JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 3.138.157.158

3.138.157.158 was found in our database!

This IP was reported 16 times. Confidence of Abuse is 74%: ?

74%

ISP	Amazon Technologies Inc.
Usage Type	Data Center/Web Hosting/Transit
ASN	AS16509
Hostname(s)	ec2-3-138-157-158.us-east-2.compute.amazonaws.com
Domain Name	amazon.com
Country	🇺🇸 United States of America
City	Columbus, Ohio

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 3.138.157.158

Whois 3.138.157.158

IP Abuse Reports for 3.138.157.158:

This IP address has been reported a total of 16 times from 15 distinct sources. 3.138.157.158 was first reported on December 3rd 2020, and the most recent report was 21 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇦 llighthunter	2026-06-17 10:39:28 (21 hours ago)	Jun 16 08:10:22 mail dovecot: pop3-login: Disconnected (no auth attempts in 0 secs): user=<>, rip=3. ... show more Jun 16 08:10:22 mail dovecot: pop3-login: Disconnected (no auth attempts in 0 secs): user=<>, rip=3.138.157.158, lip=192.168.1.80, session=<KA3J9VdUouIDip2e> Jun 16 08:10:35 mail dovecot: pop3-login: Disconnected: Too many bad commands (no auth attempts in 0 secs): user=<>, rip=3.138.157.158, lip=192.168.1.80, session=<jvCS9ldUpkkDip2e> Jun 16 08:11:56 mail dovecot: pop3-login: Disconnected: Too many bad commands (no auth attempts in 0 secs): user=<>, rip=3.138.157.158, lip=192.168.1.80, session=<6lJb+1dUnpoDip2e> show less	Port Scan Hacking Spoofing
Anonymous	2026-06-16 05:29:24 (2 days ago)	Heralding honeypot: pop3 on port 110	Brute-Force
🇩🇪 Justin F. \| AS204464	2026-06-16 05:22:42 (2 days ago)	Honeypot [nx-infrastructure]: Unauthorized traffic (1 bytes of payload); 8050 [4], 9600 [3], 2077 [3 ... show more Honeypot [nx-infrastructure]: Unauthorized traffic (1 bytes of payload); 8050 [4], 9600 [3], 2077 [3] TCP Reported by: Justin F. show less	Port Scan
Anonymous	2026-06-16 05:22:35 (2 days ago)	SIEM ALERT AUTO REPORT	Email Spam
🇫🇷 Soncraft	2026-06-16 05:19:38 (2 days ago)	Blocked by UFW on Jellyfin [30000/tcp] Source port: 16618 TTL: 47 Packet length: 40 TOS: 0x08 This ... show more Blocked by UFW on Jellyfin [30000/tcp] Source port: 16618 TTL: 47 Packet length: 40 TOS: 0x08 This report was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇬🇧 gbzret4d	2026-06-16 05:15:50 (2 days ago)	Honeypot [uk-production01]: HTTP/1.1 request on 18184 GET / User-Agent: visionheight.com/scan Mozil ... show more Honeypot [uk-production01]: HTTP/1.1 request on 18184 GET / User-Agent: visionheight.com/scan Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) Chrome/126.0.0.0 Safari/537.36 Accept: / Accept-Encoding: gzip; 18184 [4] TCP show less	Hacking Bad Web Bot
🇧🇷 opastorello	2026-06-16 05:12:20 (2 days ago)	T-Pot honeypot: 23 hits in 15min on port(s) 18184 (P0f/Honeytrap). Port scan / unsolicited connectio ... show more T-Pot honeypot: 23 hits in 15min on port(s) 18184 (P0f/Honeytrap). Port scan / unsolicited connection. Automated report. show less	Port Scan
🇫🇷 arteagasoft	2026-06-16 05:12:04 (2 days ago)	2026-06-15T23:10:30.301911-06:00 99084af566a4 dovecot: pop3-login: Login aborted: Connection closed ... show more 2026-06-15T23:10:30.301911-06:00 99084af566a4 dovecot: pop3-login: Login aborted: Connection closed (no auth attempts in 0 secs) (no_auth_attempts): user=<>, rip=3.138.157.158, lip=192.168.30.250, session=<g0069ldU2JQDip2e> 2026-06-15T23:10:42.381684-06:00 99084af566a4 dovecot: pop3-login: Login aborted: Disconnected: Too many bad commands (no auth attempts in 0 secs) (no_auth_attempts): user=<>, rip=3.138.157.158, lip=192.168.30.250, session=<qKb09ldUxHYDip2e> 2026-06-15T23:12:03.307026-06:00 99084af566a4 dovecot: pop3-login: Login aborted: Disconnected: Too many bad commands (no auth attempts in 0 secs) (no_auth_attempts): user=<>, rip=3.138.157.158, lip=192.168.30.250, session=<SnjH+1dU/vQDip2e> ... show less	Brute-Force
🇺🇦 llighthunter	2026-06-16 05:11:58 (2 days ago)	Jun 16 08:10:22 mail dovecot: pop3-login: Disconnected (no auth attempts in 0 secs): user=<>, rip=3. ... show more Jun 16 08:10:22 mail dovecot: pop3-login: Disconnected (no auth attempts in 0 secs): user=<>, rip=3.138.157.158, lip=192.168.1.80, session=<KA3J9VdUouIDip2e> Jun 16 08:10:35 mail dovecot: pop3-login: Disconnected: Too many bad commands (no auth attempts in 0 secs): user=<>, rip=3.138.157.158, lip=192.168.1.80, session=<jvCS9ldUpkkDip2e> Jun 16 08:11:56 mail dovecot: pop3-login: Disconnected: Too many bad commands (no auth attempts in 0 secs): user=<>, rip=3.138.157.158, lip=192.168.1.80, session=<6lJb+1dUnpoDip2e> show less	Port Scan Hacking Spoofing
🇫🇷 0xNath	2026-06-16 05:11:34 (2 days ago)	2026-06-16T07:10:01.012008+02:00 srv1.renaudna.fr dovecot[1615]: pop3-login: Disconnected: Connectio ... show more 2026-06-16T07:10:01.012008+02:00 srv1.renaudna.fr dovecot[1615]: pop3-login: Disconnected: Connection closed (no auth attempts in 1 secs): user=<>, rip=3.138.157.158, lip=192.168.1.253, session=<32l99FdU9OQDip2e> 2026-06-16T07:10:15.117176+02:00 srv1.renaudna.fr dovecot[1615]: pop3-login: Disconnected: Disconnected: Too many bad commands (no auth attempts in 0 secs): user=<>, rip=3.138.157.158, lip=192.168.1.253, session=<AKVU9VdUBFgDip2e> 2026-06-16T07:11:32.919912+02:00 srv1.renaudna.fr dovecot[1615]: pop3-login: Disconnected: Disconnected: Too many bad commands (no auth attempts in 0 secs): user=<>, rip=3.138.157.158, lip=192.168.1.253, session=<4dH3+VdUuOYDip2e> ... show less	Brute-Force
🇩🇪 kexol	2026-06-16 05:11:19 (2 days ago)	110 port scanned	Port Scan
🇫🇷 TheHoneyPotter	2026-06-16 05:11:02 (2 days ago)	Honeypot [fc-honeypot]: HTTP/1.1 request on 1521 GET / User-Agent: visionheight.com/scan Mozilla/5. ... show more Honeypot [fc-honeypot]: HTTP/1.1 request on 1521 GET / User-Agent: visionheight.com/scan Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) Chrome/126.0.0.0 Safari/537.36 Accept: / Accept-Encoding: gzip; 1521 [1], 1963 [1] TCP Reported by: https://github.com/sefinek/T-Pot-To-AbuseIPDB show less	Hacking Bad Web Bot
🇮🇹 abuseiphack	2026-06-16 05:10:33 (2 days ago)	Automatic report for brute force attack	Brute-Force
🇫🇷 Thaliruth	2026-06-16 05:10:28 (2 days ago)	Jun 16 07:09:49 151 dovecot: pop3-login: Login aborted: Connection closed (no auth attempts in 0 sec ... show more Jun 16 07:09:49 151 dovecot: pop3-login: Login aborted: Connection closed (no auth attempts in 0 secs) (no_auth_attempts): user=<>, rip=3.138.157.158, lip=92.205.177.255, session=<SZ3Q81dUDssDip2e> Jun 16 07:10:04 151 dovecot: pop3-login: Login aborted: Disconnected: Too many bad commands (no auth attempts in 0 secs) (no_auth_attempts): user=<>, rip=3.138.157.158, lip=92.205.177.255, session=<NTC19FdU+ssDip2e> Jun 16 07:10:27 151 dovecot: pop3-login: Login aborted: Connection closed (no auth attempts in 0 secs) (no_auth_attempts): user=<>, rip=3.138.157.158, lip=92.205.28.48, session=<GIkT9ldUmqMDip2e> ... show less	Hacking Brute-Force
🇺🇸 donarev419	2026-06-16 05:10:00 (2 days ago)	Connection to port 1521 with data transfer. Data preview: GET / HTTP/1.1 Host: 198.23.188.201:1521 ... show more Connection to port 1521 with data transfer. Data preview: GET / HTTP/1.1 Host: 198.23.188.201:1521 User-Agent: visionheight.com/scan Mozilla/5.0 (Macintosh; show less	Port Scan Hacking

Showing 1 to 15 of 16 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 192.153.76.18

🇷🇺 185.238.199.141

🇮🇳 122.186.174.35

🇮🇳 103.123.53.88

🇺🇸 98.149.78.187

🇯🇵 89.187.28.152

🇺🇸 192.241.141.178

🇺🇸 173.239.198.184

🇭🇰 124.156.129.246

🇮🇳 115.245.122.146

🇰🇪 105.27.148.94

🇫🇷 91.196.152.179

🇳🇱 91.92.40.202

🇫🇷 85.217.140.49

🇺🇸 40.160.68.102

🇲🇽 187.192.86.153

🇨🇳 139.9.191.197

🇨🇬 102.129.81.58

🇵🇱 87.251.64.146

🇩🇪 81.28.6.82