49.85.87.149 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: ChinaNet Jiangsu Province Network

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Automatic report - Port Scan	2019-11-01 15:09:48

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 49.85.87.149
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 50293
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;49.85.87.149.			IN	A

;; AUTHORITY SECTION:
.			558	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019110100 1800 900 604800 86400

;; Query time: 137 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Nov 01 15:09:45 CST 2019
;; MSG SIZE  rcvd: 116

Host info

Host 149.87.85.49.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 149.87.85.49.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
202.159.24.35	attackbots	$f2bV_matches	2020-10-10 18:53:29
159.65.91.105	attackspam	SSH login attempts.	2020-10-10 18:51:01
190.248.68.59	attack	Unauthorized connection attempt from IP address 190.248.68.59 on Port 445(SMB)	2020-10-10 19:07:54
191.193.171.13	attackspam	Unauthorized connection attempt detected from IP address 191.193.171.13 to port 23	2020-10-10 19:06:16
142.93.212.213	attack	[N10.H2.VM2] Port Scanner Detected Blocked by UFW	2020-10-10 19:16:45
35.246.214.111	attack	www.goldgier.de 35.246.214.111 [10/Oct/2020:10:31:49 +0200] "POST /wp-login.php HTTP/1.1" 200 8762 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" www.goldgier.de 35.246.214.111 [10/Oct/2020:10:31:49 +0200] "POST /wp-login.php HTTP/1.1" 200 8762 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-10-10 19:27:17
120.31.131.172	attack	Oct 10 04:20:18 rush sshd[24662]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.31.131.172 Oct 10 04:20:19 rush sshd[24662]: Failed password for invalid user test3 from 120.31.131.172 port 47824 ssh2 Oct 10 04:28:05 rush sshd[25076]: Failed password for root from 120.31.131.172 port 37006 ssh2 ...	2020-10-10 18:56:24
191.235.105.16	attackspam	2020-10-10 10:11:54 dovecot_login authenticator failed for $ADMIN$ \[191.235.105.16\]: 535 Incorrect authentication data $set_id=support@opso.it$ 2020-10-10 10:13:39 dovecot_login authenticator failed for $ADMIN$ \[191.235.105.16\]: 535 Incorrect authentication data $set_id=support@opso.it$ 2020-10-10 10:15:23 dovecot_login authenticator failed for $ADMIN$ \[191.235.105.16\]: 535 Incorrect authentication data $set_id=support@opso.it$ 2020-10-10 10:17:08 dovecot_login authenticator failed for $ADMIN$ \[191.235.105.16\]: 535 Incorrect authentication data $set_id=support@opso.it$ 2020-10-10 10:18:51 dovecot_login authenticator failed for $ADMIN$ \[191.235.105.16\]: 535 Incorrect authentication data $set_id=support@opso.it$	2020-10-10 19:15:30
193.234.95.137	attack	Oct 7 08:00:50 hidden sshd[5942]: Failed password for invalid user admin from 193.234.95.137 port 33676 ssh2 Oct 8 01:01:45 hidden sshd[21521]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=193.234.95.137 user=root Oct 8 01:01:47 hidden sshd[21521]: Failed password for hidden from 193.234.95.137 port 58064 ssh2	2020-10-10 19:12:07
129.204.152.84	attackspambots	Oct 10 05:18:19 ip-172-31-61-156 sshd[15350]: Failed password for invalid user jetty from 129.204.152.84 port 59958 ssh2 Oct 10 05:18:17 ip-172-31-61-156 sshd[15350]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.204.152.84 Oct 10 05:18:17 ip-172-31-61-156 sshd[15350]: Invalid user jetty from 129.204.152.84 Oct 10 05:18:19 ip-172-31-61-156 sshd[15350]: Failed password for invalid user jetty from 129.204.152.84 port 59958 ssh2 Oct 10 05:31:39 ip-172-31-61-156 sshd[15882]: Invalid user oracle from 129.204.152.84 ...	2020-10-10 19:18:06
193.112.70.95	attack	Brute-force attempt banned	2020-10-10 19:14:06
106.12.193.6	attackbotsspam	repeated SSH login attempts	2020-10-10 19:28:46
85.15.107.161	attackspam	[SYS2] ANY - Unused Port - Port=445 (1x)	2020-10-10 19:10:04
95.105.65.195	attackspam	Unauthorized connection attempt from IP address 95.105.65.195 on Port 445(SMB)	2020-10-10 19:07:21
183.6.100.56	attackspam	Unauthorized connection attempt from IP address 183.6.100.56 on Port 445(SMB)	2020-10-10 19:10:38

Recently Reported IPs

75.21.180.110	170.128.73.96	201.63.177.60	247.34.135.16
158.209.85.152	94.125.61.234	15.117.185.61	110.202.133.83
178.3.20.97	240.29.110.90	191.150.53.20	12.192.92.249
93.104.211.70	199.17.166.69	227.180.245.38	161.138.239.244
121.78.237.126	220.245.108.12	251.233.104.20	168.176.126.55