)	3 incidents: malicious activity. First: 2026-05-27 13:30, Last: 2026-06-10 15:30 UTC. Triggers: ufw- ... show more 3 incidents: malicious activity. First: 2026-05-27 13:30, Last: 2026-06-10 15:30 UTC. Triggers: ufw-repeater. show less	Port Scan
🇮🇱 spd.co.il	2026-06-10 16:01:17 (5 days ago)	Port scan detected on multiple ports	Port Scan
Anonymous	2026-06-09 12:29:56 (1 week ago)	Blocked by UFW (TCP on 3688) Source port: 48177 TTL: 246 Packet length: 40 TOS: 0x14 This report (f ... show more Blocked by UFW (TCP on 3688) Source port: 48177 TTL: 246 Packet length: 40 TOS: 0x14 This report (for 121.199.173.172) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇭🇰 pengpeng	2026-06-09 01:11:36 (1 week ago)	monitor: on ser162528253480 \| port: 1109 \| ttl: 237 script: github.com/sefinek/UFW-AbuseIPDB-Report ... show more monitor: on ser162528253480 \| port: 1109 \| ttl: 237 script: github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇩🇪 guldkage	2026-06-09 01:02:40 (1 week ago)	Unauthorized connection attempt detected from IP address 121.199.173.172 to port 161 (ger-02) [SNMP]	Exploited Host
🇬🇧 PeravixGroup	2026-06-08 16:47:16 (1 week ago)	Honeypot detection: Docker daemon unauthorized access / container escape attempt on port 2376. Sever ... show more Honeypot detection: Docker daemon unauthorized access / container escape attempt on port 2376. Severity: MEDIUM. Aaran.cloud show less	Hacking Exploited Host
🇩🇪 excill	2026-06-05 03:08:07 (1 week ago)	Honeypot mesh observed 966 attack events in 24h — cowrie/dionaea/heralding/suricata	Port Scan Hacking Brute-Force SSH
🇭🇰 pengpeng	2026-06-04 07:24:14 (1 week ago)	monitor: on ser162528253480 \| port: 50321 \| ttl: 237 script: github.com/sefinek/UFW-AbuseIPDB-Repor ... show more monitor: on ser162528253480 \| port: 50321 \| ttl: 237 script: github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇺🇸 micropedro	2026-06-03 18:30:20 (1 week ago)	3 incidents: malicious activity. First: 2026-05-27 13:30, Last: 2026-06-03 14:30 UTC. Triggers: ufw- ... show more 3 incidents: malicious activity. First: 2026-05-27 13:30, Last: 2026-06-03 14:30 UTC. Triggers: ufw-repeater. show less	Port Scan
🇭🇰 PingMeMaybe	2026-06-01 10:26:03 (2 weeks ago)	Blocked by UFW on hk [9006/tcp] Source port: 49547 TTL: 236 Packet length: 40 TOS: 0x00 This report ... show more Blocked by UFW on hk [9006/tcp] Source port: 49547 TTL: 236 Packet length: 40 TOS: 0x00 This report was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇬🇧 PeravixGroup	2026-05-30 01:12:29 (2 weeks ago)	Honeypot detection: Windows Remote Management (WinRM) unauthorized access attempt on port 5985. Seve ... show more Honeypot detection: Windows Remote Management (WinRM) unauthorized access attempt on port 5985. Severity: MEDIUM. Aaran.cloud show less	Brute-Force Hacking
🇬🇧 PeravixGroup	2026-05-29 13:53:16 (2 weeks ago)	Honeypot detection: Metasploit / penetration testing C2 callback attempt on port 4444. Severity: MED ... show more Honeypot detection: Metasploit / penetration testing C2 callback attempt on port 4444. Severity: MEDIUM. Aaran.cloud show less	Hacking
🇬🇧 PeravixGroup	2026-05-29 09:24:58 (2 weeks ago)	Honeypot detection: TR-069 CWMP router management protocol abuse attempt on port 7547. Severity: MED ... show more Honeypot detection: TR-069 CWMP router management protocol abuse attempt on port 7547. Severity: MEDIUM. Aaran.cloud show less	IoT Targeted Hacking

Showing 1 to 15 of 204 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇰🇷 210.206.24.238

🇭🇰 199.45.155.97

🇺🇸 173.234.226.171

🇧🇷 172.217.35.25

🇺🇸 157.240.3.51

🇳🇱 91.92.40.204

🇺🇸 48.214.54.33

🇫🇮 31.134.4.25

🇰🇷 1.214.214.114

🇦🇺 2404:6800:4006:1006::12d

🇨🇳 222.94.193.143

🇫🇷 209.242.198.249

🇧🇷 189.8.5.118

🇸🇬 185.200.116.36

🇺🇸 172.253.223.217

🇺🇸 165.154.134.152

🇹🇭 159.192.132.34

🇭🇰 156.239.224.79

🇫🇮 147.185.133.168

🇮🇳 106.222.229.202