65.49.20.107 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): United States

运营商(isp): The Shadow Server Foundation

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Commercial

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
proxy	VPN fraud	2023-05-29 12:59:34
attackspam	[N10.H2.VM2] Port Scanner Detected Blocked by UFW	2020-08-17 14:45:34
attackbots	TCP (SYN) 65.49.20.107:37779 -> port 22, len 44	2020-06-02 17:37:11

相同子网IP讨论:

IP	类型	评论内容	时间
65.49.20.78	botsattack	Compromised IP	2025-01-28 22:48:38
65.49.20.67	botsattackproxy	Redis bot	2024-04-23 21:05:33
65.49.20.118	attackproxy	VPN fraud	2023-06-12 13:45:52
65.49.20.110	proxy	VPN fraud	2023-06-06 12:43:08
65.49.20.101	proxy	VPN fraud	2023-06-01 16:00:58
65.49.20.100	proxy	VPN fraud	2023-05-22 12:53:45
65.49.20.114	proxy	VPN fraud	2023-04-07 13:32:29
65.49.20.124	proxy	VPN fraud	2023-04-03 13:08:01
65.49.20.105	proxy	VPN fraud	2023-03-16 13:52:13
65.49.20.123	proxy	VPN fraud	2023-03-09 14:09:02
65.49.20.90	proxy	VPN scan	2023-02-20 14:00:04
65.49.20.119	proxy	VPN fraud	2023-02-14 20:08:26
65.49.20.106	proxy	Brute force VPN	2023-02-08 14:01:13
65.49.20.77	proxy	VPN	2023-02-06 13:57:51
65.49.20.81	proxy	VPN	2022-12-27 13:51:59

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 65.49.20.107
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 39482
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;65.49.20.107.			IN	A

;; AUTHORITY SECTION:
.			528	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020060200 1800 900 604800 86400

;; Query time: 62 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Jun 02 17:37:08 CST 2020
;; MSG SIZE  rcvd: 116

HOST信息:

Host 107.20.49.65.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 107.20.49.65.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
179.243.39.97	attack	Jul 1 20:52:44 xb3 sshd[14919]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=179-243-39-97.3g.claro.net.br Jul 1 20:52:47 xb3 sshd[14919]: Failed password for invalid user admin from 179.243.39.97 port 45074 ssh2 Jul 1 20:52:47 xb3 sshd[14919]: Received disconnect from 179.243.39.97: 11: Bye Bye [preauth] Jul 1 20:54:46 xb3 sshd[19587]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=179-243-39-97.3g.claro.net.br Jul 1 20:54:48 xb3 sshd[19587]: Failed password for invalid user Username from 179.243.39.97 port 34070 ssh2 Jul 1 20:54:48 xb3 sshd[19587]: Received disconnect from 179.243.39.97: 11: Bye Bye [preauth] Jul 1 20:56:43 xb3 sshd[11957]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=179-243-39-97.3g.claro.net.br Jul 1 20:56:44 xb3 sshd[11957]: Failed password for invalid user userftp from 179.243.39.97 port 51306 ssh2 Jul 1 20:56:45........ -------------------------------	2019-07-02 20:22:41
203.189.97.228	attackbots	22/tcp 22/tcp 22/tcp [2019-07-02]3pkt	2019-07-02 19:57:23
118.163.193.82	attackspambots	Jul 2 04:32:17 work-partkepr sshd\[23345\]: Invalid user n from 118.163.193.82 port 44269 Jul 2 04:32:18 work-partkepr sshd\[23345\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.163.193.82 ...	2019-07-02 20:19:25
118.163.178.146	attack	Jul 2 04:32:20 XXX sshd[21551]: Invalid user jake from 118.163.178.146 port 39813	2019-07-02 20:25:07
83.217.165.21	attackspam	Jul 1 23:29:01 localhost kernel: [13282334.854151] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:84:83:95:84:78:ac:57:aa:c1:08:00 SRC=83.217.165.21 DST=[mungedIP2] LEN=40 TOS=0x08 PREC=0x20 TTL=53 ID=53550 PROTO=TCP SPT=17832 DPT=23 WINDOW=9668 RES=0x00 SYN URGP=0 Jul 1 23:29:01 localhost kernel: [13282334.854170] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:84:83:95:84:78:ac:57:aa:c1:08:00 SRC=83.217.165.21 DST=[mungedIP2] LEN=40 TOS=0x08 PREC=0x20 TTL=53 ID=53550 PROTO=TCP SPT=17832 DPT=23 SEQ=758669438 ACK=0 WINDOW=9668 RES=0x00 SYN URGP=0 Jul 1 23:44:59 localhost kernel: [13283292.333906] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:84:83:95:84:78:ac:57:aa:c1:08:00 SRC=83.217.165.21 DST=[mungedIP2] LEN=40 TOS=0x08 PREC=0x20 TTL=53 ID=53550 PROTO=TCP SPT=17832 DPT=23 WINDOW=9668 RES=0x00 SYN URGP=0 Jul 1 23:44:59 localhost kernel: [13283292.333932] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:84:83:95:84:78:ac:57:aa:c1:08:00 SRC=83.217.165.21 DST=[mungedIP2] LEN=40 TOS=0x08 PREC=0x20	2019-07-02 19:49:14
1.54.140.180	attackspam	445/tcp [2019-07-02]1pkt	2019-07-02 20:30:19
114.26.199.177	attackspambots	2323/tcp [2019-07-02]1pkt	2019-07-02 19:57:53
164.132.197.108	attack	Jan 3 08:31:44 motanud sshd\[18638\]: Invalid user user from 164.132.197.108 port 33744 Jan 3 08:31:44 motanud sshd\[18638\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=164.132.197.108 Jan 3 08:31:46 motanud sshd\[18638\]: Failed password for invalid user user from 164.132.197.108 port 33744 ssh2	2019-07-02 20:09:22
104.236.102.16	attack	Jul 2 13:46:19 server01 sshd\[19017\]: Invalid user tester from 104.236.102.16 Jul 2 13:46:19 server01 sshd\[19017\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.236.102.16 Jul 2 13:46:21 server01 sshd\[19017\]: Failed password for invalid user tester from 104.236.102.16 port 46818 ssh2 ...	2019-07-02 19:50:02
61.41.159.29	attackbots	Jul 2 11:01:49 MK-Soft-VM4 sshd\[550\]: Invalid user renata from 61.41.159.29 port 43800 Jul 2 11:01:49 MK-Soft-VM4 sshd\[550\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.41.159.29 Jul 2 11:01:50 MK-Soft-VM4 sshd\[550\]: Failed password for invalid user renata from 61.41.159.29 port 43800 ssh2 ...	2019-07-02 20:16:36
77.42.117.150	attack	23/tcp [2019-07-02]1pkt	2019-07-02 20:25:42
74.63.232.2	attackspam	SSH Bruteforce	2019-07-02 20:19:03
189.217.16.127	attack	445/tcp [2019-07-02]1pkt	2019-07-02 20:31:00
154.83.17.99	attackspam	Jul 2 14:24:00 mail sshd\[17170\]: Invalid user asif from 154.83.17.99 port 51112 Jul 2 14:24:00 mail sshd\[17170\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=154.83.17.99 Jul 2 14:24:03 mail sshd\[17170\]: Failed password for invalid user asif from 154.83.17.99 port 51112 ssh2 Jul 2 14:26:38 mail sshd\[17549\]: Invalid user prueba from 154.83.17.99 port 48496 Jul 2 14:26:38 mail sshd\[17549\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=154.83.17.99	2019-07-02 20:29:28
159.89.170.154	attackspam	Jul 2 06:46:15 bouncer sshd\[23655\]: Invalid user vweru from 159.89.170.154 port 49086 Jul 2 06:46:15 bouncer sshd\[23655\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.89.170.154 Jul 2 06:46:16 bouncer sshd\[23655\]: Failed password for invalid user vweru from 159.89.170.154 port 49086 ssh2 ...	2019-07-02 20:32:25

最近上报的IP列表

198.134.51.38	77.194.208.35	152.179.5.29	109.168.18.114
42.225.189.14	27.72.82.54	105.184.51.113	163.216.58.50
212.3.211.106	229.35.107.53	40.109.169.68	148.146.19.82
71.245.228.246	171.204.230.47	153.22.33.89	88.147.152.150
131.149.161.237	200.116.175.40	66.98.45.242	113.216.147.27