JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 47.253.148.162

47.253.148.162 was found in our database!

This IP was reported 34 times. Confidence of Abuse is 87%: ?

87%

ISP	Alibaba Cloud - US
Usage Type	Data Center/Web Hosting/Transit
ASN	AS45102
Domain Name	alibabacloud.com
Country	🇺🇸 United States of America
City	Virginia Beach, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 47.253.148.162

Whois 47.253.148.162

IP Abuse Reports for 47.253.148.162:

This IP address has been reported a total of 34 times from 23 distinct sources. 47.253.148.162 was first reported on May 11th 2026, and the most recent report was 1 hour ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇨🇿 lp	2026-06-08 09:01:38 (1 hour ago)	anomaly: tcp_port_scan, 501 > threshold 500, repeats 140 times	Port Scan
🇺🇸 withfallback.com	2026-05-29 23:46:46 (1 week ago)	sends \r\n\r\n and waits; probably looking for telnet	Port Scan
🇺🇸 RAP	2026-05-29 23:44:02 (1 week ago)	2026-05-29 23:44:02 UTC Unauthorized activity to TCP port 23. Telnet	Port Scan
Anonymous	2026-05-29 04:18:49 (1 week ago)	Fuzzing/Looking for credentials files.	Brute-Force Web App Attack
🇺🇸 xmission.com	2026-05-29 04:16:02 (1 week ago)	Blocked by UFW (TCP on 10443) Source port: 49710 TTL: 56 Packet length: 44 TOS: 0x14 This report (f ... show more Blocked by UFW (TCP on 10443) Source port: 49710 TTL: 56 Packet length: 44 TOS: 0x14 This report (for 47.253.148.162) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇺🇸 itsnixk	2026-05-28 21:52:53 (1 week ago)	(mod_security) mod_security (id:920280) triggered by 47.253.148.162 (US/United States/-): 1 in the l ... show more (mod_security) mod_security (id:920280) triggered by 47.253.148.162 (US/United States/-): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: [Thu May 28 17:52:50.056693 2026] [security2:error] [pid 983393:tid 983479] [client 47.253.148.162:56566] ModSecurity: Access denied with code 406 (phase 1). Operator EQ matched 0 at REQUEST_HEADERS. [file "/etc/modsecurity.d/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "567"] [id "920280"] [msg "Request Missing a Host Header"] [severity "CRITICAL"] [ver "OWASP_CRS/4.25.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "OWASP_CRS/PROTOCOL-ENFORCEMENT"] [tag "capec/1000/210/272"] [redacted] [uri "/"] [unique_id "ahi5Mmyshj0hwvrd3wnd1wAAAAM"] show less	Port Scan
🇺🇸 withfallback.com	2026-05-28 03:04:56 (1 week ago)	client sends "random1random2random3random4". A quick Google indicates this is likely part of an nmap ... show more client sends "random1random2random3random4". A quick Google indicates this is likely part of an nmap scan. show less	Port Scan
🇺🇸 shabi	2026-05-27 21:34:51 (1 week ago)	UFW Blocked [5666/TCP] Source: 47.253.148.162:49824 TTL: 54 Lenth: 44 TOS: 0x14	Port Scan
🇺🇸 Cyber Crusader	2026-05-27 11:08:12 (1 week ago)	Hundreds of Attempts (at least) to Connect to and Access Firewall Ports	Port Scan Hacking Brute-Force
🇺🇸 cazae	2026-05-25 13:30:28 (1 week ago)	Unauthorized attempt on debian [5009/tcp] Source port: 50972 TTL: 47 Packet length: 44 TOS: 0x08 ht ... show more Unauthorized attempt on debian [5009/tcp] Source port: 50972 TTL: 47 Packet length: 44 TOS: 0x08 https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇫🇮 Yachiyo Runami	2026-05-25 11:54:42 (1 week ago)	Port Scan on Honeypot \| Ports: 80/HTTP \| Proto: TCP(1) \| Flags: all SYN \| TTL: 48 \| Len: 44B \| Win: ... show more Port Scan on Honeypot \| Ports: 80/HTTP \| Proto: TCP(1) \| Flags: all SYN \| TTL: 48 \| Len: 44B \| Win: 65280(1) \| F2B/ufw-honeypot@2026-05-25T11:54:41Z show less	Port Scan Hacking
🇺🇸 MPL	2026-05-25 11:45:36 (1 week ago)	tcp/106 (47 or more attempts)	Port Scan
Anonymous	2026-05-25 00:48:23 (2 weeks ago)	Firewall - Suricata IDS [Priority 2 - High]: ET CINS Active Threat Intelligence Poor Reputation IP g ... show more Firewall - Suricata IDS [Priority 2 - High]: ET CINS Active Threat Intelligence Poor Reputation IP group 82 show less	Port Scan Hacking
🇺🇸 Cyber Crusader	2026-05-24 16:14:31 (2 weeks ago)	Hundreds of Attempts (at least) to Connect to and Access Firewall Ports	Port Scan Hacking Brute-Force
Anonymous	2026-05-24 09:02:58 (2 weeks ago)	external scanner	Port Scan

Showing 1 to 15 of 34 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 198.199.123.141

🇸🇪 155.4.244.179

🇺🇸 70.120.203.193

🇺🇸 18.217.208.51

🇫🇮 104.245.240.165

🇻🇳 103.153.254.96

🇺🇸 66.132.172.116

🇮🇶 37.239.129.226

🇺🇸 216.132.133.26

🇺🇸 212.119.40.68

🇺🇸 205.169.39.23

🇺🇸 204.12.226.26

🇧🇷 201.131.85.131

🇮🇳 103.172.131.228

🇺🇸 99.60.18.106

🇩🇪 91.92.240.42

🇺🇸 45.136.27.43

🇲🇽 187.251.123.104

🇨🇳 183.150.182.61

🇫🇷 167.86.119.92