65.49.1.45 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: United States

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
65.49.1.86	attack	Malicious IP	2025-01-23 13:47:09
65.49.1.73	attack	Malicious IP	2024-04-26 17:57:56
65.49.1.71	attackproxy	Apache attacker IP	2024-04-26 17:54:56
65.49.1.18	attack	Malicious IP	2024-04-26 13:11:44
65.49.1.43	attack	Malicious IP / Malware	2024-04-21 02:27:02
65.49.1.96	attack	Malicious IP	2024-04-18 10:59:09
65.49.1.105	attack	Malicious IP	2024-04-18 10:54:53
65.49.194.40	attack	$f2bV_matches	2020-09-05 21:32:31
65.49.194.40	attackbotsspam	$f2bV_matches	2020-09-05 13:09:42
65.49.194.40	attack	Sep 4 16:52:18 IngegnereFirenze sshd[2887]: Failed password for invalid user kali from 65.49.194.40 port 40966 ssh2 ...	2020-09-05 05:56:44
65.49.10.98	attackbotsspam	Unauthorized connection attempt from IP address 65.49.10.98 on Port 445(SMB)	2020-08-23 07:08:13
65.49.194.252	attackspam	Aug 16 19:18:19 hidden sshd[34564]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=65.49.194.252 user=root Aug 16 19:18:22 hidden sshd[34564]: Failed password for hidden from 65.49.194.252 port 56850 ssh2 Aug 16 19:24:43 hidden sshd[35404]: Invalid user shuchang from 65.49.194.252 port 40882	2020-08-17 01:42:11
65.49.194.40	attack	Aug 12 23:54:40 Tower sshd[24904]: Connection from 65.49.194.40 port 56424 on 192.168.10.220 port 22 rdomain "" Aug 12 23:54:44 Tower sshd[24904]: Failed password for root from 65.49.194.40 port 56424 ssh2 Aug 12 23:54:44 Tower sshd[24904]: Received disconnect from 65.49.194.40 port 56424:11: Bye Bye [preauth] Aug 12 23:54:44 Tower sshd[24904]: Disconnected from authenticating user root 65.49.194.40 port 56424 [preauth]	2020-08-13 13:48:18
65.49.194.252	attackspambots	Aug 7 06:50:26 cosmoit sshd[19221]: Failed password for root from 65.49.194.252 port 54836 ssh2	2020-08-07 19:16:01
65.49.137.131	attack	Aug 6 11:25:34 rush sshd[12104]: Failed password for root from 65.49.137.131 port 40028 ssh2 Aug 6 11:29:59 rush sshd[12197]: Failed password for root from 65.49.137.131 port 52052 ssh2 ...	2020-08-06 19:36:45

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 65.49.1.45
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 33785
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;65.49.1.45.			IN	A

;; AUTHORITY SECTION:
.			30	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2025050902 1800 900 604800 86400

;; Query time: 11 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat May 10 10:00:31 CST 2025
;; MSG SIZE  rcvd: 103

Host info

45.1.49.65.in-addr.arpa is an alias for 45.0-24.1.49.65.in-addr.arpa.
45.0-24.1.49.65.in-addr.arpa domain name pointer scan-54h.shadowserver.org.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
45.1.49.65.in-addr.arpa	canonical name = 45.0-24.1.49.65.in-addr.arpa.
45.0-24.1.49.65.in-addr.arpa	name = scan-54h.shadowserver.org.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
119.29.195.187	attack	$f2bV_matches	2020-06-13 14:15:40
139.99.40.44	attack	Invalid user server from 139.99.40.44 port 39946	2020-06-13 14:12:53
191.254.144.70	attackbots	1592021381 - 06/13/2020 06:09:41 Host: 191.254.144.70/191.254.144.70 Port: 445 TCP Blocked	2020-06-13 14:28:25
189.207.108.219	attack	Automatic report - Port Scan Attack	2020-06-13 14:19:16
46.101.128.31	attack	TCP (SYN) 46.101.128.31:49373 -> port 8080, len 44	2020-06-13 14:05:11
103.104.127.6	attack	1592021391 - 06/13/2020 06:09:51 Host: 103.104.127.6/103.104.127.6 Port: 445 TCP Blocked	2020-06-13 14:18:53
112.35.62.225	attackspambots	$f2bV_matches	2020-06-13 14:43:00
138.68.242.220	attackbots	Jun 13 05:10:14 jumpserver sshd[64866]: Failed password for invalid user trung from 138.68.242.220 port 59204 ssh2 Jun 13 05:13:32 jumpserver sshd[64950]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.242.220 user=root Jun 13 05:13:34 jumpserver sshd[64950]: Failed password for root from 138.68.242.220 port 33788 ssh2 ...	2020-06-13 14:18:26
139.199.26.219	attackspambots	2020-06-13T05:23:14.580070server.espacesoutien.com sshd[11566]: Invalid user costel from 139.199.26.219 port 59728 2020-06-13T05:23:14.595183server.espacesoutien.com sshd[11566]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.26.219 2020-06-13T05:23:14.580070server.espacesoutien.com sshd[11566]: Invalid user costel from 139.199.26.219 port 59728 2020-06-13T05:23:16.654096server.espacesoutien.com sshd[11566]: Failed password for invalid user costel from 139.199.26.219 port 59728 ssh2 ...	2020-06-13 14:05:42
62.171.144.195	attackspam	[2020-06-13 01:59:21] NOTICE[1273] chan_sip.c: Registration from '' failed for '62.171.144.195:47657' - Wrong password [2020-06-13 01:59:21] SECURITY[1288] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2020-06-13T01:59:21.781-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="sip",SessionID="0x7f31c018ea98",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/62.171.144.195/47657",Challenge="334f9d55",ReceivedChallenge="334f9d55",ReceivedHash="1a284c99f6d5ae9792b2012354ca8b56" [2020-06-13 02:04:02] NOTICE[1273] chan_sip.c: Registration from '' failed for '62.171.144.195:52898' - Wrong password [2020-06-13 02:04:02] SECURITY[1288] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2020-06-13T02:04:02.382-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="asd",SessionID="0x7f31c018ea98",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/62.171.144.195/5 ...	2020-06-13 14:05:55
95.169.6.47	attack	Jun 13 07:42:42 OPSO sshd\[24059\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=95.169.6.47 user=root Jun 13 07:42:44 OPSO sshd\[24059\]: Failed password for root from 95.169.6.47 port 43596 ssh2 Jun 13 07:47:18 OPSO sshd\[24771\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=95.169.6.47 user=root Jun 13 07:47:19 OPSO sshd\[24771\]: Failed password for root from 95.169.6.47 port 45774 ssh2 Jun 13 07:51:55 OPSO sshd\[25754\]: Invalid user litong from 95.169.6.47 port 47876 Jun 13 07:51:55 OPSO sshd\[25754\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=95.169.6.47	2020-06-13 14:17:35
83.9.116.22	attack	Jun 13 08:05:12 server sshd[2190]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=83.9.116.22 Jun 13 08:05:15 server sshd[2190]: Failed password for invalid user rocha from 83.9.116.22 port 60512 ssh2 Jun 13 08:09:18 server sshd[2733]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=83.9.116.22 ...	2020-06-13 14:13:22
148.102.17.19	attackbots	Jun 13 06:04:41 pornomens sshd\[18901\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.102.17.19 user=root Jun 13 06:04:44 pornomens sshd\[18901\]: Failed password for root from 148.102.17.19 port 45383 ssh2 Jun 13 06:09:33 pornomens sshd\[18995\]: Invalid user test from 148.102.17.19 port 36486 Jun 13 06:09:33 pornomens sshd\[18995\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.102.17.19 ...	2020-06-13 14:42:30
206.189.200.15	attackspambots	Jun 13 07:10:18 vpn01 sshd[10423]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=206.189.200.15 Jun 13 07:10:19 vpn01 sshd[10423]: Failed password for invalid user idc925111 from 206.189.200.15 port 44626 ssh2 ...	2020-06-13 14:16:00
222.186.173.154	attack	Jun 13 02:18:35 NPSTNNYC01T sshd[11983]: Failed password for root from 222.186.173.154 port 29684 ssh2 Jun 13 02:18:49 NPSTNNYC01T sshd[11983]: error: maximum authentication attempts exceeded for root from 222.186.173.154 port 29684 ssh2 [preauth] Jun 13 02:18:56 NPSTNNYC01T sshd[12024]: Failed password for root from 222.186.173.154 port 38494 ssh2 ...	2020-06-13 14:38:44

Recently Reported IPs

65.49.1.50	65.49.1.39	39.103.158.106	59.58.207.40
58.214.57.30	39.163.62.154	20.12.240.74	183.253.91.48
183.209.229.157	124.238.20.4	123.52.158.167	112.22.10.112
111.166.157.51	110.181.135.185	64.46.76.98	175.213.43.38
135.237.123.204	10.216.19.227	124.198.131.136	113.215.188.243