JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 114.97.191.91

114.97.191.91 was found in our database!

This IP was reported 54 times. Confidence of Abuse is 52%: ?

52%

ISP	CHINANET Anhui PROVINCE NETWORK
Usage Type	Fixed Line ISP
ASN	AS4134
Domain Name	chinatelecom.cn
Country	🇨🇳 China
City	Hefei, Anhui

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 114.97.191.91

Whois 114.97.191.91

IP Abuse Reports for 114.97.191.91:

This IP address has been reported a total of 54 times from 27 distinct sources. 114.97.191.91 was first reported on December 4th 2025, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 donarev419	2026-06-03 02:27:37 (1 week ago)	Connection to port 9093 with data transfer. Data preview: GET / HTTP/1.1 Host: 167.253.66.144:9093 ... show more Connection to port 9093 with data transfer. Data preview: GET / HTTP/1.1 Host: 167.253.66.144:9093 Accept: / show less	Port Scan Hacking
🇬🇧 PeravixGroup	2026-06-02 13:52:51 (1 week ago)	Honeypot detection: Apache CouchDB unauthorized access / exploitation attempt on port 5984. Severity ... show more Honeypot detection: Apache CouchDB unauthorized access / exploitation attempt on port 5984. Severity: MEDIUM. Aaran.cloud show less	Hacking Exploited Host
🇬🇧 PeravixGroup	2026-06-01 21:05:10 (1 week ago)	Honeypot detection: Remote Desktop Protocol (RDP) brute-force attempt on port 3389. Severity: HIGH. ... show more Honeypot detection: Remote Desktop Protocol (RDP) brute-force attempt on port 3389. Severity: HIGH. Aaran.cloud show less	Brute-Force Hacking
🇬🇧 PeravixGroup	2026-05-31 19:10:02 (1 week ago)	Honeypot detection: Elasticsearch unauthorized access / data leak attempt on port 9200. Severity: ME ... show more Honeypot detection: Elasticsearch unauthorized access / data leak attempt on port 9200. Severity: MEDIUM. Aaran.cloud show less	Hacking Exploited Host
🇩🇪 AS213449.net	2026-05-29 11:30:45 (1 week ago)	05/29/2026-13:30:41.810532 src=114.97.191.91 dst=89.144.63.89:5432 proto=6 msg=ET SCAN Suspicious in ... show more 05/29/2026-13:30:41.810532 src=114.97.191.91 dst=89.144.63.89:5432 proto=6 msg=ET SCAN Suspicious inbound to PostgreSQL port 5432 show less	SQL Injection
🇬🇧 PeravixGroup	2026-05-28 04:53:52 (1 week ago)	Honeypot detection: Web application scanning / reconnaissance attempt on port 8443. Severity: LOW. A ... show more Honeypot detection: Web application scanning / reconnaissance attempt on port 8443. Severity: LOW. Aaran.cloud show less	Port Scan Bad Web Bot
🇲🇳 Public CSIRT/CC of Mongolia	2026-05-19 18:39:46 (3 weeks ago)	Honeypot hit: Large payload (1388 bytes); 16043 [1] TCP	Hacking
🇩🇪 dispaisyenterprises	2026-05-16 19:47:38 (3 weeks ago)	Honeypot [fra-de-honeypot]: HTTP/1.1 request on 17112 GET / Accept: /; 17112 [1] TCP Reported by ... show more Honeypot [fra-de-honeypot]: HTTP/1.1 request on 17112 GET / Accept: /; 17112 [1] TCP Reported by DisPaisy Enterprises (dispaisy.systems) using: https://github.com/sefinek/T-Pot-To-AbuseIPDB show less	Hacking Bad Web Bot
🇩🇪 _ArminS_	2026-05-14 06:36:13 (3 weeks ago)	SP-Scan 28787:5006 detected 2026.05.14 08:36:13 blocked until 2026.07.03 01:39:00	Port Scan
🇫🇷 Petre 21_ip	2026-05-14 06:17:09 (3 weeks ago)	2026-05-14T08:17:07.966084+02:00 vmi2775508 kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:5c:a7:cf:c ... show more 2026-05-14T08:17:07.966084+02:00 vmi2775508 kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:5c:a7:cf:c0:69:11:b3:85:db:08:00 SRC=114.97.191.91 DST=155.133.26.57 LEN=44 TOS=0x00 PREC=0x00 TTL=231 ID=4992 PROTO=TCP SPT=48588 DPT=10082 WINDOW=1024 RES=0x00 SYN URGP=0 ... show less	Port Scan
🇷🇸 Scan	2026-05-12 01:49:07 (4 weeks ago)	MultiHost/MultiPort Probe, Scan, Hack -	Port Scan Hacking
🇨🇳 ThreatBook.io	2026-05-10 22:57:05 (4 weeks ago)	ThreatBook Intelligence: Zombie,Dynamic IP more details on https://threatbook.io/ip/114.97.191.91 20 ... show more ThreatBook Intelligence: Zombie,Dynamic IP more details on https://threatbook.io/ip/114.97.191.91 2026-05-10 14:09:05 / 2026-05-10 00:08:16 /favicon.ico show less	Web App Attack
🇨🇦 Tanados	2026-05-10 02:52:46 (1 month ago)	Blocked by UFW [12219/tcp] Source port: 33191 TTL: 232 Packet length: 44 TOS: 0x00 This report was ... show more Blocked by UFW [12219/tcp] Source port: 33191 TTL: 232 Packet length: 44 TOS: 0x00 This report was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇩🇪 femboy.cat	2026-05-09 23:52:01 (1 month ago)	Port scan to tcp/50580 from 114.97.191.91	Brute-Force
🇵🇱 sefinek.net	2026-05-06 20:39:36 (1 month ago)	Honeypot hit: Empty payload (likely service probe); 10778 [1] TCP Reported by: https://github.com/se ... show more Honeypot hit: Empty payload (likely service probe); 10778 [1] TCP Reported by: https://github.com/sefinek/T-Pot-To-AbuseIPDB show less	Port Scan

Showing 1 to 15 of 54 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 64.62.156.132

🇸🇬 149.88.106.146

🇨🇳 111.228.13.226

🇺🇸 65.49.1.180

🇺🇸 64.62.156.202

🇨🇦 20.116.34.103

🇹🇼 198.235.24.5

🇻🇳 180.93.137.9

🇸🇬 129.226.213.238

🇻🇳 115.146.125.52

🇮🇳 103.93.102.170

🇺🇸 66.132.195.58

🇺🇸 54.242.174.160

🇳🇱 45.153.34.87

🇺🇸 20.81.46.39

🇺🇸 2a09:bac5:6d74:e3c::16b:63

🇺🇸 209.141.32.11

🇺🇸 172.178.115.83

🇺🇸 172.174.221.227

🇮🇳 144.79.166.84