1.202.114.11 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
1.202.114.147	attack	Unauthorized connection attempt detected from IP address 1.202.114.147 to port 2222	2020-03-29 15:48:21
1.202.114.10	attackbotsspam	Unauthorized connection attempt detected from IP address 1.202.114.10 to port 80 [J]	2020-01-19 16:17:19
1.202.114.193	attackspam	Unauthorized connection attempt detected from IP address 1.202.114.193 to port 8088 [J]	2020-01-19 15:48:14
1.202.114.146	attackspambots	Unauthorized connection attempt detected from IP address 1.202.114.146 to port 88 [J]	2020-01-16 09:04:22
1.202.114.200	attack	Unauthorized connection attempt detected from IP address 1.202.114.200 to port 801 [T]	2020-01-10 09:05:06
1.202.114.138	attackbotsspam	Unauthorized connection attempt detected from IP address 1.202.114.138 to port 2095	2019-12-31 09:29:04
1.202.114.70	attackspam	The IP has triggered Cloudflare WAF. CF-Ray: 5430b6e4ef8ad362 \| WAF_Rule_ID: 53b8357af6d244d3a132bcf913c3a388 \| WAF_Kind: firewall \| CF_Action: drop \| Country: CN \| CF_IPClass: noRecord \| Protocol: HTTP/1.1 \| Method: GET \| Host: blog.skk.moe \| User-Agent: Mozilla/4.074482891 Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0 \| CF_DC: LAX. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).	2019-12-12 07:49:03
1.202.114.192	attackbotsspam	The IP has triggered Cloudflare WAF. CF-Ray: 5437c8539c4ee502 \| WAF_Rule_ID: 3b40188685924a32bf11d40edea05a27 \| WAF_Kind: firewall \| CF_Action: drop \| Country: CN \| CF_IPClass: noRecord \| Protocol: HTTP/1.1 \| Method: GET \| Host: theme-suka.skk.moe \| User-Agent: Mozilla/5.0101097241 Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/69.0.3497.81 Safari/537.36 \| CF_DC: LAX. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).	2019-12-12 06:12:59
1.202.114.168	attackspam	The IP has triggered Cloudflare WAF. CF-Ray: 5434430e1bcbe7e9 \| WAF_Rule_ID: 1122843 \| WAF_Kind: firewall \| CF_Action: challenge \| Country: CN \| CF_IPClass: noRecord \| Protocol: HTTP/1.1 \| Method: GET \| Host: ip.skk.moe \| User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 9_1 like Mac OS X) AppleWebKit/601.1.46 (KHTML, like Gecko) Version/9.0 Mobile/13B143 Safari/601.1 \| CF_DC: LAX. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).	2019-12-12 05:49:20
1.202.114.137	attackspam	The IP has triggered Cloudflare WAF. CF-Ray: 54321e152bbee7a8 \| WAF_Rule_ID: 53b8357af6d244d3a132bcf913c3a388 \| WAF_Kind: firewall \| CF_Action: drop \| Country: CN \| CF_IPClass: noRecord \| Protocol: HTTP/1.1 \| Method: GET \| Host: d.skk.moe \| User-Agent: Mozilla/4.049897920 Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729) \| CF_DC: LAX. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).	2019-12-12 04:32:18
1.202.114.63	attackspam	The IP has triggered Cloudflare WAF. CF-Ray: 540fd0224c6f991d \| WAF_Rule_ID: 53b8357af6d244d3a132bcf913c3a388 \| WAF_Kind: firewall \| CF_Action: drop \| Country: CN \| CF_IPClass: noRecord \| Protocol: HTTP/1.1 \| Method: GET \| Host: api.skk.moe \| User-Agent: Mozilla/4.047745454 Mozilla/4.0 (compatible; MSIE 5.00; Windows 98) \| CF_DC: LAX. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).	2019-12-08 06:36:17
1.202.114.139	attackbots	The IP has triggered Cloudflare WAF. CF-Ray: 5412365b0aae993b \| WAF_Rule_ID: 53b8357af6d244d3a132bcf913c3a388 \| WAF_Kind: firewall \| CF_Action: drop \| Country: CN \| CF_IPClass: noRecord \| Protocol: HTTP/1.1 \| Method: GET \| Host: api.skk.moe \| User-Agent: Mozilla/4.066686748 Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1) \| CF_DC: LAX. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).	2019-12-08 05:57:45
1.202.114.51	attackspambots	The IP has triggered Cloudflare WAF. CF-Ray: 541085ba0972eba5 \| WAF_Rule_ID: 3b40188685924a32bf11d40edea05a27 \| WAF_Kind: firewall \| CF_Action: challenge \| Country: CN \| CF_IPClass: noRecord \| Protocol: HTTP/1.1 \| Method: GET \| Host: ip.skk.moe \| User-Agent: Mozilla/5.081397758 Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.1; WOW64; Trident/6.0) \| CF_DC: LAX. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).	2019-12-08 04:48:51
1.202.114.227	attackspam	The%20IP%20has%20triggered%20Cloudflare%20WAF.%20Report%20generated%20by%20Cloudflare-WAF-to-AbuseIPDB%20(https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB)	2019-11-19 04:40:00

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 1.202.114.11
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 18032
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;1.202.114.11.			IN	A

;; AUTHORITY SECTION:
.			317	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022020701 1800 900 604800 86400

;; Query time: 56 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Feb 08 04:34:56 CST 2022
;; MSG SIZE  rcvd: 105

Host info

11.114.202.1.in-addr.arpa domain name pointer 11.114.202.1.static.bjtelecom.net.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
11.114.202.1.in-addr.arpa	name = 11.114.202.1.static.bjtelecom.net.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
144.217.42.212	attackbots	Feb 11 06:28:21 srv-ubuntu-dev3 sshd[114099]: Invalid user lls from 144.217.42.212 Feb 11 06:28:21 srv-ubuntu-dev3 sshd[114099]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=144.217.42.212 Feb 11 06:28:21 srv-ubuntu-dev3 sshd[114099]: Invalid user lls from 144.217.42.212 Feb 11 06:28:24 srv-ubuntu-dev3 sshd[114099]: Failed password for invalid user lls from 144.217.42.212 port 44817 ssh2 Feb 11 06:31:35 srv-ubuntu-dev3 sshd[126019]: Invalid user yhb from 144.217.42.212 Feb 11 06:31:35 srv-ubuntu-dev3 sshd[126019]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=144.217.42.212 Feb 11 06:31:35 srv-ubuntu-dev3 sshd[126019]: Invalid user yhb from 144.217.42.212 Feb 11 06:31:37 srv-ubuntu-dev3 sshd[126019]: Failed password for invalid user yhb from 144.217.42.212 port 60371 ssh2 Feb 11 06:34:52 srv-ubuntu-dev3 sshd[16987]: Invalid user jgi from 144.217.42.212 ...	2020-02-11 13:43:35
162.243.110.205	attackspam	Automatic report - XMLRPC Attack	2020-02-11 13:44:50
27.78.14.83	attack	Feb 11 07:55:07 pkdns2 sshd\[6114\]: Address 27.78.14.83 maps to localhost, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT!Feb 11 07:55:07 pkdns2 sshd\[6114\]: Invalid user guest from 27.78.14.83Feb 11 07:55:09 pkdns2 sshd\[6114\]: Failed password for invalid user guest from 27.78.14.83 port 42100 ssh2Feb 11 07:55:36 pkdns2 sshd\[6216\]: Address 27.78.14.83 maps to localhost, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT!Feb 11 07:55:44 pkdns2 sshd\[6216\]: Failed password for uucp from 27.78.14.83 port 56166 ssh2Feb 11 07:56:23 pkdns2 sshd\[6255\]: Address 27.78.14.83 maps to localhost, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT!Feb 11 07:56:23 pkdns2 sshd\[6255\]: Invalid user admin from 27.78.14.83 ...	2020-02-11 13:59:45
51.68.189.69	attackspambots	Feb 11 05:19:49 game-panel sshd[635]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.68.189.69 Feb 11 05:19:52 game-panel sshd[635]: Failed password for invalid user sfy from 51.68.189.69 port 53710 ssh2 Feb 11 05:21:58 game-panel sshd[762]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.68.189.69	2020-02-11 13:35:51
183.82.111.77	attack	1581397015 - 02/11/2020 05:56:55 Host: 183.82.111.77/183.82.111.77 Port: 445 TCP Blocked	2020-02-11 13:43:11
69.193.120.106	attack	Honeypot attack, port: 445, PTR: rrcs-69-193-120-106.nys.biz.rr.com.	2020-02-11 13:54:06
184.74.135.242	attackspambots	Honeypot attack, port: 81, PTR: rrcs-184-74-135-242.nys.biz.rr.com.	2020-02-11 13:19:24
47.208.109.221	attackspambots	Honeypot attack, port: 5555, PTR: 47-208-109-221.erkacmtk01.res.dyn.suddenlink.net.	2020-02-11 13:45:43
118.24.30.97	attack	Feb 11 01:48:22 firewall sshd[25762]: Invalid user jjy from 118.24.30.97 Feb 11 01:48:24 firewall sshd[25762]: Failed password for invalid user jjy from 118.24.30.97 port 40772 ssh2 Feb 11 01:57:15 firewall sshd[26138]: Invalid user ezn from 118.24.30.97 ...	2020-02-11 13:22:59
163.172.189.32	attackspambots	xmlrpc attack	2020-02-11 13:42:12
95.108.181.123	attack	[Tue Feb 11 11:56:40.079448 2020] [:error] [pid 18304:tid 140516801337088] [client 95.108.181.123:59267] [client 95.108.181.123] ModSecurity: Access denied with code 403 (phase 2). Pattern match "^[\\\\d.:]+$" at REQUEST_HEADERS:Host. [file "/etc/modsecurity/owasp-modsecurity-crs-3.2.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "696"] [id "920350"] [msg "Host header is a numeric IP address"] [data "103.27.207.197"] [severity "WARNING"] [ver "OWASP_CRS/3.2.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "OWASP_CRS"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/IP_HOST"] [tag "WASCTC/WASC-21"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "103.27.207.197"] [uri "/"] [unique_id "XkI0CHqB9W08v-z01ugFygAAAbs"] ...	2020-02-11 13:55:16
124.251.110.148	attackbots	Feb 11 05:56:48 MK-Soft-VM3 sshd[15439]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.251.110.148 Feb 11 05:56:50 MK-Soft-VM3 sshd[15439]: Failed password for invalid user lhc from 124.251.110.148 port 32854 ssh2 ...	2020-02-11 13:47:30
116.106.30.45	attackspambots	Automatic report - Port Scan Attack	2020-02-11 13:19:58
189.126.220.43	attackspam	Honeypot attack, port: 445, PTR: PTR record not found	2020-02-11 13:36:19
122.118.187.43	attackspambots	1581397014 - 02/11/2020 05:56:54 Host: 122.118.187.43/122.118.187.43 Port: 445 TCP Blocked	2020-02-11 13:45:10

Recently Reported IPs

85.208.85.80	162.255.197.120	178.242.138.69	45.247.127.248
27.215.141.67	60.173.16.119	187.121.201.253	202.154.178.126
95.181.148.43	201.182.242.235	20.199.190.229	223.151.11.163
220.86.228.154	201.71.159.8	95.251.10.105	60.26.155.155
123.149.78.202	159.224.236.135	188.212.165.143	61.90.2.155