JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 121.204.200.130

121.204.200.130 was found in our database!

This IP was reported 537 times. Confidence of Abuse is 0%: ?

ISP	CHINANET Fujian province network
Usage Type	Commercial
ASN	AS133774
Domain Name	chinatelecom.cn
Country	🇨🇳 China
City	Fuzhou, Fujian

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 121.204.200.130

Whois 121.204.200.130

IP Abuse Reports for 121.204.200.130:

This IP address has been reported a total of 537 times from 214 distinct sources. 121.204.200.130 was first reported on May 26th 2024, and the most recent report was 1 year ago.

Old Reports: The most recent abuse report for this IP address is from 1 year ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇳🇱 Linuxmalwarehuntingnl	2024-06-30 09:46:18 (1 year ago)	Unauthorized connection attempt	Brute-Force
🇳🇱 rshict	2024-06-27 13:46:06 (1 year ago)	Hacking, Brute-Force, Web App Attack	Hacking Brute-Force Web App Attack
🇺🇸 gu-alvareza	2024-06-27 07:05:29 (1 year ago)	Apache.HTTP.Server.cgi-bin.Path.Traversal	Hacking Web App Attack
🇩🇪 1000grad.com	2024-06-27 00:55:46 (1 year ago)	Jun 27 02:55:28 jira sshd[73770]: Failed password for root from 121.204.200.130 port 52018 ssh2 Jun ... show more Jun 27 02:55:28 jira sshd[73770]: Failed password for root from 121.204.200.130 port 52018 ssh2 Jun 27 02:55:30 jira sshd[73770]: Connection closed by authenticating user root 121.204.200.130 port 52018 [preauth] Jun 27 02:55:40 jira sshd[73783]: Connection from 121.204.200.130 port 54968 on 138.201.123.138 port 22 rdomain "" Jun 27 02:55:43 jira sshd[73783]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.204.200.130 user=root Jun 27 02:55:45 jira sshd[73783]: Failed password for root from 121.204.200.130 port 54968 ssh2 ... show less	Brute-Force SSH
🇳🇱 StopAbuse	2024-06-26 20:47:37 (1 year ago)	tcp/2222	Port Scan
🇩🇪 ps-center	2024-06-26 20:32:48 (1 year ago)	LT: TCP-Scanner. Port: 22	Port Scan
🇩🇪 uhlhosting	2024-06-26 17:50:25 (1 year ago)	137.74.247.204 121.204.200.130 - - [26/Jun/2024:19:50:23.558110 +0200] "GET /vendor/phpunit/phpunit/ ... show more 137.74.247.204 121.204.200.130 - - [26/Jun/2024:19:50:23.558110 +0200] "GET /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1" 403 199 "-" "-" ZnxU3wIUzc-MtwTYdX9aEwAAAEc "-" /apache/20240626/20240626-1950/20240626-195023-ZnxU3wIUzc-MtwTYdX9aEwAAAEc 0 1923 md5:142a5e6a8fe74521a3a02c46a69882a3 137.74.247.204 121.204.200.130 - - [26/Jun/2024:19:50:23.813183 +0200] "GET /vendor/phpunit/phpunit/Util/PHP/eval-stdin.php HTTP/1.1" 403 199 "-" "-" ZnxU3wIUzc-MtwTYdX9aFAAAAE4 "-" /apache/20240626/20240626-1950/20240626-195023-ZnxU3wIUzc-MtwTYdX9aFAAAAE4 0 1914 md5:3374f8d54b98a700099e365fc97bc889 137.74.247.204 121.204.200.130 - - [26/Jun/2024:19:50:24.130697 +0200] "GET /vendor/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1" 403 199 "-" "-" ZnxU4AIUzc-MtwTYdX9aFQAAAFI "-" /apache/20240626/20240626-1950/20240626-195024-ZnxU4AIUzc-MtwTYdX9aFQAAAFI 0 1907 md5:57054b4ebb680f07e941b99174a39a6d 137.74.247.204 121.204.200.130 - - [26/Jun/2024:19:50:24.442904 +0200] "GET /vendor/phpunit/Ut ... show less	DDoS Attack Brute-Force
🇺🇸 MPL	2024-06-26 15:24:56 (1 year ago)	tcp/443 (3 or more attempts)	Port Scan
🇺🇸 RAP	2024-06-26 10:36:57 (1 year ago)	2024-06-26 10:36:57 UTC Unauthorized activity to TCP port 23. Telnet	Port Scan
🇺🇸 MPL	2024-06-26 10:26:32 (1 year ago)	tcp/80 (3 or more attempts)	Port Scan
🇩🇪 Admins@FBN	2024-06-26 09:52:13 (1 year ago)	FW-PortScan: Traffic Blocked srcport=31718 dstport=80	Port Scan
🇺🇸 gu-alvareza	2024-06-26 07:05:31 (1 year ago)	Apache.HTTP.Server.cgi-bin.Path.Traversal	Hacking Web App Attack
🇵🇱 mkey	2024-06-26 05:35:20 (1 year ago)	2024-06-25 16:27:01 - Unauthorized connection probe. Source on blacklist	Port Scan Hacking
🇨🇦 Largnet SOC	2024-06-26 02:18:53 (1 year ago)	121.204.200.130 triggered Icarus honeypot on port 22. Check us out on github.	Port Scan Hacking
🇸🇪 webbfabriken	2024-06-25 23:05:00 (1 year ago)	spam or other hacking activities reported by webbfabriken security servers Attack reported by Webbf ... show more spam or other hacking activities reported by webbfabriken security servers Attack reported by Webbfabiken Security API - WFSecAPI show less	Web Spam

Showing 1 to 15 of 537 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇮🇳 203.145.143.163

🇫🇮 147.185.133.171

🇭🇰 101.36.108.175

🇺🇸 65.49.20.73

🇳🇱 213.177.179.62

🇳🇱 213.177.179.12

🇪🇨 177.53.215.134

🇭🇰 124.156.183.3

🇭🇰 118.193.40.88

🇹🇭 110.168.140.129

🇭🇰 103.212.186.158

🇺🇸 71.6.232.23

🇲🇾 47.250.120.196

🇨🇳 211.149.131.113

🇮🇳 182.95.182.62

🇸🇬 165.154.29.144

🇭🇰 101.36.111.119

🇺🇸 65.49.20.94

🇮🇪 54.229.23.119

🇯🇵 47.74.13.126