117.114.1.1 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
117.114.175.67	attackbots	CN_MAINT-CNNIC-AP_<177>1582290800 [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 117.114.175.67:57059	2020-02-22 02:54:28
117.114.161.11	attackspam	Feb 21 05:54:29 debian-2gb-nbg1-2 kernel: \[4520078.666112\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=117.114.161.11 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=235 ID=43601 PROTO=TCP SPT=57554 DPT=1433 WINDOW=1024 RES=0x00 SYN URGP=0	2020-02-21 16:23:13
117.114.161.11	attackbotsspam	firewall-block, port(s): 1433/tcp	2020-02-19 23:07:58
117.114.175.67	attack	Unauthorized connection attempt detected from IP address 117.114.175.67 to port 1433 [T]	2020-01-27 04:28:39
117.114.161.11	attackbots	Unauthorized connection attempt detected from IP address 117.114.161.11 to port 1433 [J]	2020-01-19 08:50:30
117.114.175.67	attack	Unauthorized connection attempt detected from IP address 117.114.175.67 to port 1433 [J]	2020-01-18 01:46:27
117.114.139.186	attackbotsspam	Unauthorized connection attempt detected from IP address 117.114.139.186 to port 6379 [J]	2020-01-16 02:32:57
117.114.139.186	attackbotsspam	Unauthorized connection attempt detected from IP address 117.114.139.186 to port 1433	2020-01-10 16:43:08
117.114.139.186	attack	Unauthorized connection attempt detected from IP address 117.114.139.186 to port 1433	2020-01-01 04:37:43
117.114.161.11	attackbotsspam	Unauthorized connection attempt detected from IP address 117.114.161.11 to port 1433	2019-12-31 03:33:24
117.114.139.186	attack	port scan/probe/communication attempt	2019-11-30 00:01:02
117.114.139.186	attackspambots	MultiHost/MultiPort Probe, Scan, Hack -	2019-11-22 04:01:25
117.114.138.234	attackbotsspam	1433/tcp [2019-11-03]1pkt	2019-11-03 17:59:50
117.114.144.162	attackspam	1433/tcp 1433/tcp 1433/tcp [2019-10-12/22]3pkt	2019-10-23 04:42:31

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 117.114.1.1
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 28578
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;117.114.1.1.			IN	A

;; AUTHORITY SECTION:
.			30	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2025022800 1800 900 604800 86400

;; Query time: 34 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Feb 28 17:06:05 CST 2025
;; MSG SIZE  rcvd: 104

Host info

b'Host 1.1.114.117.in-addr.arpa not found: 2(SERVFAIL)
'

Nslookup info:

;; Got SERVFAIL reply from 183.60.83.19, trying next server
Server:		183.60.82.98
Address:	183.60.82.98#53

** server can't find 1.1.114.117.in-addr.arpa: SERVFAIL

Related IP info:

Related comments:

IP	Type	Details	Datetime
181.210.19.228	attack	2020-08-16T05:51:30.404631ns386461 sshd\[17853\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=181.210.19.228 user=root 2020-08-16T05:51:31.634570ns386461 sshd\[17853\]: Failed password for root from 181.210.19.228 port 55348 ssh2 2020-08-16T05:54:46.872284ns386461 sshd\[21036\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=181.210.19.228 user=root 2020-08-16T05:54:49.343150ns386461 sshd\[21036\]: Failed password for root from 181.210.19.228 port 54786 ssh2 2020-08-16T05:57:00.287498ns386461 sshd\[23173\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=181.210.19.228 user=root ...	2020-08-16 12:08:35
193.56.28.144	attack	Aug 16 05:57:10 galaxy event: galaxy/lswi: smtp: operator2@uni-potsdam.de [193.56.28.144] authentication failure using internet password Aug 16 05:57:10 galaxy event: galaxy/lswi: smtp: operator2@uni-potsdam.de [193.56.28.144] authentication failure using internet password Aug 16 05:57:10 galaxy event: galaxy/lswi: smtp: operator2@uni-potsdam.de [193.56.28.144] authentication failure using internet password Aug 16 05:57:11 galaxy event: galaxy/lswi: smtp: operator2@uni-potsdam.de [193.56.28.144] authentication failure using internet password Aug 16 05:57:11 galaxy event: galaxy/lswi: smtp: operator2@uni-potsdam.de [193.56.28.144] authentication failure using internet password ...	2020-08-16 12:00:23
222.186.175.23	attackbotsspam	Aug 16 02:33:31 v22018053744266470 sshd[20017]: Failed password for root from 222.186.175.23 port 28396 ssh2 Aug 16 02:33:39 v22018053744266470 sshd[20027]: Failed password for root from 222.186.175.23 port 57753 ssh2 ...	2020-08-16 08:34:43
49.88.112.68	attackbots	Aug 16 02:44:47 v22018053744266470 sshd[20882]: Failed password for root from 49.88.112.68 port 64632 ssh2 Aug 16 02:45:55 v22018053744266470 sshd[20956]: Failed password for root from 49.88.112.68 port 54838 ssh2 ...	2020-08-16 08:48:19
112.120.211.200	attackspambots	Lines containing failures of 112.120.211.200 Aug 12 20:25:26 shared07 sshd[17650]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.120.211.200 user=r.r Aug 12 20:25:28 shared07 sshd[17650]: Failed password for r.r from 112.120.211.200 port 46410 ssh2 Aug 12 20:25:28 shared07 sshd[17650]: Received disconnect from 112.120.211.200 port 46410:11: Bye Bye [preauth] Aug 12 20:25:28 shared07 sshd[17650]: Disconnected from authenticating user r.r 112.120.211.200 port 46410 [preauth] Aug 12 20:35:28 shared07 sshd[21460]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.120.211.200 user=r.r Aug 12 20:35:30 shared07 sshd[21460]: Failed password for r.r from 112.120.211.200 port 55688 ssh2 Aug 12 20:35:31 shared07 sshd[21460]: Received disconnect from 112.120.211.200 port 55688:11: Bye Bye [preauth] Aug 12 20:35:31 shared07 sshd[21460]: Disconnected from authenticating user r.r 112.120.211.200 p........ ------------------------------	2020-08-16 12:12:58
112.85.42.232	attack	2020-08-16T00:37:50.299818abusebot-2.cloudsearch.cf sshd[24297]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.232 user=root 2020-08-16T00:37:52.307153abusebot-2.cloudsearch.cf sshd[24297]: Failed password for root from 112.85.42.232 port 38550 ssh2 2020-08-16T00:37:54.184859abusebot-2.cloudsearch.cf sshd[24297]: Failed password for root from 112.85.42.232 port 38550 ssh2 2020-08-16T00:37:50.299818abusebot-2.cloudsearch.cf sshd[24297]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.232 user=root 2020-08-16T00:37:52.307153abusebot-2.cloudsearch.cf sshd[24297]: Failed password for root from 112.85.42.232 port 38550 ssh2 2020-08-16T00:37:54.184859abusebot-2.cloudsearch.cf sshd[24297]: Failed password for root from 112.85.42.232 port 38550 ssh2 2020-08-16T00:37:50.299818abusebot-2.cloudsearch.cf sshd[24297]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruse ...	2020-08-16 08:40:19
222.186.31.127	attackspam	Aug 15 23:47:59 ip-172-31-16-56 sshd\[4163\]: Failed password for root from 222.186.31.127 port 41148 ssh2\ Aug 15 23:48:49 ip-172-31-16-56 sshd\[4167\]: Failed password for root from 222.186.31.127 port 19348 ssh2\ Aug 15 23:48:52 ip-172-31-16-56 sshd\[4167\]: Failed password for root from 222.186.31.127 port 19348 ssh2\ Aug 15 23:48:54 ip-172-31-16-56 sshd\[4167\]: Failed password for root from 222.186.31.127 port 19348 ssh2\ Aug 15 23:49:39 ip-172-31-16-56 sshd\[4184\]: Failed password for root from 222.186.31.127 port 58257 ssh2\	2020-08-16 08:43:53
51.38.37.89	attackbotsspam	Aug 16 00:53:13 firewall sshd[836]: Failed password for root from 51.38.37.89 port 40880 ssh2 Aug 16 00:57:00 firewall sshd[892]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.38.37.89 user=root Aug 16 00:57:02 firewall sshd[892]: Failed password for root from 51.38.37.89 port 51270 ssh2 ...	2020-08-16 12:08:12
139.155.6.26	attack	Aug 15 23:29:16 PorscheCustomer sshd[12897]: Failed password for root from 139.155.6.26 port 50634 ssh2 Aug 15 23:31:47 PorscheCustomer sshd[12983]: Failed password for root from 139.155.6.26 port 59152 ssh2 ...	2020-08-16 08:48:40
191.53.236.198	attack	Aug 16 05:43:45 mail.srvfarm.net postfix/smtps/smtpd[1888819]: warning: unknown[191.53.236.198]: SASL PLAIN authentication failed: Aug 16 05:43:45 mail.srvfarm.net postfix/smtps/smtpd[1888819]: lost connection after AUTH from unknown[191.53.236.198] Aug 16 05:50:12 mail.srvfarm.net postfix/smtps/smtpd[1909603]: warning: unknown[191.53.236.198]: SASL PLAIN authentication failed: Aug 16 05:50:13 mail.srvfarm.net postfix/smtps/smtpd[1909603]: lost connection after AUTH from unknown[191.53.236.198] Aug 16 05:51:25 mail.srvfarm.net postfix/smtps/smtpd[1910221]: warning: unknown[191.53.236.198]: SASL PLAIN authentication failed:	2020-08-16 12:18:00
45.129.33.152	attack	firewall-block, port(s): 9506/tcp, 9533/tcp, 9539/tcp, 9543/tcp	2020-08-16 08:31:04
195.154.236.210	attackspambots	195.154.236.210 - - [15/Aug/2020:23:39:11 +0100] "POST /wp-login.php HTTP/1.1" 200 1908 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 195.154.236.210 - - [15/Aug/2020:23:39:12 +0100] "POST /wp-login.php HTTP/1.1" 200 1839 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 195.154.236.210 - - [15/Aug/2020:23:39:12 +0100] "POST /xmlrpc.php HTTP/1.1" 403 219 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-08-16 08:43:20
218.92.0.184	attack	Aug 16 02:35:46 marvibiene sshd[28850]: Failed password for root from 218.92.0.184 port 40398 ssh2 Aug 16 02:35:51 marvibiene sshd[28850]: Failed password for root from 218.92.0.184 port 40398 ssh2	2020-08-16 08:36:47
80.82.77.212	attackbotsspam	Port Scan detected	2020-08-16 08:29:01
189.91.2.197	attackspambots	Aug 16 05:39:08 mail.srvfarm.net postfix/smtps/smtpd[1888744]: warning: unknown[189.91.2.197]: SASL PLAIN authentication failed: Aug 16 05:39:08 mail.srvfarm.net postfix/smtps/smtpd[1888744]: lost connection after AUTH from unknown[189.91.2.197] Aug 16 05:42:23 mail.srvfarm.net postfix/smtpd[1907645]: warning: unknown[189.91.2.197]: SASL PLAIN authentication failed: Aug 16 05:42:23 mail.srvfarm.net postfix/smtpd[1907645]: lost connection after AUTH from unknown[189.91.2.197] Aug 16 05:43:27 mail.srvfarm.net postfix/smtps/smtpd[1890601]: warning: unknown[189.91.2.197]: SASL PLAIN authentication failed:	2020-08-16 12:19:26

Recently Reported IPs

16.125.220.175	135.254.124.212	64.124.197.185	149.153.236.200
223.161.89.159	201.143.32.18	46.181.39.170	229.243.3.149
136.31.210.239	186.214.169.84	245.99.100.220	154.83.118.16
178.210.159.241	251.70.76.85	131.248.145.124	201.72.221.55
48.55.43.42	138.179.134.36	65.211.237.104	200.39.228.170