49.85.7.38 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
49.85.75.105	spamattack	[2020/02/17 01:47:45] [49.85.75.105:2105-0] User leslie@luxnetcorp.com.tw AUTH fails. [2020/02/17 01:47:46] [49.85.75.105:2099-0] User leslie@luxnetcorp.com.tw AUTH fails. [2020/02/17 01:47:46] [49.85.75.105:2102-0] User leslie@luxnetcorp.com.tw AUTH fails. [2020/02/17 01:47:47] [49.85.75.105:2100-0] User leslie@luxnetcorp.com.tw AUTH fails. [2020/02/17 01:47:48] [49.85.75.105:2097-0] User leslie@luxnetcorp.com.tw AUTH fails. [2020/02/17 01:47:49] [49.85.75.105:2099-0] User leslie@luxnetcorp.com.tw AUTH fails. [2020/02/17 01:47:53] [49.85.75.105:2102-0] User leslie@luxnetcorp.com.tw AUTH fails. [2020/02/17 01:47:54] [49.85.75.105:2101-0] User leslie@luxnetcorp.com.tw AUTH fails. [2020/02/17 01:47:55] [49.85.75.105:2100-0] User leslie@luxnetcorp.com.tw AUTH fails. [2020/02/17 01:48:16] [49.85.75.105:2105-0] User leslie@luxnetcorp.com.tw AUTH fails. [2020/02/17 01:48:38] [49.85.75.105:2105-0] User leslie@luxnetcorp.com.tw AUTH fails.	2020-02-17 09:10:19
49.85.70.8	attackbotsspam	Telnet/23 MH Probe, BF, Hack -	2020-02-10 19:05:11
49.85.79.18	attackbots	Automatic report - Port Scan Attack	2019-07-14 12:42:03

Type

Details

Datetime

49.85.75.105

spamattack

[2020/02/17 01:47:45] [49.85.75.105:2105-0] User leslie@luxnetcorp.com.tw AUTH fails.
[2020/02/17 01:47:46] [49.85.75.105:2099-0] User leslie@luxnetcorp.com.tw AUTH fails.
[2020/02/17 01:47:46] [49.85.75.105:2102-0] User leslie@luxnetcorp.com.tw AUTH fails.
[2020/02/17 01:47:47] [49.85.75.105:2100-0] User leslie@luxnetcorp.com.tw AUTH fails.
[2020/02/17 01:47:48] [49.85.75.105:2097-0] User leslie@luxnetcorp.com.tw AUTH fails.
[2020/02/17 01:47:49] [49.85.75.105:2099-0] User leslie@luxnetcorp.com.tw AUTH fails.
[2020/02/17 01:47:53] [49.85.75.105:2102-0] User leslie@luxnetcorp.com.tw AUTH fails.
[2020/02/17 01:47:54] [49.85.75.105:2101-0] User leslie@luxnetcorp.com.tw AUTH fails.
[2020/02/17 01:47:55] [49.85.75.105:2100-0] User leslie@luxnetcorp.com.tw AUTH fails.
[2020/02/17 01:48:16] [49.85.75.105:2105-0] User leslie@luxnetcorp.com.tw AUTH fails.
[2020/02/17 01:48:38] [49.85.75.105:2105-0] User leslie@luxnetcorp.com.tw AUTH fails.

2020-02-17 09:10:19

49.85.70.8

attackbotsspam

Telnet/23 MH Probe, BF, Hack -

2020-02-10 19:05:11

49.85.79.18

attackbots

Automatic report - Port Scan Attack

2019-07-14 12:42:03

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 49.85.7.38
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 5675
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;49.85.7.38.			IN	A

;; AUTHORITY SECTION:
.			475	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022061500 1800 900 604800 86400

;; Query time: 18 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Jun 15 16:00:04 CST 2022
;; MSG SIZE  rcvd: 103

Host info

Host 38.7.85.49.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 38.7.85.49.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
87.246.7.26	attack	Aug 6 07:54:36 andromeda postfix/smtpd\[39046\]: warning: unknown\[87.246.7.26\]: SASL LOGIN authentication failed: authentication failure Aug 6 07:54:48 andromeda postfix/smtpd\[39046\]: warning: unknown\[87.246.7.26\]: SASL LOGIN authentication failed: authentication failure Aug 6 07:54:59 andromeda postfix/smtpd\[33738\]: warning: unknown\[87.246.7.26\]: SASL LOGIN authentication failed: authentication failure Aug 6 07:55:10 andromeda postfix/smtpd\[39046\]: warning: unknown\[87.246.7.26\]: SASL LOGIN authentication failed: authentication failure Aug 6 07:55:22 andromeda postfix/smtpd\[33738\]: warning: unknown\[87.246.7.26\]: SASL LOGIN authentication failed: authentication failure	2020-08-06 14:43:51
123.20.132.180	attack	Host Scan	2020-08-06 14:05:28
59.124.6.166	attackbotsspam	Aug 6 05:52:00 rush sshd[22971]: Failed password for root from 59.124.6.166 port 53067 ssh2 Aug 6 05:54:48 rush sshd[23029]: Failed password for root from 59.124.6.166 port 45442 ssh2 ...	2020-08-06 14:11:59
106.53.94.190	attack	Aug 6 07:24:23 sshd\[26811\]: User root from 106.53.94.190 not allowed because not listed in AllowUsersAug 6 07:24:25 sshd\[26811\]: Failed password for invalid user root from 106.53.94.190 port 60152 ssh2 ...	2020-08-06 14:20:48
52.205.190.221	attack	Host Scan	2020-08-06 14:28:35
222.186.31.166	attackspambots	detected by Fail2Ban	2020-08-06 14:02:52
109.70.100.28	attackbots	Fail2Ban Ban Triggered	2020-08-06 14:48:38
61.94.102.129	attackspam	Port Scan ...	2020-08-06 14:40:48
222.186.173.226	attackbots	2020-08-06T09:13:45.046879afi-git.jinr.ru sshd[9927]: Failed password for root from 222.186.173.226 port 19291 ssh2 2020-08-06T09:13:48.539431afi-git.jinr.ru sshd[9927]: Failed password for root from 222.186.173.226 port 19291 ssh2 2020-08-06T09:13:51.107770afi-git.jinr.ru sshd[9927]: Failed password for root from 222.186.173.226 port 19291 ssh2 2020-08-06T09:13:51.107892afi-git.jinr.ru sshd[9927]: error: maximum authentication attempts exceeded for root from 222.186.173.226 port 19291 ssh2 [preauth] 2020-08-06T09:13:51.107905afi-git.jinr.ru sshd[9927]: Disconnecting: Too many authentication failures [preauth] ...	2020-08-06 14:28:08
106.53.127.49	attack	Aug 5 19:17:55 hanapaa sshd\[24761\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.53.127.49 user=root Aug 5 19:17:57 hanapaa sshd\[24761\]: Failed password for root from 106.53.127.49 port 43392 ssh2 Aug 5 19:21:09 hanapaa sshd\[24960\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.53.127.49 user=root Aug 5 19:21:11 hanapaa sshd\[24960\]: Failed password for root from 106.53.127.49 port 49484 ssh2 Aug 5 19:24:27 hanapaa sshd\[25143\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.53.127.49 user=root	2020-08-06 14:08:52
45.248.156.101	attackspambots	Unauthorised access (Aug 6) SRC=45.248.156.101 LEN=52 TTL=110 ID=32420 DF TCP DPT=445 WINDOW=8192 SYN	2020-08-06 14:46:17
69.250.156.161	attack	2020-08-06T01:14:40.9246541495-001 sshd[12577]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=c-69-250-156-161.hsd1.md.comcast.net user=root 2020-08-06T01:14:43.0413721495-001 sshd[12577]: Failed password for root from 69.250.156.161 port 55936 ssh2 2020-08-06T01:27:47.0985631495-001 sshd[13300]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=c-69-250-156-161.hsd1.md.comcast.net user=root 2020-08-06T01:27:48.9241061495-001 sshd[13300]: Failed password for root from 69.250.156.161 port 39732 ssh2 2020-08-06T01:41:11.8434321495-001 sshd[13837]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=c-69-250-156-161.hsd1.md.comcast.net user=root 2020-08-06T01:41:13.7144371495-001 sshd[13837]: Failed password for root from 69.250.156.161 port 51772 ssh2 ...	2020-08-06 14:35:46
222.92.139.158	attack	Aug 6 07:15:08 server sshd[11671]: Failed password for root from 222.92.139.158 port 44406 ssh2 Aug 6 07:19:49 server sshd[18354]: Failed password for root from 222.92.139.158 port 40722 ssh2 Aug 6 07:24:26 server sshd[24868]: Failed password for root from 222.92.139.158 port 37068 ssh2	2020-08-06 14:19:39
59.126.194.91	attackspambots	Port probing on unauthorized port 23	2020-08-06 14:24:03
91.121.143.108	attackbots	Automatic report - Banned IP Access	2020-08-06 14:29:29

Recently Reported IPs

49.85.5.100	189.113.186.129	45.189.116.21	23.236.227.65
45.248.41.99	45.249.103.116	45.247.127.107	45.251.231.78
45.242.198.41	78.39.136.5	49.85.2.14	49.85.5.210
49.85.7.128	49.85.2.127	49.85.4.63	49.85.30.52
49.85.48.30	49.85.48.89	49.83.16.201	49.81.125.130