65.49.20.125 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): United States

运营商(isp): The Shadow Server Foundation

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Commercial

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspam	TCP (SYN) 65.49.20.125:42351 -> port 22, len 44	2020-08-17 14:48:27
attack	ET CINS Active Threat Intelligence Poor Reputation IP group 61 - port: 22 proto: TCP cat: Misc Attack	2020-06-23 17:31:55
attack	11/24/2019-15:45:29.164663 65.49.20.125 Protocol: 17 ET CINS Active Threat Intelligence Poor Reputation IP group 68	2019-11-25 05:35:36
attackbots	UTC: 2019-10-21 port: 443/udp	2019-10-22 16:43:29

相同子网IP讨论:

IP	类型	评论内容	时间
65.49.20.78	botsattack	Compromised IP	2025-01-28 22:48:38
65.49.20.67	botsattackproxy	Redis bot	2024-04-23 21:05:33
65.49.20.118	attackproxy	VPN fraud	2023-06-12 13:45:52
65.49.20.110	proxy	VPN fraud	2023-06-06 12:43:08
65.49.20.101	proxy	VPN fraud	2023-06-01 16:00:58
65.49.20.107	proxy	VPN fraud	2023-05-29 12:59:34
65.49.20.100	proxy	VPN fraud	2023-05-22 12:53:45
65.49.20.114	proxy	VPN fraud	2023-04-07 13:32:29
65.49.20.124	proxy	VPN fraud	2023-04-03 13:08:01
65.49.20.105	proxy	VPN fraud	2023-03-16 13:52:13
65.49.20.123	proxy	VPN fraud	2023-03-09 14:09:02
65.49.20.90	proxy	VPN scan	2023-02-20 14:00:04
65.49.20.119	proxy	VPN fraud	2023-02-14 20:08:26
65.49.20.106	proxy	Brute force VPN	2023-02-08 14:01:13
65.49.20.77	proxy	VPN	2023-02-06 13:57:51

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 65.49.20.125
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 22278
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;65.49.20.125.			IN	A

;; AUTHORITY SECTION:
.			353	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019102200 1800 900 604800 86400

;; Query time: 57 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Oct 22 16:43:26 CST 2019
;; MSG SIZE  rcvd: 116

HOST信息:

Host 125.20.49.65.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 125.20.49.65.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
76.71.115.80	attackspambots	port scan and connect, tcp 23 (telnet)	2020-06-26 03:10:48
103.100.209.172	attack	2020-06-25T17:38:25.864750abusebot.cloudsearch.cf sshd[32325]: Invalid user vincent from 103.100.209.172 port 47742 2020-06-25T17:38:25.870206abusebot.cloudsearch.cf sshd[32325]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.100.209.172 2020-06-25T17:38:25.864750abusebot.cloudsearch.cf sshd[32325]: Invalid user vincent from 103.100.209.172 port 47742 2020-06-25T17:38:27.517560abusebot.cloudsearch.cf sshd[32325]: Failed password for invalid user vincent from 103.100.209.172 port 47742 ssh2 2020-06-25T17:42:32.530607abusebot.cloudsearch.cf sshd[32413]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.100.209.172 user=root 2020-06-25T17:42:34.755015abusebot.cloudsearch.cf sshd[32413]: Failed password for root from 103.100.209.172 port 47720 ssh2 2020-06-25T17:46:17.744261abusebot.cloudsearch.cf sshd[32459]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.10 ...	2020-06-26 03:22:45
122.152.196.222	attack	5x Failed Password	2020-06-26 03:25:40
40.121.140.192	attackbots	Jun 25 14:26:23 r.ca sshd[5531]: Failed password for root from 40.121.140.192 port 47064 ssh2	2020-06-26 03:27:17
104.42.44.206	attackbotsspam	Lines containing failures of 104.42.44.206 Jun 24 23:45:32 shared11 sshd[17243]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.42.44.206 user=r.r Jun 24 23:45:32 shared11 sshd[17245]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.42.44.206 user=r.r Jun 24 23:45:34 shared11 sshd[17243]: Failed password for r.r from 104.42.44.206 port 11403 ssh2 Jun 24 23:45:34 shared11 sshd[17243]: Received disconnect from 104.42.44.206 port 11403:11: Client disconnecting normally [preauth] Jun 24 23:45:34 shared11 sshd[17243]: Disconnected from authenticating user r.r 104.42.44.206 port 11403 [preauth] Jun 24 23:45:34 shared11 sshd[17245]: Failed password for r.r from 104.42.44.206 port 11487 ssh2 Jun 24 23:45:34 shared11 sshd[17245]: Received disconnect from 104.42.44.206 port 11487:11: Client disconnecting normally [preauth] Jun 24 23:45:34 shared11 sshd[17245]: Disconnected from authenticatin........ ------------------------------	2020-06-26 03:28:02
218.92.0.185	attack	Jun 25 20:50:00 OPSO sshd\[23703\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.185 user=root Jun 25 20:50:01 OPSO sshd\[23703\]: Failed password for root from 218.92.0.185 port 5799 ssh2 Jun 25 20:50:05 OPSO sshd\[23703\]: Failed password for root from 218.92.0.185 port 5799 ssh2 Jun 25 20:50:08 OPSO sshd\[23703\]: Failed password for root from 218.92.0.185 port 5799 ssh2 Jun 25 20:50:11 OPSO sshd\[23703\]: Failed password for root from 218.92.0.185 port 5799 ssh2	2020-06-26 03:36:46
203.213.109.178	attack	Jun 25 20:36:27 debian-2gb-nbg1-2 kernel: \[15368847.714926\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=203.213.109.178 DST=195.201.40.59 LEN=44 TOS=0x00 PREC=0x00 TTL=239 ID=49064 PROTO=TCP SPT=41218 DPT=3322 WINDOW=1024 RES=0x00 SYN URGP=0	2020-06-26 03:23:18
200.116.175.40	attackbotsspam	Jun 25 16:35:49 vps1 sshd[1902252]: Invalid user pdf from 200.116.175.40 port 23278 Jun 25 16:35:51 vps1 sshd[1902252]: Failed password for invalid user pdf from 200.116.175.40 port 23278 ssh2 ...	2020-06-26 03:22:11
134.209.57.3	attack	SSH Login Bruteforce	2020-06-26 03:10:23
95.143.198.100	attack	SSH brute force attempt	2020-06-26 03:09:01
195.154.184.196	attackspam	Jun 25 14:21:37 pornomens sshd\[28171\]: Invalid user linuxtest from 195.154.184.196 port 51684 Jun 25 14:21:37 pornomens sshd\[28171\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=195.154.184.196 Jun 25 14:21:39 pornomens sshd\[28171\]: Failed password for invalid user linuxtest from 195.154.184.196 port 51684 ssh2 ...	2020-06-26 03:33:15
45.248.71.169	attack	3x Failed Password	2020-06-26 03:44:05
115.112.62.85	attackspam	Jun 25 21:49:37 ift sshd\[19718\]: Failed password for root from 115.112.62.85 port 7135 ssh2Jun 25 21:51:51 ift sshd\[20161\]: Invalid user bdm from 115.112.62.85Jun 25 21:51:53 ift sshd\[20161\]: Failed password for invalid user bdm from 115.112.62.85 port 14988 ssh2Jun 25 21:54:11 ift sshd\[20380\]: Invalid user vaibhav from 115.112.62.85Jun 25 21:54:13 ift sshd\[20380\]: Failed password for invalid user vaibhav from 115.112.62.85 port 12472 ssh2 ...	2020-06-26 03:38:03
104.170.186.79	spam	try to login to the account	2020-06-26 03:10:11
113.104.240.193	attackbots	20 attempts against mh-ssh on soil	2020-06-26 03:08:37

最近上报的IP列表

171.249.132.110	123.13.153.224	180.69.116.193	81.131.94.50
80.182.234.190	94.51.194.150	80.211.87.63	23.89.101.130
42.55.17.215	202.252.184.64	1.131.49.92	104.155.36.113
78.222.57.83	86.106.82.49	114.39.54.137	118.169.42.208
193.178.51.119	149.200.195.210	178.128.212.51	185.81.153.124