Go
112.85.42.194
is a
Hacker
100 %
China
Report Abuse
1028attacks reported
757Brute-ForceSSH
204
19SSH
18Brute-Force
12uncategorized
4Brute-ForceSSHPort Scan
4Port ScanBrute-ForceSSH
3Port ScanSSH
2Bad Web Bot
1Brute-ForceSSHPhishingWeb SpamBlog SpamHackingBad Web BotWeb App Attack
...
1reputation reported
1uncategorized
from 62 distinct reporters
and 7 distinct sources : BadIPs.com, Blocklist.de, FireHOL, Charles Haley, NormShield.com, darklist.de, AbuseIPDB
112.85.42.194 was first signaled at 2018-06-18 00:42 and last record was at 2019-07-22 16:47.
IP

112.85.42.194

Organization
CHINA UNICOM China169 Backbone
Localisation
China
Jiangsu, Wuhan
NetRange : First & Last IP
112.85.13.0 - 112.85.13.255
Network CIDR
112.85.13.0/24

Cybercrime IP Feeds

Date UTC Category Sub Categories Source List Source Logs
2019-07-22 16:47 attacks Brute-ForceSSH AbuseIPDB Jul 23 03:45:37 legacy sshd[11876]: Failed password for root from 112.85.42.194 port 57582 ssh2 Jul 23 03:46:23 legacy sshd[11889]: Failed password fo
2019-07-22 16:25 attacks Brute-ForceSSH AbuseIPDB Jul 23 03:20:57 legacy sshd[10729]: Failed password for root from 112.85.42.194 port 56230 ssh2 Jul 23 03:23:53 legacy sshd[10779]: Failed password fo
2019-07-22 16:09 attacks Brute-ForceSSH AbuseIPDB Jul 23 03:02:02 legacy sshd[10338]: Failed password for root from 112.85.42.194 port 45555 ssh2 Jul 23 03:05:52 legacy sshd[10412]: Failed password fo
2019-07-22 15:51 attacks Brute-ForceSSH AbuseIPDB Jul 23 02:45:20 legacy sshd[10022]: Failed password for root from 112.85.42.194 port 30539 ssh2 Jul 23 02:46:03 legacy sshd[10035]: Failed password fo
2019-07-22 15:11 attacks Brute-ForceSSH AbuseIPDB Jul 23 02:09:08 legacy sshd[9313]: Failed password for root from 112.85.42.194 port 28183 ssh2 Jul 23 02:10:38 legacy sshd[9338]: Failed password for
2019-07-22 14:43 attacks Brute-ForceSSH AbuseIPDB Jul 23 01:39:09 legacy sshd[8761]: Failed password for root from 112.85.42.194 port 12764 ssh2 Jul 23 01:42:11 legacy sshd[8813]: Failed password for
2019-07-22 14:27 attacks Brute-ForceSSH AbuseIPDB Jul 23 01:23:25 legacy sshd[8477]: Failed password for root from 112.85.42.194 port 50636 ssh2 Jul 23 01:25:39 legacy sshd[8518]: Failed password for
2019-07-22 14:11 attacks Brute-ForceSSH AbuseIPDB Jul 23 01:09:08 legacy sshd[8177]: Failed password for root from 112.85.42.194 port 37063 ssh2 Jul 23 01:10:37 legacy sshd[8208]: Failed password for
2019-07-22 13:45 attacks Brute-ForceSSH AbuseIPDB Jul 23 00:41:28 legacy sshd[7660]: Failed password for root from 112.85.42.194 port 59134 ssh2 Jul 23 00:44:31 legacy sshd[7709]: Failed password for
2019-07-22 13:18 attacks Brute-ForceSSH AbuseIPDB Jul 23 00:13:29 legacy sshd[7140]: Failed password for root from 112.85.42.194 port 18175 ssh2 Jul 23 00:16:31 legacy sshd[7197]: Failed password for
2019-07-22 13:02 attacks Brute-ForceSSH AbuseIPDB Jul 22 23:59:05 legacy sshd[6847]: Failed password for root from 112.85.42.194 port 48385 ssh2 Jul 23 00:01:22 legacy sshd[6895]: Failed password for
2019-07-22 12:34 attacks Brute-ForceSSH AbuseIPDB Jul 22 23:31:39 legacy sshd[6314]: Failed password for root from 112.85.42.194 port 56390 ssh2 Jul 22 23:32:29 legacy sshd[6326]: Failed password for
2019-07-22 12:07 attacks Brute-ForceSSH AbuseIPDB Jul 22 23:05:37 legacy sshd[5759]: Failed password for root from 112.85.42.194 port 47328 ssh2 Jul 22 23:06:27 legacy sshd[5777]: Failed password for
2019-07-22 11:41 attacks Brute-ForceSSH AbuseIPDB Jul 22 22:40:56 legacy sshd[5260]: Failed password for root from 112.85.42.194 port 35822 ssh2 Jul 22 22:40:58 legacy sshd[5260]: Failed password for
2019-07-22 11:16 attacks Brute-ForceSSH AbuseIPDB Jul 22 22:14:51 legacy sshd[4749]: Failed password for root from 112.85.42.194 port 26352 ssh2 Jul 22 22:15:42 legacy sshd[4778]: Failed password for
2019-07-22 10:50 attacks Brute-ForceSSH AbuseIPDB Jul 22 21:48:52 legacy sshd[4231]: Failed password for root from 112.85.42.194 port 12076 ssh2 Jul 22 21:49:40 legacy sshd[4244]: Failed password for
2019-07-22 10:25 attacks Brute-ForceSSH AbuseIPDB Jul 22 21:19:57 legacy sshd[3668]: Failed password for root from 112.85.42.194 port 44511 ssh2 Jul 22 21:22:10 legacy sshd[3704]: Failed password for
2019-07-22 09:55 attacks Brute-ForceSSH AbuseIPDB Jul 22 20:51:14 legacy sshd[3121]: Failed password for root from 112.85.42.194 port 55181 ssh2 Jul 22 20:52:47 legacy sshd[3154]: Failed password for
2019-07-22 09:39 attacks Brute-ForceSSH AbuseIPDB Jul 22 20:36:02 legacy sshd[2796]: Failed password for root from 112.85.42.194 port 13720 ssh2 Jul 22 20:36:50 legacy sshd[2818]: Failed password for
2019-07-22 09:10 attacks Brute-ForceSSH AbuseIPDB Jul 22 20:05:37 legacy sshd[2147]: Failed password for root from 112.85.42.194 port 25941 ssh2 Jul 22 20:09:29 legacy sshd[2212]: Failed password for
2019-07-22 08:51 attacks Brute-ForceSSH AbuseIPDB Jul 22 19:48:07 legacy sshd[1742]: Failed password for root from 112.85.42.194 port 18594 ssh2 Jul 22 19:49:40 legacy sshd[1778]: Failed password for
2019-07-22 08:22 attacks Brute-ForceSSH AbuseIPDB Jul 22 19:18:12 legacy sshd[1090]: Failed password for root from 112.85.42.194 port 19696 ssh2 Jul 22 19:21:15 legacy sshd[1171]: Failed password for
2019-07-22 08:07 attacks Brute-ForceSSH AbuseIPDB Jul 22 19:01:07 legacy sshd[740]: Failed password for root from 112.85.42.194 port 13269 ssh2 Jul 22 19:06:37 legacy sshd[844]: Failed password for ro
2019-07-22 07:49 attacks Brute-ForceSSH AbuseIPDB Jul 22 18:41:00 legacy sshd[338]: Failed password for root from 112.85.42.194 port 40650 ssh2 Jul 22 18:42:34 legacy sshd[365]: Failed password for ro
2019-07-22 07:31 attacks Brute-ForceSSH AbuseIPDB Jul 22 18:27:54 legacy sshd[32559]: Failed password for root from 112.85.42.194 port 46163 ssh2 Jul 22 18:28:46 legacy sshd[32574]: Failed password fo
2019-07-22 07:03 attacks Brute-ForceSSH AbuseIPDB Jul 22 18:01:27 legacy sshd[32029]: Failed password for root from 112.85.42.194 port 64218 ssh2 Jul 22 18:02:21 legacy sshd[32043]: Failed password fo
2019-07-22 06:38 attacks Brute-ForceSSH AbuseIPDB Jul 22 17:36:05 legacy sshd[31536]: Failed password for root from 112.85.42.194 port 31452 ssh2 Jul 22 17:37:18 legacy sshd[31570]: Failed password fo
2019-07-22 06:36 attacks Brute-ForceSSH AbuseIPDB Jul 22 22:35:53 itv-usvr-01 sshd[18608]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.194 user=ro
2019-07-22 06:08 attacks Brute-ForceSSH AbuseIPDB Jul 22 17:00:15 legacy sshd[30884]: Failed password for root from 112.85.42.194 port 63457 ssh2 Jul 22 17:06:30 legacy sshd[31008]: Failed password fo
2019-07-22 05:30 attacks Brute-ForceSSH AbuseIPDB Jul 22 16:25:18 legacy sshd[30229]: Failed password for root from 112.85.42.194 port 25121 ssh2 Jul 22 16:28:39 legacy sshd[30297]: Failed password fo
2019-07-22 05:13 attacks Brute-ForceSSH AbuseIPDB Jul 22 16:11:21 legacy sshd[29960]: Failed password for root from 112.85.42.194 port 44353 ssh2 Jul 22 16:13:04 legacy sshd[29999]: Failed password fo
2019-07-22 05:11 attacks SSH AbuseIPDB  
2019-07-22 04:50 attacks Brute-ForceSSH AbuseIPDB Jul 22 15:46:02 legacy sshd[29444]: Failed password for root from 112.85.42.194 port 25818 ssh2 Jul 22 15:47:46 legacy sshd[29487]: Failed password fo
2019-07-22 04:31 attacks Brute-ForceSSH AbuseIPDB Jul 22 15:22:51 legacy sshd[28948]: Failed password for root from 112.85.42.194 port 11741 ssh2 Jul 22 15:26:03 legacy sshd[29003]: Failed password fo
2019-07-22 03:57 attacks Brute-ForceSSH AbuseIPDB Jul 22 14:50:42 legacy sshd[28240]: Failed password for root from 112.85.42.194 port 19194 ssh2 Jul 22 14:53:05 legacy sshd[28290]: Failed password fo
2019-07-22 03:24 attacks Brute-ForceSSH AbuseIPDB Jul 22 14:17:08 legacy sshd[27513]: Failed password for root from 112.85.42.194 port 37886 ssh2 Jul 22 14:21:42 legacy sshd[27615]: Failed password fo
2019-07-20 21:32 attacks Brute-ForceSSH AbuseIPDB Jul 21 07:32:29 localhost sshd\[29762\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.194 user
2019-07-20 21:28 attacks Brute-ForceSSH AbuseIPDB Jul 21 08:28:02 dcd-gentoo sshd[28113]: User root from 112.85.42.194 not allowed because none of user's groups are listed in AllowGroups Jul 21 0
2019-07-20 21:12 attacks Brute-ForceSSH AbuseIPDB Jul 21 08:12:11 dcd-gentoo sshd[27675]: User root from 112.85.42.194 not allowed because none of user's groups are listed in AllowGroups Jul 21 0
2019-07-20 21:00 attacks Brute-ForceSSH AbuseIPDB Jul 21 06:59:18 localhost sshd\[27295\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.194 user
2019-07-20 20:56 attacks Brute-ForceSSH AbuseIPDB Jul 21 07:56:44 dcd-gentoo sshd[27121]: User root from 112.85.42.194 not allowed because none of user's groups are listed in AllowGroups Jul 21 0
2019-07-20 20:42 attacks Brute-ForceSSH AbuseIPDB Jul 21 06:42:15 localhost sshd\[26011\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.194 user
2019-07-20 20:41 attacks Brute-ForceSSH AbuseIPDB Jul 21 07:41:12 dcd-gentoo sshd[26666]: User root from 112.85.42.194 not allowed because none of user's groups are listed in AllowGroups Jul 21 0
2019-07-20 20:26 attacks Brute-ForceSSH AbuseIPDB Jul 20 23:25:07 home sshd[480]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.194 user=root Jul 20
2019-07-20 20:25 attacks Brute-ForceSSH AbuseIPDB Jul 21 06:25:43 localhost sshd\[24689\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.194 user
2019-07-20 20:25 attacks Brute-ForceSSH AbuseIPDB Jul 21 07:25:32 dcd-gentoo sshd[26195]: User root from 112.85.42.194 not allowed because none of user's groups are listed in AllowGroups Jul 21 0
2019-07-20 20:03 attacks Brute-ForceSSH AbuseIPDB Jul 21 06:58:07 legacy sshd[13466]: Failed password for root from 112.85.42.194 port 28314 ssh2 Jul 21 07:01:00 legacy sshd[13539]: Failed password fo
2019-07-20 19:33 attacks Brute-ForceSSH AbuseIPDB Jul 21 06:27:35 legacy sshd[12629]: Failed password for root from 112.85.42.194 port 48859 ssh2 Jul 21 06:29:20 legacy sshd[12669]: Failed password fo
2019-07-20 19:06 attacks Brute-ForceSSH AbuseIPDB Jul 21 06:01:45 legacy sshd[11749]: Failed password for root from 112.85.42.194 port 27752 ssh2 Jul 21 06:03:31 legacy sshd[11805]: Failed password fo
2019-07-20 18:48 attacks Brute-ForceSSH AbuseIPDB Jul 21 05:43:17 legacy sshd[11271]: Failed password for root from 112.85.42.194 port 23122 ssh2 Jul 21 05:46:00 legacy sshd[11387]: Failed password fo
2018-06-18 00:42 attacks SSH AbuseIPDB ssh intrusion attempt
2018-06-18 01:21 attacks Brute-Force AbuseIPDB Jun 18 12:21:38 fr1 sshd\[14815\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.194 user=root
2018-06-18 01:31 attacks Brute-Force AbuseIPDB Jun 18 12:31:43 fr1 sshd\[15300\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.194 user=root
2018-06-18 03:22 attacks Brute-ForceSSH AbuseIPDB Jun 18 13:22:14 marquez sshd[8616]: Failed password for root from 112.85.42.194 port 27921 ssh2 Jun 18 13:22:18 marquez sshd[8616]: Failed password fo
2018-06-18 06:23 attacks Brute-ForceSSH AbuseIPDB Jun 18 15:23:03 *** sshd[10553]: User root from 112.85.42.194 not allowed because not listed in AllowUsers
2018-06-18 07:32 attacks Brute-ForceSSH AbuseIPDB SSH bruteforce reported by fail2ban
2018-06-18 09:46 attacks Brute-ForceSSH AbuseIPDB Jun 18 21:45:44 isp-ru sshd\[20068\]: Failed password for root from 112.85.42.194 port 62172 ssh2Jun 18 21:45:47 isp-ru sshd\[20068\]: Failed password
2018-06-18 16:00 attacks Brute-ForceSSH AbuseIPDB Jun 19 03:00:13 ns37 sshd[25565]: Failed password for root from 112.85.42.194 port 56316 ssh2 Jun 19 03:00:15 ns37 sshd[25565]: Failed password for ro
2018-06-18 16:00 attacks Brute-ForceSSH AbuseIPDB Jun 19 03:00:21 lnxmail61 sshd[5465]: Failed password for root from 112.85.42.194 port 38688 ssh2 Jun 19 03:00:24 lnxmail61 sshd[5465]: Failed passwor
2018-06-18 16:38 attacks Brute-ForceSSH AbuseIPDB Jun 19 01:38:52 *** sshd[13030]: User root from 112.85.42.194 not allowed because not listed in AllowUsers
2019-03-29 18:18 reputation alienvault_reputation  
2019-03-29 18:18 attacks bi_any_0_1d BadIPs.com  
2019-03-29 18:19 attacks bi_any_1_7d BadIPs.com  
2019-03-29 18:19 attacks bi_any_2_1d BadIPs.com  
2019-03-29 18:19 attacks bi_any_2_30d BadIPs.com  
2019-03-29 18:19 attacks bi_any_2_7d BadIPs.com  
2019-03-29 18:19 attacks bi_default_2_30d BadIPs.com  
2019-03-29 18:20 attacks SSH bi_sshd_2_30d BadIPs.com  
2019-03-29 18:20 attacks SSH bi_ssh_0_1d BadIPs.com  
2019-03-29 18:20 attacks SSH bi_ssh_1_7d BadIPs.com  
2019-03-29 18:20 attacks SSH bi_ssh_2_30d BadIPs.com  
2019-03-29 18:20 attacks bi_unknown_2_30d BadIPs.com  
2019-03-29 18:21 attacks blocklist_de Blocklist.de  
2019-03-29 18:21 attacks SSH blocklist_de_ssh Blocklist.de  
2019-03-29 18:21 attacks blocklist_de_strongips Blocklist.de  
2019-03-29 18:27 attacks firehol_level2 FireHOL  
2019-03-29 18:34 attacks SSH haley_ssh Charles Haley  
2019-05-28 23:19 attacks Bad Web Bot bi_badbots_1_7d BadIPs.com  
2019-05-28 23:19 attacks Brute-Force bi_bruteforce_1_7d BadIPs.com  
2019-05-28 23:19 attacks SSH bi_ssh-ddos_0_1d BadIPs.com  
2019-05-28 23:19 attacks SSH bi_sshd_0_1d BadIPs.com  
2019-05-28 23:19 attacks SSH bi_sshd_1_7d BadIPs.com  
2019-05-30 09:30 attacks Fraud VoIP blocklist_de_sip Blocklist.de  
2019-06-06 19:10 attacks Bad Web Bot bi_badbots_0_1d BadIPs.com  
2019-06-06 19:10 attacks Brute-Force bi_bruteforce_0_1d BadIPs.com  
2019-06-24 02:39 attacks Brute-Force normshield_all_bruteforce NormShield.com  
2019-06-24 02:39 attacks Brute-Force normshield_high_bruteforce NormShield.com  
2019-03-29 18:23 attacks darklist_de darklist.de  
2019-03-29 18:27 attacks firehol_level4 FireHOL  
only last 50 and first 10 AbuseIPDB logs are shown

Threats Categories :

abuse
IPs used to spam forum, boards, blogs or smtp servers, automated web scripts or scrappers (bad bots)
anonymizer
Onion Router IP addresses. TOR network IPs, TOR exit points, socks or ssl proxy.
attacks
bruteforce ssh/ftp/system account, IPs that have been detected by fail2ban, ports scan, vulnerabilities scan, DDoS.
malware
Addresses that have been identified distributing malware, form-grabber and stealer, Viruses, Worms, Trojans, Ransomware, Adware, Spyware

Whois

inetnum: 112.85.13.0 - 112.85.13.255
netname: JIANGSUGROUP
country: CN
descr: JIANGSU GROUP CO.,NANJING,JIANGSU PROVINCE
admin-c: LL58-AP
tech-c: LL58-AP
status: ASSIGNED NON-PORTABLE
mnt-by: MAINT-CNCGROUP-JS
last-modified: 2010-10-26T00:44:02Z
source: APNIC

person: Lan Li
nic-hdl: LL58-AP
e-mail: js-cu-ipmanage@chinaunicom.cn
address: No. 65 Beijing West Road,Nanjing,China
phone: +86257900060
fax-no: +86252900280
country: CN
mnt-by: MAINT-NEW
last-modified: 2013-08-15T02:13:11Z
source: APNIC

route: 112.80.0.0/13
descr: China Unicom CHINA169 Jiangsu Province Network
country: CN
origin: AS4837
mnt-by: MAINT-CNCGROUP-RR
last-modified: 2008-12-31T01:00:07Z
source: APNIC
most specific ip range is highlighted
Updated : 2019-07-11