112.85.45.49 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: China Unicom Jiangsu Province Network

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Unauthorized connection attempt detected from IP address 112.85.45.49 to port 6656 [T]	2020-01-27 07:05:10

Comments on same subnet:

IP	Type	Details	Datetime
112.85.45.47	attack	Unauthorized IMAP connection attempt	2020-05-25 00:21:27
112.85.45.164	attackspambots	Unauthorized IMAP connection attempt	2020-05-15 04:07:21
112.85.45.5	attack	Unauthorized connection attempt detected from IP address 112.85.45.5 to port 6656 [T]	2020-01-30 17:35:27
112.85.45.57	attackspambots	Unauthorized connection attempt detected from IP address 112.85.45.57 to port 6656 [T]	2020-01-30 16:10:15
112.85.45.107	attackspambots	Unauthorized connection attempt detected from IP address 112.85.45.107 to port 6656 [T]	2020-01-30 14:22:19
112.85.45.176	attack	Unauthorized connection attempt detected from IP address 112.85.45.176 to port 6656 [T]	2020-01-30 08:46:19
112.85.45.76	attackbotsspam	Unauthorized connection attempt detected from IP address 112.85.45.76 to port 6656 [T]	2020-01-30 08:02:20
112.85.45.96	attack	Unauthorized connection attempt detected from IP address 112.85.45.96 to port 6656 [T]	2020-01-30 07:00:27

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 112.85.45.49
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 14987
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;112.85.45.49.			IN	A

;; AUTHORITY SECTION:
.			210	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020012601 1800 900 604800 86400

;; Query time: 117 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Jan 27 07:05:07 CST 2020
;; MSG SIZE  rcvd: 116

Host info

Host 49.45.85.112.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 49.45.85.112.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
138.197.189.136	attack	Jul 24 14:51:11 XXX sshd[11359]: Invalid user git from 138.197.189.136 port 35436	2020-07-25 00:05:13
61.177.172.41	attackbotsspam	Jul 24 17:57:35 dev0-dcde-rnet sshd[13900]: Failed password for root from 61.177.172.41 port 23797 ssh2 Jul 24 17:57:38 dev0-dcde-rnet sshd[13900]: Failed password for root from 61.177.172.41 port 23797 ssh2 Jul 24 17:57:41 dev0-dcde-rnet sshd[13900]: Failed password for root from 61.177.172.41 port 23797 ssh2 Jul 24 17:57:47 dev0-dcde-rnet sshd[13900]: error: maximum authentication attempts exceeded for root from 61.177.172.41 port 23797 ssh2 [preauth]	2020-07-25 00:01:14
102.167.181.113	attackbots	Honeypot attack, port: 445, PTR: twiga.telkom.co.ke.	2020-07-25 00:10:08
201.222.57.21	attackspambots	Jul 24 15:46:46 hell sshd[1334]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=201.222.57.21 Jul 24 15:46:48 hell sshd[1334]: Failed password for invalid user transport from 201.222.57.21 port 48156 ssh2 ...	2020-07-25 00:19:44
222.186.180.147	attackbots	Jul 24 11:52:08 NPSTNNYC01T sshd[6637]: Failed password for root from 222.186.180.147 port 39366 ssh2 Jul 24 11:52:22 NPSTNNYC01T sshd[6637]: error: maximum authentication attempts exceeded for root from 222.186.180.147 port 39366 ssh2 [preauth] Jul 24 11:52:35 NPSTNNYC01T sshd[6703]: Failed password for root from 222.186.180.147 port 15642 ssh2 ...	2020-07-25 00:07:13
45.7.196.77	attack	Jul 24 17:23:29 abendstille sshd\[11929\]: Invalid user tcadmin from 45.7.196.77 Jul 24 17:23:29 abendstille sshd\[11929\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.7.196.77 Jul 24 17:23:31 abendstille sshd\[11929\]: Failed password for invalid user tcadmin from 45.7.196.77 port 37886 ssh2 Jul 24 17:26:14 abendstille sshd\[14896\]: Invalid user rly from 45.7.196.77 Jul 24 17:26:14 abendstille sshd\[14896\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.7.196.77 ...	2020-07-24 23:53:22
194.26.29.80	attackspam	[MK-VM2] Blocked by UFW	2020-07-25 00:32:04
139.170.150.251	attackbots	Jul 24 14:53:02 marvibiene sshd[15836]: Invalid user openstack from 139.170.150.251 port 12278 Jul 24 14:53:02 marvibiene sshd[15836]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.170.150.251 Jul 24 14:53:02 marvibiene sshd[15836]: Invalid user openstack from 139.170.150.251 port 12278 Jul 24 14:53:04 marvibiene sshd[15836]: Failed password for invalid user openstack from 139.170.150.251 port 12278 ssh2	2020-07-25 00:18:55
222.186.180.41	attackbotsspam	Jul 24 16:28:30 scw-6657dc sshd[32664]: Failed password for root from 222.186.180.41 port 53790 ssh2 Jul 24 16:28:30 scw-6657dc sshd[32664]: Failed password for root from 222.186.180.41 port 53790 ssh2 Jul 24 16:28:33 scw-6657dc sshd[32664]: Failed password for root from 222.186.180.41 port 53790 ssh2 ...	2020-07-25 00:33:30
159.65.132.140	attack	Lines containing failures of 159.65.132.140 Jul 20 21:47:14 online-web-2 sshd[2319481]: Invalid user mongod from 159.65.132.140 port 48038 Jul 20 21:47:14 online-web-2 sshd[2319481]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.65.132.140 Jul 20 21:47:16 online-web-2 sshd[2319481]: Failed password for invalid user mongod from 159.65.132.140 port 48038 ssh2 Jul 20 21:47:16 online-web-2 sshd[2319481]: Received disconnect from 159.65.132.140 port 48038:11: Bye Bye [preauth] Jul 20 21:47:16 online-web-2 sshd[2319481]: Disconnected from invalid user mongod 159.65.132.140 port 48038 [preauth] Jul 20 21:52:22 online-web-2 sshd[2321024]: Invalid user download from 159.65.132.140 port 56082 Jul 20 21:52:22 online-web-2 sshd[2321024]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.65.132.140 Jul 20 21:52:23 online-web-2 sshd[2321024]: Failed password for invalid user download from 159.65......... ------------------------------	2020-07-25 00:22:50
103.10.223.222	attackspam	SMB Server BruteForce Attack	2020-07-25 00:20:30
118.25.63.170	attack	Jul 24 15:30:23 ns382633 sshd\[28443\]: Invalid user lavoro from 118.25.63.170 port 58985 Jul 24 15:30:23 ns382633 sshd\[28443\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.25.63.170 Jul 24 15:30:25 ns382633 sshd\[28443\]: Failed password for invalid user lavoro from 118.25.63.170 port 58985 ssh2 Jul 24 15:46:58 ns382633 sshd\[31351\]: Invalid user matthieu from 118.25.63.170 port 32030 Jul 24 15:46:58 ns382633 sshd\[31351\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.25.63.170	2020-07-25 00:04:08
210.56.23.100	attack	Jul 24 15:35:54 web-main sshd[696453]: Invalid user jiawei from 210.56.23.100 port 59290 Jul 24 15:35:56 web-main sshd[696453]: Failed password for invalid user jiawei from 210.56.23.100 port 59290 ssh2 Jul 24 15:47:06 web-main sshd[696612]: Invalid user postgres from 210.56.23.100 port 53618	2020-07-24 23:51:47
62.234.90.140	attack	$f2bV_matches	2020-07-25 00:15:14
175.145.232.73	attackspam	(sshd) Failed SSH login from 175.145.232.73 (MY/Malaysia/-): 5 in the last 3600 secs	2020-07-25 00:32:25

Recently Reported IPs

156.243.67.3	9.225.123.16	60.182.19.52	58.252.200.116
49.231.146.68	49.81.85.100	42.117.205.76	42.112.99.56
37.146.59.82	36.108.150.96	27.43.109.126	129.247.237.80
1.220.185.149	135.208.237.1	60.150.91.0	235.17.64.234
1.197.130.198	164.141.173.182	79.137.109.137	223.215.176.203