JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 47.100.138.192

47.100.138.192 was found in our database!

This IP was reported 972 times. Confidence of Abuse is 100%: ?

100%

ISP	Aliyun Computing Co., LTD
Usage Type	Data Center/Web Hosting/Transit
ASN	AS37963
Domain Name	alibabacloud.com
Country	🇨🇳 China
City	Shanghai, Shanghai

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 47.100.138.192

Whois 47.100.138.192

IP Abuse Reports for 47.100.138.192:

This IP address has been reported a total of 972 times from 213 distinct sources. 47.100.138.192 was first reported on October 22nd 2025, and the most recent report was 50 minutes ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇵🇱 bmino.pl	2025-11-21 21:40:11 (6 months ago)	Autoban IP(2): 47.100.138.192 - Hostname: unknown - City: Shanghai - Region: Shanghai - Country: CN ... show more Autoban IP(2): 47.100.138.192 - Hostname: unknown - City: Shanghai - Region: Shanghai - Country: CN - Location: 31.2222,121.4581 - Organization: AS37963 Hangzhou Alibaba Advertising Co.,Ltd. - failed attempts. show less	Email Spam
🇺🇸 chronos	2025-11-21 21:40:11 (6 months ago)	[AUTORAVALT][[21/11/2025 - 18:40:10 -03:00 UTC] Attack from [Asia Pacific Network Information Centre ... show more [AUTORAVALT][[21/11/2025 - 18:40:10 -03:00 UTC] Attack from [Asia Pacific Network Information Centre] [47.100.138.192]-[RANGE:47.100.0.0 - 47.103.255.255] Action: BLocKed Phishing -> Phishing websites and/or email. Email Spam -> Spam email content, infected attachments, and phishing emails. Hacking... Unauthorized attempts to access the server. Spoofing -> Em] ... show less	Phishing Email Spam Hacking Spoofing Brute-Force
🇬🇧 Steve	2025-11-21 21:31:50 (6 months ago)	Attempts against Pop3/IMAP	Brute-Force
🇺🇸 AWSGIEMSAN7	2025-11-21 21:25:32 (6 months ago)	...	Brute-Force
🇬🇧 gtabomber	2025-11-21 21:18:18 (6 months ago)	2025-11-21T21:18:09.207813 espaceonline.co.uk auth[9041]: pam_unix(dovecot:auth): authentication fai ... show more 2025-11-21T21:18:09.207813 espaceonline.co.uk auth[9041]: pam_unix(dovecot:auth): authentication failure; logname= uid=0 euid=0 tty=dovecot [email protected] rhost=47.100.138.192 2025-11-21T21:18:11.142592 espaceonline.co.uk dovecot[29749]: auth-worker(9041): pam([email protected],47.100.138.192,<1D6qWSFEYr8vZIrA>): unknown user (given password: Espaceonline2022!) 2025-11-21T21:18:13.366364 espaceonline.co.uk dovecot[29749]: pop3-login: Disconnected (auth failed, 1 attempts in 4 secs): user=<[email protected]>, method=PLAIN, rip=47.100.138.192, lip=176.126.240.132, session=<1D6qWSFEYr8vZIrA> ... show less	Brute-Force SSH
🇺🇸 OolutionTech	2025-11-21 20:54:49 (6 months ago)	Attempted to use server as an SMTP open relay	Open Proxy Hacking
🇹🇷 rtbh.com.tr	2025-11-21 20:10:02 (6 months ago)	list.rtbh.com.tr report: tcp/0	Brute-Force
Anonymous	2025-11-21 17:11:52 (6 months ago)	6x Dovecot auth failed (on 6 different adresses)	Brute-Force
🇩🇪 initsol	2025-11-21 16:09:25 (6 months ago)	2025-11-21T16:15:53.669230hermes2 dovecot[1035]: pop3-login: Disconnected (auth failed, 1 attempts i ... show more 2025-11-21T16:15:53.669230hermes2 dovecot[1035]: pop3-login: Disconnected (auth failed, 1 attempts in 0 secs): user=<[email protected]>, rip=47.100.138.192, lip=94.130.37.231, session=<pVEgShxEJNwvZIrA> 2025-11-21T16:42:25.498485hermes2 dovecot[1035]: pop3-login: Disconnected (auth failed, 1 attempts in 0 secs): user=<[email protected]>, rip=47.100.138.192, lip=94.130.37.231, session=<r7QBqRxEbsEvZIrA> 2025-11-21T17:09:25.047554hermes2 dovecot[1035]: pop3-login: Disconnected (auth failed, 1 attempts in 0 secs): user=<[email protected]>, rip=47.100.138.192, lip=94.130.37.231, session=<NRCKCR1EAOgvZIrA> ... show less	Brute-Force
🇩🇪 initsol	2025-11-21 10:58:33 (6 months ago)	2025-11-21T11:07:54.303114hermes2 dovecot[1035]: pop3-login: Disconnected (auth failed, 1 attempts i ... show more 2025-11-21T11:07:54.303114hermes2 dovecot[1035]: pop3-login: Disconnected (auth failed, 1 attempts in 0 secs): user=<[email protected]>, rip=47.100.138.192, lip=94.130.37.231, session=<spGr/BdE7OYvZIrA> 2025-11-21T11:33:02.097508hermes2 dovecot[1035]: pop3-login: Disconnected (auth failed, 1 attempts in 0 secs): user=<[email protected]>, rip=47.100.138.192, lip=94.130.37.231, session=<GLCKVhhEVKkvZIrA> 2025-11-21T11:58:32.039902hermes2 dovecot[1035]: pop3-login: Disconnected (auth failed, 1 attempts in 0 secs): user=<[email protected]>, rip=47.100.138.192, lip=94.130.37.231, session=<HcG7sRhEOqsvZIrA> ... show less	Brute-Force
🇫🇷 ✨	2025-11-21 06:20:05 (6 months ago)	Rule : POP 11/20/25 22:19:31 POPS 1972 47.100.138.192 OK Welcome to MailEnable POP3 Server 39 0 ... show more Rule : POP 11/20/25 22:19:31 POPS 1972 47.100.138.192 OK Welcome to MailEnable POP3 Server 39 0 11/20/25 22:19:32 POPS 1972 47.100.138.192 USER USER [email protected] OK 5 36 11/20/25 22:19:32 POPS 1972 47.100.138.192 PASS PASS * -ERR Unable to log on 23 27 show less	Port Scan Spoofing
🇩🇪 initsol	2025-11-21 05:54:15 (6 months ago)	2025-11-21T06:04:01.532776hermes2 dovecot[1035]: pop3-login: Disconnected (auth failed, 1 attempts i ... show more 2025-11-21T06:04:01.532776hermes2 dovecot[1035]: pop3-login: Disconnected (auth failed, 1 attempts in 0 secs): user=<[email protected]>, rip=47.100.138.192, lip=94.130.37.231, session=<HpPpvRNEjpIvZIrA> 2025-11-21T06:29:00.982992hermes2 dovecot[1035]: pop3-login: Disconnected (auth failed, 1 attempts in 0 secs): user=<[email protected]>, rip=47.100.138.192, lip=94.130.37.231, session=<Fl5JFxREvtgvZIrA> 2025-11-21T06:54:14.825402hermes2 dovecot[1035]: pop3-login: Disconnected (auth failed, 1 attempts in 0 secs): user=<[email protected]>, rip=47.100.138.192, lip=94.130.37.231, session=</sSEcRREnt4vZIrA> ... show less	Brute-Force
🇸🇪 triplecode	2025-11-21 05:32:54 (6 months ago)	Reported from hMailServer	Hacking
🇳🇱 stom	2025-11-21 05:08:14 (6 months ago)	2025-11-21T05:08:07.717028 socky.stom66.co.uk dovecot[2684234]: pop3-login: Disconnected: Connection ... show more 2025-11-21T05:08:07.717028 socky.stom66.co.uk dovecot[2684234]: pop3-login: Disconnected: Connection closed (auth failed, 1 attempts in 0 secs): user=<[email protected]>, rip=47.100.138.192, lip=5.79.80.26, session=<JQyWzBNExOwvZIrA> ... show less	Email Spam Brute-Force
🇳🇱 Godert Jan van Manen	2025-11-21 04:13:44 (6 months ago)	Nov 21 05:05:00 odin dovecot: auth-worker(23018): sql([email protected],47.100.138.192,<fmHc6h ... show more Nov 21 05:05:00 odin dovecot: auth-worker(23018): sql([email protected],47.100.138.192,<fmHc6hJEmLEvZIrA>): unknown user Nov 21 05:05:02 odin dovecot: pop3-login: Disconnected (auth failed, 1 attempts in 2 secs): user=<[email protected]>, method=PLAIN, rip=47.100.138.192, lip=178.162.131.122, session=<fmHc6hJEmLEvZIrA> Nov 21 05:06:37 odin dovecot: auth-worker(23018): sql([email protected],47.100.138.192,<loSd8BJEqLwvZIrA>): unknown user Nov 21 05:06:39 odin dovecot: pop3-login: Disconnected (auth failed, 1 attempts in 2 secs): user=<[email protected]>, method=PLAIN, rip=47.100.138.192, lip=178.162.131.122, session=<loSd8BJEqLwvZIrA> Nov 21 05:13:43 odin dovecot: auth-worker(23018): sql([email protected],47.100.138.192,<IxoNChNEbKgvZIrA>): unknown user show less	Brute-Force

Showing 871 to 885 of 972 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 154.83.197.148

🇨🇳 60.18.7.172

🇧🇷 45.205.1.240

🇳🇱 45.198.224.18

🇺🇸 2600:3c03::2000:61ff:febb:f0f0

🇰🇷 222.110.147.56

🇮🇳 182.95.102.190

🇵🇭 180.190.189.204

🇺🇸 163.192.217.140

🇩🇪 69.5.169.78

🇸🇬 13.250.194.106

🇺🇸 3.147.103.216

🇯🇵 203.25.124.170

🇺🇸 198.98.59.131

🇺🇸 147.185.132.65

🇨🇳 123.191.145.82

🇨🇳 120.48.102.177

🇷🇴 92.118.39.209

🇫🇷 75.119.142.40

🇬🇧 35.203.210.243