JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 112.97.203.239

112.97.203.239 was found in our database!

This IP was reported 10 times. Confidence of Abuse is 45%: ?

45%

ISP	China Unicom Guangdong province network
Usage Type	Mobile ISP
ASN	AS134543
Domain Name	chinaunicom.cn
Country	🇨🇳 China
City	Shenzhen, Guangdong

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 112.97.203.239

Whois 112.97.203.239

IP Abuse Reports for 112.97.203.239:

This IP address has been reported a total of 10 times from 9 distinct sources. 112.97.203.239 was first reported on May 14th 2023, and the most recent report was 2 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 lirion	2026-06-02 18:36:15 (2 days ago)	2026-06-02T20:34:54.085782+02:00 rserver.lirion.de sshd-session[87180]: Invalid user chenchang from ... show more 2026-06-02T20:34:54.085782+02:00 rserver.lirion.de sshd-session[87180]: Invalid user chenchang from 112.97.203.239 port 38423 2026-06-02T20:35:12.865405+02:00 rserver.lirion.de sshd-session[87237]: Invalid user es from 112.97.203.239 port 38424 2026-06-02T20:35:31.372575+02:00 rserver.lirion.de sshd-session[87261]: Invalid user pengbo from 112.97.203.239 port 38425 2026-06-02T20:35:50.162729+02:00 rserver.lirion.de sshd-session[87301]: Invalid user ansible from 112.97.203.239 port 38426 2026-06-02T20:36:09.318695+02:00 rserver.lirion.de sshd-session[87834]: Invalid user xyb from 112.97.203.239 port 38427 ... show less	Brute-Force SSH
🇩🇪 lirion	2026-06-02 17:47:04 (2 days ago)	2026-06-02T19:45:25.552132+02:00 rserver.lirion.de sshd-session[74763]: Invalid user informix from 1 ... show more 2026-06-02T19:45:25.552132+02:00 rserver.lirion.de sshd-session[74763]: Invalid user informix from 112.97.203.239 port 37916 2026-06-02T19:45:51.091894+02:00 rserver.lirion.de sshd-session[74838]: Invalid user ansible from 112.97.203.239 port 37917 2026-06-02T19:46:16.613574+02:00 rserver.lirion.de sshd-session[74908]: Invalid user tmp_pkj from 112.97.203.239 port 56248 2026-06-02T19:46:42.612015+02:00 rserver.lirion.de sshd-session[74951]: Invalid user zswang from 112.97.203.239 port 37919 2026-06-02T19:47:03.958130+02:00 rserver.lirion.de sshd-session[74990]: Invalid user xujinlong from 112.97.203.239 port 37920 ... show less	Brute-Force SSH
🇩🇪 ghostwarriors	2026-06-02 16:50:33 (2 days ago)	Unauthorized connection attempt detected, SSH Brute-Force	Brute-Force Port Scan SSH
🇮🇩 David Koswari	2026-06-02 06:05:00 (3 days ago)	REQ_BLOCKED_ACL	DDoS Attack FTP Brute-Force Ping of Death Port Scan Hacking SQL Injection Spoofing Brute-Force Bad Web Bot Exploited Host Web App Attack SSH IoT Targeted
🇩🇪 ipcop.net	2026-06-02 03:24:06 (3 days ago)	Malicious activity detected from 112.97.203.239.	Brute-Force
🇳🇱 celltek	2026-06-01 10:30:03 (3 days ago)	SSH abuse or brute-force attack detected	Brute-Force SSH
🇩🇪 Wuck	2026-06-01 02:27:34 (4 days ago)	Jun 1 04:27:05 Torux sshd[450178]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid ... show more Jun 1 04:27:05 Torux sshd[450178]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.97.203.239 Jun 1 04:27:07 Torux sshd[450178]: Failed password for invalid user datauser from 112.97.203.239 port 58490 ssh2 Jun 1 04:27:31 Torux sshd[450414]: Invalid user snake from 112.97.203.239 port 58971 Jun 1 04:27:31 Torux sshd[450414]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.97.203.239 Jun 1 04:27:33 Torux sshd[450414]: Failed password for invalid user snake from 112.97.203.239 port 58971 ssh2 ... show less	Brute-Force SSH
🇩🇪 lister171254	2026-06-01 02:27:32 (4 days ago)	2026-06-01T04:24:09.003299+02:00 thelists sshd[1516887]: Connection closed by 112.97.203.239 port 31 ... show more 2026-06-01T04:24:09.003299+02:00 thelists sshd[1516887]: Connection closed by 112.97.203.239 port 3143 [preauth] 2026-06-01T04:26:39.851051+02:00 thelists sshd[1519817]: Connection closed by authenticating user root 112.97.203.239 port 3149 [preauth] 2026-06-01T04:27:05.049364+02:00 thelists sshd[1520041]: Invalid user datauser from 112.97.203.239 port 43306 2026-06-01T04:27:05.287086+02:00 thelists sshd[1520041]: Connection closed by invalid user datauser 112.97.203.239 port 43306 [preauth] 2026-06-01T04:27:31.468605+02:00 thelists sshd[1520137]: Invalid user snake from 112.97.203.239 port 43307 ... show less	Brute-Force SSH
🇺🇸 Block_Steady_Crew	2023-12-12 01:50:14 (2 years ago)	Honeypot snared from 112.97.203.239	Port Scan Web App Attack
Anonymous	2023-05-14 06:01:05 (3 years ago)	May 14 08:01:05 ns3104219 postfix/smtpd[11207]: NOQUEUE: reject: RCPT from unknown[112.97.203.239]: ... show more May 14 08:01:05 ns3104219 postfix/smtpd[11207]: NOQUEUE: reject: RCPT from unknown[112.97.203.239]: 450 4.7.1 Client host rejected: cannot find your reverse hostname, [112.97.203.239]; from=<[email protected]> to=<[email protected]> proto=ESMTP helo=<ylycyt.com> ... show less	Email Spam Web App Attack

Showing 1 to 10 of 10 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇵🇭 119.92.139.24

🇺🇸 66.132.224.230

🇧🇪 35.205.32.160

🇦🇿 212.47.140.80

🇰🇷 211.228.218.47

🇺🇸 208.87.242.107

🇷🇺 193.188.252.9

🇬🇧 149.34.191.39

🇷🇴 80.94.92.168

🇨🇳 59.35.92.241

🇲🇲 37.111.53.110

🇸🇦 2001:16a2:f8d1:c500:3c52:2c97:8855:7db0

🇺🇸 172.56.28.152

🇫🇮 147.185.133.88

🇺🇸 69.164.242.2

🇭🇰 43.155.24.42

🇮🇩 36.70.110.92

🇻🇳 14.171.246.152

🇺🇸 162.216.150.74

🇮🇳 152.52.244.106