65.49.20.112 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): United States

运营商(isp): The Shadow Server Foundation

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Commercial

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspambots	Mar 28 04:46:56 debian-2gb-nbg1-2 kernel: \[7626284.461169\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=65.49.20.112 DST=195.201.40.59 LEN=1258 TOS=0x00 PREC=0x00 TTL=243 ID=54321 PROTO=UDP SPT=57546 DPT=443 LEN=1238	2020-03-28 20:16:09

类型

评论内容

时间

attackspambots

Mar 28 04:46:56 debian-2gb-nbg1-2 kernel: \[7626284.461169\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=65.49.20.112 DST=195.201.40.59 LEN=1258 TOS=0x00 PREC=0x00 TTL=243 ID=54321 PROTO=UDP SPT=57546 DPT=443 LEN=1238

2020-03-28 20:16:09

相同子网IP讨论:

IP	类型	评论内容	时间
65.49.20.78	botsattack	Compromised IP	2025-01-28 22:48:38
65.49.20.67	botsattackproxy	Redis bot	2024-04-23 21:05:33
65.49.20.118	attackproxy	VPN fraud	2023-06-12 13:45:52
65.49.20.110	proxy	VPN fraud	2023-06-06 12:43:08
65.49.20.101	proxy	VPN fraud	2023-06-01 16:00:58
65.49.20.107	proxy	VPN fraud	2023-05-29 12:59:34
65.49.20.100	proxy	VPN fraud	2023-05-22 12:53:45
65.49.20.114	proxy	VPN fraud	2023-04-07 13:32:29
65.49.20.124	proxy	VPN fraud	2023-04-03 13:08:01
65.49.20.105	proxy	VPN fraud	2023-03-16 13:52:13
65.49.20.123	proxy	VPN fraud	2023-03-09 14:09:02
65.49.20.90	proxy	VPN scan	2023-02-20 14:00:04
65.49.20.119	proxy	VPN fraud	2023-02-14 20:08:26
65.49.20.106	proxy	Brute force VPN	2023-02-08 14:01:13
65.49.20.77	proxy	VPN	2023-02-06 13:57:51

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 65.49.20.112
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 39309
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;65.49.20.112.			IN	A

;; AUTHORITY SECTION:
.			159	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020032801 1800 900 604800 86400

;; Query time: 84 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Mar 28 20:16:02 CST 2020
;; MSG SIZE  rcvd: 116

HOST信息:

Host 112.20.49.65.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 112.20.49.65.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
218.92.0.145	attack	Feb 23 23:38:41 v22018076622670303 sshd\[5501\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.145 user=root Feb 23 23:38:42 v22018076622670303 sshd\[5501\]: Failed password for root from 218.92.0.145 port 4432 ssh2 Feb 23 23:38:46 v22018076622670303 sshd\[5501\]: Failed password for root from 218.92.0.145 port 4432 ssh2 ...	2020-02-24 06:52:21
211.48.214.2	attackbotsspam	" "	2020-02-24 06:21:02
49.88.112.62	attackspambots	Feb 24 03:50:23 gw1 sshd[30590]: Failed password for root from 49.88.112.62 port 47571 ssh2 Feb 24 03:50:36 gw1 sshd[30590]: error: maximum authentication attempts exceeded for root from 49.88.112.62 port 47571 ssh2 [preauth] ...	2020-02-24 06:51:45
222.186.42.75	attackspambots	Feb 23 22:44:19 vpn01 sshd[3892]: Failed password for root from 222.186.42.75 port 19993 ssh2 ...	2020-02-24 06:23:32
199.87.154.255	attack	pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=199.87.154.255 Failed password for invalid user a from 199.87.154.255 port 48875 ssh2 Failed password for invalid user a from 199.87.154.255 port 48875 ssh2 Failed password for invalid user a from 199.87.154.255 port 48875 ssh2	2020-02-24 06:38:53
60.48.170.251	attack	Automatic report - Port Scan Attack	2020-02-24 06:34:58
92.63.194.22	attack	Feb 23 22:54:46 ks10 sshd[373366]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=92.63.194.22 Feb 23 22:54:48 ks10 sshd[373366]: Failed password for invalid user admin from 92.63.194.22 port 36387 ssh2 ...	2020-02-24 06:25:55
58.211.122.58	attackbots	Feb 23 15:48:04 mailman sshd[31514]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.211.122.58 user=root Feb 23 15:48:06 mailman sshd[31514]: Failed password for root from 58.211.122.58 port 57844 ssh2 Feb 23 15:48:13 mailman sshd[31517]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.211.122.58 user=root	2020-02-24 06:38:25
218.92.0.204	attack	2020-02-23T17:14:54.075210xentho-1 sshd[159436]: Failed password for root from 218.92.0.204 port 28956 ssh2 2020-02-23T17:14:51.924067xentho-1 sshd[159436]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.204 user=root 2020-02-23T17:14:54.075210xentho-1 sshd[159436]: Failed password for root from 218.92.0.204 port 28956 ssh2 2020-02-23T17:14:57.719594xentho-1 sshd[159436]: Failed password for root from 218.92.0.204 port 28956 ssh2 2020-02-23T17:14:51.924067xentho-1 sshd[159436]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.204 user=root 2020-02-23T17:14:54.075210xentho-1 sshd[159436]: Failed password for root from 218.92.0.204 port 28956 ssh2 2020-02-23T17:14:57.719594xentho-1 sshd[159436]: Failed password for root from 218.92.0.204 port 28956 ssh2 2020-02-23T17:15:00.888021xentho-1 sshd[159436]: Failed password for root from 218.92.0.204 port 28956 ssh2 2020-02-23T17:16:32.423021xent ...	2020-02-24 06:22:44
62.103.246.68	attackspam	Feb 23 22:48:08 debian-2gb-nbg1-2 kernel: \[4753690.422922\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=62.103.246.68 DST=195.201.40.59 LEN=44 TOS=0x00 PREC=0x00 TTL=49 ID=60928 PROTO=TCP SPT=58005 DPT=23 WINDOW=8525 RES=0x00 SYN URGP=0	2020-02-24 06:40:15
218.146.19.38	attackbots	Feb 23 22:47:37 host dovecot: pop3-login: Aborted login (auth failed, 1 attempts in 2 secs): user=, method=PLAIN, rip=218.146.19.38, lip=62.210.151.217, session= Feb 23 22:47:44 host dovecot: pop3-login: Aborted login (auth failed, 1 attempts in 6 secs): user=, method=PLAIN, rip=218.146.19.38, lip=62.210.151.217, session=<9egTNEWfNM3akhMm> ...	2020-02-24 06:48:47
77.88.28.108	attackbots	Spam from secil@ncgrup.com.tr	2020-02-24 06:21:38
179.106.156.52	attackspam	Automatic report - Port Scan Attack	2020-02-24 06:43:55
187.103.81.17	attackspam	Automatic report - Port Scan Attack	2020-02-24 06:25:22
222.186.30.145	attack	Brute-force attempt banned	2020-02-24 06:43:18

最近上报的IP列表

91.218.65.190	190.138.11.111	244.135.8.124	91.90.149.82
46.248.39.46	46.180.69.175	34.223.212.166	202.70.72.45
123.24.111.5	27.115.58.138	27.111.82.247	197.28.65.109
95.250.216.26	111.20.101.3	179.90.191.20	42.117.195.247
62.242.161.16	166.166.98.154	232.24.236.185	183.206.236.216