49.85.18.166 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
49.85.184.186	attackspambots	Email rejected due to spam filtering	2020-06-23 04:00:59

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 49.85.18.166
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 17002
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;49.85.18.166.			IN	A

;; AUTHORITY SECTION:
.			517	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022061500 1800 900 604800 86400

;; Query time: 66 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Jun 15 20:32:26 CST 2022
;; MSG SIZE  rcvd: 105

Host info

Host 166.18.85.49.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 166.18.85.49.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
95.85.24.147	attack	Jul 14 14:40:47 plex-server sshd[782072]: Invalid user postgres from 95.85.24.147 port 46718 Jul 14 14:40:47 plex-server sshd[782072]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=95.85.24.147 Jul 14 14:40:47 plex-server sshd[782072]: Invalid user postgres from 95.85.24.147 port 46718 Jul 14 14:40:49 plex-server sshd[782072]: Failed password for invalid user postgres from 95.85.24.147 port 46718 ssh2 Jul 14 14:43:56 plex-server sshd[783079]: Invalid user toy from 95.85.24.147 port 42778 ...	2020-07-14 22:48:32
185.176.27.26	attackspambots	07/14/2020-10:39:29.118779 185.176.27.26 Protocol: 6 ET DROP Dshield Block Listed Source group 1	2020-07-14 22:54:06
52.231.162.132	attackspambots	Jul 14 13:39:09 vlre-nyc-1 sshd\[24672\]: Invalid user govlre from 52.231.162.132 Jul 14 13:39:09 vlre-nyc-1 sshd\[24672\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.231.162.132 Jul 14 13:39:09 vlre-nyc-1 sshd\[24673\]: Invalid user govlre.com from 52.231.162.132 Jul 14 13:39:09 vlre-nyc-1 sshd\[24673\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.231.162.132 Jul 14 13:39:11 vlre-nyc-1 sshd\[24672\]: Failed password for invalid user govlre from 52.231.162.132 port 18913 ssh2 ...	2020-07-14 23:20:43
112.6.44.28	attackbotsspam	Jul 14 15:46:09 srv1 postfix/smtpd[13288]: warning: unknown[112.6.44.28]: SASL LOGIN authentication failed: authentication failure Jul 14 15:46:09 srv1 postfix/smtpd[13270]: warning: unknown[112.6.44.28]: SASL LOGIN authentication failed: authentication failure Jul 14 15:46:14 srv1 postfix/smtpd[13288]: warning: unknown[112.6.44.28]: SASL LOGIN authentication failed: authentication failure Jul 14 15:46:18 srv1 postfix/smtpd[13217]: warning: unknown[112.6.44.28]: SASL LOGIN authentication failed: authentication failure Jul 14 15:46:21 srv1 postfix/smtpd[13288]: warning: unknown[112.6.44.28]: SASL LOGIN authentication failed: authentication failure ...	2020-07-14 23:18:00
185.176.27.254	attack	07/14/2020-10:38:21.676875 185.176.27.254 Protocol: 6 ET SCAN NMAP -sS window 1024	2020-07-14 23:22:14
142.93.172.45	attackspam	142.93.172.45 - - [14/Jul/2020:15:40:01 +0100] "POST /wp-login.php HTTP/1.1" 200 2423 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.172.45 - - [14/Jul/2020:15:40:02 +0100] "POST /wp-login.php HTTP/1.1" 200 2371 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.172.45 - - [14/Jul/2020:15:40:03 +0100] "POST /wp-login.php HTTP/1.1" 200 2344 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-07-14 23:15:44
190.151.37.20	attack	Jul 14 16:14:56 hidden sshd[61565]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.151.37.20 Jul 14 16:14:58 hidden sshd[61565]: Failed password for invalid user zabbix from 190.151.37.20 port 46568 ssh2	2020-07-14 22:42:52
46.38.150.203	attackbotsspam	Jul 14 17:15:23 relay postfix/smtpd\[4777\]: warning: unknown\[46.38.150.203\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jul 14 17:15:40 relay postfix/smtpd\[4305\]: warning: unknown\[46.38.150.203\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jul 14 17:16:04 relay postfix/smtpd\[30255\]: warning: unknown\[46.38.150.203\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jul 14 17:16:21 relay postfix/smtpd\[4305\]: warning: unknown\[46.38.150.203\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jul 14 17:16:43 relay postfix/smtpd\[4777\]: warning: unknown\[46.38.150.203\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2020-07-14 23:18:26
103.6.207.147	attackbotsspam	Unauthorized connection attempt from IP address 103.6.207.147 on port 587	2020-07-14 22:51:02
89.248.168.217	attackspam	89.248.168.217 was recorded 6 times by 5 hosts attempting to connect to the following ports: 14147,16000. Incident counter (4h, 24h, all-time): 6, 47, 22074	2020-07-14 23:18:53
203.130.24.102	attackspam	TCP (SYN) 203.130.24.102:53239 -> port 445, len 48	2020-07-14 22:45:02
13.69.153.216	attackbotsspam	Jul 14 15:46:44 PorscheCustomer sshd[6322]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=13.69.153.216 Jul 14 15:46:44 PorscheCustomer sshd[6321]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=13.69.153.216 Jul 14 15:46:46 PorscheCustomer sshd[6322]: Failed password for invalid user xpandity from 13.69.153.216 port 1024 ssh2 Jul 14 15:46:46 PorscheCustomer sshd[6321]: Failed password for invalid user xpandity.com from 13.69.153.216 port 1025 ssh2 ...	2020-07-14 23:07:47
52.228.31.194	attack	Jul 14 08:14:56 finn sshd[780]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.228.31.194 user=yctp Jul 14 08:14:57 finn sshd[781]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.228.31.194 user=yctp Jul 14 08:14:57 finn sshd[784]: Invalid user yctp.com from 52.228.31.194 port 21785 Jul 14 08:14:57 finn sshd[782]: Invalid user yctp.com from 52.228.31.194 port 21784 Jul 14 08:14:57 finn sshd[784]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.228.31.194 Jul 14 08:14:57 finn sshd[782]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.228.31.194 Jul 14 08:14:57 finn sshd[788]: Invalid user admin from 52.228.31.194 port 21788 Jul 14 08:14:57 finn sshd[788]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.228.31.194 Jul 14 08:14:57 finn sshd[791]: Invalid use........ -------------------------------	2020-07-14 22:56:54
37.187.104.135	attackspambots	(sshd) Failed SSH login from 37.187.104.135 (FR/France/ns3374745.ip-37-187-104.eu): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Jul 14 15:43:56 amsweb01 sshd[31415]: Invalid user www from 37.187.104.135 port 54766 Jul 14 15:43:58 amsweb01 sshd[31415]: Failed password for invalid user www from 37.187.104.135 port 54766 ssh2 Jul 14 16:01:15 amsweb01 sshd[1633]: Invalid user victor from 37.187.104.135 port 55928 Jul 14 16:01:17 amsweb01 sshd[1633]: Failed password for invalid user victor from 37.187.104.135 port 55928 ssh2 Jul 14 16:02:57 amsweb01 sshd[1808]: Invalid user tanvir from 37.187.104.135 port 55456	2020-07-14 22:44:38
52.246.251.241	attackspam	Jul 14 15:41:58 roki sshd[24694]: Invalid user roki from 52.246.251.241 Jul 14 15:41:58 roki sshd[24694]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.246.251.241 Jul 14 15:41:58 roki sshd[24693]: Invalid user ovh from 52.246.251.241 Jul 14 15:41:58 roki sshd[24693]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.246.251.241 Jul 14 15:41:58 roki sshd[24695]: Invalid user roki.ovh from 52.246.251.241 Jul 14 15:41:58 roki sshd[24695]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.246.251.241 ...	2020-07-14 22:46:57

Recently Reported IPs

99.86.78.13	49.85.49.107	49.85.51.62	49.85.50.246
38.145.101.243	49.85.49.32	111.153.92.49	157.229.79.177
10.224.172.136	49.85.49.228	49.85.50.136	49.85.50.142
49.85.51.7	49.85.53.231	78.31.85.3	78.34.112.244
39.1.36.20	38.145.101.8	38.145.101.138	39.1.47.43