49.85.85.248 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 49.85.85.248
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 36235
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;49.85.85.248.			IN	A

;; AUTHORITY SECTION:
.			476	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022061500 1800 900 604800 86400

;; Query time: 22 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Jun 15 16:42:59 CST 2022
;; MSG SIZE  rcvd: 105

Host info

Host 248.85.85.49.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 248.85.85.49.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
193.112.23.7	attackspam	Sep 28 19:58:02 mcpierre2 sshd\[9564\]: Invalid user gpadmin from 193.112.23.7 port 52224 Sep 28 19:58:02 mcpierre2 sshd\[9564\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=193.112.23.7 Sep 28 19:58:04 mcpierre2 sshd\[9564\]: Failed password for invalid user gpadmin from 193.112.23.7 port 52224 ssh2 ...	2020-09-29 03:47:27
173.208.130.202	attackspam	20 attempts against mh-misbehave-ban on ice	2020-09-29 04:07:20
206.189.188.218	attackspambots	Fail2Ban Ban Triggered	2020-09-29 03:55:12
192.241.237.249	attack	Port Scan ...	2020-09-29 04:04:47
189.207.242.90	attackbotsspam	Bruteforce detected by fail2ban	2020-09-29 03:50:58
185.147.212.13	attackbotsspam	[2020-09-28 14:27:31] NOTICE[1159] chan_sip.c: Registration from '' failed for '185.147.212.13:58388' - Wrong password [2020-09-28 14:27:31] SECURITY[1198] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2020-09-28T14:27:31.273-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="71",SessionID="0x7fcaa02091e8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/185.147.212.13/58388",Challenge="230eb8fd",ReceivedChallenge="230eb8fd",ReceivedHash="b35ce1336a4afb6e169a9e4738e18fc5" [2020-09-28 14:31:16] NOTICE[1159] chan_sip.c: Registration from '' failed for '185.147.212.13:53995' - Wrong password [2020-09-28 14:31:16] SECURITY[1198] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2020-09-28T14:31:16.295-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="121",SessionID="0x7fcaa0092e98",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/185.147.212.13/5 ...	2020-09-29 03:35:58
115.165.211.139	attackspambots	firewall-block, port(s): 23/tcp	2020-09-29 04:14:28
148.72.42.181	attack	148.72.42.181 - - [28/Sep/2020:16:56:53 +0100] "POST /wp-login.php HTTP/1.1" 200 1861 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 148.72.42.181 - - [28/Sep/2020:16:56:55 +0100] "POST /wp-login.php HTTP/1.1" 200 1839 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 148.72.42.181 - - [28/Sep/2020:16:57:03 +0100] "POST /wp-login.php HTTP/1.1" 200 1845 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-09-29 04:00:55
178.63.23.84	attackspambots	178.63.23.84 - - [28/Sep/2020:10:26:53 +0200] "GET /wp-login.php HTTP/1.1" 200 8796 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 178.63.23.84 - - [28/Sep/2020:10:26:53 +0200] "POST /wp-login.php HTTP/1.1" 200 9047 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 178.63.23.84 - - [28/Sep/2020:10:26:54 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-09-29 03:37:49
111.93.58.18	attack	Time: Sat Sep 26 11:31:25 2020 +0000 IP: 111.93.58.18 (IN/India/static-18.58.93.111-tataidc.co.in) Failures: 5 (sshd) Interval: 3600 seconds Blocked: Permanent Block [LF_SSHD] Log entries: Sep 26 11:20:58 activeserver sshd[29402]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.93.58.18 user=root Sep 26 11:21:00 activeserver sshd[29402]: Failed password for root from 111.93.58.18 port 48450 ssh2 Sep 26 11:28:53 activeserver sshd[10930]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.93.58.18 user=root Sep 26 11:28:55 activeserver sshd[10930]: Failed password for root from 111.93.58.18 port 57032 ssh2 Sep 26 11:31:20 activeserver sshd[14846]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.93.58.18 user=root	2020-09-29 03:52:56
106.52.181.236	attackspam	Invalid user installer from 106.52.181.236 port 31735	2020-09-29 04:15:49
46.32.122.3	attackspam	uvcm 46.32.122.3 [28/Sep/2020:03:48:37 "-" "POST /wp-login.php 500 414 46.32.122.3 [28/Sep/2020:03:48:38 "-" "GET /wp-login.php 500 414 46.32.122.3 [28/Sep/2020:03:48:39 "-" "POST /wp-login.php 500 414	2020-09-29 03:42:52
212.104.71.15	attackbots	TCP (SYN) 212.104.71.15:53684 -> port 445, len 52	2020-09-29 03:53:22
192.241.237.172	attackspambots	srv.marc-hoffrichter.de:443 192.241.237.172 - - [28/Sep/2020:17:56:18 +0200] "GET /owa/auth/logon.aspx?url=https%3a%2f%2f1%2fecp%2f HTTP/1.1" 403 4818 "-" "Mozilla/5.0 zgrab/0.x"	2020-09-29 03:56:05
182.74.179.66	attack	TCP (SYN) 182.74.179.66:45580 -> port 445, len 44	2020-09-29 04:08:21

Recently Reported IPs

49.85.75.208	49.85.84.228	49.85.85.135	45.57.204.20
49.85.188.41	45.57.211.2	49.85.99.167	45.57.225.137
45.57.225.168	45.57.225.222	29.19.251.254	49.85.179.63
49.85.179.170	49.85.179.212	49.85.179.232	49.85.188.25
49.85.188.153	49.85.189.7	49.85.189.87	49.85.189.122