JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 121.40.40.208

121.40.40.208 was found in our database!

This IP was reported 176 times. Confidence of Abuse is 67%: ?

67%

ISP	Aliyun Computing Co., LTD
Usage Type	Data Center/Web Hosting/Transit
ASN	AS37963
Domain Name	alibabacloud.com
Country	🇨🇳 China
City	Hangzhou, Zhejiang

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 121.40.40.208

Whois 121.40.40.208

IP Abuse Reports for 121.40.40.208:

This IP address has been reported a total of 176 times from 58 distinct sources. 121.40.40.208 was first reported on March 13th 2025, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇬🇧 PeravixGroup	2026-06-20 02:32:54 (1 day ago)	Honeypot detection: Web application scanning / reconnaissance attempt on port 8443. Severity: LOW. A ... show more Honeypot detection: Web application scanning / reconnaissance attempt on port 8443. Severity: LOW. Aaran.cloud show less	Port Scan Bad Web Bot
🇯🇵 Execoop	2026-06-19 22:10:46 (1 day ago)	HTTP honeypot \| Command Execution \| 25 cmds, 32 HTTP, 2.9m	Hacking SSH
🇺🇸 masterguru	2026-06-19 20:07:54 (1 day ago)	Port Scan detected from 121.40.40.208 (CN/China/-). 11 hits in the last 90 seconds (0-205)	Port Scan
🇩🇪 excill	2026-06-16 03:08:43 (5 days ago)	Honeypot mesh observed 962 attack events in 24h — cowrie/dionaea/heralding/suricata	Port Scan Hacking Brute-Force SSH
🇳🇱 marzzzello	2026-06-15 23:10:34 (5 days ago)	Ports: multiple (126), 126 attempts	Port Scan
🇩🇪 guldkage	2026-06-12 11:01:44 (1 week ago)	Unauthorized connection attempt detected from IP address 121.40.40.208 to port 11211 (ger-02) [MEMCA ... show more Unauthorized connection attempt detected from IP address 121.40.40.208 to port 11211 (ger-02) [MEMCACHED] show less	Exploited Host
Anonymous	2026-06-12 08:52:33 (1 week ago)	Blocked by UFW (TCP on 60011) Source port: 54325 TTL: 246 Packet length: 40 TOS: 0x14 This report ( ... show more Blocked by UFW (TCP on 60011) Source port: 54325 TTL: 246 Packet length: 40 TOS: 0x14 This report (for 121.40.40.208) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇩🇪 Sparxx	2026-06-12 04:50:49 (1 week ago)	2026-06-12T06:50:41.261769+02:00 srv postfix/submission/smtpd[3246269]: lost connection after CONNEC ... show more 2026-06-12T06:50:41.261769+02:00 srv postfix/submission/smtpd[3246269]: lost connection after CONNECT from unknown[121.40.40.208] 2026-06-12T06:50:46.399123+02:00 srv postfix/submissions/smtpd[3246270]: lost connection after CONNECT from unknown[121.40.40.208] 2026-06-12T06:50:49.383609+02:00 srv postfix/submissions/smtpd[3246270]: lost connection after CONNECT from unknown[121.40.40.208] ... show less	Brute-Force
🇫🇷 Little Iguana	2026-06-07 03:34:08 (2 weeks ago)	trying to access non-authorized port	Port Scan
🇺🇸 mutebot.net	2026-06-04 04:18:34 (2 weeks ago)	SRC=121.40.40.208, PROTO=TCP, SPT=46710, DPT=30332 SRC=121.40.40.208, PROTO=TCP, SPT=46710, DPT=4038 ... show more SRC=121.40.40.208, PROTO=TCP, SPT=46710, DPT=30332 SRC=121.40.40.208, PROTO=TCP, SPT=46710, DPT=40386 SRC=121.40.40.208, PROTO=TCP, SPT=46710, DPT=40610 SRC=121.40.40.208, PROTO=TCP, SPT=46710, DPT=51583 SRC=121.40.40.208, PROTO=TCP, SPT=46710, DPT=15590 show less	Port Scan
🇺🇸 baltic-lab.com	2026-06-02 18:20:06 (2 weeks ago)	2026-06-02T20:17:48.796133+02:00 us kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:57:66:9b:c8:08:8b: ... show more 2026-06-02T20:17:48.796133+02:00 us kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:57:66:9b:c8:08:8b:ff:ce:a1:08:00 SRC=121.40.40.208 DST=89.117.22.226 LEN=40 TOS=0x00 PREC=0x00 TTL=240 ID=15876 PROTO=TCP SPT=44266 DPT=18307 WINDOW=1024 RES=0x00 SYN URGP=0 2026-06-02T20:17:50.687192+02:00 us kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:57:66:9b:c8:08:8b:ff:ce:a1:08:00 SRC=121.40.40.208 DST=89.117.22.226 LEN=40 TOS=0x00 PREC=0x00 TTL=240 ID=61102 PROTO=TCP SPT=44266 DPT=4471 WINDOW=1024 RES=0x00 SYN URGP=0 2026-06-02T20:17:59.915472+02:00 us kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:57:66:9b:c8:08:8b:ff:ce:a1:08:00 SRC=121.40.40.208 DST=89.117.22.226 LEN=40 TOS=0x00 PREC=0x00 TTL=240 ID=32508 PROTO=TCP SPT=44266 DPT=47656 WINDOW=1024 RES=0x00 SYN URGP=0 2026-06-02T20:18:19.707712+02:00 us kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:57:66:9b:c8:08:8b:ff:ce:a1:08:00 SRC=121.40.40.208 DST=89.117.22.226 LEN=40 TOS=0x00 PREC=0x00 TTL=240 ID=16891 PROTO=TCP SPT=44266 DPT=2657 WINDOW= ... show less	Brute-Force Hacking
🇺🇸 Hobby Bob	2026-05-31 00:44:46 (3 weeks ago)	May 31 00:44:46 server dovecot: pop3-login: Disconnected: Disconnected: Too many bad commands (no au ... show more May 31 00:44:46 server dovecot: pop3-login: Disconnected: Disconnected: Too many bad commands (no auth attempts in 1 secs): user=, rip=121.40.40.208, lip=X.X.X.X session= show less	Port Scan Hacking
🇬🇧 PeravixGroup	2026-05-29 18:59:53 (3 weeks ago)	Honeypot detection: Jenkins CI unauthorized access / script console abuse attempt (CVE-2024-23897) o ... show more Honeypot detection: Jenkins CI unauthorized access / script console abuse attempt (CVE-2024-23897) on port 50000. Severity: MEDIUM. Aaran.cloud show less	Hacking Exploited Host
🇩🇪 _ArminS_	2026-05-28 04:13:57 (3 weeks ago)	SP-Scan 41632:42201 detected 2026.05.28 06:13:57 blocked until 2026.07.16 23:16:44	Port Scan
🇫🇷 dusfor72	2026-05-27 13:59:04 (3 weeks ago)	aggressive portscan ...	Port Scan

Showing 1 to 15 of 176 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇰🇷 222.239.251.12

🇺🇸 216.239.34.223

🇳🇱 176.65.139.248

🇳🇿 121.73.169.120

🇩🇪 104.140.188.2

🇺🇸 100.28.153.226

🇳🇱 91.92.40.52

🇺🇿 87.192.249.66

🇮🇹 80.181.118.61

🇧🇬 78.128.112.74

🇳🇱 45.148.10.147

🇳🇱 45.148.10.141

🇺🇸 34.86.205.232

🇺🇸 2604:a880:400:d1:0:4:9e8a:d001

🇰🇷 211.114.40.60

🇧🇬 185.253.160.7

🇭🇰 156.245.246.50

🇰🇷 125.138.175.113

🇨🇳 121.40.169.125

🇩🇪 94.16.17.141