JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 121.43.155.89

121.43.155.89 was found in our database!

This IP was reported 179 times. Confidence of Abuse is 69%: ?

69%

ISP	Aliyun Computing Co., LTD
Usage Type	Data Center/Web Hosting/Transit
ASN	AS37963
Domain Name	alibabacloud.com
Country	🇨🇳 China
City	Hangzhou, Zhejiang

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 121.43.155.89

Whois 121.43.155.89

IP Abuse Reports for 121.43.155.89:

This IP address has been reported a total of 179 times from 50 distinct sources. 121.43.155.89 was first reported on March 21st 2025, and the most recent report was 5 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇬🇧 PeravixGroup	2026-06-07 08:39:55 (5 days ago)	Honeypot detection: FTP brute-force or anonymous access attempt on port 21. Severity: MEDIUM. Aaran. ... show more Honeypot detection: FTP brute-force or anonymous access attempt on port 21. Severity: MEDIUM. Aaran.cloud show less	FTP Brute-Force Brute-Force
🇭🇰 PingMeMaybe	2026-06-06 03:00:19 (6 days ago)	Blocked by UFW on hk [3041/tcp] Source port: 54777 TTL: 236 Packet length: 40 TOS: 0x00 This report ... show more Blocked by UFW on hk [3041/tcp] Source port: 54777 TTL: 236 Packet length: 40 TOS: 0x00 This report was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇹🇷 Threat.live	2026-06-04 15:35:05 (1 week ago)	Suspicious Connection Attempts	Brute-Force
🇬🇧 PeravixGroup	2026-06-03 10:33:15 (1 week ago)	Honeypot detection: Web application scanning / reconnaissance attempt on port 8080. Severity: LOW. A ... show more Honeypot detection: Web application scanning / reconnaissance attempt on port 8080. Severity: LOW. Aaran.cloud show less	Port Scan Bad Web Bot
🇬🇧 wiredalter	2026-06-01 20:36:37 (1 week ago)	Blocked by fail2ban on cVPS [/tcp] Source Port: TTL: Packet Length: TOS: Analyzed by https://ip ... show more Blocked by fail2ban on cVPS [/tcp] Source Port: TTL: Packet Length: TOS: Analyzed by https://ip.wiredalter.com show less	Brute-Force SSH Web App Attack
🇩🇪 Honeypot-EU-Fru	2026-05-29 21:12:09 (2 weeks ago)	1780089128 - 05/29/2026 23:12:08 Host: 121.43.155.89/121.43.155.89 Port: 2323 TCP Blocked ...	Port Scan
🇬🇧 pearbright	2026-05-29 09:25:57 (2 weeks ago)	2026-05-29T09:25:27.255872+00:00 srv1093252 kernel: [792724.006153] [UFW BLOCK] IN=eth0 OUT= MAC=28: ... show more 2026-05-29T09:25:27.255872+00:00 srv1093252 kernel: [792724.006153] [UFW BLOCK] IN=eth0 OUT= MAC=28:e8:d4:b5:be:84:44:38:39:ff:ff:41:08:00 SRC=121.43.155.89 DST=72.61.19.109 LEN=40 TOS=0x08 PREC=0x20 TTL=226 ID=65218 PROTO=TCP SPT=46726 DPT=30335 WINDOW=1024 RES=0x00 SYN URGP=0 2026-05-29T09:25:29.881778+00:00 srv1093252 kernel: [792726.631874] [UFW BLOCK] IN=eth0 OUT= MAC=28:e8:d4:b5:be:84:44:38:39:ff:ff:41:08:00 SRC=121.43.155.89 DST=72.61.19.109 LEN=40 TOS=0x08 PREC=0x20 TTL=226 ID=23979 PROTO=TCP SPT=46726 DPT=26415 WINDOW=1024 RES=0x00 SYN URGP=0 2026-05-29T09:25:30.334384+00:00 srv1093252 kernel: [792727.084303] [UFW BLOCK] IN=eth0 OUT= MAC=28:e8:d4:b5:be:84:44:38:39:ff:ff:41:08:00 SRC=121.43.155.89 DST=72.61.19.109 LEN=40 TOS=0x08 PREC=0x20 TTL=226 ID=37604 PROTO=TCP SPT=46726 DPT=64607 WINDOW=1024 RES=0x00 SYN URGP=0 2026-05-29T09:25:31.449882+00:00 srv1093252 kernel: [792728.200191] [UFW BLOCK] IN=eth0 OUT= MAC=28:e8:d4:b5:be:84:44:38:39:ff:ff:41:08:00 SRC=121.43.155.89 DST ... show less	Port Scan
🇺🇸 mutebot.net	2026-05-26 06:31:26 (2 weeks ago)	SRC=121.43.155.89, PROTO=TCP, SPT=57080, DPT=53811 SRC=121.43.155.89, PROTO=TCP, SPT=57080, DPT=4904 ... show more SRC=121.43.155.89, PROTO=TCP, SPT=57080, DPT=53811 SRC=121.43.155.89, PROTO=TCP, SPT=57080, DPT=49045 SRC=121.43.155.89, PROTO=TCP, SPT=57080, DPT=43415 SRC=121.43.155.89, PROTO=TCP, SPT=57080, DPT=13151 SRC=121.43.155.89, PROTO=TCP, SPT=57080, DPT=50165 show less	Port Scan
🇩🇪 centurion	2026-05-26 03:36:14 (2 weeks ago)	Blocked by UFW on ns02 [13107/tcp] Source port: 46570 TTL: 238 Packet length: 40 TOS: 0x00 This rep ... show more Blocked by UFW on ns02 [13107/tcp] Source port: 46570 TTL: 238 Packet length: 40 TOS: 0x00 This report was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇩🇪 acadeova	2026-05-25 09:50:46 (2 weeks ago)	Blocked by UFW on vps2 [17900/tcp] Source port: 42633 TTL: 241 Packet length: 40 TOS: 0x00 This rep ... show more Blocked by UFW on vps2 [17900/tcp] Source port: 42633 TTL: 241 Packet length: 40 TOS: 0x00 This report was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇩🇪 acadeova	2026-05-24 12:18:06 (2 weeks ago)	Blocked by UFW on vps2 [16685/tcp] Source port: 45083 TTL: 241 Packet length: 40 TOS: 0x00 This rep ... show more Blocked by UFW on vps2 [16685/tcp] Source port: 45083 TTL: 241 Packet length: 40 TOS: 0x00 This report was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇬🇧 PeravixGroup	2026-05-23 18:06:19 (2 weeks ago)	Honeypot detection: MongoDB unauthorized access / exploitation attempt on port 27017. Severity: MEDI ... show more Honeypot detection: MongoDB unauthorized access / exploitation attempt on port 27017. Severity: MEDIUM. Aaran.cloud show less	Hacking Exploited Host
🇩🇪 acadeova	2026-05-21 13:07:28 (3 weeks ago)	🚨 Recon detected (nft drop) SRC=121.43.155.89 Observed=TCP dpt=24794 in=enp0s6 ttl=241 Time=recent(j ... show more 🚨 Recon detected (nft drop) SRC=121.43.155.89 Observed=TCP dpt=24794 in=enp0s6 ttl=241 Time=recent(journalctl: 10 minutes ago) Assessment=Generic scanning / reconnaissance (PORT_SCAN) show less	Port Scan
🇺🇸 masterguru	2026-05-21 11:29:50 (3 weeks ago)	Port Scan detected from 121.43.155.89 (CN/China/-). 11 hits in the last 55 seconds (0-165)	Port Scan
🇬🇧 PeravixGroup	2026-05-21 08:08:16 (3 weeks ago)	Honeypot detection: Web application scanning / reconnaissance attempt on port 8080. Severity: LOW. A ... show more Honeypot detection: Web application scanning / reconnaissance attempt on port 8080. Severity: LOW. Aaran.cloud show less	Port Scan Bad Web Bot

Showing 1 to 15 of 179 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 2602:fb54:1400::4a

🇰🇷 220.80.223.144

🇺🇸 165.154.173.239

🇹🇭 147.50.103.212

🇰🇷 106.245.246.26

🇷🇴 80.94.92.166

🇧🇷 69.6.251.43

🇵🇰 39.37.178.182

🇺🇦 31.43.49.10

🇩🇪 152.53.191.128

🇷🇺 95.84.137.185

🇺🇸 44.69.167.148

🇺🇸 5.56.24.71

🇨🇳 223.75.204.46

🇳🇱 192.142.28.77

🇫🇷 185.177.72.24

🇨🇳 182.44.116.87

🇺🇸 162.216.149.219

🇫🇮 147.185.133.184

🇮🇩 103.167.112.74