65.49.20.68 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): United States

运营商(isp): The Shadow Server Foundation

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Commercial

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspam	Port 22 Scan, PTR: None	2020-08-27 14:42:12
attackbotsspam	2020-08-24 UTC: (2x) - (2x)	2020-08-25 18:12:36
attack	Icarus honeypot on github	2020-08-13 16:22:04
attackspam	Aug 11 23:55:43 mail sshd\[4287\]: Invalid user from 65.49.20.68 ...	2020-08-12 15:12:03
attack	Unauthorized connection attempt detected from IP address 65.49.20.68 to port 22	2020-07-29 15:29:52
attackspambots	Unauthorized connection attempt detected from IP address 65.49.20.68 to port 22	2020-07-26 14:04:14
attackbots	Unauthorized connection attempt detected from IP address 65.49.20.68 to port 22	2020-07-17 18:51:53
attackspam	Unauthorized connection attempt detected from IP address 65.49.20.68 to port 22	2020-07-12 15:12:28
attackspam	Unauthorized connection attempt detected from IP address 65.49.20.68 to port 22 [T]	2020-07-10 15:59:59
attackspambots	Unauthorized connection attempt detected from IP address 65.49.20.68 to port 22	2020-07-08 18:08:45
attack	SSH login attempts.	2020-07-05 19:46:18
attackbotsspam	Unauthorized connection attempt detected from IP address 65.49.20.68 to port 22	2020-06-30 14:07:36
attackspambots	TCP (SYN) 65.49.20.68:47098 -> port 22, len 44	2020-06-29 14:37:06
attack	SSHD brute force attack detected by fail2ban	2020-06-28 12:06:09
attackspam	Unauthorized connection attempt detected from IP address 65.49.20.68 to port 22	2020-06-22 14:47:36
attack	Unauthorized connection attempt detected from IP address 65.49.20.68 to port 22	2020-06-20 15:55:59
attackbotsspam	Unauthorized connection attempt detected from IP address 65.49.20.68 to port 22	2020-06-14 12:34:04
attackbots		2020-06-07 15:39:33
attackspambots	UDP 65.49.20.68:39830 -> port 443, len 1258	2020-05-31 17:45:51
attack	[portscan] tcp/22 [SSH] *(RWIN=65535)(05271018)	2020-05-27 16:11:21
attackbots	Unauthorized connection attempt detected from IP address 65.49.20.68 to port 2260	2020-05-15 16:57:29
attackbots	Unauthorized connection attempt detected from IP address 65.49.20.68 to port 22	2020-05-07 14:07:20
attackbots	Unauthorized connection attempt detected from IP address 65.49.20.68 to port 22	2020-05-06 17:54:51
attackspam	SSH brute-force attempt	2020-04-16 13:08:10
attack	2020-03-08T00:57:43.614Z CLOSE host=65.49.20.68 port=65106 fd=4 time=20.016 bytes=21 ...	2020-03-13 02:14:52

相同子网IP讨论:

IP	类型	评论内容	时间
65.49.20.78	botsattack	Compromised IP	2025-01-28 22:48:38
65.49.20.67	botsattackproxy	Redis bot	2024-04-23 21:05:33
65.49.20.118	attackproxy	VPN fraud	2023-06-12 13:45:52
65.49.20.110	proxy	VPN fraud	2023-06-06 12:43:08
65.49.20.101	proxy	VPN fraud	2023-06-01 16:00:58
65.49.20.107	proxy	VPN fraud	2023-05-29 12:59:34
65.49.20.100	proxy	VPN fraud	2023-05-22 12:53:45
65.49.20.114	proxy	VPN fraud	2023-04-07 13:32:29
65.49.20.124	proxy	VPN fraud	2023-04-03 13:08:01
65.49.20.105	proxy	VPN fraud	2023-03-16 13:52:13
65.49.20.123	proxy	VPN fraud	2023-03-09 14:09:02
65.49.20.90	proxy	VPN scan	2023-02-20 14:00:04
65.49.20.119	proxy	VPN fraud	2023-02-14 20:08:26
65.49.20.106	proxy	Brute force VPN	2023-02-08 14:01:13
65.49.20.77	proxy	VPN	2023-02-06 13:57:51

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 65.49.20.68
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 13737
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;65.49.20.68.			IN	A

;; AUTHORITY SECTION:
.			544	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020021202 1800 900 604800 86400

;; Query time: 109 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Feb 13 09:23:31 CST 2020
;; MSG SIZE  rcvd: 115

HOST信息:

Host 68.20.49.65.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 68.20.49.65.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
175.211.116.230	attack	2019-10-27T04:57:02.399293abusebot-5.cloudsearch.cf sshd\[28266\]: Invalid user bjorn from 175.211.116.230 port 59282	2019-10-27 13:51:06
149.56.44.47	attackbotsspam	detected by Fail2Ban	2019-10-27 13:20:56
103.28.219.171	attack	Oct 27 05:56:35 www sshd\[185506\]: Invalid user skaner from 103.28.219.171 Oct 27 05:56:35 www sshd\[185506\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.28.219.171 Oct 27 05:56:37 www sshd\[185506\]: Failed password for invalid user skaner from 103.28.219.171 port 39322 ssh2 ...	2019-10-27 13:20:33
222.186.175.169	attackspam	2019-10-27T06:24:29.844643lon01.zurich-datacenter.net sshd\[17879\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.169 user=root 2019-10-27T06:24:31.706223lon01.zurich-datacenter.net sshd\[17879\]: Failed password for root from 222.186.175.169 port 28342 ssh2 2019-10-27T06:24:35.387498lon01.zurich-datacenter.net sshd\[17879\]: Failed password for root from 222.186.175.169 port 28342 ssh2 2019-10-27T06:24:40.386040lon01.zurich-datacenter.net sshd\[17879\]: Failed password for root from 222.186.175.169 port 28342 ssh2 2019-10-27T06:24:44.319058lon01.zurich-datacenter.net sshd\[17879\]: Failed password for root from 222.186.175.169 port 28342 ssh2 ...	2019-10-27 13:49:02
188.16.94.117	attack	Chat Spam	2019-10-27 13:26:14
191.6.132.126	attack	postfix	2019-10-27 13:42:30
93.189.221.253	attack	postfix	2019-10-27 13:14:47
123.31.26.113	attack		2019-10-27 13:19:47
182.135.65.186	attack	Oct 27 05:41:14 lnxded64 sshd[31017]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.135.65.186	2019-10-27 13:05:11
118.24.36.247	attackbotsspam	Oct 27 06:04:16 meumeu sshd[21229]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.24.36.247 Oct 27 06:04:18 meumeu sshd[21229]: Failed password for invalid user johnny from 118.24.36.247 port 50310 ssh2 Oct 27 06:10:51 meumeu sshd[26214]: Failed password for root from 118.24.36.247 port 60060 ssh2 ...	2019-10-27 13:13:01
104.244.72.221	attackbotsspam	detected by Fail2Ban	2019-10-27 13:03:35
69.114.249.69	attackspambots	Oct 27 08:56:24 gw1 sshd[28349]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=69.114.249.69 Oct 27 08:56:26 gw1 sshd[28349]: Failed password for invalid user admin from 69.114.249.69 port 47105 ssh2 ...	2019-10-27 13:29:57
222.186.180.8	attack	pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.180.8 user=root Failed password for root from 222.186.180.8 port 13494 ssh2 Failed password for root from 222.186.180.8 port 13494 ssh2 Failed password for root from 222.186.180.8 port 13494 ssh2 Failed password for root from 222.186.180.8 port 13494 ssh2	2019-10-27 13:55:57
88.119.43.220	attack	MultiHost/MultiPort Probe, Scan, Hack -	2019-10-27 13:26:31
210.5.90.66	attack	Oct 27 00:52:29 firewall sshd[26920]: Invalid user athena from 210.5.90.66 Oct 27 00:52:30 firewall sshd[26920]: Failed password for invalid user athena from 210.5.90.66 port 34352 ssh2 Oct 27 00:57:08 firewall sshd[27153]: Invalid user oi123 from 210.5.90.66 ...	2019-10-27 13:02:39

最近上报的IP列表

24.92.154.190	59.115.124.149	36.67.95.243	81.201.61.136
143.132.193.129	154.193.168.141	151.101.94.94	201.208.253.223
236.231.24.87	129.219.10.42	21.58.244.12	103.70.135.6
141.100.167.167	118.99.65.6	212.10.241.181	207.236.5.53
123.143.157.158	129.146.174.219	35.237.4.74	52.35.92.243