112.85.149.196

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 112.85.149.196
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 54644
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;112.85.149.196.			IN	A

;; AUTHORITY SECTION:
.			580	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022030200 1800 900 604800 86400

;; Query time: 14 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Mar 02 13:26:19 CST 2022
;; MSG SIZE  rcvd: 107

Host info

Host 196.149.85.112.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 196.149.85.112.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
138.68.178.64	attack	Oct 7 22:24:46 markkoudstaal sshd[28689]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.178.64 Oct 7 22:24:48 markkoudstaal sshd[28689]: Failed password for invalid user M0tdepasse321 from 138.68.178.64 port 55370 ssh2 Oct 7 22:28:54 markkoudstaal sshd[29056]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.178.64	2019-10-08 04:57:00
185.176.27.42	attack	10/07/2019-22:15:28.977342 185.176.27.42 Protocol: 6 ET DROP Dshield Block Listed Source group 1	2019-10-08 05:05:51
168.181.50.55	attack	Lines containing failures of 168.181.50.55 Oct 7 00:26:33 shared07 sshd[3317]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=168.181.50.55 user=r.r Oct 7 00:26:35 shared07 sshd[3317]: Failed password for r.r from 168.181.50.55 port 57128 ssh2 Oct 7 00:26:35 shared07 sshd[3317]: Received disconnect from 168.181.50.55 port 57128:11: Bye Bye [preauth] Oct 7 00:26:35 shared07 sshd[3317]: Disconnected from authenticating user r.r 168.181.50.55 port 57128 [preauth] Oct 7 00:51:27 shared07 sshd[11989]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=168.181.50.55 user=r.r Oct 7 00:51:30 shared07 sshd[11989]: Failed password for r.r from 168.181.50.55 port 5485 ssh2 Oct 7 00:51:30 shared07 sshd[11989]: Received disconnect from 168.181.50.55 port 5485:11: Bye Bye [preauth] Oct 7 00:51:30 shared07 sshd[11989]: Disconnected from authenticating user r.r 168.181.50.55 port 5485 [preauth] Oct ........ ------------------------------	2019-10-08 04:31:53
163.172.207.104	attackbotsspam	\[2019-10-07 16:27:36\] SECURITY\[1898\] res_security_log.c: SecurityEvent="FailedACL",EventTV="2019-10-07T16:27:36.075-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="9178011972592277524",SessionID="0x7fc3ac2ed548",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/163.172.207.104/53356",ACLName="no_extension_match" \[2019-10-07 16:31:36\] SECURITY\[1898\] res_security_log.c: SecurityEvent="FailedACL",EventTV="2019-10-07T16:31:36.992-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="9179011972592277524",SessionID="0x7fc3ac00c388",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/163.172.207.104/53011",ACLName="no_extension_match" \[2019-10-07 16:35:22\] SECURITY\[1898\] res_security_log.c: SecurityEvent="FailedACL",EventTV="2019-10-07T16:35:22.969-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="9180011972592277524",SessionID="0x7fc3ac5226d8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/163.172.207.104/5867	2019-10-08 04:38:48
81.208.42.172	attackbots	xmlrpc attack	2019-10-08 04:36:06
103.89.91.156	attackspambots	RDP brute force attack detected by fail2ban	2019-10-08 04:58:14
187.162.137.19	attackspambots	Oct 7 22:52:17 hosting sshd[897]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=187-162-137-19.static.axtel.net user=root Oct 7 22:52:19 hosting sshd[897]: Failed password for root from 187.162.137.19 port 33659 ssh2 ...	2019-10-08 05:05:21
94.177.213.167	attackspambots	Oct 7 22:30:06 ovpn sshd\[3208\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=94.177.213.167 user=root Oct 7 22:30:08 ovpn sshd\[3208\]: Failed password for root from 94.177.213.167 port 57672 ssh2 Oct 7 22:51:52 ovpn sshd\[7253\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=94.177.213.167 user=root Oct 7 22:51:54 ovpn sshd\[7253\]: Failed password for root from 94.177.213.167 port 55130 ssh2 Oct 7 22:55:46 ovpn sshd\[8054\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=94.177.213.167 user=root	2019-10-08 05:04:01
192.210.144.186	attack	\[2019-10-07 16:39:29\] SECURITY\[1898\] res_security_log.c: SecurityEvent="FailedACL",EventTV="2019-10-07T16:39:29.838-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="011442922550445",SessionID="0x7fc3ac5226d8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/192.210.144.186/62289",ACLName="no_extension_match" \[2019-10-07 16:42:49\] SECURITY\[1898\] res_security_log.c: SecurityEvent="FailedACL",EventTV="2019-10-07T16:42:49.775-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="9011442922550445",SessionID="0x7fc3ac9be4f8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/192.210.144.186/62290",ACLName="no_extension_match" \[2019-10-07 16:47:05\] SECURITY\[1898\] res_security_log.c: SecurityEvent="FailedACL",EventTV="2019-10-07T16:47:05.307-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="8011442922550445",SessionID="0x7fc3ac48c3d8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/192.210.144.186/50093",ACLName	2019-10-08 04:55:50
222.186.190.65	attackbots	Oct 7 22:39:19 MK-Soft-VM7 sshd[21439]: Failed password for root from 222.186.190.65 port 50536 ssh2 Oct 7 22:39:22 MK-Soft-VM7 sshd[21439]: Failed password for root from 222.186.190.65 port 50536 ssh2 ...	2019-10-08 04:48:24
51.75.248.251	attackspambots	10/07/2019-16:51:13.062711 51.75.248.251 Protocol: 6 ET SCAN Potential SSH Scan	2019-10-08 04:53:09
113.182.62.220	attackbotsspam	Oct 7 21:43:54 cws2.mueller-hostname.net sshd[58583]: Address 113.182.62.220 maps to static.vnpt.vn, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT! Oct 7 21:43:54 cws2.mueller-hostname.net sshd[58583]: Failed password for invalid user admin from 113.182.62.220 port 47166 ssh2 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=113.182.62.220	2019-10-08 05:07:33
27.254.142.40	attack	port scan and connect, tcp 1433 (ms-sql-s)	2019-10-08 05:03:41
118.163.149.163	attack	Oct 7 22:26:41 markkoudstaal sshd[28860]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.163.149.163 Oct 7 22:26:43 markkoudstaal sshd[28860]: Failed password for invalid user P4$$w0rd@2018 from 118.163.149.163 port 44150 ssh2 Oct 7 22:31:27 markkoudstaal sshd[29323]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.163.149.163	2019-10-08 05:02:59
196.52.43.112	attackbotsspam	port scan and connect, tcp 6379 (redis)	2019-10-08 04:59:06

Recently Reported IPs

112.85.149.192	112.85.149.200	189.203.252.71	112.85.149.204
112.85.149.208	112.85.149.210	112.85.149.212	183.220.252.71
112.85.149.214	112.85.149.219	112.85.149.22	112.85.149.220
112.85.149.223	112.85.149.224	109.80.35.2	112.85.149.227
112.85.149.229	112.85.149.235	112.85.149.237	112.85.149.238