49.85.138.73 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: ChinaNet Jiangsu Province Network

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspam	Unauthorized connection attempt detected from IP address 49.85.138.73 to port 23 [T]	2020-03-24 19:09:49

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 49.85.138.73
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 8509
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;49.85.138.73.			IN	A

;; AUTHORITY SECTION:
.			137	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020032400 1800 900 604800 86400

;; Query time: 104 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Mar 24 19:09:42 CST 2020
;; MSG SIZE  rcvd: 116

Host info

Host 73.138.85.49.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 73.138.85.49.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
81.4.106.152	attackbotsspam	Sep 27 07:09:10 hanapaa sshd\[12114\]: Invalid user dt from 81.4.106.152 Sep 27 07:09:10 hanapaa sshd\[12114\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=81.4.106.152 Sep 27 07:09:12 hanapaa sshd\[12114\]: Failed password for invalid user dt from 81.4.106.152 port 33938 ssh2 Sep 27 07:13:07 hanapaa sshd\[12448\]: Invalid user vps from 81.4.106.152 Sep 27 07:13:07 hanapaa sshd\[12448\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=81.4.106.152	2019-09-28 01:41:15
103.71.65.101	attackbotsspam	Sep 27 07:07:13 mailman postfix/smtpd[28813]: NOQUEUE: reject: RCPT from unknown[103.71.65.101]: 554 5.7.1 Service unavailable; Client host [103.71.65.101] blocked using sbl-xbl.spamhaus.org; https://www.spamhaus.org/query/ip/103.71.65.101; from= to= proto=ESMTP helo=<[103.71.65.101]> Sep 27 07:09:21 mailman postfix/smtpd[28813]: NOQUEUE: reject: RCPT from unknown[103.71.65.101]: 554 5.7.1 Service unavailable; Client host [103.71.65.101] blocked using sbl-xbl.spamhaus.org; https://www.spamhaus.org/query/ip/103.71.65.101; from= to= proto=ESMTP helo=<[103.71.65.101]>	2019-09-28 01:55:59
162.144.159.55	attackbots	WordPress wp-login brute force :: 162.144.159.55 0.140 BYPASS [27/Sep/2019:22:09:39 1000] [censored_1] "POST /wp-login.php HTTP/1.1" 200 3972 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2019-09-28 01:49:03
118.68.170.172	attack	Sep 27 18:05:54 venus sshd\[23870\]: Invalid user alyssa from 118.68.170.172 port 35556 Sep 27 18:05:54 venus sshd\[23870\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.68.170.172 Sep 27 18:05:56 venus sshd\[23870\]: Failed password for invalid user alyssa from 118.68.170.172 port 35556 ssh2 ...	2019-09-28 02:14:48
185.107.70.202	attack	timhelmke.de:80 185.107.70.202 - - \[27/Sep/2019:14:09:15 +0200\] "POST /xmlrpc.php HTTP/1.0" 301 491 "-" "Mozilla/5.0 \(Macintosh\; Intel Mac OS X 10_11_6\) AppleWebKit/605.1.15 \(KHTML, like Gecko\) Version/11.1.2 Safari/605.1.15" timhelmke.de 185.107.70.202 \[27/Sep/2019:14:09:17 +0200\] "POST /xmlrpc.php HTTP/1.0" 200 3777 "-" "Mozilla/5.0 \(Macintosh\; Intel Mac OS X 10_11_6\) AppleWebKit/605.1.15 \(KHTML, like Gecko\) Version/11.1.2 Safari/605.1.15"	2019-09-28 01:58:40
3.216.181.52	attackspambots	Invalid user test from 3.216.181.52 port 45402	2019-09-28 01:33:18
106.12.188.252	attackspambots	Too many connections or unauthorized access detected from Arctic banned ip	2019-09-28 01:40:48
51.68.123.198	attackspam	2019-09-27T15:52:47.667236lon01.zurich-datacenter.net sshd\[15588\]: Invalid user changeme from 51.68.123.198 port 42430 2019-09-27T15:52:47.674717lon01.zurich-datacenter.net sshd\[15588\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=198.ip-51-68-123.eu 2019-09-27T15:52:49.599223lon01.zurich-datacenter.net sshd\[15588\]: Failed password for invalid user changeme from 51.68.123.198 port 42430 ssh2 2019-09-27T15:56:56.439131lon01.zurich-datacenter.net sshd\[15693\]: Invalid user ZAQ!2wsx from 51.68.123.198 port 55214 2019-09-27T15:56:56.445774lon01.zurich-datacenter.net sshd\[15693\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=198.ip-51-68-123.eu ...	2019-09-28 01:48:45
185.84.180.90	attackspam	[CMS scan: bitrix] [exploit: mixed] [hack/exploit/scan: admin] [WP scan/spam/exploit] [multiweb: req 3 domains(hosts/ip)] [bad UserAgent] Blocklist.DE:"listed [bruteforcelogin]"	2019-09-28 02:18:17
114.67.68.30	attackspambots	Automatic report - Banned IP Access	2019-09-28 02:20:48
213.74.203.106	attack	Sep 27 19:28:27 MK-Soft-Root2 sshd[23816]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=213.74.203.106 Sep 27 19:28:29 MK-Soft-Root2 sshd[23816]: Failed password for invalid user penguin from 213.74.203.106 port 40955 ssh2 ...	2019-09-28 01:47:15
45.55.20.128	attackspambots	Sep 27 07:31:29 wbs sshd\[21745\]: Invalid user niu from 45.55.20.128 Sep 27 07:31:29 wbs sshd\[21745\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.55.20.128 Sep 27 07:31:31 wbs sshd\[21745\]: Failed password for invalid user niu from 45.55.20.128 port 53533 ssh2 Sep 27 07:36:07 wbs sshd\[22113\]: Invalid user vs from 45.55.20.128 Sep 27 07:36:07 wbs sshd\[22113\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.55.20.128	2019-09-28 01:37:44
49.83.139.112	attackspam	SSH invalid-user multiple login try	2019-09-28 01:59:41
43.231.61.146	attackspambots	Sep 27 19:10:59 bouncer sshd\[24815\]: Invalid user raspberry from 43.231.61.146 port 44174 Sep 27 19:10:59 bouncer sshd\[24815\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=43.231.61.146 Sep 27 19:11:01 bouncer sshd\[24815\]: Failed password for invalid user raspberry from 43.231.61.146 port 44174 ssh2 ...	2019-09-28 01:55:30
148.66.135.51	attack	Automatic report - Banned IP Access	2019-09-28 02:16:12

Recently Reported IPs

11.90.30.92	195.231.0.174	183.63.5.181	183.62.152.33
180.183.57.49	176.226.179.218	175.153.253.151	122.246.148.220
122.5.11.2	121.224.219.117	120.218.183.104	120.214.146.126
119.123.227.189	114.93.75.85	113.233.26.70	151.14.118.63
113.104.181.24	116.58.112.69	128.35.227.43	112.250.210.245