JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 121.40.45.152

121.40.45.152 was found in our database!

This IP was reported 178 times. Confidence of Abuse is 76%: ?

76%

ISP	Aliyun Computing Co., LTD
Usage Type	Data Center/Web Hosting/Transit
ASN	AS37963
Domain Name	alibabacloud.com
Country	🇨🇳 China
City	Hangzhou, Zhejiang

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 121.40.45.152

Whois 121.40.45.152

IP Abuse Reports for 121.40.45.152:

This IP address has been reported a total of 178 times from 52 distinct sources. 121.40.45.152 was first reported on March 16th 2025, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇬🇧 PeravixGroup	2026-06-08 18:09:17 (1 day ago)	Honeypot detection: Jenkins CI unauthorized access / script console abuse attempt (CVE-2024-23897) o ... show more Honeypot detection: Jenkins CI unauthorized access / script console abuse attempt (CVE-2024-23897) on port 50000. Severity: MEDIUM. Aaran.cloud show less	Hacking Exploited Host
🇫🇷 masterguru	2026-06-08 14:31:50 (1 day ago)	Port Scan detected from 121.40.45.152 (CN/China/-). 11 hits in the last 85 seconds (0-143)	Port Scan
Anonymous	2026-06-07 02:58:13 (3 days ago)	121.40.45.152 detected on srv01	Port Scan
🇩🇪 anycast_ac	2026-06-07 01:19:44 (3 days ago)	[mirai-detector honeypot] Inbound attack against our honeypot on tcp/3128 (generic). Commands captur ... show more [mirai-detector honeypot] Inbound attack against our honeypot on tcp/3128 (generic). Commands captured: $ GET / HTTP/1.1 show less	DDoS Attack IoT Targeted Brute-Force
🇬🇧 PeravixGroup	2026-06-05 19:22:05 (4 days ago)	Honeypot detection: VNC remote desktop brute-force authentication attempt on port 5900. Severity: ME ... show more Honeypot detection: VNC remote desktop brute-force authentication attempt on port 5900. Severity: MEDIUM. Aaran.cloud show less	Brute-Force Hacking
🇬🇧 pearbright	2026-06-03 08:58:07 (6 days ago)	2026-06-03T08:57:54.310612+00:00 srv1093252 kernel: [1223068.251099] [UFW BLOCK] IN=eth0 OUT= MAC=28 ... show more 2026-06-03T08:57:54.310612+00:00 srv1093252 kernel: [1223068.251099] [UFW BLOCK] IN=eth0 OUT= MAC=28:e8:d4:b5:be:84:44:38:39:ff:ff:41:08:00 SRC=121.40.45.152 DST=72.61.19.109 LEN=40 TOS=0x08 PREC=0x20 TTL=226 ID=64143 PROTO=TCP SPT=57073 DPT=41388 WINDOW=1024 RES=0x00 SYN URGP=0 2026-06-03T08:57:56.032491+00:00 srv1093252 kernel: [1223069.972950] [UFW BLOCK] IN=eth0 OUT= MAC=28:e8:d4:b5:be:84:44:38:39:ff:ff:41:08:00 SRC=121.40.45.152 DST=72.61.19.109 LEN=40 TOS=0x08 PREC=0x20 TTL=226 ID=29082 PROTO=TCP SPT=57073 DPT=36780 WINDOW=1024 RES=0x00 SYN URGP=0 2026-06-03T08:57:56.040322+00:00 srv1093252 kernel: [1223069.980770] [UFW BLOCK] IN=eth0 OUT= MAC=28:e8:d4:b5:be:84:44:38:39:ff:ff:41:08:00 SRC=121.40.45.152 DST=72.61.19.109 LEN=40 TOS=0x08 PREC=0x20 TTL=226 ID=63270 PROTO=TCP SPT=57073 DPT=65083 WINDOW=1024 RES=0x00 SYN URGP=0 2026-06-03T08:57:56.658573+00:00 srv1093252 kernel: [1223070.598985] [UFW BLOCK] IN=eth0 OUT= MAC=28:e8:d4:b5:be:84:44:38:39:ff:ff:41:08:00 SRC=121.40.45.152 ... show less	Port Scan
🇳🇱 donarev419	2026-06-03 01:32:01 (1 week ago)	Connection to port 4005 with data transfer. Data preview:	Port Scan Hacking
🇬🇧 pearbright	2026-06-02 04:50:59 (1 week ago)	2026-06-02T04:50:50.766746+00:00 srv1093252 kernel: [1121845.367269] [UFW BLOCK] IN=eth0 OUT= MAC=28 ... show more 2026-06-02T04:50:50.766746+00:00 srv1093252 kernel: [1121845.367269] [UFW BLOCK] IN=eth0 OUT= MAC=28:e8:d4:b5:be:84:44:38:39:ff:ff:41:08:00 SRC=121.40.45.152 DST=72.61.19.109 LEN=40 TOS=0x08 PREC=0x20 TTL=226 ID=16368 PROTO=TCP SPT=55850 DPT=40787 WINDOW=1024 RES=0x00 SYN URGP=0 2026-06-02T04:50:51.358975+00:00 srv1093252 kernel: [1121845.958004] [UFW BLOCK] IN=eth0 OUT= MAC=28:e8:d4:b5:be:84:44:38:39:ff:ff:41:08:00 SRC=121.40.45.152 DST=72.61.19.109 LEN=40 TOS=0x08 PREC=0x20 TTL=226 ID=32384 PROTO=TCP SPT=55850 DPT=7685 WINDOW=1024 RES=0x00 SYN URGP=0 2026-06-02T04:50:52.418957+00:00 srv1093252 kernel: [1121847.018365] [UFW BLOCK] IN=eth0 OUT= MAC=28:e8:d4:b5:be:84:44:38:39:ff:ff:41:08:00 SRC=121.40.45.152 DST=72.61.19.109 LEN=40 TOS=0x08 PREC=0x20 TTL=226 ID=39406 PROTO=TCP SPT=55850 DPT=23158 WINDOW=1024 RES=0x00 SYN URGP=0 2026-06-02T04:50:52.732730+00:00 srv1093252 kernel: [1121847.332954] [UFW BLOCK] IN=eth0 OUT= MAC=28:e8:d4:b5:be:84:44:38:39:ff:ff:41:08:00 SRC=121.40.45.152 ... show less	Port Scan
🇬🇧 PeravixGroup	2026-05-30 09:49:28 (1 week ago)	Honeypot detection: Metasploit / penetration testing C2 callback attempt on port 4444. Severity: MED ... show more Honeypot detection: Metasploit / penetration testing C2 callback attempt on port 4444. Severity: MEDIUM. Aaran.cloud show less	Hacking
🇹🇷 Threat.live	2026-05-29 10:00:08 (1 week ago)	Suspicious Connection Attempts	Brute-Force
🇺🇸 micropedro	2026-05-29 04:31:13 (1 week ago)	4 incidents: malicious activity. First: 2026-05-21 23:30, Last: 2026-05-29 00:31 UTC. Triggers: ufw- ... show more 4 incidents: malicious activity. First: 2026-05-21 23:30, Last: 2026-05-29 00:31 UTC. Triggers: ufw-repeater. show less	Port Scan
🇺🇸 micropedro	2026-05-29 04:30:22 (1 week ago)	3 incidents: malicious activity. First: 2026-05-14 22:30, Last: 2026-05-29 00:30 UTC. Triggers: ufw- ... show more 3 incidents: malicious activity. First: 2026-05-14 22:30, Last: 2026-05-29 00:30 UTC. Triggers: ufw-repeater. show less	Port Scan
🇫🇷 dusfor72	2026-05-26 02:35:54 (2 weeks ago)	aggressive portscan ...	Port Scan
🇬🇧 PeravixGroup	2026-05-22 18:02:00 (2 weeks ago)	Honeypot detection: rsync unauthorized access / data sync attempt on port 873. Severity: LOW. Aaran. ... show more Honeypot detection: rsync unauthorized access / data sync attempt on port 873. Severity: LOW. Aaran.cloud show less	Port Scan
🇬🇧 PeravixGroup	2026-05-22 09:14:10 (2 weeks ago)	Honeypot detection: Apache CouchDB unauthorized access / exploitation attempt on port 5984. Severity ... show more Honeypot detection: Apache CouchDB unauthorized access / exploitation attempt on port 5984. Severity: MEDIUM. Aaran.cloud show less	Hacking Exploited Host

Showing 1 to 15 of 178 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 165.154.255.63

🇸🇾 94.252.134.42

🇰🇷 220.118.173.234

🇭🇰 199.45.155.99

🇳🇱 176.65.148.228

🇫🇷 167.86.117.136

🇳🇱 158.94.211.220

🇵🇰 153.117.1.26

🇯🇵 136.110.75.142

🇩🇪 109.85.189.101

🇮🇳 103.107.60.45

🇺🇸 97.107.129.193

🇧🇬 91.148.190.150

🇺🇸 52.159.229.67

🇺🇸 52.91.101.47

🇫🇷 51.75.16.206

🇭🇰 47.243.174.183

🇳🇱 45.155.90.234

🇭🇰 45.142.154.94

🇺🇸 34.34.233.220