65.49.20.96 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): United States

运营商(isp): The Shadow Server Foundation

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Commercial

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspam	443/udp 22/tcp 22/tcp [2020-07-26/09-24]3pkt	2020-09-25 01:19:28
attackspambots	Found on Github Combined on 3 lists / proto=17 . srcport=53042 . dstport=443 . (2875)	2020-09-24 16:57:36
attack	Port 22 Scan, PTR: None	2020-08-17 16:11:33
attackspambots	[portscan] tcp/22 [SSH] *(RWIN=65535)(04301449)	2020-05-01 00:23:21
attackspam	" "	2019-12-21 13:32:27

相同子网IP讨论:

IP	类型	评论内容	时间
65.49.20.78	botsattack	Compromised IP	2025-01-28 22:48:38
65.49.20.67	botsattackproxy	Redis bot	2024-04-23 21:05:33
65.49.20.118	attackproxy	VPN fraud	2023-06-12 13:45:52
65.49.20.110	proxy	VPN fraud	2023-06-06 12:43:08
65.49.20.101	proxy	VPN fraud	2023-06-01 16:00:58
65.49.20.107	proxy	VPN fraud	2023-05-29 12:59:34
65.49.20.100	proxy	VPN fraud	2023-05-22 12:53:45
65.49.20.114	proxy	VPN fraud	2023-04-07 13:32:29
65.49.20.124	proxy	VPN fraud	2023-04-03 13:08:01
65.49.20.105	proxy	VPN fraud	2023-03-16 13:52:13
65.49.20.123	proxy	VPN fraud	2023-03-09 14:09:02
65.49.20.90	proxy	VPN scan	2023-02-20 14:00:04
65.49.20.119	proxy	VPN fraud	2023-02-14 20:08:26
65.49.20.106	proxy	Brute force VPN	2023-02-08 14:01:13
65.49.20.77	proxy	VPN	2023-02-06 13:57:51

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 65.49.20.96
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 26493
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;65.49.20.96.			IN	A

;; AUTHORITY SECTION:
.			131	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019122002 1800 900 604800 86400

;; Query time: 114 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Dec 21 13:32:24 CST 2019
;; MSG SIZE  rcvd: 115

HOST信息:

Host 96.20.49.65.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 96.20.49.65.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
178.62.214.85	attackbots	Sep 4 08:15:16 eddieflores sshd\[11352\]: Invalid user postgres from 178.62.214.85 Sep 4 08:15:16 eddieflores sshd\[11352\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.62.214.85 Sep 4 08:15:17 eddieflores sshd\[11352\]: Failed password for invalid user postgres from 178.62.214.85 port 55795 ssh2 Sep 4 08:19:53 eddieflores sshd\[11729\]: Invalid user asif from 178.62.214.85 Sep 4 08:19:53 eddieflores sshd\[11729\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.62.214.85	2019-09-05 02:23:14
177.64.148.162	attackspam	DATE:2019-09-04 18:35:31, IP:177.64.148.162, PORT:ssh SSH brute force auth (ermes)	2019-09-05 02:46:41
49.247.207.56	attackspam	Sep 4 20:16:42 yabzik sshd[22184]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.247.207.56 Sep 4 20:16:45 yabzik sshd[22184]: Failed password for invalid user michal from 49.247.207.56 port 50982 ssh2 Sep 4 20:21:43 yabzik sshd[23923]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.247.207.56	2019-09-05 02:58:59
113.22.213.202	attackbotsspam	Sep 4 20:50:58 ubuntu-2gb-nbg1-dc3-1 sshd[3902]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=113.22.213.202 Sep 4 20:51:00 ubuntu-2gb-nbg1-dc3-1 sshd[3902]: Failed password for invalid user ftpuser from 113.22.213.202 port 25766 ssh2 ...	2019-09-05 02:52:20
171.246.244.199	attackbots	Automatic report - Port Scan Attack	2019-09-05 02:34:49
106.39.87.236	attack	Sep 4 03:38:00 lcdev sshd\[1518\]: Invalid user razor from 106.39.87.236 Sep 4 03:38:00 lcdev sshd\[1518\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.39.87.236 Sep 4 03:38:03 lcdev sshd\[1518\]: Failed password for invalid user razor from 106.39.87.236 port 45264 ssh2 Sep 4 03:44:10 lcdev sshd\[2200\]: Invalid user lucie from 106.39.87.236 Sep 4 03:44:10 lcdev sshd\[2200\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.39.87.236	2019-09-05 02:36:59
178.128.100.70	attack	Sep 4 14:40:18 mail sshd\[15400\]: Failed password for invalid user xm from 178.128.100.70 port 58412 ssh2 Sep 4 14:56:16 mail sshd\[15638\]: Invalid user jboss from 178.128.100.70 port 53446 Sep 4 14:56:16 mail sshd\[15638\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.128.100.70 ...	2019-09-05 02:18:32
45.82.153.37	attack	Sep 4 18:19:37 mail postfix/smtpd\[1936\]: warning: unknown\[45.82.153.37\]: SASL PLAIN authentication failed: \ Sep 4 19:09:22 mail postfix/smtpd\[3943\]: warning: unknown\[45.82.153.37\]: SASL PLAIN authentication failed: \ Sep 4 19:09:32 mail postfix/smtpd\[3402\]: warning: unknown\[45.82.153.37\]: SASL PLAIN authentication failed: \ Sep 4 19:57:36 mail postfix/smtpd\[4954\]: warning: unknown\[45.82.153.37\]: SASL PLAIN authentication failed: \	2019-09-05 02:20:29
190.210.247.106	attackspambots	Sep 4 08:12:23 sachi sshd\[10360\]: Invalid user leopolda from 190.210.247.106 Sep 4 08:12:23 sachi sshd\[10360\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.210.247.106 Sep 4 08:12:25 sachi sshd\[10360\]: Failed password for invalid user leopolda from 190.210.247.106 port 37786 ssh2 Sep 4 08:17:36 sachi sshd\[10846\]: Invalid user hank from 190.210.247.106 Sep 4 08:17:36 sachi sshd\[10846\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.210.247.106	2019-09-05 02:22:41
54.37.68.66	attack	Automated report - ssh fail2ban: Sep 4 17:14:11 authentication failure Sep 4 17:14:13 wrong password, user=tina, port=43118, ssh2 Sep 4 17:18:10 authentication failure	2019-09-05 02:37:33
80.82.77.86	attackspambots	04.09.2019 17:00:10 Connection to port 32771 blocked by firewall	2019-09-05 02:56:57
178.62.33.38	attackbots	$f2bV_matches	2019-09-05 03:03:41
139.199.6.107	attack	Sep 4 08:43:12 kapalua sshd\[23869\]: Invalid user smceachern from 139.199.6.107 Sep 4 08:43:12 kapalua sshd\[23869\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.6.107 Sep 4 08:43:15 kapalua sshd\[23869\]: Failed password for invalid user smceachern from 139.199.6.107 port 56171 ssh2 Sep 4 08:48:23 kapalua sshd\[24348\]: Invalid user surya from 139.199.6.107 Sep 4 08:48:23 kapalua sshd\[24348\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.6.107	2019-09-05 02:48:46
106.13.65.210	attackbots	Sep 4 20:25:24 ubuntu-2gb-nbg1-dc3-1 sshd[2020]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.65.210 Sep 4 20:25:26 ubuntu-2gb-nbg1-dc3-1 sshd[2020]: Failed password for invalid user anna from 106.13.65.210 port 50466 ssh2 ...	2019-09-05 02:53:51
77.247.109.72	attackspam	\[2019-09-04 14:44:52\] NOTICE\[1829\] chan_sip.c: Registration from '"5000" \' failed for '77.247.109.72:5142' - Wrong password \[2019-09-04 14:44:52\] SECURITY\[1837\] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2019-09-04T14:44:52.537-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="5000",SessionID="0x7f7b302cefa8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/77.247.109.72/5142",Challenge="2aa19fee",ReceivedChallenge="2aa19fee",ReceivedHash="7a886d765c318973fbd9c9c79fb2de92" \[2019-09-04 14:44:52\] NOTICE\[1829\] chan_sip.c: Registration from '"5000" \' failed for '77.247.109.72:5142' - Wrong password \[2019-09-04 14:44:52\] SECURITY\[1837\] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2019-09-04T14:44:52.735-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="5000",SessionID="0x7f7b30484c18",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UD	2019-09-05 02:57:47

最近上报的IP列表

114.41.163.106	78.188.96.34	14.187.124.9	121.154.209.29
188.162.65.236	162.244.81.158	220.132.206.142	125.161.130.249
74.208.89.251	49.207.128.96	172.104.99.217	144.94.135.169
153.19.12.18	111.223.166.168	103.80.70.218	54.37.22.169
115.199.96.106	213.118.32.14	195.154.252.48	194.67.195.186