Go
112.85.42.238
is an
Open Proxy
used by
Hackers
100 %
China
Report Abuse
1010attacks reported
942Brute-ForceSSH
17SSH
15Brute-Force
5FTP Brute-ForceHacking
5uncategorized
4Port Scan
4Port ScanBrute-ForceSSH
3Brute-ForceSSHWeb App Attack
2Brute-ForceSSHPort Scan
2Brute-ForceSSHPort ScanHackingExploited Host
...
1anonymizers reported
1Open ProxyPort ScanSSH
from 52 distinct reporters
and 5 distinct sources : BadIPs.com, Blocklist.de, FireHOL, darklist.de, AbuseIPDB
112.85.42.238 was first signaled at 2019-01-11 00:47 and last record was at 2019-07-23 12:34.
IP

112.85.42.238

Organization
CHINA UNICOM China169 Backbone
Localisation
China
Jiangsu, Wuhan
NetRange : First & Last IP
112.85.13.0 - 112.85.13.255
Network CIDR
112.85.13.0/24

Cybercrime IP Feeds

Date UTC Category Sub Categories Source List Source Logs
2019-07-23 12:34 attacks Brute-ForceSSH AbuseIPDB Jul 23 23:34:24 dcd-gentoo sshd[23408]: User root from 112.85.42.238 not allowed because none of user's groups are listed in AllowGroups Jul 23 2
2019-07-23 12:33 attacks Brute-ForceSSH AbuseIPDB The IP address [112.85.42.238] experienced 5 failed attempts when attempting to log into SSH
2019-07-23 12:18 attacks Brute-ForceSSH AbuseIPDB Jul 23 23:18:50 dcd-gentoo sshd[22595]: User root from 112.85.42.238 not allowed because none of user's groups are listed in AllowGroups Jul 23 2
2019-07-23 12:01 attacks Brute-ForceSSH AbuseIPDB Jul 23 23:01:15 dcd-gentoo sshd[21597]: User root from 112.85.42.238 not allowed because none of user's groups are listed in AllowGroups Jul 23 2
2019-07-23 11:45 attacks Brute-ForceSSH AbuseIPDB Jul 23 22:45:41 dcd-gentoo sshd[20736]: User root from 112.85.42.238 not allowed because none of user's groups are listed in AllowGroups Jul 23 2
2019-07-23 11:30 attacks Brute-ForceSSH AbuseIPDB Jul 23 22:30:22 dcd-gentoo sshd[19969]: User root from 112.85.42.238 not allowed because none of user's groups are listed in AllowGroups Jul 23 2
2019-07-23 11:15 attacks Brute-ForceSSH AbuseIPDB Jul 23 22:14:56 dcd-gentoo sshd[19072]: User root from 112.85.42.238 not allowed because none of user's groups are listed in AllowGroups Jul 23 2
2019-07-23 10:59 attacks Brute-ForceSSH AbuseIPDB Jul 23 21:59:26 dcd-gentoo sshd[18272]: User root from 112.85.42.238 not allowed because none of user's groups are listed in AllowGroups Jul 23 2
2019-07-23 10:43 attacks Brute-ForceSSH AbuseIPDB Jul 23 21:43:33 dcd-gentoo sshd[17444]: User root from 112.85.42.238 not allowed because none of user's groups are listed in AllowGroups Jul 23 2
2019-07-23 10:27 attacks Brute-ForceSSH AbuseIPDB Jul 23 21:27:53 dcd-gentoo sshd[16646]: User root from 112.85.42.238 not allowed because none of user's groups are listed in AllowGroups Jul 23 2
2019-07-23 10:10 attacks Brute-ForceSSH AbuseIPDB Jul 23 21:10:52 dcd-gentoo sshd[15678]: User root from 112.85.42.238 not allowed because none of user's groups are listed in AllowGroups Jul 23 2
2019-07-23 09:55 attacks Brute-ForceSSH AbuseIPDB Jul 23 20:55:20 dcd-gentoo sshd[14766]: User root from 112.85.42.238 not allowed because none of user's groups are listed in AllowGroups Jul 23 2
2019-07-23 09:39 attacks Brute-ForceSSH AbuseIPDB Jul 23 20:39:43 dcd-gentoo sshd[10316]: User root from 112.85.42.238 not allowed because none of user's groups are listed in AllowGroups Jul 23 2
2019-07-23 09:24 attacks Brute-ForceSSH AbuseIPDB Jul 23 20:24:22 dcd-gentoo sshd[3752]: User root from 112.85.42.238 not allowed because none of user's groups are listed in AllowGroups Jul 23 20
2019-07-23 09:09 attacks Brute-ForceSSH AbuseIPDB Jul 23 20:08:56 dcd-gentoo sshd[30130]: User root from 112.85.42.238 not allowed because none of user's groups are listed in AllowGroups Jul 23 2
2019-07-23 08:53 attacks Brute-ForceSSH AbuseIPDB Jul 23 19:53:35 dcd-gentoo sshd[26092]: User root from 112.85.42.238 not allowed because none of user's groups are listed in AllowGroups Jul 23 1
2019-07-23 08:36 attacks Brute-ForceSSH AbuseIPDB Jul 23 19:36:54 dcd-gentoo sshd[25193]: User root from 112.85.42.238 not allowed because none of user's groups are listed in AllowGroups Jul 23 1
2019-07-23 08:21 attacks Brute-ForceSSH AbuseIPDB Jul 23 19:21:05 dcd-gentoo sshd[24349]: User root from 112.85.42.238 not allowed because none of user's groups are listed in AllowGroups Jul 23 1
2019-07-23 08:05 attacks Brute-ForceSSH AbuseIPDB Jul 23 19:05:48 dcd-gentoo sshd[22017]: User root from 112.85.42.238 not allowed because none of user's groups are listed in AllowGroups Jul 23 1
2019-07-23 07:50 attacks Brute-ForceSSH AbuseIPDB Jul 23 18:50:11 dcd-gentoo sshd[21161]: User root from 112.85.42.238 not allowed because none of user's groups are listed in AllowGroups Jul 23 1
2019-07-23 07:34 attacks Brute-ForceSSH AbuseIPDB Jul 23 18:34:48 dcd-gentoo sshd[20343]: User root from 112.85.42.238 not allowed because none of user's groups are listed in AllowGroups Jul 23 1
2019-07-23 07:19 attacks Brute-ForceSSH AbuseIPDB Jul 23 18:19:29 dcd-gentoo sshd[19466]: User root from 112.85.42.238 not allowed because none of user's groups are listed in AllowGroups Jul 23 1
2019-07-23 07:04 attacks Brute-ForceSSH AbuseIPDB Jul 23 18:04:23 dcd-gentoo sshd[18592]: User root from 112.85.42.238 not allowed because none of user's groups are listed in AllowGroups Jul 23 1
2019-07-23 06:51 attacks Brute-ForceSSH AbuseIPDB Jul 23 16:51:41 localhost sshd\[19507\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.238 user
2019-07-23 06:44 attacks Brute-ForceSSH AbuseIPDB Jul 23 17:44:46 dcd-gentoo sshd[17597]: User root from 112.85.42.238 not allowed because none of user's groups are listed in AllowGroups Jul 23 1
2019-07-23 06:34 attacks Brute-ForceSSH AbuseIPDB Jul 23 16:34:47 localhost sshd\[17567\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.238 user
2019-07-23 06:29 attacks Brute-ForceSSH AbuseIPDB Jul 23 17:29:03 dcd-gentoo sshd[16716]: User root from 112.85.42.238 not allowed because none of user's groups are listed in AllowGroups Jul 23 1
2019-07-23 06:17 attacks Brute-ForceSSH AbuseIPDB Jul 23 16:17:25 localhost sshd\[15659\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.238 user
2019-07-23 06:13 attacks Brute-ForceSSH AbuseIPDB Jul 23 17:13:00 dcd-gentoo sshd[15828]: User root from 112.85.42.238 not allowed because none of user's groups are listed in AllowGroups Jul 23 1
2019-07-23 05:56 attacks Brute-ForceSSH AbuseIPDB Jul 23 15:56:52 localhost sshd\[13382\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.238 user
2019-07-23 05:56 attacks Brute-ForceSSH AbuseIPDB Jul 23 16:56:46 dcd-gentoo sshd[14781]: User root from 112.85.42.238 not allowed because none of user's groups are listed in AllowGroups Jul 23 1
2019-07-23 05:41 attacks Brute-ForceSSH AbuseIPDB Jul 23 16:40:55 dcd-gentoo sshd[13939]: User root from 112.85.42.238 not allowed because none of user's groups are listed in AllowGroups Jul 23 1
2019-07-23 05:31 attacks Brute-ForceSSH AbuseIPDB Jul 23 15:31:51 localhost sshd\[10579\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.238 user
2019-07-23 05:25 attacks Brute-ForceSSH AbuseIPDB Jul 23 16:25:05 dcd-gentoo sshd[13115]: User root from 112.85.42.238 not allowed because none of user's groups are listed in AllowGroups Jul 23 1
2019-07-23 05:15 attacks Brute-ForceSSH AbuseIPDB Jul 23 15:15:55 localhost sshd\[8791\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.238 user=
2019-07-23 05:09 attacks Brute-ForceSSH AbuseIPDB Jul 23 16:09:54 dcd-gentoo sshd[12205]: User root from 112.85.42.238 not allowed because none of user's groups are listed in AllowGroups Jul 23 1
2019-07-23 04:59 attacks Brute-ForceSSH AbuseIPDB Jul 23 14:59:13 localhost sshd\[7241\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.238 user=
2019-07-23 04:54 attacks Brute-ForceSSH AbuseIPDB Jul 23 15:54:09 dcd-gentoo sshd[11384]: User root from 112.85.42.238 not allowed because none of user's groups are listed in AllowGroups Jul 23 1
2019-07-23 04:43 attacks Brute-ForceSSH AbuseIPDB Jul 23 14:43:02 localhost sshd\[5502\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.238 user=
2019-07-23 04:39 attacks Brute-ForceSSH AbuseIPDB Jul 23 15:38:58 dcd-gentoo sshd[10558]: User root from 112.85.42.238 not allowed because none of user's groups are listed in AllowGroups Jul 23 1
2019-07-23 04:26 attacks Brute-ForceSSH AbuseIPDB Jul 23 14:26:25 localhost sshd\[3875\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.238 user=
2019-07-23 04:23 attacks Brute-ForceSSH AbuseIPDB Jul 23 15:23:11 dcd-gentoo sshd[9715]: User root from 112.85.42.238 not allowed because none of user's groups are listed in AllowGroups Jul 23 15
2019-07-23 04:07 attacks Brute-ForceSSH AbuseIPDB Jul 23 15:07:39 dcd-gentoo sshd[8800]: User root from 112.85.42.238 not allowed because none of user's groups are listed in AllowGroups Jul 23 15
2019-07-23 04:06 attacks Brute-ForceSSH AbuseIPDB Jul 23 14:06:56 localhost sshd\[1882\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.238 user=
2019-07-23 03:52 attacks Brute-ForceSSH AbuseIPDB Jul 23 14:52:08 dcd-gentoo sshd[7888]: User root from 112.85.42.238 not allowed because none of user's groups are listed in AllowGroups Jul 23 14
2019-07-23 03:50 attacks Brute-ForceSSH AbuseIPDB Jul 23 13:50:36 localhost sshd\[65374\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.238 user
2019-07-22 14:46 attacks Brute-ForceSSH AbuseIPDB Jul 23 01:46:21 dcd-gentoo sshd[11964]: User root from 112.85.42.238 not allowed because none of user's groups are listed in AllowGroups Jul 23 0
2019-07-22 14:31 attacks Brute-ForceSSH AbuseIPDB Jul 23 01:31:07 dcd-gentoo sshd[11159]: User root from 112.85.42.238 not allowed because none of user's groups are listed in AllowGroups Jul 23 0
2019-07-22 14:16 attacks Brute-ForceSSH AbuseIPDB Jul 23 01:16:01 dcd-gentoo sshd[10384]: User root from 112.85.42.238 not allowed because none of user's groups are listed in AllowGroups Jul 23 0
2019-07-22 14:01 attacks Brute-ForceSSH AbuseIPDB Jul 23 01:00:56 dcd-gentoo sshd[9580]: User root from 112.85.42.238 not allowed because none of user's groups are listed in AllowGroups Jul 23 01
2019-01-11 00:47 attacks Port Scan AbuseIPDB port scan and connect, tcp 22 (ssh)
2019-01-12 00:10 attacks FTP Brute-ForceHacking AbuseIPDB Jan 11 10:46:51 ip-172-31-62-245 sshd[26668]: Failed password for r.r from 112.85.42.238 port 36053 ssh2 Jan 11 10:46:53 ip-172-31-62-245 sshd[26668]:
2019-01-12 00:47 attacks Port Scan AbuseIPDB port scan and connect, tcp 22 (ssh)
2019-01-12 12:09 attacks FTP Brute-ForceHacking AbuseIPDB Jan 11 10:46:51 ip-172-31-62-245 sshd[26668]: Failed password for r.r from 112.85.42.238 port 36053 ssh2 Jan 11 10:46:53 ip-172-31-62-245 sshd[26668]:
2019-01-13 00:44 attacks SSH AbuseIPDB Unauthorized access to SSH at 13/Jan/2019:10:44:15 +0000. Received: (SSH-2.0-PUTTY)
2019-01-15 11:50 attacks Brute-ForceSSH AbuseIPDB Jan 15 11:08:24 web24hdcode sshd[29924]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.238 user=ro
2019-01-15 21:44 attacks SSH AbuseIPDB  
2019-01-16 00:45 attacks Brute-ForceSSH AbuseIPDB Jan 16 11:45:25 MK-Soft-Root2 sshd\[28577\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.238
2019-01-16 00:46 attacks Brute-Force AbuseIPDB $f2bV_matches
2019-01-16 00:46 attacks Brute-Force AbuseIPDB Jan 16 10:46:19 unicornsoft sshd\[15205\]: User root from 112.85.42.238 not allowed because not listed in AllowUsers Jan 16 10:46:19 unicornsoft sshd\
2019-03-29 18:18 attacks bi_any_0_1d BadIPs.com  
2019-03-29 18:19 attacks Bad Web Bot bi_badbots_0_1d BadIPs.com  
2019-03-29 18:19 attacks Brute-Force bi_bruteforce_0_1d BadIPs.com  
2019-03-29 18:20 attacks SSH bi_sshd_0_1d BadIPs.com  
2019-03-29 18:20 attacks SSH bi_ssh_0_1d BadIPs.com  
2019-03-29 18:21 attacks blocklist_de Blocklist.de  
2019-03-29 18:21 attacks SSH blocklist_de_ssh Blocklist.de  
2019-03-29 18:27 attacks firehol_level2 FireHOL  
2019-05-28 23:19 attacks SSH bi_ssh-ddos_0_1d BadIPs.com  
2019-07-14 05:09 attacks blocklist_de_strongips Blocklist.de  
2019-03-29 18:23 attacks darklist_de darklist.de  
only last 50 and first 10 AbuseIPDB logs are shown

Threats Categories :

abuse
IPs used to spam forum, boards, blogs or smtp servers, automated web scripts or scrappers (bad bots)
anonymizer
Onion Router IP addresses. TOR network IPs, TOR exit points, socks or ssl proxy.
attacks
bruteforce ssh/ftp/system account, IPs that have been detected by fail2ban, ports scan, vulnerabilities scan, DDoS.
malware
Addresses that have been identified distributing malware, form-grabber and stealer, Viruses, Worms, Trojans, Ransomware, Adware, Spyware

Whois

inetnum: 112.85.13.0 - 112.85.13.255
netname: JIANGSUGROUP
country: CN
descr: JIANGSU GROUP CO.,NANJING,JIANGSU PROVINCE
admin-c: LL58-AP
tech-c: LL58-AP
status: ASSIGNED NON-PORTABLE
mnt-by: MAINT-CNCGROUP-JS
last-modified: 2010-10-26T00:44:02Z
source: APNIC

person: Lan Li
nic-hdl: LL58-AP
e-mail: js-cu-ipmanage@chinaunicom.cn
address: No. 65 Beijing West Road,Nanjing,China
phone: +86257900060
fax-no: +86252900280
country: CN
mnt-by: MAINT-NEW
last-modified: 2013-08-15T02:13:11Z
source: APNIC

route: 112.80.0.0/13
descr: China Unicom CHINA169 Jiangsu Province Network
country: CN
origin: AS4837
mnt-by: MAINT-CNCGROUP-RR
last-modified: 2008-12-31T01:00:07Z
source: APNIC
most specific ip range is highlighted
Updated : 2019-07-11