117.63.131.252

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: ChinaNet Jiangsu Province Network

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspambots	Unauthorized connection attempt detected from IP address 117.63.131.252 to port 6656 [T]	2020-01-29 19:04:47

Comments on same subnet:

IP	Type	Details	Datetime
117.63.131.140	attack	Unauthorized connection attempt detected from IP address 117.63.131.140 to port 6656 [T]	2020-01-29 18:22:59

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 117.63.131.252
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 26967
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;117.63.131.252.			IN	A

;; AUTHORITY SECTION:
.			549	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020012900 1800 900 604800 86400

;; Query time: 120 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Jan 29 19:04:41 CST 2020
;; MSG SIZE  rcvd: 118

Host info

252.131.63.117.in-addr.arpa domain name pointer 252.131.63.117.broad.cz.js.dynamic.163data.com.cn.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
252.131.63.117.in-addr.arpa	name = 252.131.63.117.broad.cz.js.dynamic.163data.com.cn.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
132.232.47.59	attack	Automatic report BANNED IP	2020-07-16 18:49:41
103.236.115.166	attack	2020-07-16T11:59:55.174782v22018076590370373 sshd[14260]: Invalid user yati from 103.236.115.166 port 42962 2020-07-16T11:59:55.182962v22018076590370373 sshd[14260]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.236.115.166 2020-07-16T11:59:55.174782v22018076590370373 sshd[14260]: Invalid user yati from 103.236.115.166 port 42962 2020-07-16T11:59:56.708087v22018076590370373 sshd[14260]: Failed password for invalid user yati from 103.236.115.166 port 42962 ssh2 2020-07-16T12:04:54.494826v22018076590370373 sshd[4471]: Invalid user iman from 103.236.115.166 port 57522 ...	2020-07-16 19:02:43
112.105.37.24	attack	DATE:2020-07-16 10:28:37, IP:112.105.37.24, PORT:telnet Telnet brute force auth on honeypot server (honey-neo-dc)	2020-07-16 19:13:51
146.148.47.148	attackspam	146.148.47.148 - - [16/Jul/2020:05:49:27 +0200] "GET /awstats.pl?lang=en&output=main HTTP/1.0" 404 280 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/71.0.3578.98 Safari/537.36"	2020-07-16 18:51:19
198.100.146.65	attackspam	Invalid user wy from 198.100.146.65 port 48814	2020-07-16 19:06:45
125.124.70.22	attackbots	TCP (SYN) 125.124.70.22:47221 -> port 1347, len 44	2020-07-16 19:17:54
111.198.54.173	attackbotsspam	Jul 16 09:02:20 Ubuntu-1404-trusty-64-minimal sshd\[14432\]: Invalid user ita from 111.198.54.173 Jul 16 09:02:20 Ubuntu-1404-trusty-64-minimal sshd\[14432\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.198.54.173 Jul 16 09:02:23 Ubuntu-1404-trusty-64-minimal sshd\[14432\]: Failed password for invalid user ita from 111.198.54.173 port 58624 ssh2 Jul 16 09:21:00 Ubuntu-1404-trusty-64-minimal sshd\[25215\]: Invalid user lfc from 111.198.54.173 Jul 16 09:21:00 Ubuntu-1404-trusty-64-minimal sshd\[25215\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.198.54.173	2020-07-16 18:48:14
1.175.149.33	attack	Hits on port : 26	2020-07-16 19:15:20
213.230.118.114	attack	Fail2Ban Ban Triggered SMTP Abuse Attempt	2020-07-16 19:24:44
103.147.13.207	attack	php WP PHPmyadamin ABUSE blocked for 12h	2020-07-16 19:16:52
161.35.201.124	attack	(sshd) Failed SSH login from 161.35.201.124 (DE/Germany/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Jul 16 11:10:28 amsweb01 sshd[5367]: Invalid user php from 161.35.201.124 port 54688 Jul 16 11:10:30 amsweb01 sshd[5367]: Failed password for invalid user php from 161.35.201.124 port 54688 ssh2 Jul 16 11:17:47 amsweb01 sshd[6806]: Invalid user scb from 161.35.201.124 port 34002 Jul 16 11:17:50 amsweb01 sshd[6806]: Failed password for invalid user scb from 161.35.201.124 port 34002 ssh2 Jul 16 11:21:52 amsweb01 sshd[7542]: Invalid user webmaster from 161.35.201.124 port 51046	2020-07-16 18:51:03
47.75.195.245	attackspambots	Invalid user admin from 47.75.195.245 port 38914	2020-07-16 18:48:46
173.89.163.88	attack	$f2bV_matches	2020-07-16 19:03:03
119.45.10.5	attackbotsspam	2020-07-16T09:06:19+0200 Failed SSH Authentication/Brute Force Attack. (Server 9)	2020-07-16 18:52:29
114.220.238.72	attackspam	Jul 16 10:02:22 XXX sshd[16443]: Invalid user celery from 114.220.238.72 port 50503	2020-07-16 19:00:57

Recently Reported IPs

60.188.54.81	58.243.28.171	58.19.83.33	49.85.8.137
49.82.218.19	42.117.213.75	36.7.27.151	36.6.154.91
14.115.70.206	13.125.247.241	1.180.165.205	223.242.95.22
223.240.221.240	222.187.162.237	221.202.85.198	218.91.135.84
183.166.160.204	183.150.71.216	183.51.190.236	182.247.61.236