65.49.20.113 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): United States

运营商(isp): The Shadow Server Foundation

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Commercial

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspam	22/tcp 443/udp... [2019-12-17/24]4pkt,1pt.(tcp),1pt.(udp)	2019-12-25 00:07:32

相同子网IP讨论:

IP	类型	评论内容	时间
65.49.20.78	botsattack	Compromised IP	2025-01-28 22:48:38
65.49.20.67	botsattackproxy	Redis bot	2024-04-23 21:05:33
65.49.20.118	attackproxy	VPN fraud	2023-06-12 13:45:52
65.49.20.110	proxy	VPN fraud	2023-06-06 12:43:08
65.49.20.101	proxy	VPN fraud	2023-06-01 16:00:58
65.49.20.107	proxy	VPN fraud	2023-05-29 12:59:34
65.49.20.100	proxy	VPN fraud	2023-05-22 12:53:45
65.49.20.114	proxy	VPN fraud	2023-04-07 13:32:29
65.49.20.124	proxy	VPN fraud	2023-04-03 13:08:01
65.49.20.105	proxy	VPN fraud	2023-03-16 13:52:13
65.49.20.123	proxy	VPN fraud	2023-03-09 14:09:02
65.49.20.90	proxy	VPN scan	2023-02-20 14:00:04
65.49.20.119	proxy	VPN fraud	2023-02-14 20:08:26
65.49.20.106	proxy	Brute force VPN	2023-02-08 14:01:13
65.49.20.77	proxy	VPN	2023-02-06 13:57:51

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 65.49.20.113
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 7258
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;65.49.20.113.			IN	A

;; AUTHORITY SECTION:
.			506	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019100203 1800 900 604800 86400

;; Query time: 51 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Oct 03 04:57:44 CST 2019
;; MSG SIZE  rcvd: 116

HOST信息:

Host 113.20.49.65.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 113.20.49.65.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
51.38.186.47	attackbots	ssh failed login	2019-08-08 03:49:35
144.217.165.133	attack	Aug 7 19:43:55 h2177944 sshd\[32083\]: Invalid user USERID from 144.217.165.133 port 52794 Aug 7 19:43:55 h2177944 sshd\[32083\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=144.217.165.133 Aug 7 19:43:57 h2177944 sshd\[32083\]: Failed password for invalid user USERID from 144.217.165.133 port 52794 ssh2 Aug 7 19:44:01 h2177944 sshd\[32085\]: Invalid user Administrator from 144.217.165.133 port 55270 ...	2019-08-08 03:25:34
68.183.83.113	attackspambots	xmlrpc attack	2019-08-08 03:20:26
139.199.106.127	attackspambots	Aug 7 21:25:11 lnxmysql61 sshd[14522]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.106.127	2019-08-08 03:35:56
213.139.205.242	attack	DATE:2019-08-07 19:41:45, IP:213.139.205.242, PORT:telnet Telnet brute force auth on honeypot server (honey-neo-dc)	2019-08-08 04:08:04
188.35.187.50	attackbots	Aug 7 14:54:00 aat-srv002 sshd[16896]: Failed password for root from 188.35.187.50 port 57884 ssh2 Aug 7 14:58:50 aat-srv002 sshd[17006]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=188.35.187.50 Aug 7 14:58:52 aat-srv002 sshd[17006]: Failed password for invalid user nia from 188.35.187.50 port 51012 ssh2 Aug 7 15:02:55 aat-srv002 sshd[17109]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=188.35.187.50 ...	2019-08-08 04:10:24
142.93.91.42	attackspam	SSH Brute-Force reported by Fail2Ban	2019-08-08 03:46:30
206.81.10.230	attack	Aug 7 20:10:00 localhost sshd\[1832\]: Invalid user tar from 206.81.10.230 Aug 7 20:10:00 localhost sshd\[1832\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=206.81.10.230 Aug 7 20:10:02 localhost sshd\[1832\]: Failed password for invalid user tar from 206.81.10.230 port 40622 ssh2 Aug 7 20:14:12 localhost sshd\[2015\]: Invalid user postgres from 206.81.10.230 Aug 7 20:14:12 localhost sshd\[2015\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=206.81.10.230 ...	2019-08-08 04:09:25
5.13.134.5	attackbots	Automatic report - Port Scan Attack	2019-08-08 03:51:08
93.115.241.194	attackspambots	Aug 7 17:42:20 MK-Soft-VM5 sshd\[1243\]: Invalid user admin from 93.115.241.194 port 44242 Aug 7 17:42:20 MK-Soft-VM5 sshd\[1243\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=93.115.241.194 Aug 7 17:42:22 MK-Soft-VM5 sshd\[1243\]: Failed password for invalid user admin from 93.115.241.194 port 44242 ssh2 ...	2019-08-08 03:58:15
185.53.88.44	attackbots	Automatic report - Port Scan Attack	2019-08-08 04:10:59
165.227.150.158	attackbots	Aug 7 15:08:14 vps200512 sshd\[17054\]: Invalid user webmaster from 165.227.150.158 Aug 7 15:08:14 vps200512 sshd\[17054\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=165.227.150.158 Aug 7 15:08:16 vps200512 sshd\[17054\]: Failed password for invalid user webmaster from 165.227.150.158 port 15571 ssh2 Aug 7 15:12:31 vps200512 sshd\[17164\]: Invalid user plagscan from 165.227.150.158 Aug 7 15:12:31 vps200512 sshd\[17164\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=165.227.150.158	2019-08-08 03:23:35
23.129.64.185	attackbotsspam	[Aegis] @ 2019-08-07 20:34:47 0100 -> Maximum authentication attempts exceeded.	2019-08-08 04:03:57
182.61.46.191	attackbots	Aug 8 01:04:39 vibhu-HP-Z238-Microtower-Workstation sshd\[29311\]: Invalid user lz from 182.61.46.191 Aug 8 01:04:39 vibhu-HP-Z238-Microtower-Workstation sshd\[29311\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.61.46.191 Aug 8 01:04:41 vibhu-HP-Z238-Microtower-Workstation sshd\[29311\]: Failed password for invalid user lz from 182.61.46.191 port 43902 ssh2 Aug 8 01:09:14 vibhu-HP-Z238-Microtower-Workstation sshd\[29494\]: Invalid user user from 182.61.46.191 Aug 8 01:09:14 vibhu-HP-Z238-Microtower-Workstation sshd\[29494\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.61.46.191 ...	2019-08-08 03:54:25
37.49.231.130	attackspambots	08/07/2019-13:44:05.588745 37.49.231.130 Protocol: 6 ET SCAN NMAP -sS window 1024	2019-08-08 03:22:43

最近上报的IP列表

42.69.215.234	99.109.191.56	128.29.228.188	19.117.66.25
96.81.43.227	203.121.181.244	165.125.161.52	157.127.148.15
177.254.86.152	36.108.103.139	106.12.57.38	185.209.28.242
114.224.47.0	178.48.235.59	3.127.157.152	185.141.158.45
36.61.34.189	57.153.120.114	32.161.208.50	196.180.236.207