112.85.197.242

Basic Info

City: unknown

Region: Jiangsu

Country: China

Internet Service Provider: China Unicom Jiangsu Province Network

Hostname: unknown

Organization: CHINA UNICOM China169 Backbone

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
112.85.197.177	attack	Oct 9 14:36:38 elektron postfix/smtpd\[5347\]: NOQUEUE: reject: RCPT from unknown\[112.85.197.177\]: 450 4.7.1 Client host rejected: cannot find your hostname, \[112.85.197.177\]\; from=\ to=\ proto=ESMTP helo=\ Oct 9 14:37:30 elektron postfix/smtpd\[1324\]: NOQUEUE: reject: RCPT from unknown\[112.85.197.177\]: 450 4.7.1 Client host rejected: cannot find your hostname, \[112.85.197.177\]\; from=\ to=\ proto=ESMTP helo=\ Oct 9 14:38:16 elektron postfix/smtpd\[1324\]: NOQUEUE: reject: RCPT from unknown\[112.85.197.177\]: 450 4.7.1 Client host rejected: cannot find your hostname, \[112.85.197.177\]\; from=\ to=\ proto=ESMTP helo=\	2019-10-09 22:39:35
112.85.197.245	attackbots	Brute force SMTP login attempts.	2019-10-01 20:46:52

Type

Details

Datetime

112.85.197.177

attack

Oct  9 14:36:38 elektron postfix/smtpd\[5347\]: NOQUEUE: reject: RCPT from unknown\[112.85.197.177\]: 450 4.7.1 Client host rejected: cannot find your hostname, \[112.85.197.177\]\; from=\ to=\ proto=ESMTP helo=\
Oct  9 14:37:30 elektron postfix/smtpd\[1324\]: NOQUEUE: reject: RCPT from unknown\[112.85.197.177\]: 450 4.7.1 Client host rejected: cannot find your hostname, \[112.85.197.177\]\; from=\ to=\ proto=ESMTP helo=\
Oct  9 14:38:16 elektron postfix/smtpd\[1324\]: NOQUEUE: reject: RCPT from unknown\[112.85.197.177\]: 450 4.7.1 Client host rejected: cannot find your hostname, \[112.85.197.177\]\; from=\ to=\ proto=ESMTP helo=\

2019-10-09 22:39:35

112.85.197.245

attackbots

Brute force SMTP login attempts.

2019-10-01 20:46:52

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 112.85.197.242
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 2080
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;112.85.197.242.			IN	A

;; AUTHORITY SECTION:
.			2918	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019071701 1800 900 604800 86400

;; Query time: 1 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Thu Jul 18 05:40:36 CST 2019
;; MSG SIZE  rcvd: 118

Host info

Host 242.197.85.112.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 242.197.85.112.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
117.62.22.55	attackspam	Jun 28 06:07:31 OPSO sshd\[5013\]: Invalid user web from 117.62.22.55 port 46728 Jun 28 06:07:31 OPSO sshd\[5013\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.62.22.55 Jun 28 06:07:33 OPSO sshd\[5013\]: Failed password for invalid user web from 117.62.22.55 port 46728 ssh2 Jun 28 06:13:07 OPSO sshd\[5986\]: Invalid user user from 117.62.22.55 port 54864 Jun 28 06:13:07 OPSO sshd\[5986\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.62.22.55	2020-06-28 12:31:34
142.93.232.102	attack	2020-06-28T05:54:16.865030galaxy.wi.uni-potsdam.de sshd[14808]: Invalid user zzz from 142.93.232.102 port 50136 2020-06-28T05:54:16.867393galaxy.wi.uni-potsdam.de sshd[14808]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.232.102 2020-06-28T05:54:16.865030galaxy.wi.uni-potsdam.de sshd[14808]: Invalid user zzz from 142.93.232.102 port 50136 2020-06-28T05:54:19.005925galaxy.wi.uni-potsdam.de sshd[14808]: Failed password for invalid user zzz from 142.93.232.102 port 50136 ssh2 2020-06-28T05:57:24.195559galaxy.wi.uni-potsdam.de sshd[15245]: Invalid user indu from 142.93.232.102 port 48320 2020-06-28T05:57:24.197554galaxy.wi.uni-potsdam.de sshd[15245]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.232.102 2020-06-28T05:57:24.195559galaxy.wi.uni-potsdam.de sshd[15245]: Invalid user indu from 142.93.232.102 port 48320 2020-06-28T05:57:26.144533galaxy.wi.uni-potsdam.de sshd[15245]: Failed password ...	2020-06-28 12:01:14
46.38.150.47	attackspambots	Jun 28 06:19:21 relay postfix/smtpd\[4746\]: warning: unknown\[46.38.150.47\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jun 28 06:19:31 relay postfix/smtpd\[30463\]: warning: unknown\[46.38.150.47\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jun 28 06:20:17 relay postfix/smtpd\[23046\]: warning: unknown\[46.38.150.47\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jun 28 06:20:32 relay postfix/smtpd\[18627\]: warning: unknown\[46.38.150.47\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jun 28 06:21:18 relay postfix/smtpd\[23057\]: warning: unknown\[46.38.150.47\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2020-06-28 12:23:33
122.171.230.39	attackspambots	2020-06-28T03:53:16.908093shield sshd\[20479\]: Invalid user deploy from 122.171.230.39 port 60929 2020-06-28T03:53:16.912657shield sshd\[20479\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.171.230.39 2020-06-28T03:53:18.815272shield sshd\[20479\]: Failed password for invalid user deploy from 122.171.230.39 port 60929 ssh2 2020-06-28T03:57:15.687039shield sshd\[22126\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.171.230.39 user=root 2020-06-28T03:57:17.735902shield sshd\[22126\]: Failed password for root from 122.171.230.39 port 12801 ssh2	2020-06-28 12:08:00
165.22.224.88	attack	Jun 28 05:53:16 rotator sshd\[20233\]: Failed password for root from 165.22.224.88 port 58268 ssh2Jun 28 05:56:20 rotator sshd\[20996\]: Invalid user airflow from 165.22.224.88Jun 28 05:56:22 rotator sshd\[20996\]: Failed password for invalid user airflow from 165.22.224.88 port 57730 ssh2Jun 28 05:59:27 rotator sshd\[21014\]: Invalid user mc1 from 165.22.224.88Jun 28 05:59:29 rotator sshd\[21014\]: Failed password for invalid user mc1 from 165.22.224.88 port 57196 ssh2Jun 28 06:02:33 rotator sshd\[21812\]: Invalid user publish from 165.22.224.88 ...	2020-06-28 12:19:45
129.28.197.173	attack	Jun 28 05:50:41 eventyay sshd[14162]: Failed password for root from 129.28.197.173 port 40810 ssh2 Jun 28 05:53:43 eventyay sshd[14224]: Failed password for postgres from 129.28.197.173 port 55622 ssh2 Jun 28 05:56:51 eventyay sshd[14279]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.28.197.173 ...	2020-06-28 12:27:40
202.137.20.58	attackspam	2020-06-28T05:56:14.160125+02:00 sshd[18147]: Failed password for invalid user user from 202.137.20.58 port 19097 ssh2	2020-06-28 12:17:27
222.186.175.23	attackbotsspam	28.06.2020 03:57:20 SSH access blocked by firewall	2020-06-28 12:05:01
222.186.42.136	attackspambots	2020-06-28T04:16:38.395318shield sshd\[29828\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.42.136 user=root 2020-06-28T04:16:40.769380shield sshd\[29828\]: Failed password for root from 222.186.42.136 port 24955 ssh2 2020-06-28T04:16:43.126925shield sshd\[29828\]: Failed password for root from 222.186.42.136 port 24955 ssh2 2020-06-28T04:16:54.217295shield sshd\[29910\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.42.136 user=root 2020-06-28T04:16:55.788335shield sshd\[29910\]: Failed password for root from 222.186.42.136 port 36785 ssh2	2020-06-28 12:18:20
212.47.229.4	attack	Jun 28 05:57:11 vmd48417 sshd[23052]: Failed password for root from 212.47.229.4 port 57738 ssh2	2020-06-28 12:11:12
118.70.68.216	attackbots	1593316643 - 06/28/2020 05:57:23 Host: 118.70.68.216/118.70.68.216 Port: 445 TCP Blocked	2020-06-28 12:03:07
49.235.76.203	attack	Jun 28 05:57:04 vps639187 sshd\[17457\]: Invalid user cpanel from 49.235.76.203 port 56862 Jun 28 05:57:04 vps639187 sshd\[17457\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.235.76.203 Jun 28 05:57:06 vps639187 sshd\[17457\]: Failed password for invalid user cpanel from 49.235.76.203 port 56862 ssh2 ...	2020-06-28 12:16:43
40.71.37.184	attackspam	(mod_security) mod_security (id:210492) triggered by 40.71.37.184 (US/United States/-): 5 in the last 3600 secs	2020-06-28 12:16:16
148.66.142.135	attackbotsspam	2020-06-28T04:09:08.549753shield sshd\[26759\]: Invalid user mysql_public from 148.66.142.135 port 39356 2020-06-28T04:09:08.555335shield sshd\[26759\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.66.142.135 2020-06-28T04:09:10.824865shield sshd\[26759\]: Failed password for invalid user mysql_public from 148.66.142.135 port 39356 ssh2 2020-06-28T04:12:25.394664shield sshd\[28342\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.66.142.135 user=root 2020-06-28T04:12:27.036872shield sshd\[28342\]: Failed password for root from 148.66.142.135 port 34412 ssh2	2020-06-28 12:22:58
94.182.222.66	attack	Unauthorised access (Jun 28) SRC=94.182.222.66 LEN=52 TTL=110 ID=8137 DF TCP DPT=1433 WINDOW=8192 SYN	2020-06-28 12:01:46

Recently Reported IPs

114.32.80.100	183.127.185.179	168.197.157.1	220.40.16.132
148.70.180.183	186.183.150.15	79.223.31.142	144.90.97.218
105.140.167.109	144.48.93.43	71.101.180.7	101.162.43.133
57.0.110.100	77.184.131.99	174.82.49.54	52.204.33.164
102.149.26.108	204.239.12.193	8.223.248.70	91.242.61.9