112.85.42.112 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: China Unicom Jiangsu Province Network

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Oct 13 06:45:27 vm2 sshd[9797]: Failed password for root from 112.85.42.112 port 62758 ssh2 Oct 13 06:45:40 vm2 sshd[9797]: error: maximum authentication attempts exceeded for root from 112.85.42.112 port 62758 ssh2 [preauth] ...	2020-10-13 12:47:33
attackbots	Brute force attempt	2020-10-13 05:35:32
attack	SSH auth scanning - multiple failed logins	2020-10-10 21:44:37
attack	Oct 9 21:46:28 ucs sshd\[1937\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.112 user=root Oct 9 21:46:30 ucs sshd\[1934\]: error: PAM: User not known to the underlying authentication module for root from 112.85.42.112 Oct 9 21:46:31 ucs sshd\[1938\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.112 user=root ...	2020-10-10 03:52:35
attack	Oct 9 13:46:08 marvibiene sshd[25245]: Failed password for root from 112.85.42.112 port 38176 ssh2 Oct 9 13:46:13 marvibiene sshd[25245]: Failed password for root from 112.85.42.112 port 38176 ssh2	2020-10-09 19:47:36
attack	2020-10-08T23:32:45.855161lavrinenko.info sshd[13449]: Failed password for root from 112.85.42.112 port 10754 ssh2 2020-10-08T23:32:49.013249lavrinenko.info sshd[13449]: Failed password for root from 112.85.42.112 port 10754 ssh2 2020-10-08T23:32:52.713566lavrinenko.info sshd[13449]: Failed password for root from 112.85.42.112 port 10754 ssh2 2020-10-08T23:32:57.683620lavrinenko.info sshd[13449]: Failed password for root from 112.85.42.112 port 10754 ssh2 2020-10-08T23:32:57.747160lavrinenko.info sshd[13449]: error: maximum authentication attempts exceeded for root from 112.85.42.112 port 10754 ssh2 [preauth] ...	2020-10-09 04:34:58
attack	"Unauthorized connection attempt on SSHD detected"	2020-10-08 20:45:15
attack	(sshd) Failed SSH login from 112.85.42.112 (CN/China/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Oct 8 00:38:37 optimus sshd[20764]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.112 user=root Oct 8 00:38:37 optimus sshd[20772]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.112 user=root Oct 8 00:38:37 optimus sshd[20765]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.112 user=root Oct 8 00:38:37 optimus sshd[20768]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.112 user=root Oct 8 00:38:37 optimus sshd[20782]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.112 user=root	2020-10-08 12:41:00
attackspambots	Oct 8 01:59:32 server sshd[19537]: Failed none for root from 112.85.42.112 port 3600 ssh2 Oct 8 01:59:35 server sshd[19537]: Failed password for root from 112.85.42.112 port 3600 ssh2 Oct 8 01:59:38 server sshd[19537]: Failed password for root from 112.85.42.112 port 3600 ssh2	2020-10-08 08:02:07
attackspambots	Oct 7 18:18:54 ip-172-31-42-142 sshd\[1762\]: Failed password for root from 112.85.42.112 port 56528 ssh2\ Oct 7 18:18:57 ip-172-31-42-142 sshd\[1762\]: Failed password for root from 112.85.42.112 port 56528 ssh2\ Oct 7 18:19:12 ip-172-31-42-142 sshd\[1767\]: Failed password for root from 112.85.42.112 port 53818 ssh2\ Oct 7 18:19:22 ip-172-31-42-142 sshd\[1767\]: Failed password for root from 112.85.42.112 port 53818 ssh2\ Oct 7 18:19:24 ip-172-31-42-142 sshd\[1767\]: Failed password for root from 112.85.42.112 port 53818 ssh2\	2020-10-08 02:27:57
attack	Oct 7 12:32:38 nopemail auth.info sshd[20416]: Unable to negotiate with 112.85.42.112 port 37368: no matching key exchange method found. Their offer: diffie-hellman-group1-sha1,diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha1 [preauth] ...	2020-10-07 18:39:40
attackbots	Oct 6 22:02:58 rush sshd[13761]: Failed password for root from 112.85.42.112 port 33320 ssh2 Oct 6 22:03:08 rush sshd[13761]: Failed password for root from 112.85.42.112 port 33320 ssh2 Oct 6 22:03:12 rush sshd[13761]: Failed password for root from 112.85.42.112 port 33320 ssh2 Oct 6 22:03:12 rush sshd[13761]: error: maximum authentication attempts exceeded for root from 112.85.42.112 port 33320 ssh2 [preauth] ...	2020-10-07 06:08:26
attackbotsspam	Oct 6 16:10:43 sso sshd[11422]: Failed password for root from 112.85.42.112 port 57800 ssh2 Oct 6 16:10:54 sso sshd[11422]: Failed password for root from 112.85.42.112 port 57800 ssh2 ...	2020-10-06 22:22:40
attackspambots	DATE:2020-10-06 08:05:22,IP:112.85.42.112,MATCHES:10,PORT:ssh	2020-10-06 14:06:29
attackbots	prod11 ...	2020-10-05 04:36:33
attackspambots	Oct 4 14:16:35 sso sshd[17330]: Failed password for root from 112.85.42.112 port 51320 ssh2 Oct 4 14:16:39 sso sshd[17330]: Failed password for root from 112.85.42.112 port 51320 ssh2 ...	2020-10-04 20:30:36
attackbots	Oct 4 04:06:11 scw-gallant-ride sshd[29818]: Failed password for root from 112.85.42.112 port 27112 ssh2	2020-10-04 12:13:26
attack	Sep 28 08:17:17 serwer sshd\[31721\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.112 user=root Sep 28 08:17:19 serwer sshd\[31721\]: Failed password for root from 112.85.42.112 port 17514 ssh2 Sep 28 08:17:23 serwer sshd\[31721\]: Failed password for root from 112.85.42.112 port 17514 ssh2 Sep 28 08:17:26 serwer sshd\[31721\]: Failed password for root from 112.85.42.112 port 17514 ssh2 Sep 28 08:17:30 serwer sshd\[31721\]: Failed password for root from 112.85.42.112 port 17514 ssh2 Sep 28 08:17:33 serwer sshd\[31721\]: Failed password for root from 112.85.42.112 port 17514 ssh2 Sep 28 08:17:33 serwer sshd\[31721\]: error: maximum authentication attempts exceeded for root from 112.85.42.112 port 17514 ssh2 \[preauth\] Sep 28 08:17:37 serwer sshd\[31754\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.112 user=root Sep 28 08:17:38 serwer sshd\[31754\]: Failed password for ro ...	2020-09-29 01:46:20
attackspambots	Sep 28 07:30:39 sigma sshd\[2725\]: Failed password for root from 112.85.42.112 port 42536 ssh2Sep 28 07:30:42 sigma sshd\[2725\]: Failed password for root from 112.85.42.112 port 42536 ssh2 ...	2020-09-28 17:51:15

Comments on same subnet:

IP	Type	Details	Datetime
112.85.42.194	spambotsattackproxynormal	Bokep	2020-12-31 01:11:15
112.85.42.194	proxy	Bokep	2020-12-31 01:11:04
112.85.42.194	attackspambots	Oct 13 22:01:10 shivevps sshd[22451]: Failed password for root from 112.85.42.194 port 22643 ssh2 Oct 13 22:01:13 shivevps sshd[22451]: Failed password for root from 112.85.42.194 port 22643 ssh2 Oct 13 22:01:14 shivevps sshd[22451]: Failed password for root from 112.85.42.194 port 22643 ssh2 ...	2020-10-14 09:11:49
112.85.42.189	attack	Failed password for invalid user from 112.85.42.189 port 12273 ssh2	2020-10-14 09:01:35
112.85.42.172	attackbotsspam	2020-10-14T02:47:11.668044vps773228.ovh.net sshd[11124]: Failed password for root from 112.85.42.172 port 36648 ssh2 2020-10-14T02:47:15.518915vps773228.ovh.net sshd[11124]: Failed password for root from 112.85.42.172 port 36648 ssh2 2020-10-14T02:47:19.249605vps773228.ovh.net sshd[11124]: Failed password for root from 112.85.42.172 port 36648 ssh2 2020-10-14T02:47:22.194196vps773228.ovh.net sshd[11124]: Failed password for root from 112.85.42.172 port 36648 ssh2 2020-10-14T02:47:25.559419vps773228.ovh.net sshd[11124]: Failed password for root from 112.85.42.172 port 36648 ssh2 ...	2020-10-14 08:55:53
112.85.42.184	attackspambots	Oct 14 02:51:17 OPSO sshd\[23506\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.184 user=root Oct 14 02:51:19 OPSO sshd\[23506\]: Failed password for root from 112.85.42.184 port 2936 ssh2 Oct 14 02:51:22 OPSO sshd\[23506\]: Failed password for root from 112.85.42.184 port 2936 ssh2 Oct 14 02:51:26 OPSO sshd\[23506\]: Failed password for root from 112.85.42.184 port 2936 ssh2 Oct 14 02:51:29 OPSO sshd\[23506\]: Failed password for root from 112.85.42.184 port 2936 ssh2	2020-10-14 08:51:39
112.85.42.173	attackbots	Oct 14 02:29:44 melroy-server sshd[6817]: Failed password for root from 112.85.42.173 port 23644 ssh2 Oct 14 02:29:49 melroy-server sshd[6817]: Failed password for root from 112.85.42.173 port 23644 ssh2 ...	2020-10-14 08:30:20
112.85.42.81	attack	Oct 13 23:46:39 scw-6657dc sshd[24780]: Failed password for root from 112.85.42.81 port 11584 ssh2 Oct 13 23:46:39 scw-6657dc sshd[24780]: Failed password for root from 112.85.42.81 port 11584 ssh2 Oct 13 23:46:43 scw-6657dc sshd[24780]: Failed password for root from 112.85.42.81 port 11584 ssh2 ...	2020-10-14 07:51:08
112.85.42.47	attackspam	2020-10-13T23:26:14.306645abusebot-8.cloudsearch.cf sshd[8113]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.47 user=root 2020-10-13T23:26:15.910552abusebot-8.cloudsearch.cf sshd[8113]: Failed password for root from 112.85.42.47 port 26924 ssh2 2020-10-13T23:26:19.744047abusebot-8.cloudsearch.cf sshd[8113]: Failed password for root from 112.85.42.47 port 26924 ssh2 2020-10-13T23:26:14.306645abusebot-8.cloudsearch.cf sshd[8113]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.47 user=root 2020-10-13T23:26:15.910552abusebot-8.cloudsearch.cf sshd[8113]: Failed password for root from 112.85.42.47 port 26924 ssh2 2020-10-13T23:26:19.744047abusebot-8.cloudsearch.cf sshd[8113]: Failed password for root from 112.85.42.47 port 26924 ssh2 2020-10-13T23:26:14.306645abusebot-8.cloudsearch.cf sshd[8113]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=112. ...	2020-10-14 07:32:28
112.85.42.122	attack	Oct 13 23:26:15 django-0 sshd[13965]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.122 user=root Oct 13 23:26:17 django-0 sshd[13965]: Failed password for root from 112.85.42.122 port 35474 ssh2 ...	2020-10-14 07:22:14
112.85.42.174	attackspambots	Oct 14 00:50:07 v22019038103785759 sshd\[28716\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.174 user=root Oct 14 00:50:08 v22019038103785759 sshd\[28716\]: Failed password for root from 112.85.42.174 port 56507 ssh2 Oct 14 00:50:11 v22019038103785759 sshd\[28716\]: Failed password for root from 112.85.42.174 port 56507 ssh2 Oct 14 00:50:14 v22019038103785759 sshd\[28716\]: Failed password for root from 112.85.42.174 port 56507 ssh2 Oct 14 00:50:18 v22019038103785759 sshd\[28716\]: Failed password for root from 112.85.42.174 port 56507 ssh2 ...	2020-10-14 06:55:27
112.85.42.183	attackspambots	Oct 13 18:54:07 NPSTNNYC01T sshd[30690]: Failed password for root from 112.85.42.183 port 57684 ssh2 Oct 13 18:54:11 NPSTNNYC01T sshd[30690]: Failed password for root from 112.85.42.183 port 57684 ssh2 Oct 13 18:54:14 NPSTNNYC01T sshd[30690]: Failed password for root from 112.85.42.183 port 57684 ssh2 Oct 13 18:54:17 NPSTNNYC01T sshd[30690]: Failed password for root from 112.85.42.183 port 57684 ssh2 ...	2020-10-14 06:54:52
112.85.42.98	attackspambots	SSH bruteforce	2020-10-14 06:48:31
112.85.42.183	attackbotsspam	$f2bV_matches	2020-10-14 04:55:32
112.85.42.231	attack	2020-10-13T22:19:38.494209vps773228.ovh.net sshd[7475]: Failed password for root from 112.85.42.231 port 32666 ssh2 2020-10-13T22:19:41.890467vps773228.ovh.net sshd[7475]: Failed password for root from 112.85.42.231 port 32666 ssh2 2020-10-13T22:19:45.170960vps773228.ovh.net sshd[7475]: Failed password for root from 112.85.42.231 port 32666 ssh2 2020-10-13T22:19:48.867198vps773228.ovh.net sshd[7475]: Failed password for root from 112.85.42.231 port 32666 ssh2 2020-10-13T22:19:52.107556vps773228.ovh.net sshd[7475]: Failed password for root from 112.85.42.231 port 32666 ssh2 ...	2020-10-14 04:28:14

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 112.85.42.112
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 24397
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;112.85.42.112.			IN	A

;; AUTHORITY SECTION:
.			455	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020092800 1800 900 604800 86400

;; Query time: 116 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Sep 28 17:51:12 CST 2020
;; MSG SIZE  rcvd: 117

Host info

Host 112.42.85.112.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 112.42.85.112.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
111.93.235.74	attackbotsspam	$f2bV_matches	2020-07-12 16:37:42
185.86.164.99	attack	CMS (WordPress or Joomla) login attempt.	2020-07-12 16:35:26
200.69.234.168	attackspam	Jul 12 10:35:42 vps687878 sshd\[14045\]: Failed password for invalid user sunny from 200.69.234.168 port 35378 ssh2 Jul 12 10:38:18 vps687878 sshd\[14426\]: Invalid user farrell from 200.69.234.168 port 41284 Jul 12 10:38:18 vps687878 sshd\[14426\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.69.234.168 Jul 12 10:38:20 vps687878 sshd\[14426\]: Failed password for invalid user farrell from 200.69.234.168 port 41284 ssh2 Jul 12 10:40:55 vps687878 sshd\[14705\]: Invalid user kmdudley from 200.69.234.168 port 47190 Jul 12 10:40:55 vps687878 sshd\[14705\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.69.234.168 ...	2020-07-12 16:49:45
138.91.122.59	attack	Jul 12 10:45:00 ns382633 sshd\[20021\]: Invalid user fcweb from 138.91.122.59 port 54168 Jul 12 10:45:00 ns382633 sshd\[20021\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.91.122.59 Jul 12 10:45:03 ns382633 sshd\[20021\]: Failed password for invalid user fcweb from 138.91.122.59 port 54168 ssh2 Jul 12 10:54:58 ns382633 sshd\[21723\]: Invalid user admin from 138.91.122.59 port 59284 Jul 12 10:54:58 ns382633 sshd\[21723\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.91.122.59	2020-07-12 17:14:19
218.92.0.133	attackbots	Jul 12 10:38:02 piServer sshd[10898]: Failed password for root from 218.92.0.133 port 33839 ssh2 Jul 12 10:38:07 piServer sshd[10898]: Failed password for root from 218.92.0.133 port 33839 ssh2 Jul 12 10:38:11 piServer sshd[10898]: Failed password for root from 218.92.0.133 port 33839 ssh2 Jul 12 10:38:15 piServer sshd[10898]: Failed password for root from 218.92.0.133 port 33839 ssh2 ...	2020-07-12 16:53:54
193.56.28.125	attack	2020-07-12 10:51:26 dovecot_login authenticator failed for $ADMIN$ \[193.56.28.125\]: 535 Incorrect authentication data $set_id=kathie@no-server.de$ 2020-07-12 10:51:26 dovecot_login authenticator failed for $ADMIN$ \[193.56.28.125\]: 535 Incorrect authentication data $set_id=madge@no-server.de$ 2020-07-12 10:53:41 dovecot_login authenticator failed for $ADMIN$ \[193.56.28.125\]: 535 Incorrect authentication data $set_id=care@no-server.de$ 2020-07-12 10:53:41 dovecot_login authenticator failed for $ADMIN$ \[193.56.28.125\]: 535 Incorrect authentication data $set_id=winter@no-server.de$ 2020-07-12 11:00:30 dovecot_login authenticator failed for $ADMIN$ \[193.56.28.125\]: 535 Incorrect authentication data $set_id=harald.schueller@jugend-ohne-grenzen.net$ ...	2020-07-12 17:08:13
111.229.179.62	attackspambots	fail2ban -- 111.229.179.62 ...	2020-07-12 17:02:43
93.174.93.139	attack	[11/Jul/2020:15:27:26 -0400] "GET /config/getuser?index=0 HTTP/1.1" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:76.0) Gecko/20100101 Firefox/76.0"	2020-07-12 16:44:51
185.143.73.175	attack	Jul 12 10:47:02 srv01 postfix/smtpd\[11190\]: warning: unknown\[185.143.73.175\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jul 12 10:47:44 srv01 postfix/smtpd\[24147\]: warning: unknown\[185.143.73.175\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jul 12 10:48:24 srv01 postfix/smtpd\[29841\]: warning: unknown\[185.143.73.175\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jul 12 10:49:08 srv01 postfix/smtpd\[11190\]: warning: unknown\[185.143.73.175\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jul 12 10:49:50 srv01 postfix/smtpd\[26962\]: warning: unknown\[185.143.73.175\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2020-07-12 17:08:26
47.111.112.163	attackbots	Jul 12 04:49:45 gospond sshd[329]: Invalid user lintingyu from 47.111.112.163 port 38246 Jul 12 04:49:47 gospond sshd[329]: Failed password for invalid user lintingyu from 47.111.112.163 port 38246 ssh2 Jul 12 04:50:56 gospond sshd[355]: Invalid user sm0k3y from 47.111.112.163 port 49620 ...	2020-07-12 17:02:02
185.39.10.47	attack	TCP (SYN) 185.39.10.47:43737 -> port 6556, len 44	2020-07-12 17:00:22
80.211.0.239	attackspam	Jul 12 10:20:26 vpn01 sshd[28755]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.211.0.239 Jul 12 10:20:28 vpn01 sshd[28755]: Failed password for invalid user ethereal from 80.211.0.239 port 49310 ssh2 ...	2020-07-12 16:52:20
46.101.189.37	attackspam	2020-07-12T08:31:23.974730+02:00 sshd[22464]: Failed password for list from 46.101.189.37 port 58670 ssh2	2020-07-12 16:47:45
46.38.145.250	attack	Jul 12 11:03:34 relay postfix/smtpd\[30655\]: warning: unknown\[46.38.145.250\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jul 12 11:04:01 relay postfix/smtpd\[27908\]: warning: unknown\[46.38.145.250\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jul 12 11:04:34 relay postfix/smtpd\[30657\]: warning: unknown\[46.38.145.250\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jul 12 11:05:04 relay postfix/smtpd\[31784\]: warning: unknown\[46.38.145.250\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jul 12 11:05:41 relay postfix/smtpd\[635\]: warning: unknown\[46.38.145.250\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2020-07-12 17:07:28
172.104.109.167	spambotsattackproxynormal	Fhatir_Zahry	2020-07-12 17:14:43

Recently Reported IPs

58.100.150.17	53.245.129.81	196.116.18.4	83.144.70.203
97.206.53.1	40.251.63.138	21.156.144.25	15.253.188.171
195.245.152.246	191.181.24.136	191.37.219.142	96.22.95.37
194.118.192.27	62.80.194.29	197.53.245.138	192.241.214.20
211.1.116.20	100.24.255.182	28.20.182.129	78.142.57.108