65.49.20.125 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): United States

运营商(isp): The Shadow Server Foundation

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Commercial

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspam	TCP (SYN) 65.49.20.125:42351 -> port 22, len 44	2020-08-17 14:48:27
attack	ET CINS Active Threat Intelligence Poor Reputation IP group 61 - port: 22 proto: TCP cat: Misc Attack	2020-06-23 17:31:55
attack	11/24/2019-15:45:29.164663 65.49.20.125 Protocol: 17 ET CINS Active Threat Intelligence Poor Reputation IP group 68	2019-11-25 05:35:36
attackbots	UTC: 2019-10-21 port: 443/udp	2019-10-22 16:43:29

相同子网IP讨论:

IP	类型	评论内容	时间
65.49.20.78	botsattack	Compromised IP	2025-01-28 22:48:38
65.49.20.67	botsattackproxy	Redis bot	2024-04-23 21:05:33
65.49.20.118	attackproxy	VPN fraud	2023-06-12 13:45:52
65.49.20.110	proxy	VPN fraud	2023-06-06 12:43:08
65.49.20.101	proxy	VPN fraud	2023-06-01 16:00:58
65.49.20.107	proxy	VPN fraud	2023-05-29 12:59:34
65.49.20.100	proxy	VPN fraud	2023-05-22 12:53:45
65.49.20.114	proxy	VPN fraud	2023-04-07 13:32:29
65.49.20.124	proxy	VPN fraud	2023-04-03 13:08:01
65.49.20.105	proxy	VPN fraud	2023-03-16 13:52:13
65.49.20.123	proxy	VPN fraud	2023-03-09 14:09:02
65.49.20.90	proxy	VPN scan	2023-02-20 14:00:04
65.49.20.119	proxy	VPN fraud	2023-02-14 20:08:26
65.49.20.106	proxy	Brute force VPN	2023-02-08 14:01:13
65.49.20.77	proxy	VPN	2023-02-06 13:57:51

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 65.49.20.125
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 22278
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;65.49.20.125.			IN	A

;; AUTHORITY SECTION:
.			353	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019102200 1800 900 604800 86400

;; Query time: 57 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Oct 22 16:43:26 CST 2019
;; MSG SIZE  rcvd: 116

HOST信息:

Host 125.20.49.65.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 125.20.49.65.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
140.143.164.33	attack	Mar 3 23:48:59 vps647732 sshd[8499]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.143.164.33 Mar 3 23:49:01 vps647732 sshd[8499]: Failed password for invalid user omsagent from 140.143.164.33 port 48708 ssh2 ...	2020-03-04 06:57:57
120.70.100.88	attack	Mar 3 19:06:36 firewall sshd[13883]: Invalid user gameserver from 120.70.100.88 Mar 3 19:06:38 firewall sshd[13883]: Failed password for invalid user gameserver from 120.70.100.88 port 39920 ssh2 Mar 3 19:15:45 firewall sshd[14251]: Invalid user nfsnobody from 120.70.100.88 ...	2020-03-04 07:15:35
190.216.233.147	attackspam	20/3/3@17:09:31: FAIL: Alarm-Network address from=190.216.233.147 ...	2020-03-04 07:15:11
157.230.253.174	attackbots	Mar 3 17:41:38 NPSTNNYC01T sshd[22512]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.230.253.174 Mar 3 17:41:40 NPSTNNYC01T sshd[22512]: Failed password for invalid user ins from 157.230.253.174 port 50098 ssh2 Mar 3 17:46:35 NPSTNNYC01T sshd[22881]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.230.253.174 ...	2020-03-04 06:54:16
177.189.209.143	attackspambots	2020-03-03T23:09:08.849171vps751288.ovh.net sshd\[12117\]: Invalid user nagios from 177.189.209.143 port 54497 2020-03-03T23:09:08.857960vps751288.ovh.net sshd\[12117\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=177.189.209.143 2020-03-03T23:09:11.188419vps751288.ovh.net sshd\[12117\]: Failed password for invalid user nagios from 177.189.209.143 port 54497 ssh2 2020-03-03T23:09:43.851505vps751288.ovh.net sshd\[12135\]: Invalid user wrchang from 177.189.209.143 port 51617 2020-03-03T23:09:43.865311vps751288.ovh.net sshd\[12135\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=177.189.209.143	2020-03-04 07:08:35
162.241.149.130	attackbotsspam	Mar 3 17:58:05 plusreed sshd[29857]: Invalid user mikel from 162.241.149.130 ...	2020-03-04 07:09:55
218.92.0.207	attackspam	Mar 3 22:36:09 game-panel sshd[851]: Failed password for root from 218.92.0.207 port 30210 ssh2 Mar 3 22:37:06 game-panel sshd[886]: Failed password for root from 218.92.0.207 port 49922 ssh2	2020-03-04 07:11:31
181.25.159.189	attack	firewall-block, port(s): 2323/tcp	2020-03-04 06:49:20
222.186.31.83	attackspam	Mar 3 23:45:42 localhost sshd\[17569\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.31.83 user=root Mar 3 23:45:43 localhost sshd\[17569\]: Failed password for root from 222.186.31.83 port 21412 ssh2 Mar 3 23:45:45 localhost sshd\[17569\]: Failed password for root from 222.186.31.83 port 21412 ssh2	2020-03-04 06:48:48
112.33.254.28	attack	FTP login brute force attempts. Time: Tue Mar 3. 23:01:24 2020 +0100 IP: 112.33.254.28 (CN/China/-) Log entries: Mar 3 23:00:19 vserv pure-ftpd: (?@112.33.254.28) [WARNING] Authentication failed for user [www] Mar 3 23:00:24 vserv pure-ftpd: (?@112.33.254.28) [WARNING] Authentication failed for user [www] Mar 3 23:00:33 vserv pure-ftpd: (?@112.33.254.28) [WARNING] Authentication failed for user [www] Mar 3 23:00:38 vserv pure-ftpd: (?@112.33.254.28) [WARNING] Authentication failed for user [www] Mar 3 23:00:43 vserv pure-ftpd: (?@112.33.254.28) [WARNING] Authentication failed for user [www] Mar 3 23:00:54 vserv pure-ftpd: (?@112.33.254.28) [WARNING] Authentication failed for user [www] Mar 3 23:00:59 vserv pure-ftpd: (?@112.33.254.28) [WARNING] Authentication failed for user [www] Mar 3 23:01:04 vserv pure-ftpd: (?@112.33.254.28) [WARNING] Authentication failed for user [www] Mar 3 23:01:11 vserv pure-ftpd: (?@112.33.254.28) [WARNING] Authentication failed for user [www]	2020-03-04 07:24:16
104.248.151.177	attackspambots	Mar 3 12:44:25 wbs sshd\[7589\]: Invalid user admin from 104.248.151.177 Mar 3 12:44:25 wbs sshd\[7589\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.151.177 Mar 3 12:44:27 wbs sshd\[7589\]: Failed password for invalid user admin from 104.248.151.177 port 57646 ssh2 Mar 3 12:48:11 wbs sshd\[7974\]: Invalid user www from 104.248.151.177 Mar 3 12:48:11 wbs sshd\[7974\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.151.177	2020-03-04 06:59:52
117.196.238.54	attack	117.196.238.54 - - [03/Mar/2020:23:09:38 +0100] "3&remoteSubmit=Save" 400 0 "-" "-" 117.196.238.54 - - [03/Mar/2020:23:09:38 +0100] "POST /cgi-bin/ViewLog.asp HTTP/1.1" 302 0 "-" "Ankit"	2020-03-04 07:12:20
106.12.85.28	attackspambots	Mar 3 12:33:56 hpm sshd\[1303\]: Invalid user openfiler from 106.12.85.28 Mar 3 12:33:56 hpm sshd\[1303\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.85.28 Mar 3 12:33:58 hpm sshd\[1303\]: Failed password for invalid user openfiler from 106.12.85.28 port 46502 ssh2 Mar 3 12:42:23 hpm sshd\[2421\]: Invalid user crystal from 106.12.85.28 Mar 3 12:42:23 hpm sshd\[2421\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.85.28	2020-03-04 07:03:43
62.46.61.249	attackspam	Mar 3 20:16:41 nandi sshd[12130]: Invalid user team3 from 62.46.61.249 Mar 3 20:16:41 nandi sshd[12130]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=62-46-61-249.adsl.highway.telekom.at Mar 3 20:16:43 nandi sshd[12130]: Failed password for invalid user team3 from 62.46.61.249 port 34342 ssh2 Mar 3 20:16:44 nandi sshd[12130]: Received disconnect from 62.46.61.249: 11: Bye Bye [preauth] Mar 3 20:28:57 nandi sshd[17468]: Connection closed by 62.46.61.249 [preauth] Mar 3 20:35:02 nandi sshd[20067]: Did not receive identification string from 62.46.61.249 Mar 3 20:40:55 nandi sshd[23477]: Connection closed by 62.46.61.249 [preauth] Mar 3 20:46:50 nandi sshd[26403]: Did not receive identification string from 62.46.61.249 Mar 3 20:52:46 nandi sshd[28989]: Invalid user matt from 62.46.61.249 Mar 3 20:52:46 nandi sshd[28989]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=62-46-61-249......... -------------------------------	2020-03-04 07:22:01
146.185.147.174	attackspam	2020-03-03T22:49:44.780122shield sshd\[22481\]: Invalid user earl from 146.185.147.174 port 56424 2020-03-03T22:49:44.786077shield sshd\[22481\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=146.185.147.174 2020-03-03T22:49:46.870378shield sshd\[22481\]: Failed password for invalid user earl from 146.185.147.174 port 56424 ssh2 2020-03-03T22:57:04.061195shield sshd\[23780\]: Invalid user arma from 146.185.147.174 port 37048 2020-03-03T22:57:04.066552shield sshd\[23780\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=146.185.147.174	2020-03-04 07:13:33

最近上报的IP列表

171.249.132.110	123.13.153.224	180.69.116.193	81.131.94.50
80.182.234.190	94.51.194.150	80.211.87.63	23.89.101.130
42.55.17.215	202.252.184.64	1.131.49.92	104.155.36.113
78.222.57.83	86.106.82.49	114.39.54.137	118.169.42.208
193.178.51.119	149.200.195.210	178.128.212.51	185.81.153.124