65.49.20.125 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): United States

运营商(isp): The Shadow Server Foundation

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Commercial

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspam	TCP (SYN) 65.49.20.125:42351 -> port 22, len 44	2020-08-17 14:48:27
attack	ET CINS Active Threat Intelligence Poor Reputation IP group 61 - port: 22 proto: TCP cat: Misc Attack	2020-06-23 17:31:55
attack	11/24/2019-15:45:29.164663 65.49.20.125 Protocol: 17 ET CINS Active Threat Intelligence Poor Reputation IP group 68	2019-11-25 05:35:36
attackbots	UTC: 2019-10-21 port: 443/udp	2019-10-22 16:43:29

相同子网IP讨论:

IP	类型	评论内容	时间
65.49.20.78	botsattack	Compromised IP	2025-01-28 22:48:38
65.49.20.67	botsattackproxy	Redis bot	2024-04-23 21:05:33
65.49.20.118	attackproxy	VPN fraud	2023-06-12 13:45:52
65.49.20.110	proxy	VPN fraud	2023-06-06 12:43:08
65.49.20.101	proxy	VPN fraud	2023-06-01 16:00:58
65.49.20.107	proxy	VPN fraud	2023-05-29 12:59:34
65.49.20.100	proxy	VPN fraud	2023-05-22 12:53:45
65.49.20.114	proxy	VPN fraud	2023-04-07 13:32:29
65.49.20.124	proxy	VPN fraud	2023-04-03 13:08:01
65.49.20.105	proxy	VPN fraud	2023-03-16 13:52:13
65.49.20.123	proxy	VPN fraud	2023-03-09 14:09:02
65.49.20.90	proxy	VPN scan	2023-02-20 14:00:04
65.49.20.119	proxy	VPN fraud	2023-02-14 20:08:26
65.49.20.106	proxy	Brute force VPN	2023-02-08 14:01:13
65.49.20.77	proxy	VPN	2023-02-06 13:57:51

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 65.49.20.125
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 22278
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;65.49.20.125.			IN	A

;; AUTHORITY SECTION:
.			353	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019102200 1800 900 604800 86400

;; Query time: 57 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Oct 22 16:43:26 CST 2019
;; MSG SIZE  rcvd: 116

HOST信息:

Host 125.20.49.65.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 125.20.49.65.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
37.14.204.204	attackspam	Sep 9 07:41:51 vps01 sshd[23603]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=37.14.204.204 Sep 9 07:41:53 vps01 sshd[23603]: Failed password for invalid user zabbix from 37.14.204.204 port 34076 ssh2	2019-09-09 18:10:29
62.48.150.175	attack	SSH Brute Force, server-1 sshd[6415]: Failed password for invalid user oracle from 62.48.150.175 port 48006 ssh2	2019-09-09 17:35:15
96.54.228.119	attackbots	Sep 9 11:50:39 SilenceServices sshd[30869]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=96.54.228.119 Sep 9 11:50:41 SilenceServices sshd[30869]: Failed password for invalid user chris from 96.54.228.119 port 43229 ssh2 Sep 9 11:57:27 SilenceServices sshd[946]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=96.54.228.119	2019-09-09 18:23:27
222.186.15.18	attack	Sep 9 06:45:55 rotator sshd\[14061\]: Failed password for root from 222.186.15.18 port 17226 ssh2Sep 9 06:45:58 rotator sshd\[14061\]: Failed password for root from 222.186.15.18 port 17226 ssh2Sep 9 06:46:54 rotator sshd\[14067\]: Failed password for root from 222.186.15.18 port 51585 ssh2Sep 9 06:46:56 rotator sshd\[14067\]: Failed password for root from 222.186.15.18 port 51585 ssh2Sep 9 06:46:59 rotator sshd\[14067\]: Failed password for root from 222.186.15.18 port 51585 ssh2Sep 9 06:48:51 rotator sshd\[14084\]: Failed password for root from 222.186.15.18 port 11592 ssh2 ...	2019-09-09 17:47:37
36.27.214.203	attackspam	1568003728 - 09/09/2019 06:35:28 Host: 36.27.214.203/36.27.214.203 Port: 161 UDP Blocked	2019-09-09 17:41:41
185.234.216.123	attackbots	09/09/2019-06:17:05.708398 185.234.216.123 Protocol: 6 ET SCAN Rapid POP3 Connections - Possible Brute Force Attack	2019-09-09 18:21:35
157.230.120.252	attack	Sep 9 08:11:09 *** sshd[14401]: Invalid user minecraft from 157.230.120.252	2019-09-09 17:29:51
106.13.34.212	attack	Sep 9 09:36:06 localhost sshd\[118637\]: Invalid user www from 106.13.34.212 port 60932 Sep 9 09:36:06 localhost sshd\[118637\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.34.212 Sep 9 09:36:08 localhost sshd\[118637\]: Failed password for invalid user www from 106.13.34.212 port 60932 ssh2 Sep 9 09:43:37 localhost sshd\[118941\]: Invalid user zabbix from 106.13.34.212 port 34582 Sep 9 09:43:37 localhost sshd\[118941\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.34.212 ...	2019-09-09 18:05:07
40.89.159.174	attackbots	Sep 9 12:21:21 markkoudstaal sshd[11783]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=40.89.159.174 Sep 9 12:21:23 markkoudstaal sshd[11783]: Failed password for invalid user ts3srv from 40.89.159.174 port 35888 ssh2 Sep 9 12:27:06 markkoudstaal sshd[12272]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=40.89.159.174	2019-09-09 19:01:46
41.68.13.190	attack	Unauthorized connection attempt from IP address 41.68.13.190 on Port 445(SMB)	2019-09-09 19:05:03
106.13.38.86	attackspam	Sep 8 23:30:32 hiderm sshd\[19354\]: Invalid user password from 106.13.38.86 Sep 8 23:30:32 hiderm sshd\[19354\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.38.86 Sep 8 23:30:34 hiderm sshd\[19354\]: Failed password for invalid user password from 106.13.38.86 port 50840 ssh2 Sep 8 23:35:55 hiderm sshd\[19892\]: Invalid user guest from 106.13.38.86 Sep 8 23:35:55 hiderm sshd\[19892\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.38.86	2019-09-09 18:01:56
183.11.235.20	attackspam	Sep 9 07:42:06 saschabauer sshd[10465]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=183.11.235.20 Sep 9 07:42:08 saschabauer sshd[10465]: Failed password for invalid user 123456 from 183.11.235.20 port 39646 ssh2	2019-09-09 18:19:51
123.207.107.242	attackbots	Sep 9 10:46:50 rotator sshd\[30707\]: Invalid user ftpadmin123 from 123.207.107.242Sep 9 10:46:52 rotator sshd\[30707\]: Failed password for invalid user ftpadmin123 from 123.207.107.242 port 46794 ssh2Sep 9 10:50:34 rotator sshd\[31477\]: Invalid user 123456789 from 123.207.107.242Sep 9 10:50:36 rotator sshd\[31477\]: Failed password for invalid user 123456789 from 123.207.107.242 port 51172 ssh2Sep 9 10:54:12 rotator sshd\[31499\]: Invalid user user from 123.207.107.242Sep 9 10:54:15 rotator sshd\[31499\]: Failed password for invalid user user from 123.207.107.242 port 55256 ssh2 ...	2019-09-09 17:43:00
36.89.159.122	attackbots	Unauthorized connection attempt from IP address 36.89.159.122 on Port 445(SMB)	2019-09-09 19:10:12
210.221.220.68	attackbots	Sep 9 10:55:05 ArkNodeAT sshd\[2286\]: Invalid user demopass from 210.221.220.68 Sep 9 10:55:05 ArkNodeAT sshd\[2286\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=210.221.220.68 Sep 9 10:55:07 ArkNodeAT sshd\[2286\]: Failed password for invalid user demopass from 210.221.220.68 port 21978 ssh2	2019-09-09 17:23:58

最近上报的IP列表

171.249.132.110	123.13.153.224	180.69.116.193	81.131.94.50
80.182.234.190	94.51.194.150	80.211.87.63	23.89.101.130
42.55.17.215	202.252.184.64	1.131.49.92	104.155.36.113
78.222.57.83	86.106.82.49	114.39.54.137	118.169.42.208
193.178.51.119	149.200.195.210	178.128.212.51	185.81.153.124