49.85.243.97 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: ChinaNet Jiangsu Province Network

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
49.85.243.55	attackspam	SASL broute force	2019-11-28 18:59:21
49.85.243.218	attack	Nov 23 23:23:54 mx1 postfix/smtpd\[9791\]: warning: unknown\[49.85.243.218\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6Nov 23 23:24:31 mx1 postfix/smtpd\[9791\]: warning: unknown\[49.85.243.218\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6Nov 23 23:24:48 mx1 postfix/smtpd\[9803\]: warning: unknown\[49.85.243.218\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2019-11-24 01:21:04
49.85.243.188	attackspam	SASL broute force	2019-11-23 20:46:23
49.85.243.23	attackspam	2019-08-27 07:58:24 dovecot_login authenticator failed for (ylmf-pc) [49.85.243.23]:2241: 535 Incorrect authentication data (set_id=liepaja) 2019-08-27 07:58:32 dovecot_login authenticator failed for (ylmf-pc) [49.85.243.23]:2749: 535 Incorrect authentication data (set_id=liepaja) 2019-08-27 07:58:45 dovecot_login authenticator failed for (ylmf-pc) [49.85.243.23]:3405: 535 Incorrect authentication data (set_id=liepaja) 2019-08-27 07:59:00 dovecot_login authenticator failed for (ylmf-pc) [49.85.243.23]:1407: 535 Incorrect authentication data (set_id=liepaja) 2019-08-27 07:59:03 dovecot_login authenticator failed for (ylmf-pc) [49.85.243.23]:4541: 535 Incorrect authentication data 2019-08-27 07:59:08 dovecot_login authenticator failed for (ylmf-pc) [49.85.243.23]:1574: 535 Incorrect authentication data (set_id=liepaja) 2019-08-27 07:59:19 dovecot_login authenticator failed for (ylmf-pc) [49.85.243.23]:2101: 535 Incorrect authentication data (set_id=liepaja) 2019-08-27 07:5........ ------------------------------	2019-08-28 16:11:50
49.85.243.249	attackspam	2019-08-21 13:52:09 dovecot_login authenticator failed for (ylmf-pc) [49.85.243.249]:1108: 535 Incorrect authentication data (set_id=info) 2019-08-21 13:52:16 dovecot_login authenticator failed for (ylmf-pc) [49.85.243.249]:1528: 535 Incorrect authentication data (set_id=info) 2019-08-21 13:52:27 dovecot_login authenticator failed for (ylmf-pc) [49.85.243.249]:2068: 535 Incorrect authentication data (set_id=info) 2019-08-21 13:52:45 dovecot_login authenticator failed for (ylmf-pc) [49.85.243.249]:2808: 535 Incorrect authentication data 2019-08-21 13:52:56 dovecot_login authenticator failed for (ylmf-pc) [49.85.243.249]:3506: 535 Incorrect authentication data 2019-08-21 13:53:08 dovecot_login authenticator failed for (ylmf-pc) [49.85.243.249]:4091: 535 Incorrect authentication data 2019-08-21 13:53:19 dovecot_login authenticator failed for (ylmf-pc) [49.85.243.249]:4640: 535 Incorrect authentication data 2019-08-21 13:53:30 dovecot_login authenticator failed for (ylmf-pc)........ ------------------------------	2019-08-22 02:46:15
49.85.243.248	attackbotsspam	SSH invalid-user multiple login try	2019-08-19 07:50:12
49.85.243.46	attackbotsspam	ylmf-pc	2019-08-19 03:50:28

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 49.85.243.97
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 57997
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;49.85.243.97.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019082101 1800 900 604800 86400

;; Query time: 7 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Thu Aug 22 08:39:34 CST 2019
;; MSG SIZE  rcvd: 116

Host info

Host 97.243.85.49.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 97.243.85.49.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
92.118.160.57	attack	Unauthorized connection attempt from IP address 92.118.160.57 on Port 139(NETBIOS)	2019-10-04 04:24:00
58.214.24.53	attack	Automatic report - Banned IP Access	2019-10-04 04:36:23
177.133.39.252	attackspam	Attempt to attack host OS, exploiting network vulnerabilities, on 03-10-2019 13:20:25.	2019-10-04 04:43:49
58.87.92.153	attackbotsspam	Oct 3 17:02:43 eventyay sshd[18540]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.87.92.153 Oct 3 17:02:45 eventyay sshd[18540]: Failed password for invalid user andy from 58.87.92.153 port 52564 ssh2 Oct 3 17:07:45 eventyay sshd[18679]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.87.92.153 ...	2019-10-04 04:41:33
218.92.0.191	attackspambots	Oct 4 01:45:26 lcl-usvr-02 sshd[5665]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.191 user=root Oct 4 01:45:28 lcl-usvr-02 sshd[5665]: Failed password for root from 218.92.0.191 port 28242 ssh2 ...	2019-10-04 04:25:21
218.92.0.211	attackbotsspam	Lines containing failures of 218.92.0.211 Sep 29 14:13:24 mx-in-01 sshd[1273]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.211 user=r.r Sep 29 14:13:26 mx-in-01 sshd[1273]: Failed password for r.r from 218.92.0.211 port 53178 ssh2 Sep 29 14:13:29 mx-in-01 sshd[1273]: Failed password for r.r from 218.92.0.211 port 53178 ssh2 Sep 29 14:13:33 mx-in-01 sshd[1273]: Failed password for r.r from 218.92.0.211 port 53178 ssh2 Sep 29 14:13:33 mx-in-01 sshd[1273]: Received disconnect from 218.92.0.211 port 53178:11: [preauth] Sep 29 14:13:33 mx-in-01 sshd[1273]: Disconnected from authenticating user r.r 218.92.0.211 port 53178 [preauth] Sep 29 14:13:33 mx-in-01 sshd[1273]: PAM 2 more authentication failures; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.211 user=r.r Sep 29 14:14:54 mx-in-01 sshd[1280]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.211 user=r.r Sep 29 14........ ------------------------------	2019-10-04 04:33:19
148.70.84.130	attack	$f2bV_matches	2019-10-04 04:08:03
95.154.203.137	attackbotsspam	Oct 3 11:22:49 ws19vmsma01 sshd[234333]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=95.154.203.137 Oct 3 11:22:51 ws19vmsma01 sshd[234333]: Failed password for invalid user git from 95.154.203.137 port 39024 ssh2 ...	2019-10-04 04:03:07
51.77.156.240	attackbots	Oct 3 16:41:54 heissa sshd\[1666\]: Invalid user wangyi from 51.77.156.240 port 47310 Oct 3 16:41:54 heissa sshd\[1666\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=240.ip-51-77-156.eu Oct 3 16:41:57 heissa sshd\[1666\]: Failed password for invalid user wangyi from 51.77.156.240 port 47310 ssh2 Oct 3 16:47:08 heissa sshd\[2415\]: Invalid user newsletter from 51.77.156.240 port 59996 Oct 3 16:47:08 heissa sshd\[2415\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=240.ip-51-77-156.eu	2019-10-04 04:11:21
92.54.192.82	attackbots	Attempt to attack host OS, exploiting network vulnerabilities, on 03-10-2019 13:20:33.	2019-10-04 04:32:48
23.251.142.181	attackbots	Oct 3 04:09:44 web1 sshd\[700\]: Invalid user nrpe from 23.251.142.181 Oct 3 04:09:44 web1 sshd\[700\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=23.251.142.181 Oct 3 04:09:45 web1 sshd\[700\]: Failed password for invalid user nrpe from 23.251.142.181 port 50787 ssh2 Oct 3 04:13:41 web1 sshd\[1118\]: Invalid user user3 from 23.251.142.181 Oct 3 04:13:41 web1 sshd\[1118\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=23.251.142.181	2019-10-04 04:18:53
109.116.196.174	attackbots	2019-10-03T16:03:51.219276lon01.zurich-datacenter.net sshd\[6972\]: Invalid user oracle from 109.116.196.174 port 60316 2019-10-03T16:03:51.227769lon01.zurich-datacenter.net sshd\[6972\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=109.116.196.174 2019-10-03T16:03:53.590626lon01.zurich-datacenter.net sshd\[6972\]: Failed password for invalid user oracle from 109.116.196.174 port 60316 ssh2 2019-10-03T16:08:40.386831lon01.zurich-datacenter.net sshd\[7055\]: Invalid user abascal from 109.116.196.174 port 45390 2019-10-03T16:08:40.393009lon01.zurich-datacenter.net sshd\[7055\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=109.116.196.174 ...	2019-10-04 04:28:31
152.136.225.47	attackspambots	Oct 3 17:40:10 tux-35-217 sshd\[27767\]: Invalid user ftpuser from 152.136.225.47 port 50794 Oct 3 17:40:10 tux-35-217 sshd\[27767\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=152.136.225.47 Oct 3 17:40:12 tux-35-217 sshd\[27767\]: Failed password for invalid user ftpuser from 152.136.225.47 port 50794 ssh2 Oct 3 17:46:50 tux-35-217 sshd\[27810\]: Invalid user ubnt from 152.136.225.47 port 34490 Oct 3 17:46:50 tux-35-217 sshd\[27810\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=152.136.225.47 ...	2019-10-04 04:29:29
92.118.160.5	attackspambots	Automatic report - Banned IP Access	2019-10-04 04:28:52
171.231.242.215	attack	Attempt to attack host OS, exploiting network vulnerabilities, on 03-10-2019 13:20:24.	2019-10-04 04:45:03

Recently Reported IPs

153.3.139.224	86.120.209.52	195.207.82.173	188.104.21.128
168.235.96.82	13.155.61.2	54.65.46.179	83.135.87.72
175.241.58.117	61.141.65.41	187.87.204.202	103.29.102.121
81.197.147.194	57.241.16.190	128.234.75.255	83.14.95.217
103.54.30.94	82.162.61.207	30.115.5.69	130.193.160.23