65.49.20.68 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): United States

运营商(isp): The Shadow Server Foundation

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Commercial

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspam	Port 22 Scan, PTR: None	2020-08-27 14:42:12
attackbotsspam	2020-08-24 UTC: (2x) - (2x)	2020-08-25 18:12:36
attack	Icarus honeypot on github	2020-08-13 16:22:04
attackspam	Aug 11 23:55:43 mail sshd\[4287\]: Invalid user from 65.49.20.68 ...	2020-08-12 15:12:03
attack	Unauthorized connection attempt detected from IP address 65.49.20.68 to port 22	2020-07-29 15:29:52
attackspambots	Unauthorized connection attempt detected from IP address 65.49.20.68 to port 22	2020-07-26 14:04:14
attackbots	Unauthorized connection attempt detected from IP address 65.49.20.68 to port 22	2020-07-17 18:51:53
attackspam	Unauthorized connection attempt detected from IP address 65.49.20.68 to port 22	2020-07-12 15:12:28
attackspam	Unauthorized connection attempt detected from IP address 65.49.20.68 to port 22 [T]	2020-07-10 15:59:59
attackspambots	Unauthorized connection attempt detected from IP address 65.49.20.68 to port 22	2020-07-08 18:08:45
attack	SSH login attempts.	2020-07-05 19:46:18
attackbotsspam	Unauthorized connection attempt detected from IP address 65.49.20.68 to port 22	2020-06-30 14:07:36
attackspambots	TCP (SYN) 65.49.20.68:47098 -> port 22, len 44	2020-06-29 14:37:06
attack	SSHD brute force attack detected by fail2ban	2020-06-28 12:06:09
attackspam	Unauthorized connection attempt detected from IP address 65.49.20.68 to port 22	2020-06-22 14:47:36
attack	Unauthorized connection attempt detected from IP address 65.49.20.68 to port 22	2020-06-20 15:55:59
attackbotsspam	Unauthorized connection attempt detected from IP address 65.49.20.68 to port 22	2020-06-14 12:34:04
attackbots		2020-06-07 15:39:33
attackspambots	UDP 65.49.20.68:39830 -> port 443, len 1258	2020-05-31 17:45:51
attack	[portscan] tcp/22 [SSH] *(RWIN=65535)(05271018)	2020-05-27 16:11:21
attackbots	Unauthorized connection attempt detected from IP address 65.49.20.68 to port 2260	2020-05-15 16:57:29
attackbots	Unauthorized connection attempt detected from IP address 65.49.20.68 to port 22	2020-05-07 14:07:20
attackbots	Unauthorized connection attempt detected from IP address 65.49.20.68 to port 22	2020-05-06 17:54:51
attackspam	SSH brute-force attempt	2020-04-16 13:08:10
attack	2020-03-08T00:57:43.614Z CLOSE host=65.49.20.68 port=65106 fd=4 time=20.016 bytes=21 ...	2020-03-13 02:14:52

相同子网IP讨论:

IP	类型	评论内容	时间
65.49.20.78	botsattack	Compromised IP	2025-01-28 22:48:38
65.49.20.67	botsattackproxy	Redis bot	2024-04-23 21:05:33
65.49.20.118	attackproxy	VPN fraud	2023-06-12 13:45:52
65.49.20.110	proxy	VPN fraud	2023-06-06 12:43:08
65.49.20.101	proxy	VPN fraud	2023-06-01 16:00:58
65.49.20.107	proxy	VPN fraud	2023-05-29 12:59:34
65.49.20.100	proxy	VPN fraud	2023-05-22 12:53:45
65.49.20.114	proxy	VPN fraud	2023-04-07 13:32:29
65.49.20.124	proxy	VPN fraud	2023-04-03 13:08:01
65.49.20.105	proxy	VPN fraud	2023-03-16 13:52:13
65.49.20.123	proxy	VPN fraud	2023-03-09 14:09:02
65.49.20.90	proxy	VPN scan	2023-02-20 14:00:04
65.49.20.119	proxy	VPN fraud	2023-02-14 20:08:26
65.49.20.106	proxy	Brute force VPN	2023-02-08 14:01:13
65.49.20.77	proxy	VPN	2023-02-06 13:57:51

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 65.49.20.68
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 13737
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;65.49.20.68.			IN	A

;; AUTHORITY SECTION:
.			544	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020021202 1800 900 604800 86400

;; Query time: 109 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Feb 13 09:23:31 CST 2020
;; MSG SIZE  rcvd: 115

HOST信息:

Host 68.20.49.65.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 68.20.49.65.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
192.207.62.237	attackspam	192.207.62.237 has been banned for [spam] ...	2019-09-17 02:34:12
182.23.65.116	attackspambots	[SMB remote code execution attempt: port tcp/445] [scan/connect: 3 time(s)] *(RWIN=8192)(09161116)	2019-09-17 02:50:02
212.0.149.87	attack	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-09-16 11:02:43,062 INFO [shellcode_manager] (212.0.149.87) no match, writing hexdump (06cb1cdc794ded1faa9f8ed0bf4f6df0 :10711) - SMB (Unknown)	2019-09-17 02:45:49
112.85.42.237	attack	2019-09-16T18:18:21.742914abusebot-2.cloudsearch.cf sshd\[26413\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.237 user=root	2019-09-17 02:31:17
122.70.153.229	attack	Sep 16 18:19:18 saschabauer sshd[23002]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.70.153.229 Sep 16 18:19:20 saschabauer sshd[23002]: Failed password for invalid user deploy from 122.70.153.229 port 39512 ssh2	2019-09-17 02:18:21
185.153.197.11	normal	Terraria Server v1.3.5.3 Listening on port 7777 Type 'help' for a list of commands. : 185.153.197.71:12455 is connecting... 185.153.197.71:12455 is connecting... 185.153.197.71:13444 is connecting... 185.153.197.71:13444 is connecting... Exception normal: Tried to send data to a client after losing connection Exception normal: Tried to send data to a client after losing connection 185.153.197.71:19011 is connecting... 185.153.197.71:19011 is connecting... Exception normal: Tried to send data to a client after losing connection	2019-09-17 02:21:31
115.49.107.61	attackbotsspam	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/115.49.107.61/ CN - 1H : (337) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : CN NAME ASN : ASN4837 IP : 115.49.107.61 CIDR : 115.48.0.0/12 PREFIX COUNT : 1262 UNIQUE IP COUNT : 56665856 WYKRYTE ATAKI Z ASN4837 : 1H - 5 3H - 8 6H - 23 12H - 48 24H - 88 INFO : SYN Flood DDoS Attack Denial-of-Service Attack (DoS) Detected and Blocked by ADMIN - data recovery	2019-09-17 02:34:44
213.97.127.122	attackspam	[SMB remote code execution attempt: port tcp/445] *(RWIN=8192)(09161116)	2019-09-17 02:45:19
94.28.234.105	attackspambots	Automatic report - Port Scan Attack	2019-09-17 02:55:18
5.45.73.74	attackspambots	Sep 16 12:24:21 [munged] sshd[4430]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.45.73.74	2019-09-17 02:17:34
198.108.67.55	attackbotsspam	[portscan] tcp/26 [tcp/26] *(RWIN=1024)(09161116)	2019-09-17 02:48:06
150.129.63.20	attack	[SMB remote code execution attempt: port tcp/445] *(RWIN=1024)(09161116)	2019-09-17 02:51:50
91.165.142.97	attackspambots	[portscan] tcp/23 [TELNET] *(RWIN=3673)(09161116)	2019-09-17 02:42:23
185.153.197.11	normal	Terraria Server v1.3.5.3 Listening on port 7777 Type 'help' for a list of commands. : : : 185.153.197.71:12455 is connecting... 185.153.197.71:12455 is connecting... 185.153.197.71:13444 is connecting... 185.153.197.71:13444 is connecting... Exception normal: Tried to send data to a client after losing connection Exception normal: Tried to send data to a client after losing connection 185.153.197.71:19011 is connecting... 185.153.197.71:19011 is connecting... Exception normal: Tried to send data to a client after losing connection	2019-09-17 02:20:49
207.6.1.11	attack	$f2bV_matches	2019-09-17 02:36:29

最近上报的IP列表

24.92.154.190	59.115.124.149	36.67.95.243	81.201.61.136
143.132.193.129	154.193.168.141	151.101.94.94	201.208.253.223
236.231.24.87	129.219.10.42	21.58.244.12	103.70.135.6
141.100.167.167	118.99.65.6	212.10.241.181	207.236.5.53
123.143.157.158	129.146.174.219	35.237.4.74	52.35.92.243