117.94.118.244

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: ChinaNet Jiangsu Province Network

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbots	Unauthorized connection attempt detected from IP address 117.94.118.244 to port 6656 [T]	2020-01-27 07:01:11

Comments on same subnet:

IP	Type	Details	Datetime
117.94.118.92	attackspam	GET /install/index.php.bak?step=11	2020-06-16 00:15:09

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 117.94.118.244
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 13101
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;117.94.118.244.			IN	A

;; AUTHORITY SECTION:
.			335	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020012601 1800 900 604800 86400

;; Query time: 121 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Jan 27 07:01:08 CST 2020
;; MSG SIZE  rcvd: 118

Host info

244.118.94.117.in-addr.arpa domain name pointer 244.118.94.117.broad.tz.js.dynamic.163data.com.cn.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
244.118.94.117.in-addr.arpa	name = 244.118.94.117.broad.tz.js.dynamic.163data.com.cn.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
185.51.201.115	attackspam	Sep 10 08:20:10 ajax sshd[9188]: Failed password for root from 185.51.201.115 port 41082 ssh2	2020-09-11 03:36:19
115.78.13.239	attack	Unauthorized connection attempt from IP address 115.78.13.239 on Port 445(SMB)	2020-09-11 03:46:12
128.199.9.240	attackbots	webserver:443 [09/Sep/2020] "GET /favicon.ico HTTP/1.1" 400 3247 "-" "curl/7.68.0" webserver:443 [09/Sep/2020] "GET /login/images/favicon.ico HTTP/1.1" 400 3247 "-" "curl/7.68.0" webserver:443 [09/Sep/2020] "GET /login/images/logo-pan-48525a.svg HTTP/1.1" 400 3247 "-" "curl/7.68.0"	2020-09-11 03:22:06
61.183.9.17	attackspambots	Icarus honeypot on github	2020-09-11 03:41:00
63.83.73.210	attack	Lines containing failures of 63.83.73.210 Sep 9 17:30:19 mc postfix/smtpd[14966]: connect from complain.lizstyles.com[63.83.73.210] Sep x@x Sep 9 17:30:20 mc postfix/smtpd[14966]: disconnect from complain.lizstyles.com[63.83.73.210] ehlo=1 mail=1 rcpt=0/1 data=0/1 quhostname=1 commands=3/5 Sep 9 18:34:34 mc postfix/smtpd[16170]: connect from complain.lizstyles.com[63.83.73.210] Sep x@x Sep 9 18:34:35 mc postfix/smtpd[16170]: disconnect from complain.lizstyles.com[63.83.73.210] ehlo=1 mail=1 rcpt=0/1 data=0/1 quhostname=1 commands=3/5 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=63.83.73.210	2020-09-11 03:55:55
49.72.26.165	attack	Repeated brute force against a port	2020-09-11 03:48:24
52.156.169.35	attackbots	Sep 7 21:12:37 web01.agentur-b-2.de postfix/smtps/smtpd[2502477]: warning: unknown[52.156.169.35]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 7 21:12:37 web01.agentur-b-2.de postfix/smtps/smtpd[2502512]: warning: unknown[52.156.169.35]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 7 21:14:50 web01.agentur-b-2.de postfix/smtps/smtpd[2502512]: warning: unknown[52.156.169.35]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 7 21:14:50 web01.agentur-b-2.de postfix/smtps/smtpd[2502477]: warning: unknown[52.156.169.35]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 7 21:17:04 web01.agentur-b-2.de postfix/smtps/smtpd[2502512]: warning: unknown[52.156.169.35]: SASL LOGIN authentication failed: UGFzc3dvcmQ6	2020-09-11 03:18:53
45.129.33.15	attack	Fail2Ban Ban Triggered	2020-09-11 03:51:11
178.128.43.90	attack	srv02 Mass scanning activity detected Target: 7184 ..	2020-09-11 03:36:40
144.64.3.101	attackbotsspam	Sep 10 18:38:15 vps639187 sshd\[21801\]: Invalid user woochul from 144.64.3.101 port 55616 Sep 10 18:38:15 vps639187 sshd\[21801\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=144.64.3.101 Sep 10 18:38:17 vps639187 sshd\[21801\]: Failed password for invalid user woochul from 144.64.3.101 port 55616 ssh2 ...	2020-09-11 03:38:02
106.12.16.149	attackbotsspam	Brute%20Force%20SSH	2020-09-11 03:43:32
49.51.251.227	attackspam	Sep 8 08:36:55 server6 sshd[14502]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.51.251.227 user=r.r Sep 8 08:36:57 server6 sshd[14502]: Failed password for r.r from 49.51.251.227 port 58070 ssh2 Sep 8 08:36:57 server6 sshd[14502]: Received disconnect from 49.51.251.227: 11: Bye Bye [preauth] Sep 8 08:49:14 server6 sshd[16405]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.51.251.227 user=r.r Sep 8 08:49:15 server6 sshd[16405]: Failed password for r.r from 49.51.251.227 port 43228 ssh2 Sep 8 08:49:16 server6 sshd[16405]: Received disconnect from 49.51.251.227: 11: Bye Bye [preauth] Sep 8 08:52:56 server6 sshd[4035]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.51.251.227 user=r.r Sep 8 08:52:58 server6 sshd[4035]: Failed password for r.r from 49.51.251.227 port 49256 ssh2 Sep 8 08:52:58 server6 sshd[4035]: Received disconne........ -------------------------------	2020-09-11 03:24:41
104.248.122.143	attackspambots	scans once in preceeding hours on the ports (in chronological order) 10584 resulting in total of 5 scans from 104.248.0.0/16 block.	2020-09-11 03:22:38
188.166.218.121	attackbotsspam	Tried our host z.	2020-09-11 03:31:30
187.19.186.215	attack	Unauthorized connection attempt from IP address 187.19.186.215 on Port 445(SMB)	2020-09-11 03:39:41

Recently Reported IPs

175.100.45.0	111.72.140.125	111.43.223.169	32.29.235.79
106.125.237.127	45.24.213.90	155.88.189.120	106.35.32.86
156.243.67.3	9.225.123.16	60.182.19.52	58.252.200.116
49.231.146.68	49.81.85.100	42.117.205.76	42.112.99.56
37.146.59.82	36.108.150.96	27.43.109.126	129.247.237.80