196.52.43.63 is a Hacker from United States (Edison)

IP informations Cybercrime IP Feeds Raw whois

196.52.43.63

is a

Hacker

100 %

United States

Report Abuse

750attacks reported

237Port Scan

199

77Port ScanHacking

60Hacking

54Port ScanHackingExploited Host

19Brute-Force

19Web App Attack

15uncategorized

12Brute-ForceSSH

9SSH

...

29abuse reported

12Web SpamPort ScanBrute-ForceSSHIoT Targeted

4Email SpamBrute-Force

4Email SpamHacking

2Web SpamBrute-ForceWeb App Attack

2Email SpamPort ScanHacking

2Email Spam

2uncategorized

1Web SpamBrute-ForceWeb App AttackEmail Spam

7reputation reported

7uncategorized

4malware reported

4Malware

from 70 distinct reporters

and 8 distinct sources : BadIPs.com, blocklist.net.ua, DShield.org, FireHOL, NormShield.com, urandom.us.to, VoIPBL.org, AbuseIPDB

196.52.43.63 was first signaled at 2017-12-02 11:36 and last record was at 2021-04-09 10:50.

196.52.43.63

Organization

African Network Information Center - ( AfriNIC Ltd. )

all IP owned by African Network Information Center - ( AfriNIC Ltd. )

Localisation

United States

New Jersey, Edison

NetRange : First & Last IP

196.0.0.0 - 196.255.255.255

Network CIDR

196.0.0.0/8

ASN

60781

list IP by ASN 60781

Cybercrime IP Feeds

Date UTC	Category	Sub Categories	Source List	Source	Logs
2020-08-04 16:38	attacks	Brute-Force		AbuseIPDB	port
2020-08-04 16:10	attacks	Port Scan		AbuseIPDB	firewall-block, port(s): 5986/tcp
2020-08-04 13:39	attacks	FTP Brute-ForcePort Scan		AbuseIPDB	<FTP> TCP (SYN) 196.52.43.63:50480 -> port 21, len 44
2020-08-04 12:50	attacks	Port Scan		AbuseIPDB	Aug 4 23:50:17 debian-2gb-nbg1-2 kernel: \[18836281.066584\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=196.52.43.63
2020-08-04 07:52	attacks	Port Scan		AbuseIPDB	GPL DNS named version attempt - port: 53 proto: dns cat: Attempted Information Leakbytes: 73
2020-08-04 06:22	attacks	Port Scan		AbuseIPDB	Aug 4 17:22:54 debian-2gb-nbg1-2 kernel: \[18813039.324336\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=196.52.43.63
2020-08-04 05:39	attacks	Port Scan		AbuseIPDB	<MEMCACHED> TCP (SYN) 196.52.43.63:62881 -> port 11211, len 44
2020-08-04 01:08	attacks	Hacking		AbuseIPDB	Unauthorized connection attempt detected from IP address 196.52.43.63 to port 5909
2020-08-04 01:08	attacks	HackingBrute-Force		AbuseIPDB	Fail2Ban Ban Triggered
2020-08-04 00:40	attacks	Hacking		AbuseIPDB	Unauthorized connection attempt detected from IP address 196.52.43.63 to port 2161
2020-08-03 23:53	attacks	Port Scan		AbuseIPDB	ICMP MH Probe, Scan /Distributed -
2020-08-03 23:38	attacks	Port ScanHacking		AbuseIPDB	MultiHost/MultiPort Probe, Scan, Hack -
2020-08-03 23:03	attacks	Hacking		AbuseIPDB	Unauthorized connection attempt detected from IP address 196.52.43.63 to port 3000
2020-08-03 22:40	attacks	Hacking		AbuseIPDB	Unauthorized connection attempt detected from IP address 196.52.43.63 to port 81
2020-08-03 22:36	attacks	Port ScanHackingExploited Host		AbuseIPDB	Port scan: Attack repeated for 24 hours
2020-08-03 21:27	attacks	Hacking		AbuseIPDB	Unauthorized connection attempt detected from IP address 196.52.43.63 to port 6443
2020-08-03 18:30	attacks	Port Scan		AbuseIPDB	firewall-block, port(s): 16010/tcp
2020-08-03 14:09	attacks	Port Scan		AbuseIPDB	08/03/2020-19:09:39.068739 196.52.43.63 Protocol: 6 ET SCAN NMAP -sS window 1024
2020-08-03 13:44	attacks	Port ScanHacking		AbuseIPDB	srv02 Mass scanning activity detected Target: 2086(gnunet) ..
2020-08-02 22:43	attacks	Port Scan		AbuseIPDB	2160/tcp 5916/tcp 1234/tcp... [2020-06-02/08-01]64pkt,48pt.(tcp),3pt.(udp)
2020-08-01 07:43	attacks	Port ScanHacking		AbuseIPDB	MultiHost/MultiPort Probe, Scan, Hack -
2020-08-01 01:50	attacks	Port ScanHacking		AbuseIPDB	srv02 Mass scanning activity detected Target: 8080(http-alt) ..
2020-07-31 23:25	attacks	Hacking		AbuseIPDB	Icarus honeypot on github
2020-07-31 10:00	attacks	Port Scan		AbuseIPDB	Port Scan/VNC login attempt
2020-07-31 01:09	attacks	Port ScanHacking		AbuseIPDB	MultiHost/MultiPort Probe, Scan, Hack -
2020-07-30 16:13	attacks	Port ScanHacking		AbuseIPDB	srv02 Mass scanning activity detected Target: 8081(tproxy) ..
2020-07-30 15:30	attacks	Port Scan		AbuseIPDB	Jul 31 02:30:33 debian-2gb-nbg1-2 kernel: \[18413921.735880\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=196.52.43.6
2020-07-30 15:00	attacks	Port ScanHackingExploited Host		AbuseIPDB	Hit honeypot r.
2020-07-30 08:29	attacks	Web App Attack		AbuseIPDB	Automatic report - Banned IP Access
2020-07-29 20:46	attacks	Port Scan		AbuseIPDB	5061/tcp 3389/tcp 9983/tcp... [2020-05-28/07-28]66pkt,47pt.(tcp),4pt.(udp)
2020-07-29 03:53	attacks	Port ScanHackingExploited Host		AbuseIPDB	Honeypot hit.
2020-07-29 03:39	attacks	Port ScanHacking		AbuseIPDB	MultiHost/MultiPort Probe, Scan, Hack -
2020-07-29 02:39	attacks	HackingBrute-Force		AbuseIPDB	Fail2Ban Ban Triggered
2020-07-29 01:45	attacks	Hacking		AbuseIPDB	Unauthorized connection attempt detected from IP address 196.52.43.63 to port 8531
2020-07-28 23:42	attacks	Hacking		AbuseIPDB	Unauthorized connection attempt detected from IP address 196.52.43.63 to port 143
2020-07-28 22:19	attacks	Port ScanHacking		AbuseIPDB	srv02 Mass scanning activity detected Target: 5001 ..
2020-07-28 18:28	attacks	Web App Attack		AbuseIPDB	Automatic report - Banned IP Access
2020-07-28 11:37	attacks	Port Scan		AbuseIPDB	" "
2020-07-28 07:00	attacks	Port Scan		AbuseIPDB	firewall-block, port(s): 135/tcp
2020-07-28 01:35	attacks	Hacking		AbuseIPDB	Unauthorized connection attempt detected from IP address 196.52.43.63 to port 5905
2020-07-27 23:51	attacks	Hacking		AbuseIPDB	Unauthorized connection attempt detected from IP address 196.52.43.63 to port 5061
2020-07-27 23:51	attacks	Port ScanHackingBrute-ForceSSH		AbuseIPDB	[portscan] tcp/22 [SSH] *(RWIN=1024)(07281116)
2020-07-27 23:50	attacks	Port ScanHacking		AbuseIPDB	MultiHost/MultiPort Probe, Scan, Hack -
2020-07-27 22:42	attacks	Port Scan		AbuseIPDB	Jul 28 09:42:54 debian-2gb-nbg1-2 kernel: \[18180675.889572\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=196.52.43.6
2020-07-27 21:13	attacks	Port Scan		AbuseIPDB	Port scanning [3 denied]
2020-07-27 20:37	attacks	Port Scan		AbuseIPDB	port scan and connect, tcp 8080 (http-proxy)
2020-07-27 20:36	attacks	Port Scan		AbuseIPDB	3389/tcp 9983/tcp 9002/tcp... [2020-05-28/07-28]64pkt,46pt.(tcp),3pt.(udp)
2020-07-27 19:30	attacks	Port ScanHacking		AbuseIPDB	srv02 Mass scanning activity detected Target: 5906 ..
2020-07-27 13:53	attacks	Web App Attack		AbuseIPDB	Automatic report - Banned IP Access
2020-07-27 13:39	attacks	Port Scan		AbuseIPDB	<SMB> TCP (SYN) 196.52.43.63:55768 -> port 139, len 44
2017-12-02 11:36	attacks	Port ScanSSH		AbuseIPDB	Firewall - block on port TCP 22 {ssh}
2017-12-02 11:38	attacks	Port ScanHackingBrute-Force		AbuseIPDB	[portscan] tcp/143 [IMAP]
2017-12-02 11:40	abuse	Web SpamBrute-ForceWeb App AttackEmail Spam		AbuseIPDB	Brute force attack stopped by firewall
2017-12-02 11:43	attacks	Port ScanWeb App AttackHackingBrute-Force		AbuseIPDB	Portscan or hack attempt detected by psad/fwsnort
2017-12-02 11:46	attacks	DDoS AttackPort ScanBrute-Force		AbuseIPDB	Attack from 196.52.43.63
2017-12-02 11:47	attacks	Port ScanHackingBrute-Force		AbuseIPDB	[portscan] tcp/143 [IMAP]
2017-12-02 11:49	attacks	Web App AttackSSHPort ScanHacking		AbuseIPDB	Portscan or hack attempt detected by psad/fwsnort
2017-12-02 11:50	attacks	Port ScanHacking		AbuseIPDB	Portscan or hack attempt detected by psad/fwsnort
2017-12-02 11:50	attacks	Port ScanBrute-ForceSSH		AbuseIPDB	Firewall-block on port: 3000
2017-12-02 11:51	attacks	Port ScanHacking		AbuseIPDB	Portscan or hack attempt detected by psad/fwsnort
2019-03-29 18:18	reputation		alienvault_reputation
2019-03-29 18:19	attacks		bi_any_2_30d	BadIPs.com
2019-03-29 18:20	attacks	SSH	bi_ssh-ddos_2_30d	BadIPs.com
2019-03-29 18:20	attacks	SSH	bi_sshd_2_30d	BadIPs.com
2019-03-29 18:20	attacks	SSH	bi_ssh_2_30d	BadIPs.com
2019-03-29 18:21	abuse	Email Spam	blocklist_net_ua	blocklist.net.ua
2019-03-29 18:22	reputation		ciarmy
2019-03-29 18:23	attacks		dshield_top_1000	DShield.org
2019-03-29 18:28	attacks		firehol_level4	FireHOL
2019-03-29 18:41	attacks		normshield_all_attack	NormShield.com
2019-03-29 18:41	attacks		normshield_high_attack	NormShield.com
2019-03-29 18:53	reputation		turris_greylist
2019-03-29 18:53	attacks		urandomusto_smb	urandom.us.to
2019-05-28 23:18	reputation		bds_atif
2019-05-28 23:18	attacks		bi_any_0_1d	BadIPs.com
2019-05-28 23:18	attacks		bi_any_1_7d	BadIPs.com
2019-05-28 23:18	attacks		bi_any_2_1d	BadIPs.com
2019-05-28 23:19	attacks		bi_any_2_7d	BadIPs.com
2019-05-28 23:19	attacks	SSH	bi_ssh-ddos_0_1d	BadIPs.com
2019-05-28 23:19	attacks	SSH	bi_ssh_0_1d	BadIPs.com
2019-05-28 23:19	attacks	SSH	bi_ssh_1_7d	BadIPs.com
2019-05-30 09:43	attacks	Brute-Force	normshield_all_bruteforce	NormShield.com
2019-05-30 09:43	attacks	Brute-Force	normshield_high_bruteforce	NormShield.com
2019-06-12 12:54	attacks	Bad Web Bot	bi_badbots_0_1d	BadIPs.com
2019-06-12 12:54	attacks	Bad Web Bot	bi_badbots_1_7d	BadIPs.com
2019-06-12 12:54	attacks	Brute-Force	bi_bruteforce_0_1d	BadIPs.com
2019-06-12 12:54	attacks	Brute-Force	bi_bruteforce_1_7d	BadIPs.com
2019-06-18 08:39	abuse		normshield_all_suspicious	NormShield.com
2019-06-18 08:39	abuse		normshield_high_suspicious	NormShield.com
2019-06-19 07:44	attacks		normshield_all_webscan	NormShield.com
2019-06-19 07:44	attacks		normshield_high_webscan	NormShield.com
2019-06-20 06:37	malware	Malware	normshield_all_wormscan	NormShield.com
2019-06-20 06:37	malware	Malware	normshield_high_wormscan	NormShield.com
2019-07-03 16:43	malware	Malware	normshield_all_wannacry	NormShield.com
2019-07-03 16:43	malware	Malware	normshield_high_wannacry	NormShield.com
2019-07-17 02:00	attacks	SSH	bi_sshd_0_1d	BadIPs.com
2019-07-17 02:00	attacks	SSH	bi_sshd_1_7d	BadIPs.com
2020-11-08 04:07	reputation		iblocklist_ciarmy_malicious
2021-04-09 10:50	attacks	Fraud VoIP	voipbl	VoIPBL.org
2019-03-29 18:34	attacks		firehol_webserver	FireHOL
2019-03-29 18:23	attacks		dshield	DShield.org
2019-03-29 18:36	reputation		iblocklist_ciarmy_malicious
2020-07-31 16:11	reputation		iblocklist_ciarmy_malicious
2019-06-23 03:00	attacks		firehol_level4	FireHOL

only last 50 and first 10 AbuseIPDB logs are shown

Threats Categories :

abuse

IPs used to spam forum, boards, blogs or smtp servers, automated web scripts or scrappers (bad bots)

anonymizer

Onion Router IP addresses. TOR network IPs, TOR exit points, socks or ssl proxy.

attacks

bruteforce ssh/ftp/system account, IPs that have been detected by fail2ban, ports scan, vulnerabilities scan, DDoS.

malware

Addresses that have been identified distributing malware, form-grabber and stealer, Viruses, Worms, Trojans, Ransomware, Adware, Spyware

Whois

inetnum: 196.0.0.0 - 196.255.255.255
netname: ORG-AFNC1-AFRINIC-20050414
descr:
descr: AfriNIC - www.afrinic.net
descr: Allocation for Africa - This block is in use
descr: by AfriNIC for allocating/assigning to networks
descr: in the AfriNIC service region.
descr: More information - whois.afrinic.net.
descr: Abuse - please querry the whois db for the
descr: contacts of the assigned/allocated prefix.
descr:
country: MU
org: ORG-AFNC1-AFRINIC
admin-c: TEAM-AFRINIC
tech-c: TEAM-AFRINIC
status: ALLOCATED UNSPECIFIED
mnt-by: AFRINIC-DB-MNT
mnt-lower: AFRINIC-HM-MNT
mnt-domains: AFRINIC-IT-MNT
source: AFRINIC # Filtered
parent: 0.0.0.0 - 255.255.255.255

organisation: ORG-AFNC1-AFRINIC
org-name: African Network Information Center - ( AfriNIC Ltd. )
org-type: RIR
country: MU
address: 11th Floor, Standard Chartered Tower
address: 19, Cybercity
address: Ebène
phone: tel:+230-466-6758
phone: tel:+230-403-5100
admin-c: CA15-AFRINIC
tech-c: IT7-AFRINIC
mnt-ref: AFRINIC-HM-MNT
mnt-ref: AFRINIC-DB-MNT
mnt-ref: AFRINIC-IT-MNT
mnt-by: AFRINIC-HM-MNT
remarks: =======================================
remarks: For more information on AFRINIC assigned blocks,
remarks: querry whois.afrinic.net port 43, or the web based
remarks: query at http://whois.afrinic.net or www.afrinic.net
remarks: website: www.afrinic.net
remarks: Other Contacts:
remarks: ===============
remarks: hostmaster@afrinic.net - for IP resources
remarks: new-member@afrinic.net - for new members and other
remarks: inquiries.
source: AFRINIC # Filtered

role: AfriNIC TEAM
address: Raffles Tower - 11th Floor
address: Cybercity
address: Mauritius
phone: tel:+230-403-5100
fax-no: tel:+230-466-6758
admin-c: CA15-AFRINIC
tech-c: CA15-AFRINIC
nic-hdl: TEAM-AFRINIC
mnt-by: AFRINIC-DB-MNT
source: AFRINIC # Filtered

most specific ip range is highlighted

Updated : 2022-04-19