65.49.20.68 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): United States

运营商(isp): The Shadow Server Foundation

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Commercial

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspam	Port 22 Scan, PTR: None	2020-08-27 14:42:12
attackbotsspam	2020-08-24 UTC: (2x) - (2x)	2020-08-25 18:12:36
attack	Icarus honeypot on github	2020-08-13 16:22:04
attackspam	Aug 11 23:55:43 mail sshd\[4287\]: Invalid user from 65.49.20.68 ...	2020-08-12 15:12:03
attack	Unauthorized connection attempt detected from IP address 65.49.20.68 to port 22	2020-07-29 15:29:52
attackspambots	Unauthorized connection attempt detected from IP address 65.49.20.68 to port 22	2020-07-26 14:04:14
attackbots	Unauthorized connection attempt detected from IP address 65.49.20.68 to port 22	2020-07-17 18:51:53
attackspam	Unauthorized connection attempt detected from IP address 65.49.20.68 to port 22	2020-07-12 15:12:28
attackspam	Unauthorized connection attempt detected from IP address 65.49.20.68 to port 22 [T]	2020-07-10 15:59:59
attackspambots	Unauthorized connection attempt detected from IP address 65.49.20.68 to port 22	2020-07-08 18:08:45
attack	SSH login attempts.	2020-07-05 19:46:18
attackbotsspam	Unauthorized connection attempt detected from IP address 65.49.20.68 to port 22	2020-06-30 14:07:36
attackspambots	TCP (SYN) 65.49.20.68:47098 -> port 22, len 44	2020-06-29 14:37:06
attack	SSHD brute force attack detected by fail2ban	2020-06-28 12:06:09
attackspam	Unauthorized connection attempt detected from IP address 65.49.20.68 to port 22	2020-06-22 14:47:36
attack	Unauthorized connection attempt detected from IP address 65.49.20.68 to port 22	2020-06-20 15:55:59
attackbotsspam	Unauthorized connection attempt detected from IP address 65.49.20.68 to port 22	2020-06-14 12:34:04
attackbots		2020-06-07 15:39:33
attackspambots	UDP 65.49.20.68:39830 -> port 443, len 1258	2020-05-31 17:45:51
attack	[portscan] tcp/22 [SSH] *(RWIN=65535)(05271018)	2020-05-27 16:11:21
attackbots	Unauthorized connection attempt detected from IP address 65.49.20.68 to port 2260	2020-05-15 16:57:29
attackbots	Unauthorized connection attempt detected from IP address 65.49.20.68 to port 22	2020-05-07 14:07:20
attackbots	Unauthorized connection attempt detected from IP address 65.49.20.68 to port 22	2020-05-06 17:54:51
attackspam	SSH brute-force attempt	2020-04-16 13:08:10
attack	2020-03-08T00:57:43.614Z CLOSE host=65.49.20.68 port=65106 fd=4 time=20.016 bytes=21 ...	2020-03-13 02:14:52

相同子网IP讨论:

IP	类型	评论内容	时间
65.49.20.78	botsattack	Compromised IP	2025-01-28 22:48:38
65.49.20.67	botsattackproxy	Redis bot	2024-04-23 21:05:33
65.49.20.118	attackproxy	VPN fraud	2023-06-12 13:45:52
65.49.20.110	proxy	VPN fraud	2023-06-06 12:43:08
65.49.20.101	proxy	VPN fraud	2023-06-01 16:00:58
65.49.20.107	proxy	VPN fraud	2023-05-29 12:59:34
65.49.20.100	proxy	VPN fraud	2023-05-22 12:53:45
65.49.20.114	proxy	VPN fraud	2023-04-07 13:32:29
65.49.20.124	proxy	VPN fraud	2023-04-03 13:08:01
65.49.20.105	proxy	VPN fraud	2023-03-16 13:52:13
65.49.20.123	proxy	VPN fraud	2023-03-09 14:09:02
65.49.20.90	proxy	VPN scan	2023-02-20 14:00:04
65.49.20.119	proxy	VPN fraud	2023-02-14 20:08:26
65.49.20.106	proxy	Brute force VPN	2023-02-08 14:01:13
65.49.20.77	proxy	VPN	2023-02-06 13:57:51

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 65.49.20.68
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 13737
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;65.49.20.68.			IN	A

;; AUTHORITY SECTION:
.			544	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020021202 1800 900 604800 86400

;; Query time: 109 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Feb 13 09:23:31 CST 2020
;; MSG SIZE  rcvd: 115

HOST信息:

Host 68.20.49.65.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 68.20.49.65.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
120.14.161.58	attack	Unauthorised access (Oct 2) SRC=120.14.161.58 LEN=40 TTL=49 ID=60423 TCP DPT=8080 WINDOW=39603 SYN	2019-10-02 08:34:44
134.209.62.13	attack	loopsrockreggae.com 134.209.62.13 \[01/Oct/2019:23:00:38 +0200\] "POST /wp-login.php HTTP/1.1" 200 5615 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" loopsrockreggae.com 134.209.62.13 \[01/Oct/2019:23:00:40 +0200\] "POST /wp-login.php HTTP/1.1" 200 5583 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0"	2019-10-02 09:09:39
124.133.246.162	attack	Oct 2 02:00:59 vpn01 sshd[28450]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.133.246.162 Oct 2 02:01:00 vpn01 sshd[28450]: Failed password for invalid user user from 124.133.246.162 port 60625 ssh2 ...	2019-10-02 08:45:39
117.102.118.122	attack	Unauthorized connection attempt from IP address 117.102.118.122 on Port 445(SMB)	2019-10-02 08:26:43
114.24.147.36	attackspam	Unauthorized connection attempt from IP address 114.24.147.36 on Port 445(SMB)	2019-10-02 08:50:10
190.131.203.90	attack	Unauthorized connection attempt from IP address 190.131.203.90 on Port 445(SMB)	2019-10-02 08:43:59
208.102.113.11	attack	SSH Bruteforce	2019-10-02 08:58:46
35.237.229.122	attack	Oct 2 00:23:26 lnxmysql61 sshd[25287]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=35.237.229.122	2019-10-02 08:28:16
139.155.26.38	attackspambots	Oct 1 21:00:41 localhost sshd\[2097\]: Invalid user servercsgo from 139.155.26.38 port 39402 Oct 1 21:00:41 localhost sshd\[2097\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.26.38 Oct 1 21:00:44 localhost sshd\[2097\]: Failed password for invalid user servercsgo from 139.155.26.38 port 39402 ssh2 ...	2019-10-02 09:04:44
35.224.107.125	attackspambots	Automatic report - XMLRPC Attack	2019-10-02 08:30:34
49.255.179.216	attack	Oct 2 02:06:48 microserver sshd[47534]: Invalid user gitlab from 49.255.179.216 port 44666 Oct 2 02:06:48 microserver sshd[47534]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.255.179.216 Oct 2 02:06:50 microserver sshd[47534]: Failed password for invalid user gitlab from 49.255.179.216 port 44666 ssh2 Oct 2 02:12:02 microserver sshd[48219]: Invalid user swadmin from 49.255.179.216 port 56464 Oct 2 02:12:02 microserver sshd[48219]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.255.179.216 Oct 2 02:22:15 microserver sshd[49561]: Invalid user apagar from 49.255.179.216 port 51822 Oct 2 02:22:15 microserver sshd[49561]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.255.179.216 Oct 2 02:22:17 microserver sshd[49561]: Failed password for invalid user apagar from 49.255.179.216 port 51822 ssh2 Oct 2 02:27:28 microserver sshd[50228]: pam_unix(sshd:auth): authentication fail	2019-10-02 08:40:14
187.178.77.146	attackbotsspam	Automatic report - Port Scan Attack	2019-10-02 08:32:09
169.197.97.34	attack	Oct 2 02:12:19 rotator sshd\[12059\]: Failed password for root from 169.197.97.34 port 41922 ssh2Oct 2 02:12:21 rotator sshd\[12059\]: Failed password for root from 169.197.97.34 port 41922 ssh2Oct 2 02:12:24 rotator sshd\[12059\]: Failed password for root from 169.197.97.34 port 41922 ssh2Oct 2 02:12:26 rotator sshd\[12059\]: Failed password for root from 169.197.97.34 port 41922 ssh2Oct 2 02:12:29 rotator sshd\[12059\]: Failed password for root from 169.197.97.34 port 41922 ssh2Oct 2 02:12:31 rotator sshd\[12059\]: Failed password for root from 169.197.97.34 port 41922 ssh2 ...	2019-10-02 08:57:13
153.35.93.7	attackbots	Oct 2 02:03:33 microserver sshd[46958]: Invalid user oracle from 153.35.93.7 port 34107 Oct 2 02:03:33 microserver sshd[46958]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=153.35.93.7 Oct 2 02:03:35 microserver sshd[46958]: Failed password for invalid user oracle from 153.35.93.7 port 34107 ssh2 Oct 2 02:07:52 microserver sshd[47586]: Invalid user e from 153.35.93.7 port 11606 Oct 2 02:07:52 microserver sshd[47586]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=153.35.93.7 Oct 2 02:20:31 microserver sshd[49450]: Invalid user db2fenc2 from 153.35.93.7 port 57071 Oct 2 02:20:31 microserver sshd[49450]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=153.35.93.7 Oct 2 02:20:33 microserver sshd[49450]: Failed password for invalid user db2fenc2 from 153.35.93.7 port 57071 ssh2 Oct 2 02:24:55 microserver sshd[49709]: Invalid user test from 153.35.93.7 port 34570 Oct 2 02:24:55 micr	2019-10-02 08:59:37
118.70.190.188	attackbots	Oct 2 06:15:26 areeb-Workstation sshd[22268]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.70.190.188 Oct 2 06:15:28 areeb-Workstation sshd[22268]: Failed password for invalid user temp from 118.70.190.188 port 50492 ssh2 ...	2019-10-02 08:55:41

最近上报的IP列表

24.92.154.190	59.115.124.149	36.67.95.243	81.201.61.136
143.132.193.129	154.193.168.141	151.101.94.94	201.208.253.223
236.231.24.87	129.219.10.42	21.58.244.12	103.70.135.6
141.100.167.167	118.99.65.6	212.10.241.181	207.236.5.53
123.143.157.158	129.146.174.219	35.237.4.74	52.35.92.243