JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 47.95.196.42

47.95.196.42 was found in our database!

This IP was reported 27 times. Confidence of Abuse is 72%: ?

72%

ISP	Aliyun Computing Co., LTD
Usage Type	Data Center/Web Hosting/Transit
ASN	AS37963
Domain Name	alibabacloud.com
Country	🇨🇳 China
City	Beijing, Beijing

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 47.95.196.42

Whois 47.95.196.42

IP Abuse Reports for 47.95.196.42:

This IP address has been reported a total of 27 times from 19 distinct sources. 47.95.196.42 was first reported on May 7th 2026, and the most recent report was 18 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 Little Iguana	2026-06-15 23:24:05 (18 hours ago)	trying to access non-authorized port	Port Scan
🇺🇸 juguemosalacarioca.com	2026-06-13 20:37:27 (2 days ago)	Multiple HTTP calls attempting to GET resources using common API calls or formats on port 8080	Web App Attack
🇺🇸 sandra361	2026-06-13 07:16:43 (3 days ago)	Port scan detected: 51 attempts across 51 ports (10862,11660,14062,14271,14791,15056,15986,16072,183 ... show more Port scan detected: 51 attempts across 51 ports (10862,11660,14062,14271,14791,15056,15986,16072,183,18470,21325,21517,22691,24747,25089,27084,27371,27585,28779,2947,29767,32053,34713,35818,37716,38203,38445,39839,40360,41346,42851,43766,44671,45776,4625,49773,50220,50625,51163,5342,54243,54476,54804,5519,56087,59614,60085,62468,64128,6578,867). \| Evidence: GHOST_SCAN: IN=enp1s0 SRC=47.95.196.42 LEN=40 TOS=0x00 PREC=0x00 TTL=227 ID=2131 PROTO=TCP SPT=54947 DPT=15056 WINDOW=1024 RES=0x00 SYN URGP=0 show less	Port Scan
🇫🇷 ISPLtd	2026-06-11 09:54:56 (5 days ago)	Jun 11 06:54:55 47.95.196.42 TCP SPT=51692 DPT=31230 SYN Jun 11 06:54:55 47.95.196.42 TCP SPT=51692 ... show more Jun 11 06:54:55 47.95.196.42 TCP SPT=51692 DPT=31230 SYN Jun 11 06:54:55 47.95.196.42 TCP SPT=51692 DPT=28079 SYN Jun 11 06:54:56 47.95.196.42 TCP SPT=51692 DPT=34515 ... show less	Port Scan
🇩🇪 excill	2026-06-09 03:13:07 (1 week ago)	Honeypot mesh observed 928 attack events in 24h — cowrie/dionaea/heralding/suricata	Port Scan Hacking Brute-Force SSH
Anonymous	2026-06-07 21:12:48 (1 week ago)	47.95.196.42 detected on srv01	Port Scan
🇰🇷 winter	2026-06-05 00:49:53 (1 week ago)	Connection attemp from 47.95.196.42 to port 22	Brute-Force SSH
🇬🇧 PeravixGroup	2026-05-30 16:20:41 (2 weeks ago)	Honeypot detection: Remote Desktop Protocol (RDP) brute-force attempt on port 3389. Severity: HIGH. ... show more Honeypot detection: Remote Desktop Protocol (RDP) brute-force attempt on port 3389. Severity: HIGH. Aaran.cloud show less	Brute-Force Hacking
Anonymous	2026-05-30 09:17:07 (2 weeks ago)	May 30 05:17:04 localhost kernel: [108477946.883557] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:9 ... show more May 30 05:17:04 localhost kernel: [108477946.883557] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:84:83:95:00:00:0c:9f:f0:1e:08:00 SRC=47.95.196.42 DST=[mungedIP2] LEN=40 TOS=0x00 PREC=0x00 TTL=232 ID=42117 PROTO=TCP SPT=52622 DPT=44297 WINDOW=1024 RES=0x00 SYN URGP=0 May 30 05:17:04 localhost kernel: [108477946.883576] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:84:83:95:00:00:0c:9f:f0:1e:08:00 SRC=47.95.196.42 DST=[mungedIP2] LEN=40 TOS=0x00 PREC=0x00 TTL=232 ID=42117 PROTO=TCP SPT=52622 DPT=44297 SEQ=660564466 ACK=0 WINDOW=1024 RES=0x00 SYN URGP=0 May 30 05:17:06 localhost kernel: [108477949.127195] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:84:83:95:00:00:0c:9f:f0:1e:08:00 SRC=47.95.196.42 DST=[mungedIP2] LEN=40 TOS=0x00 PREC=0x00 TTL=232 ID=55283 PROTO=TCP SPT=52622 DPT=21161 WINDOW=1024 RES=0x00 SYN URGP=0 May 30 05:17:06 localhost kernel: [108477949.127220] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:84:83:95:00:00:0c:9f:f0:1e:08:00 SRC=47.95.196.42 DST=[mungedIP2] LEN=40 TOS=0x0 show less	Port Scan
🇫🇷 dusfor72	2026-05-30 08:32:13 (2 weeks ago)	aggressive portscan ...	Port Scan
🇬🇧 PeravixGroup	2026-05-30 05:48:47 (2 weeks ago)	Honeypot detection: Docker daemon unauthorized access / container escape attempt on port 2376. Sever ... show more Honeypot detection: Docker daemon unauthorized access / container escape attempt on port 2376. Severity: MEDIUM. Aaran.cloud show less	Hacking Exploited Host
🇩🇪 auridh	2026-05-29 07:59:32 (2 weeks ago)	Ip 47.95.196.42 performed 'crowdsecurity/http-bad-user-agent' (2 events over 1.625821156s) at 2026-0 ... show more Ip 47.95.196.42 performed 'crowdsecurity/http-bad-user-agent' (2 events over 1.625821156s) at 2026-05-29 07:47:09.530703325 +0000 UTC show less	Bad Web Bot Web App Attack
🇬🇧 pearbright	2026-05-27 07:23:39 (2 weeks ago)	2026-05-27T07:22:11.363119+00:00 srv1093252 kernel: [612529.284273] [UFW BLOCK] IN=eth0 OUT= MAC=28: ... show more 2026-05-27T07:22:11.363119+00:00 srv1093252 kernel: [612529.284273] [UFW BLOCK] IN=eth0 OUT= MAC=28:e8:d4:b5:be:84:44:38:39:ff:ff:41:08:00 SRC=47.95.196.42 DST=72.61.19.109 LEN=40 TOS=0x08 PREC=0x20 TTL=225 ID=63431 PROTO=TCP SPT=46529 DPT=35980 WINDOW=1024 RES=0x00 SYN URGP=0 2026-05-27T07:22:12.474978+00:00 srv1093252 kernel: [612530.393309] [UFW BLOCK] IN=eth0 OUT= MAC=28:e8:d4:b5:be:84:44:38:39:ff:ff:41:08:00 SRC=47.95.196.42 DST=72.61.19.109 LEN=40 TOS=0x08 PREC=0x20 TTL=225 ID=19326 PROTO=TCP SPT=46529 DPT=22938 WINDOW=1024 RES=0x00 SYN URGP=0 2026-05-27T07:22:12.894994+00:00 srv1093252 kernel: [612530.813897] [UFW BLOCK] IN=eth0 OUT= MAC=28:e8:d4:b5:be:84:44:38:39:ff:ff:41:08:00 SRC=47.95.196.42 DST=72.61.19.109 LEN=40 TOS=0x08 PREC=0x20 TTL=225 ID=56867 PROTO=TCP SPT=46529 DPT=43651 WINDOW=1024 RES=0x00 SYN URGP=0 2026-05-27T07:22:13.062994+00:00 srv1093252 kernel: [612530.982945] [UFW BLOCK] IN=eth0 OUT= MAC=28:e8:d4:b5:be:84:44:38:39:ff:ff:41:08:00 SRC=47.95.196.42 DST=72. ... show less	Port Scan
🇭🇰 PingMeMaybe	2026-05-24 16:53:25 (3 weeks ago)	Blocked by UFW on hk [1318/tcp] Source port: 41605 TTL: 237 Packet length: 40 TOS: 0x00 This report ... show more Blocked by UFW on hk [1318/tcp] Source port: 41605 TTL: 237 Packet length: 40 TOS: 0x00 This report was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇩🇪 acadeova	2026-05-24 03:10:46 (3 weeks ago)	Blocked by UFW on vps2 [55883/tcp] Source port: 52236 TTL: 242 Packet length: 40 TOS: 0x00 This rep ... show more Blocked by UFW on vps2 [55883/tcp] Source port: 52236 TTL: 242 Packet length: 40 TOS: 0x00 This report was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan

Showing 1 to 15 of 27 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 113.250.177.24

🇵🇱 2a00:1450:4025:800::127

🇨🇳 221.5.224.71

🇲🇽 187.191.2.214

🇷🇺 185.40.152.8

🇮🇳 172.253.230.157

🇨🇳 119.96.193.72

🇺🇸 91.230.168.208

🇧🇬 78.128.113.74

🇺🇸 65.49.1.221

🇮🇪 52.19.191.90

🇳🇱 45.148.10.152

🇰🇿 38.180.206.194

🇺🇸 18.216.52.211

🇮🇳 13.71.107.198

🇮🇳 2409:40c1:4c:e986:7047:433c:5ce2:ee21

🇸🇳 213.154.80.51

🇹🇼 211.76.176.125

🇺🇸 195.184.76.117

🇺🇸 195.184.76.23