JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 121.41.165.109

121.41.165.109 was found in our database!

This IP was reported 194 times. Confidence of Abuse is 79%: ?

79%

ISP	Aliyun Computing Co., LTD
Usage Type	Data Center/Web Hosting/Transit
ASN	AS37963
Domain Name	alibabacloud.com
Country	🇨🇳 China
City	Hangzhou, Zhejiang

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 121.41.165.109

Whois 121.41.165.109

IP Abuse Reports for 121.41.165.109:

This IP address has been reported a total of 194 times from 62 distinct sources. 121.41.165.109 was first reported on April 14th 2025, and the most recent report was 19 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇦🇺 LiftUp Hosting	2026-06-16 18:22:02 (19 hours ago)	Honeypot hit: HTTP request on 17782	Hacking Bad Web Bot
🇺🇸 Axel	2026-06-14 23:12:40 (2 days ago)	Blocked by UFW on MVI [21607/tcp] \| SPT: 58758 \| TTL: 233 \| LEN: 40 \| TOS: 0x00 • Reported by: githu ... show more Blocked by UFW on MVI [21607/tcp] \| SPT: 58758 \| TTL: 233 \| LEN: 40 \| TOS: 0x00 • Reported by: github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇩🇪 acadeova	2026-06-13 04:36:07 (4 days ago)	Blocked by UFW on vps2 [15286/tcp] Source port: 45353 TTL: 241 Packet length: 40 TOS: 0x00 This rep ... show more Blocked by UFW on vps2 [15286/tcp] Source port: 45353 TTL: 241 Packet length: 40 TOS: 0x00 This report was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇺🇸 micropedro	2026-06-10 19:30:18 (6 days ago)	3 incidents: malicious activity. First: 2026-05-27 13:30, Last: 2026-06-10 15:30 UTC. Triggers: ufw- ... show more 3 incidents: malicious activity. First: 2026-05-27 13:30, Last: 2026-06-10 15:30 UTC. Triggers: ufw-repeater. show less	Port Scan
🇫🇷 ISPLtd	2026-06-10 10:51:43 (1 week ago)	Jun 10 07:51:41 121.41.165.109 TCP SPT=48700 DPT=6344 SYN Jun 10 07:51:42 121.41.165.109 TCP SPT=487 ... show more Jun 10 07:51:41 121.41.165.109 TCP SPT=48700 DPT=6344 SYN Jun 10 07:51:42 121.41.165.109 TCP SPT=48700 DPT=56389 SYN Jun 10 07:51:42 121.41.165.109 TCP SPT=48700 DPT=60772 ... show less	Port Scan
🇯🇵 jay hung	2026-06-10 01:23:09 (1 week ago)	2026-06-10T01:23:08.279933+00:00 quarktech kernel: [889430.538813] [UFW BLOCK] IN=eth0 OUT= MAC=22:0 ... show more 2026-06-10T01:23:08.279933+00:00 quarktech kernel: [889430.538813] [UFW BLOCK] IN=eth0 OUT= MAC=22:00:92:2e:84:93:fe:ff:ff:ff:ff:ff:08:00 SRC=121.41.165.109 DST=172.237.20.248 LEN=40 TOS=0x00 PREC=0x40 TTL=223 ID=58248 PROTO=TCP SPT=54586 DPT=56349 WINDOW=1024 RES=0x00 SYN URGP=0 ... show less	Port Scan
🇬🇧 PeravixGroup	2026-06-08 07:22:08 (1 week ago)	Honeypot detection: Jenkins CI unauthorized access / script console abuse attempt (CVE-2024-23897) o ... show more Honeypot detection: Jenkins CI unauthorized access / script console abuse attempt (CVE-2024-23897) on port 50000. Severity: MEDIUM. Aaran.cloud show less	Hacking Exploited Host
🇬🇧 PeravixGroup	2026-06-06 15:48:30 (1 week ago)	Honeypot detection: Web application scanning / reconnaissance attempt on port 8080. Severity: LOW. A ... show more Honeypot detection: Web application scanning / reconnaissance attempt on port 8080. Severity: LOW. Aaran.cloud show less	Port Scan Bad Web Bot
🇺🇸 micropedro	2026-06-03 18:30:20 (1 week ago)	3 incidents: malicious activity. First: 2026-05-27 13:30, Last: 2026-06-03 14:30 UTC. Triggers: ufw- ... show more 3 incidents: malicious activity. First: 2026-05-27 13:30, Last: 2026-06-03 14:30 UTC. Triggers: ufw-repeater. show less	Port Scan
🇬🇧 PeravixGroup	2026-06-03 10:46:48 (2 weeks ago)	Honeypot detection: Remote Desktop Protocol (RDP) brute-force attempt on port 3389. Severity: HIGH. ... show more Honeypot detection: Remote Desktop Protocol (RDP) brute-force attempt on port 3389. Severity: HIGH. Aaran.cloud show less	Brute-Force Hacking
🇬🇧 pearbright	2026-06-02 11:51:43 (2 weeks ago)	2026-06-02T11:51:24.861592+00:00 srv1093252 kernel: [1147079.295552] [UFW BLOCK] IN=eth0 OUT= MAC=28 ... show more 2026-06-02T11:51:24.861592+00:00 srv1093252 kernel: [1147079.295552] [UFW BLOCK] IN=eth0 OUT= MAC=28:e8:d4:b5:be:84:44:38:39:ff:ff:41:08:00 SRC=121.41.165.109 DST=72.61.19.109 LEN=40 TOS=0x08 PREC=0x20 TTL=226 ID=63381 PROTO=TCP SPT=41084 DPT=38732 WINDOW=1024 RES=0x00 SYN URGP=0 2026-06-02T11:51:25.484060+00:00 srv1093252 kernel: [1147079.918486] [UFW BLOCK] IN=eth0 OUT= MAC=28:e8:d4:b5:be:84:44:38:39:ff:ff:41:08:00 SRC=121.41.165.109 DST=72.61.19.109 LEN=40 TOS=0x08 PREC=0x20 TTL=226 ID=52595 PROTO=TCP SPT=41084 DPT=26531 WINDOW=1024 RES=0x00 SYN URGP=0 2026-06-02T11:51:26.039355+00:00 srv1093252 kernel: [1147080.473351] [UFW BLOCK] IN=eth0 OUT= MAC=28:e8:d4:b5:be:84:44:38:39:ff:ff:41:08:00 SRC=121.41.165.109 DST=72.61.19.109 LEN=40 TOS=0x08 PREC=0x20 TTL=226 ID=41081 PROTO=TCP SPT=41084 DPT=31518 WINDOW=1024 RES=0x00 SYN URGP=0 2026-06-02T11:51:26.741027+00:00 srv1093252 kernel: [1147081.175486] [UFW BLOCK] IN=eth0 OUT= MAC=28:e8:d4:b5:be:84:44:38:39:ff:ff:41:08:00 SRC=121.41.165 ... show less	Port Scan
🇩🇪 excill	2026-06-02 03:04:29 (2 weeks ago)	Honeypot mesh observed 938 attack events in 24h — cowrie/dionaea/heralding/suricata	Port Scan Hacking Brute-Force SSH
Anonymous	2026-06-01 16:39:20 (2 weeks ago)	Port Scan detected from 121.41.165.109 (CN/China/-). 16 hits in the last 41 seconds	Web App Attack
🇩🇪 _ArminS_	2026-05-31 23:38:57 (2 weeks ago)	SP-Scan 50736:63667 detected 2026.06.01 01:38:57 blocked until 2026.07.20 18:41:44	Port Scan
🇩🇪 www.fransveldman.world	2026-05-29 02:31:58 (2 weeks ago)	May 29 02:30:54 mail postfix/smtps/smtpd[3110983]: lost connection after CONNECT from unknown[121.41 ... show more May 29 02:30:54 mail postfix/smtps/smtpd[3110983]: lost connection after CONNECT from unknown[121.41.165.109] May 29 02:31:57 mail postfix/smtps/smtpd[3111070]: lost connection after CONNECT from unknown[121.41.165.109] ... show less	Brute-Force Email Spam

Showing 1 to 15 of 194 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇳🇱 213.152.161.54

🇺🇸 209.50.162.213

🇯🇵 152.32.203.18

🇺🇸 66.132.172.137

🇺🇸 45.3.35.40

🇺🇸 44.220.188.114

🇺🇸 34.26.1.84

🇧🇷 205.210.31.205

🇺🇸 198.62.3.156

🇳🇱 176.65.139.181

🇺🇸 45.3.62.90

🇺🇸 2602:80d:1008::48

🇧🇬 164.138.220.142

🇩🇪 141.11.45.97

🇨🇳 118.81.204.230

🇺🇸 104.243.42.167

🇭🇰 103.81.170.118

🇷🇴 92.118.39.62

🇭🇰 65.181.88.245

🇩🇪 64.188.83.134