JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 47.97.0.54

47.97.0.54 was found in our database!

This IP was reported 200 times. Confidence of Abuse is 44%: ?

44%

ISP	Aliyun Computing Co., LTD
Usage Type	Data Center/Web Hosting/Transit
ASN	AS37963
Domain Name	alibabacloud.com
Country	🇨🇳 China
City	Hangzhou, Zhejiang

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 47.97.0.54

Whois 47.97.0.54

IP Abuse Reports for 47.97.0.54:

This IP address has been reported a total of 200 times from 54 distinct sources. 47.97.0.54 was first reported on March 23rd 2025, and the most recent report was 6 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇮🇳 evicky2002	2026-06-23 05:52:11 (6 days ago)	Confirmed malicious by STILWaters CTI platform (score=100, sources=3)	Hacking Brute-Force SSH
🇬🇧 PeravixGroup	2026-06-20 03:48:30 (1 week ago)	Honeypot detection: Jenkins CI unauthorized access / script console abuse attempt (CVE-2024-23897) o ... show more Honeypot detection: Jenkins CI unauthorized access / script console abuse attempt (CVE-2024-23897) on port 50000. Severity: MEDIUM. Aaran.cloud show less	Hacking Exploited Host
🇬🇧 PeravixGroup	2026-06-20 00:11:37 (1 week ago)	Honeypot detection: Docker daemon unauthorized access / container escape attempt on port 2375. Sever ... show more Honeypot detection: Docker daemon unauthorized access / container escape attempt on port 2375. Severity: MEDIUM. Aaran.cloud show less	Hacking Exploited Host
🇺🇸 www.winos.me	2026-06-18 22:59:00 (1 week ago)	Shield: Layer4 Port 9 Trap	Port Scan Hacking
🇺🇸 mutebot.net	2026-06-10 22:30:10 (2 weeks ago)	SRC=47.97.0.54, PROTO=TCP, SPT=50598, DPT=33939 SRC=47.97.0.54, PROTO=TCP, SPT=50598, DPT=43242 SRC= ... show more SRC=47.97.0.54, PROTO=TCP, SPT=50598, DPT=33939 SRC=47.97.0.54, PROTO=TCP, SPT=50598, DPT=43242 SRC=47.97.0.54, PROTO=TCP, SPT=50598, DPT=46221 SRC=47.97.0.54, PROTO=TCP, SPT=50598, DPT=20599 SRC=47.97.0.54, PROTO=TCP, SPT=50598, DPT=55803 show less	Port Scan
🇬🇧 PeravixGroup	2026-06-08 21:05:45 (2 weeks ago)	Honeypot detection: X11 display server unauthorized access / probing attempt on port 6000. Severity: ... show more Honeypot detection: X11 display server unauthorized access / probing attempt on port 6000. Severity: MEDIUM. Aaran.cloud show less	Port Scan Brute-Force
🇩🇪 acadeova	2026-06-07 12:56:00 (3 weeks ago)	🚨 Recon detected (nft drop) SRC=47.97.0.54 Observed=TCP dpt=10108 in=enp0s6 ttl=241 Time=recent(jour ... show more 🚨 Recon detected (nft drop) SRC=47.97.0.54 Observed=TCP dpt=10108 in=enp0s6 ttl=241 Time=recent(journalctl: 10 minutes ago) Assessment=Generic scanning / reconnaissance (PORT_SCAN) show less	Port Scan
🇬🇧 PeravixGroup	2026-06-07 12:06:09 (3 weeks ago)	Honeypot detection: FTP brute-force or anonymous access attempt on port 21. Severity: MEDIUM. Aaran. ... show more Honeypot detection: FTP brute-force or anonymous access attempt on port 21. Severity: MEDIUM. Aaran.cloud show less	FTP Brute-Force Brute-Force
🇬🇧 PeravixGroup	2026-06-07 03:16:44 (3 weeks ago)	Honeypot detection: Memcached unauthorized access / amplification attempt on port 11211. Severity: M ... show more Honeypot detection: Memcached unauthorized access / amplification attempt on port 11211. Severity: MEDIUM. Aaran.cloud show less	Hacking Exploited Host
🇬🇧 PeravixGroup	2026-06-05 18:48:11 (3 weeks ago)	Honeypot detection: Web application scanning / reconnaissance attempt on port 8080. Severity: LOW. A ... show more Honeypot detection: Web application scanning / reconnaissance attempt on port 8080. Severity: LOW. Aaran.cloud show less	Port Scan Bad Web Bot
🇬🇧 PeravixGroup	2026-06-03 14:28:17 (3 weeks ago)	Honeypot detection: Web application scanning / reconnaissance attempt on port 8080. Severity: LOW. A ... show more Honeypot detection: Web application scanning / reconnaissance attempt on port 8080. Severity: LOW. Aaran.cloud show less	Port Scan Bad Web Bot
🇩🇪 mattk	2026-06-01 06:14:23 (4 weeks ago)	port scan	Port Scan
🇬🇧 PeravixGroup	2026-05-30 04:51:29 (4 weeks ago)	Honeypot detection: Docker daemon unauthorized access / container escape attempt on port 2376. Sever ... show more Honeypot detection: Docker daemon unauthorized access / container escape attempt on port 2376. Severity: MEDIUM. Aaran.cloud show less	Hacking Exploited Host
🇫🇷 Little Iguana	2026-05-27 18:48:27 (1 month ago)	trying to access non-authorized port	Port Scan
🇫🇷 ISPLtd	2026-05-26 13:58:52 (1 month ago)	May 26 10:58:48 47.97.0.54 TCP SPT=43927 DPT=51215 SYN May 26 10:58:49 47.97.0.54 TCP SPT=43927 DPT= ... show more May 26 10:58:48 47.97.0.54 TCP SPT=43927 DPT=51215 SYN May 26 10:58:49 47.97.0.54 TCP SPT=43927 DPT=29057 SYN May 26 10:58:51 47.97.0.54 TCP SPT=43927 DPT=20729 SYN ... show less	Port Scan

Showing 1 to 15 of 200 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇧🇷 187.84.249.44

🇮🇳 183.82.56.12

🇺🇸 172.203.217.153

🇧🇩 161.248.201.12

🇧🇬 149.62.239.4

🇨🇳 117.13.171.210

🇮🇳 103.81.153.51

🇮🇳 103.81.153.50

🇯🇵 52.246.162.142

🇺🇸 45.56.79.53

🇮🇩 38.226.44.109

🇺🇸 20.163.32.168

🇺🇸 209.141.43.146

🇩🇪 195.63.20.208

🇧🇷 187.18.11.22

🇵🇱 172.253.206.62

🇮🇩 163.7.15.4

🇺🇸 162.144.88.94

🇮🇩 160.187.174.22

🇮🇳 103.81.153.48