112.85.45.49 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: China Unicom Jiangsu Province Network

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Unauthorized connection attempt detected from IP address 112.85.45.49 to port 6656 [T]	2020-01-27 07:05:10

Comments on same subnet:

IP	Type	Details	Datetime
112.85.45.47	attack	Unauthorized IMAP connection attempt	2020-05-25 00:21:27
112.85.45.164	attackspambots	Unauthorized IMAP connection attempt	2020-05-15 04:07:21
112.85.45.5	attack	Unauthorized connection attempt detected from IP address 112.85.45.5 to port 6656 [T]	2020-01-30 17:35:27
112.85.45.57	attackspambots	Unauthorized connection attempt detected from IP address 112.85.45.57 to port 6656 [T]	2020-01-30 16:10:15
112.85.45.107	attackspambots	Unauthorized connection attempt detected from IP address 112.85.45.107 to port 6656 [T]	2020-01-30 14:22:19
112.85.45.176	attack	Unauthorized connection attempt detected from IP address 112.85.45.176 to port 6656 [T]	2020-01-30 08:46:19
112.85.45.76	attackbotsspam	Unauthorized connection attempt detected from IP address 112.85.45.76 to port 6656 [T]	2020-01-30 08:02:20
112.85.45.96	attack	Unauthorized connection attempt detected from IP address 112.85.45.96 to port 6656 [T]	2020-01-30 07:00:27

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 112.85.45.49
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 14987
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;112.85.45.49.			IN	A

;; AUTHORITY SECTION:
.			210	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020012601 1800 900 604800 86400

;; Query time: 117 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Jan 27 07:05:07 CST 2020
;; MSG SIZE  rcvd: 116

Host info

Host 49.45.85.112.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 49.45.85.112.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
58.64.209.254	attackspam	SMB Server BruteForce Attack	2019-07-03 11:28:59
107.161.183.42	attack	TCP src-port=50280 dst-port=25 dnsbl-sorbs abuseat-org spamcop (1)	2019-07-03 11:35:21
181.231.38.165	attack	Jul 3 01:36:06 localhost sshd\[5742\]: Invalid user postgres from 181.231.38.165 Jul 3 01:36:06 localhost sshd\[5742\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=181.231.38.165 Jul 3 01:36:08 localhost sshd\[5742\]: Failed password for invalid user postgres from 181.231.38.165 port 49118 ssh2 Jul 3 01:39:01 localhost sshd\[5794\]: Invalid user admin from 181.231.38.165 Jul 3 01:39:01 localhost sshd\[5794\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=181.231.38.165 ...	2019-07-03 11:36:33
122.195.200.148	attackbotsspam	Jul 3 04:56:34 MainVPS sshd[17451]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.195.200.148 user=root Jul 3 04:56:35 MainVPS sshd[17451]: Failed password for root from 122.195.200.148 port 19684 ssh2 Jul 3 04:56:42 MainVPS sshd[17460]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.195.200.148 user=root Jul 3 04:56:44 MainVPS sshd[17460]: Failed password for root from 122.195.200.148 port 46456 ssh2 Jul 3 04:56:43 MainVPS sshd[17464]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.195.200.148 user=root Jul 3 04:56:46 MainVPS sshd[17464]: Failed password for root from 122.195.200.148 port 55525 ssh2 ...	2019-07-03 11:29:28
210.157.255.252	attackbotsspam	SSH Brute-Force reported by Fail2Ban	2019-07-03 11:36:15
139.198.120.96	attackbotsspam	Jul 3 05:08:23 s64-1 sshd[29259]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.198.120.96 Jul 3 05:08:26 s64-1 sshd[29259]: Failed password for invalid user luke123 from 139.198.120.96 port 37434 ssh2 Jul 3 05:11:02 s64-1 sshd[29269]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.198.120.96 ...	2019-07-03 11:12:07
190.85.234.215	attackspam	Jul 3 03:13:30 srv-4 sshd\[32555\]: Invalid user kv from 190.85.234.215 Jul 3 03:13:30 srv-4 sshd\[32555\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.85.234.215 Jul 3 03:13:32 srv-4 sshd\[32555\]: Failed password for invalid user kv from 190.85.234.215 port 33816 ssh2 ...	2019-07-03 11:33:11
106.12.84.221	attack	Jul 3 02:54:22 mail sshd\[19283\]: Invalid user ianb from 106.12.84.221 port 55878 Jul 3 02:54:22 mail sshd\[19283\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.84.221 ...	2019-07-03 11:42:07
178.62.90.206	attackspambots	MYH,DEF GET /app/etc/local.xml	2019-07-03 11:25:47
82.165.83.251	attackbotsspam	SQL Injection	2019-07-03 11:14:09
87.92.237.11	attack	Jan 31 15:14:42 motanud sshd\[15355\]: Invalid user pi from 87.92.237.11 port 56984 Jan 31 15:14:42 motanud sshd\[15355\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=87.92.237.11 Jan 31 15:14:42 motanud sshd\[15357\]: Invalid user pi from 87.92.237.11 port 56996 Jan 31 15:14:42 motanud sshd\[15357\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=87.92.237.11	2019-07-03 11:06:48
139.59.59.194	attack	Jul 3 02:14:21 bouncer sshd\[29688\]: Invalid user kon from 139.59.59.194 port 56104 Jul 3 02:14:21 bouncer sshd\[29688\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.59.194 Jul 3 02:14:23 bouncer sshd\[29688\]: Failed password for invalid user kon from 139.59.59.194 port 56104 ssh2 ...	2019-07-03 11:12:26
202.131.152.2	attack	Jul 3 01:08:10 Ubuntu-1404-trusty-64-minimal sshd\[10867\]: Invalid user kua from 202.131.152.2 Jul 3 01:08:10 Ubuntu-1404-trusty-64-minimal sshd\[10867\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.131.152.2 Jul 3 01:08:12 Ubuntu-1404-trusty-64-minimal sshd\[10867\]: Failed password for invalid user kua from 202.131.152.2 port 43945 ssh2 Jul 3 01:12:23 Ubuntu-1404-trusty-64-minimal sshd\[15369\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.131.152.2 user=git Jul 3 01:12:25 Ubuntu-1404-trusty-64-minimal sshd\[15369\]: Failed password for git from 202.131.152.2 port 36998 ssh2	2019-07-03 11:08:46
191.23.113.111	attackspam	Jul 2 20:14:23 debian sshd\[19179\]: Invalid user hades520 from 191.23.113.111 port 42455 Jul 2 20:14:23 debian sshd\[19179\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=191.23.113.111 Jul 2 20:14:25 debian sshd\[19179\]: Failed password for invalid user hades520 from 191.23.113.111 port 42455 ssh2 ...	2019-07-03 11:10:28
139.199.221.240	attack	Jul 2 16:11:16 cac1d2 sshd\[24647\]: Invalid user chris from 139.199.221.240 port 34174 Jul 2 16:11:16 cac1d2 sshd\[24647\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.221.240 Jul 2 16:11:18 cac1d2 sshd\[24647\]: Failed password for invalid user chris from 139.199.221.240 port 34174 ssh2 ...	2019-07-03 11:33:44

Recently Reported IPs

156.243.67.3	9.225.123.16	60.182.19.52	58.252.200.116
49.231.146.68	49.81.85.100	42.117.205.76	42.112.99.56
37.146.59.82	36.108.150.96	27.43.109.126	129.247.237.80
1.220.185.149	135.208.237.1	60.150.91.0	235.17.64.234
1.197.130.198	164.141.173.182	79.137.109.137	223.215.176.203