This IP address has been reported a total of
163
times from
107 distinct
sources.
3.138.158.147 was first reported on
, and the most recent report was
.
Old Reports:
The most recent abuse report for this IP address is from
. It is possible that this IP is no longer involved in abusive activities.
2026-05-31 00:00:49,309 fail2ban.actions [264721]: NOTICE [postfix] Ban 3.138.158.147
2026-0 ...
show more2026-05-31 00:00:49,309 fail2ban.actions [264721]: NOTICE [postfix] Ban 3.138.158.147
2026-05-31 00:00:49,309 fail2ban.actions [264721]: NOTICE [postfix] Ban 3.138.158.147
...
show less
Bad Web Bot
Web Spam
Email Spam
Blog Spam
Port Scan
Brute-Force
Web App Attack
May 25 06:29:03 mail dovecot: imap-login: Disconnected (no auth attempts in 0 secs): user=<>, rip=3. ...
show moreMay 25 06:29:03 mail dovecot: imap-login: Disconnected (no auth attempts in 0 secs): user=<>, rip=3.138.158.147, lip=192.168.1.80, session=<lHHt+ptSmGgDip6T>
May 25 06:29:04 mail dovecot: imap-login: Disconnected: Too many invalid commands (no auth attempts in 0 secs): user=<>, rip=3.138.158.147, lip=192.168.1.80, session=<MR//+ptSvmgDip6T>
May 25 06:30:40 mail dovecot: imap-login: Disconnected: Too many invalid commands (no auth attempts in 0 secs): user=<>, rip=3.138.158.147, lip=192.168.1.80, session=<wmm0AJxSJG4Dip6T>
show less
Unsolicited TCP connection from 3.138.158.147 to port 0 at 2026-05-26T18:17:56Z. Source IP completed ...
show moreUnsolicited TCP connection from 3.138.158.147 to port 0 at 2026-05-26T18:17:56Z. Source IP completed three-way handshake to non-public service on this host. Detected by automated intrusion monitoring.
show less
Unsolicited TCP connection from 3.138.158.147 to port 0 at 2026-05-26T12:31:41Z. Source IP completed ...
show moreUnsolicited TCP connection from 3.138.158.147 to port 0 at 2026-05-26T12:31:41Z. Source IP completed three-way handshake to non-public service on this host. Detected by automated intrusion monitoring.
show less
May 25 06:29:03 mail dovecot: imap-login: Disconnected (no auth attempts in 0 secs): user=<>, rip=3. ...
show moreMay 25 06:29:03 mail dovecot: imap-login: Disconnected (no auth attempts in 0 secs): user=<>, rip=3.138.158.147, lip=192.168.1.80, session=<lHHt+ptSmGgDip6T>
May 25 06:29:04 mail dovecot: imap-login: Disconnected: Too many invalid commands (no auth attempts in 0 secs): user=<>, rip=3.138.158.147, lip=192.168.1.80, session=<MR//+ptSvmgDip6T>
May 25 06:30:40 mail dovecot: imap-login: Disconnected: Too many invalid commands (no auth attempts in 0 secs): user=<>, rip=3.138.158.147, lip=192.168.1.80, session=<wmm0AJxSJG4Dip6T>
show less
Unsolicited TCP connection from 3.138.158.147 to port 0 at 2026-05-25T18:50:04Z. Source IP completed ...
show moreUnsolicited TCP connection from 3.138.158.147 to port 0 at 2026-05-25T18:50:04Z. Source IP completed three-way handshake to non-public service on this host. Detected by automated intrusion monitoring.
show less
Honeypot hit: HTTP/1.1 request on 8015
GET /
User-Agent: visionheight.com/scan Mozilla/5.0 (Macinto ...
show moreHoneypot hit: HTTP/1.1 request on 8015
GET /
User-Agent: visionheight.com/scan Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) Chrome/126.0.0.0 Safari/537.36
Accept: */*
Accept-Encoding: gzip; 8015 [3] TCP
Reported by: https://github.com/sefinek/T-Pot-To-AbuseIPDB
show less
Unauthorized connection attempt from IP address 3.138.158.147 on Port 587(SMTP-MSA)
Port Scan
Anonymous
2026-05-25 12:23:15 SMTP protocol synchronization error (input sent without waiting for greeting): r ...
show more2026-05-25 12:23:15 SMTP protocol synchronization error (input sent without waiting for greeting): rejected connection from H=ec2-3-138-158-147.us-east-2.compute.amazonaws.com [3.138.158.147] input="\n"
2026-05-25 12:23:27 SMTP protocol synchronization error (input sent without waiting for greeting): rejected connection from H=ec2-3-138-158-147.us-east-2.compute.amazonaws.com [3.138.158.147] input="GET / HTTP/1.1\r\nHost: 92.60.190."
2026-05-25 12:25:54 SMTP protocol synchronization error (input sent without waiting for greeting): rejected connection from H=ec2-3-138-158-147.us-east-2.compute.amazonaws.com [3.138.158.147] input="GET / HTTP/1.1\r\nHost: 92.60.190."
2026-05-25 12:26:49 SMTP protocol synchronization error (input sent without waiting for greeting): rejected connection from H=ec2-3-138-158-147.us-east-2.compute.amazonaws.com [3.138.158.147] input="\026\003\001"
2026-05-25 12:28:28 SMTP protocol synchronization error (input sent without waiting for greeting): rejected connec
...
show less
2026-05-25 03:22:31 SMTP protocol synchronization error (input sent without waiting for greeting): r ...
show more2026-05-25 03:22:31 SMTP protocol synchronization error (input sent without waiting for greeting): rejected connection from H=ec2-3-138-158-147.us-east-2.compute.amazonaws.com [3.138.158.147] input="\n"
2026-05-25 03:22:44 SMTP protocol synchronization error (input sent without waiting for greeting): rejected connection from H=ec2-3-138-158-147.us-east-2.compute.amazonaws.com [3.138.158.147] input="GET / HTTP/1.1\r\nHost: 78.128.127"
2026-05-25 03:25:15 SMTP protocol synchronization error (input sent without waiting for greeting): rejected connection from H=ec2-3-138-158-147.us-east-2.compute.amazonaws.com [3.138.158.147] input="GET / HTTP/1.1\r\nHost: 78.128.127"
2026-05-25 03:26:09 SMTP protocol synchronization error (input sent without waiting for greeting): rejected connection from H=ec2-3-138-158-147.us-east-2.compute.amazonaws.com [3.138.158.147] input="\026\003\001"
2026-05-25 03:27:49 SMTP protocol synchronization error (input sent without waiting for greeting): rejected connec
...
show less
Brute-Force
Showing 1 to
15
of 163 reports
Think this IP has been falsely reported? You may request to have the associated
reports reviewed and removed.
Request Takedown ๐ฉ