65.49.20.119 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: United States

Internet Service Provider: The Shadow Server Foundation

Hostname: unknown

Organization: unknown

Usage Type: Commercial

Comments:

Make a comment on this IP

Type	Details	Datetime
proxy	VPN fraud	2023-02-14 20:08:26
attackbotsspam	Found on CINS badguys / proto=6 . srcport=52065 . dstport=22 . (1110)	2020-09-18 00:24:52
attackbotsspam	Found on CINS badguys / proto=6 . srcport=52065 . dstport=22 . (1110)	2020-09-17 16:27:51
attack	Found on CINS badguys / proto=6 . srcport=52065 . dstport=22 . (1110)	2020-09-17 07:32:49
attack	firewall-block, port(s): 443/udp	2020-04-21 19:36:23

Comments on same subnet:

IP	Type	Details	Datetime
65.49.20.78	botsattack	Compromised IP	2025-01-28 22:48:38
65.49.20.67	botsattackproxy	Redis bot	2024-04-23 21:05:33
65.49.20.118	attackproxy	VPN fraud	2023-06-12 13:45:52
65.49.20.110	proxy	VPN fraud	2023-06-06 12:43:08
65.49.20.101	proxy	VPN fraud	2023-06-01 16:00:58
65.49.20.107	proxy	VPN fraud	2023-05-29 12:59:34
65.49.20.100	proxy	VPN fraud	2023-05-22 12:53:45
65.49.20.114	proxy	VPN fraud	2023-04-07 13:32:29
65.49.20.124	proxy	VPN fraud	2023-04-03 13:08:01
65.49.20.105	proxy	VPN fraud	2023-03-16 13:52:13
65.49.20.123	proxy	VPN fraud	2023-03-09 14:09:02
65.49.20.90	proxy	VPN scan	2023-02-20 14:00:04
65.49.20.106	proxy	Brute force VPN	2023-02-08 14:01:13
65.49.20.77	proxy	VPN	2023-02-06 13:57:51
65.49.20.81	proxy	VPN	2022-12-27 13:51:59

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 65.49.20.119
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 57121
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;65.49.20.119.			IN	A

;; AUTHORITY SECTION:
.			598	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020042100 1800 900 604800 86400

;; Query time: 103 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Apr 21 19:36:19 CST 2020
;; MSG SIZE  rcvd: 116

Host info

Host 119.20.49.65.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 119.20.49.65.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
185.210.218.206	attackbotsspam	[2020-08-23 03:25:16] NOTICE[1185] chan_sip.c: Registration from '' failed for '185.210.218.206:49811' - Wrong password [2020-08-23 03:25:16] SECURITY[1203] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2020-08-23T03:25:16.786-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="7584",SessionID="0x7f10c43e3a48",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/185.210.218.206/49811",Challenge="73b6e9fb",ReceivedChallenge="73b6e9fb",ReceivedHash="a13da78c01042cdd27a9b4e474a75062" [2020-08-23 03:25:45] NOTICE[1185] chan_sip.c: Registration from '' failed for '185.210.218.206:62002' - Wrong password [2020-08-23 03:25:45] SECURITY[1203] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2020-08-23T03:25:45.340-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="3633",SessionID="0x7f10c43add48",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/185.210 ...	2020-08-23 15:42:05
106.13.201.158	attackbotsspam	Automatic Fail2ban report - Trying login SSH	2020-08-23 15:36:59
222.186.175.169	attackbotsspam	$f2bV_matches	2020-08-23 15:20:20
192.99.149.195	attackbots	192.99.149.195 - - [23/Aug/2020:07:21:37 +0100] "POST /wp-login.php HTTP/1.1" 200 1948 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 192.99.149.195 - - [23/Aug/2020:07:21:38 +0100] "POST /wp-login.php HTTP/1.1" 200 1890 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 192.99.149.195 - - [23/Aug/2020:07:21:39 +0100] "POST /wp-login.php HTTP/1.1" 200 1887 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-08-23 15:29:41
14.99.117.194	attackbotsspam	Too many connections or unauthorized access detected from Arctic banned ip	2020-08-23 15:34:19
111.95.141.34	attack	Aug 23 07:44:49 ajax sshd[12902]: Failed password for root from 111.95.141.34 port 54086 ssh2 Aug 23 07:48:59 ajax sshd[14423]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.95.141.34	2020-08-23 15:09:09
101.32.45.10	attackspam	$f2bV_matches	2020-08-23 15:31:06
164.160.33.164	attackspam	Invalid user israel from 164.160.33.164 port 44818	2020-08-23 15:12:53
89.45.226.116	attack	Invalid user postgres from 89.45.226.116 port 44210	2020-08-23 15:27:42
140.238.8.111	attack	Unauthorised connection attempt detected at AUO NODE 4. System is sshd. Protected by AUO Stack Web Application Firewall (WAF)	2020-08-23 15:36:26
222.186.30.112	attackspam	Aug 23 09:09:20 eventyay sshd[28148]: Failed password for root from 222.186.30.112 port 27859 ssh2 Aug 23 09:09:22 eventyay sshd[28148]: Failed password for root from 222.186.30.112 port 27859 ssh2 Aug 23 09:09:26 eventyay sshd[28148]: Failed password for root from 222.186.30.112 port 27859 ssh2 ...	2020-08-23 15:12:14
103.28.52.84	attackbotsspam	Invalid user admin from 103.28.52.84 port 47886	2020-08-23 15:24:07
193.70.81.132	attack	193.70.81.132 - - [23/Aug/2020:05:51:46 +0200] "GET /wp-login.php HTTP/1.1" 200 8691 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 193.70.81.132 - - [23/Aug/2020:05:51:48 +0200] "POST /wp-login.php HTTP/1.1" 200 8921 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 193.70.81.132 - - [23/Aug/2020:05:51:48 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-08-23 15:21:30
123.55.73.209	attack	Invalid user plex from 123.55.73.209 port 39318	2020-08-23 15:18:04
165.227.35.46	attack	Invalid user it from 165.227.35.46 port 45092	2020-08-23 15:26:57

Recently Reported IPs

1.10.235.7	18.34.250.187	160.134.61.220	233.47.94.204
197.18.146.79	190.87.166.64	211.216.51.179	37.98.192.74
160.161.183.179	237.182.254.156	230.225.138.201	146.193.158.146
171.214.58.49	195.224.109.232	231.22.196.108	26.201.74.198
218.70.19.74	77.40.27.26	36.85.213.132	92.237.234.234