65.49.20.107 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): United States

运营商(isp): The Shadow Server Foundation

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Commercial

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
proxy	VPN fraud	2023-05-29 12:59:34
attackspam	[N10.H2.VM2] Port Scanner Detected Blocked by UFW	2020-08-17 14:45:34
attackbots	TCP (SYN) 65.49.20.107:37779 -> port 22, len 44	2020-06-02 17:37:11

相同子网IP讨论:

IP	类型	评论内容	时间
65.49.20.78	botsattack	Compromised IP	2025-01-28 22:48:38
65.49.20.67	botsattackproxy	Redis bot	2024-04-23 21:05:33
65.49.20.118	attackproxy	VPN fraud	2023-06-12 13:45:52
65.49.20.110	proxy	VPN fraud	2023-06-06 12:43:08
65.49.20.101	proxy	VPN fraud	2023-06-01 16:00:58
65.49.20.100	proxy	VPN fraud	2023-05-22 12:53:45
65.49.20.114	proxy	VPN fraud	2023-04-07 13:32:29
65.49.20.124	proxy	VPN fraud	2023-04-03 13:08:01
65.49.20.105	proxy	VPN fraud	2023-03-16 13:52:13
65.49.20.123	proxy	VPN fraud	2023-03-09 14:09:02
65.49.20.90	proxy	VPN scan	2023-02-20 14:00:04
65.49.20.119	proxy	VPN fraud	2023-02-14 20:08:26
65.49.20.106	proxy	Brute force VPN	2023-02-08 14:01:13
65.49.20.77	proxy	VPN	2023-02-06 13:57:51
65.49.20.81	proxy	VPN	2022-12-27 13:51:59

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 65.49.20.107
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 39482
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;65.49.20.107.			IN	A

;; AUTHORITY SECTION:
.			528	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020060200 1800 900 604800 86400

;; Query time: 62 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Jun 02 17:37:08 CST 2020
;; MSG SIZE  rcvd: 116

HOST信息:

Host 107.20.49.65.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 107.20.49.65.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
5.39.113.152	attackbotsspam	5.39.113.152:48295 - - [10/Sep/2019:20:40:42 +0200] "GET /wp-login.php HTTP/1.1" 404 293	2019-09-11 19:42:47
154.66.196.32	attack	Sep 11 10:55:51 ArkNodeAT sshd\[25321\]: Invalid user 1q2w3e4r5t6y from 154.66.196.32 Sep 11 10:55:51 ArkNodeAT sshd\[25321\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=154.66.196.32 Sep 11 10:55:52 ArkNodeAT sshd\[25321\]: Failed password for invalid user 1q2w3e4r5t6y from 154.66.196.32 port 58288 ssh2	2019-09-11 19:54:30
18.217.44.151	attackspam	Sep 11 09:45:27 sd1 sshd[13258]: Invalid user uftp from 18.217.44.151 Sep 11 09:45:29 sd1 sshd[13258]: Failed password for invalid user uftp from 18.217.44.151 port 42782 ssh2 Sep 11 10:18:31 sd1 sshd[14002]: Invalid user ubuntu from 18.217.44.151 Sep 11 10:18:33 sd1 sshd[14002]: Failed password for invalid user ubuntu from 18.217.44.151 port 37488 ssh2 Sep 11 10:39:32 sd1 sshd[14616]: Invalid user deploy from 18.217.44.151 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=18.217.44.151	2019-09-11 19:54:51
185.137.233.136	attackspam	RDP brute forcing (d)	2019-09-11 19:54:09
49.88.112.90	attackspam	2019-09-11T11:26:39.096883hub.schaetter.us sshd\[22422\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.88.112.90 user=root 2019-09-11T11:26:40.876200hub.schaetter.us sshd\[22422\]: Failed password for root from 49.88.112.90 port 36386 ssh2 2019-09-11T11:26:43.543985hub.schaetter.us sshd\[22422\]: Failed password for root from 49.88.112.90 port 36386 ssh2 2019-09-11T11:26:46.477932hub.schaetter.us sshd\[22422\]: Failed password for root from 49.88.112.90 port 36386 ssh2 2019-09-11T11:26:49.460039hub.schaetter.us sshd\[22427\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.88.112.90 user=root ...	2019-09-11 19:37:58
95.216.9.115	attackspambots	123/udp 123/udp [2019-09-11]2pkt	2019-09-11 19:50:50
192.99.152.121	attack	Sep 11 13:24:09 h2177944 sshd\[5638\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.99.152.121 user=www-data Sep 11 13:24:11 h2177944 sshd\[5638\]: Failed password for www-data from 192.99.152.121 port 45764 ssh2 Sep 11 13:30:29 h2177944 sshd\[5907\]: Invalid user test1 from 192.99.152.121 port 53300 Sep 11 13:30:29 h2177944 sshd\[5907\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.99.152.121 ...	2019-09-11 19:57:29
87.101.240.10	attack	F2B jail: sshd. Time: 2019-09-11 10:50:19, Reported by: VKReport	2019-09-11 19:47:09
117.240.176.7	attackbots	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-09-11 06:50:34,638 INFO [amun_request_handler] PortScan Detected on Port: 445 (117.240.176.7)	2019-09-11 20:12:13
34.90.70.182	attack	(smtpauth) Failed SMTP AUTH login from 34.90.70.182 (US/United States/182.70.90.34.bc.googleusercontent.com): 5 in the last 3600 secs	2019-09-11 19:38:27
217.182.79.245	attackbotsspam	Sep 11 11:57:02 localhost sshd\[25126\]: Invalid user Br4pbr4p from 217.182.79.245 port 44254 Sep 11 11:57:02 localhost sshd\[25126\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=217.182.79.245 Sep 11 11:57:05 localhost sshd\[25126\]: Failed password for invalid user Br4pbr4p from 217.182.79.245 port 44254 ssh2	2019-09-11 19:42:28
190.104.153.41	attackbots	Sep 11 11:09:36 MK-Soft-VM5 sshd\[32332\]: Invalid user 123456 from 190.104.153.41 port 54848 Sep 11 11:09:36 MK-Soft-VM5 sshd\[32332\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.104.153.41 Sep 11 11:09:38 MK-Soft-VM5 sshd\[32332\]: Failed password for invalid user 123456 from 190.104.153.41 port 54848 ssh2 ...	2019-09-11 19:41:03
49.88.112.78	attackspam	2019-09-11T12:08:07.350276abusebot-3.cloudsearch.cf sshd\[23423\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.88.112.78 user=root	2019-09-11 20:08:53
149.202.223.136	attack	\[2019-09-11 07:39:45\] NOTICE\[1827\] chan_sip.c: Registration from '\' failed for '149.202.223.136:62969' - Wrong password \[2019-09-11 07:39:45\] SECURITY\[1849\] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2019-09-11T07:39:45.282-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="1481",SessionID="0x7fd9a88bc9f8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/149.202.223.136/62969",Challenge="4563b1da",ReceivedChallenge="4563b1da",ReceivedHash="a5e5e06ee3e0a4f0da0bb7adbfa5a14d" \[2019-09-11 07:39:45\] NOTICE\[1827\] chan_sip.c: Registration from '\' failed for '149.202.223.136:62965' - Wrong password \[2019-09-11 07:39:45\] SECURITY\[1849\] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2019-09-11T07:39:45.282-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="1481",SessionID="0x7fd9a81e57a8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/149.202.223.136	2019-09-11 19:47:42
189.6.45.130	attackbots	Sep 11 17:10:01 areeb-Workstation sshd[6160]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=189.6.45.130 Sep 11 17:10:03 areeb-Workstation sshd[6160]: Failed password for invalid user test from 189.6.45.130 port 53296 ssh2 ...	2019-09-11 19:52:09

最近上报的IP列表

198.134.51.38	77.194.208.35	152.179.5.29	109.168.18.114
42.225.189.14	27.72.82.54	105.184.51.113	163.216.58.50
212.3.211.106	229.35.107.53	40.109.169.68	148.146.19.82
71.245.228.246	171.204.230.47	153.22.33.89	88.147.152.150
131.149.161.237	200.116.175.40	66.98.45.242	113.216.147.27