112.85.45.49 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: China Unicom Jiangsu Province Network

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Unauthorized connection attempt detected from IP address 112.85.45.49 to port 6656 [T]	2020-01-27 07:05:10

Comments on same subnet:

IP	Type	Details	Datetime
112.85.45.47	attack	Unauthorized IMAP connection attempt	2020-05-25 00:21:27
112.85.45.164	attackspambots	Unauthorized IMAP connection attempt	2020-05-15 04:07:21
112.85.45.5	attack	Unauthorized connection attempt detected from IP address 112.85.45.5 to port 6656 [T]	2020-01-30 17:35:27
112.85.45.57	attackspambots	Unauthorized connection attempt detected from IP address 112.85.45.57 to port 6656 [T]	2020-01-30 16:10:15
112.85.45.107	attackspambots	Unauthorized connection attempt detected from IP address 112.85.45.107 to port 6656 [T]	2020-01-30 14:22:19
112.85.45.176	attack	Unauthorized connection attempt detected from IP address 112.85.45.176 to port 6656 [T]	2020-01-30 08:46:19
112.85.45.76	attackbotsspam	Unauthorized connection attempt detected from IP address 112.85.45.76 to port 6656 [T]	2020-01-30 08:02:20
112.85.45.96	attack	Unauthorized connection attempt detected from IP address 112.85.45.96 to port 6656 [T]	2020-01-30 07:00:27

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 112.85.45.49
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 14987
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;112.85.45.49.			IN	A

;; AUTHORITY SECTION:
.			210	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020012601 1800 900 604800 86400

;; Query time: 117 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Jan 27 07:05:07 CST 2020
;; MSG SIZE  rcvd: 116

Host info

Host 49.45.85.112.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 49.45.85.112.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
142.4.18.106	attackbotsspam	\[2019-07-09 07:30:50\] NOTICE\[13443\] chan_sip.c: Registration from '"49" \' failed for '142.4.18.106:5078' - Wrong password \[2019-07-09 07:30:50\] SECURITY\[13451\] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2019-07-09T07:30:50.811-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="49",SessionID="0x7f02f85a4d78",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/142.4.18.106/5078",Challenge="2958b01f",ReceivedChallenge="2958b01f",ReceivedHash="e04932c4f2116749447dd58ef6787be1" \[2019-07-09 07:30:50\] NOTICE\[13443\] chan_sip.c: Registration from '"49" \' failed for '142.4.18.106:5078' - Wrong password \[2019-07-09 07:30:50\] SECURITY\[13451\] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2019-07-09T07:30:50.945-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="49",SessionID="0x7f02f88cef08",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/142.4.18.	2019-07-09 19:32:17
91.121.82.64	attack	www.goldgier.de 91.121.82.64 \[09/Jul/2019:08:30:17 +0200\] "POST /wp-login.php HTTP/1.1" 200 8723 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" www.goldgier.de 91.121.82.64 \[09/Jul/2019:08:30:18 +0200\] "POST /wp-login.php HTTP/1.1" 200 8723 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" www.goldgier.de 91.121.82.64 \[09/Jul/2019:08:30:18 +0200\] "POST /xmlrpc.php HTTP/1.1" 200 4367 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0"	2019-07-09 18:57:52
202.90.134.27	attackbots	Unauthorized connection attempt from IP address 202.90.134.27 on Port 445(SMB)	2019-07-09 19:17:40
51.158.106.49	attackbots	LGS,WP GET /wordpress8/wp-login.php	2019-07-09 18:46:33
47.75.48.160	attackspam	query suspecte, Sniffing for wordpress log:/wp-login.php	2019-07-09 18:44:31
85.209.0.115	attack	Port scan on 9 port(s): 24375 29233 34414 40269 45241 48301 50468 56799 59039	2019-07-09 19:12:57
201.99.120.13	attackbotsspam	Jul 9 09:16:05 ip-172-31-62-245 sshd\[32563\]: Failed password for root from 201.99.120.13 port 21313 ssh2\ Jul 9 09:22:59 ip-172-31-62-245 sshd\[32587\]: Invalid user webs from 201.99.120.13\ Jul 9 09:23:01 ip-172-31-62-245 sshd\[32587\]: Failed password for invalid user webs from 201.99.120.13 port 11537 ssh2\ Jul 9 09:23:57 ip-172-31-62-245 sshd\[32592\]: Invalid user vnc from 201.99.120.13\ Jul 9 09:23:59 ip-172-31-62-245 sshd\[32592\]: Failed password for invalid user vnc from 201.99.120.13 port 14201 ssh2\	2019-07-09 18:41:08
139.59.59.187	attackbotsspam	Jul 9 12:01:06 XXX sshd[37594]: Invalid user shop from 139.59.59.187 port 38078	2019-07-09 19:10:01
134.209.115.206	attackbotsspam	2019-07-09T03:15:33.525179abusebot-4.cloudsearch.cf sshd\[24262\]: Invalid user rustserver from 134.209.115.206 port 44736	2019-07-09 19:21:44
177.128.144.128	attackbotsspam	Brute force attempt	2019-07-09 18:44:14
178.128.84.246	attackspambots	Jul 9 05:51:50 amit sshd\[20912\]: Invalid user angelo from 178.128.84.246 Jul 9 05:51:50 amit sshd\[20912\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.128.84.246 Jul 9 05:51:52 amit sshd\[20912\]: Failed password for invalid user angelo from 178.128.84.246 port 48326 ssh2 ...	2019-07-09 19:23:07
5.188.86.114	attackspambots	09.07.2019 11:06:42 Connection to port 4873 blocked by firewall	2019-07-09 19:07:57
121.67.246.139	attackspambots	[ssh] SSH attack	2019-07-09 18:56:03
119.187.151.218	attackbots	2019-07-09T17:12:43.215637enmeeting.mahidol.ac.th sshd\[19738\]: Invalid user nologin from 119.187.151.218 port 56622 2019-07-09T17:12:43.229009enmeeting.mahidol.ac.th sshd\[19738\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.187.151.218 2019-07-09T17:12:45.250156enmeeting.mahidol.ac.th sshd\[19738\]: Failed password for invalid user nologin from 119.187.151.218 port 56622 ssh2 ...	2019-07-09 18:45:59
200.94.105.39	attackspambots	19/7/8@23:16:52: FAIL: Alarm-Intrusion address from=200.94.105.39 ...	2019-07-09 18:57:24

Recently Reported IPs

156.243.67.3	9.225.123.16	60.182.19.52	58.252.200.116
49.231.146.68	49.81.85.100	42.117.205.76	42.112.99.56
37.146.59.82	36.108.150.96	27.43.109.126	129.247.237.80
1.220.185.149	135.208.237.1	60.150.91.0	235.17.64.234
1.197.130.198	164.141.173.182	79.137.109.137	223.215.176.203