65.49.20.66 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: United States

Internet Service Provider: The Shadow Server Foundation

Hostname: unknown

Organization: unknown

Usage Type: Commercial

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Aug 21 04:54:28 l03 sshd[2154]: Invalid user from 65.49.20.66 port 6604 ...	2020-08-21 16:24:06
attackspam	Unauthorized connection attempt detected from IP address 65.49.20.66 to port 22 [T]	2020-08-11 19:25:40
attackspam	Aug 7 13:58:48 localhost sshd[2542995]: Invalid user from 65.49.20.66 port 22952 ...	2020-08-07 12:21:38
attack	MultiHost/MultiPort Probe, Scan, Hack -	2020-08-03 19:35:41
attack	ET CINS Active Threat Intelligence Poor Reputation IP group 64 - port: 22 proto: tcp cat: Misc Attackbytes: 60	2020-07-28 18:14:27
attackspam	Jul 14 22:28:26 Tower sshd[42116]: Connection from 65.49.20.66 port 49298 on 192.168.10.220 port 22 rdomain "" Jul 14 22:28:27 Tower sshd[42116]: Invalid user from 65.49.20.66 port 49298 Jul 14 22:28:31 Tower sshd[42116]: Connection closed by invalid user 65.49.20.66 port 49298 [preauth]	2020-07-15 10:36:11
attackbots	TCP (SYN) 65.49.20.66:36317 -> port 22, len 44	2020-07-11 17:25:59
attack	2020-07-06 UTC: (2x) - (2x)	2020-07-07 19:46:36
attackbotsspam	" "	2020-06-27 17:07:07
attack	SSH Brute-Force reported by Fail2Ban	2020-06-26 14:32:15
attackspambots	Unauthorized connection attempt detected from IP address 65.49.20.66 to port 22	2020-06-24 18:48:00
attackspam	Unauthorized connection attempt detected from IP address 65.49.20.66 to port 22	2020-06-23 16:04:22
attack	Unauthorized connection attempt detected from IP address 65.49.20.66 to port 22	2020-06-21 13:43:31
attackspam	Unauthorized connection attempt detected from IP address 65.49.20.66 to port 22	2020-06-20 13:23:24
attack	TCP (SYN) 65.49.20.66:51399 -> port 22, len 40	2020-06-19 14:05:54
attackspam	Unauthorized connection attempt detected from IP address 65.49.20.66 to port 22	2020-06-18 12:59:38
attack	...	2020-06-05 19:17:28
attackbotsspam	TCP (SYN) 65.49.20.66:50320 -> port 22, len 44	2020-06-01 17:40:56
attackspambots	Port 22 Scan, PTR: None	2020-05-24 15:58:37
attackspam	Unauthorized connection attempt detected from IP address 65.49.20.66 to port 22	2020-05-04 17:46:24
attackbots	SSH login attempts.	2020-05-03 18:15:54
attack	Unauthorized connection attempt detected from IP address 65.49.20.66 to port 22	2020-05-02 15:55:23
attack	Unauthorized connection attempt detected from IP address 65.49.20.66 to port 22	2020-03-19 18:35:59
attackbots	SSH brute force	2019-12-06 01:43:02

Comments on same subnet:

IP	Type	Details	Datetime
65.49.20.78	botsattack	Compromised IP	2025-01-28 22:48:38
65.49.20.67	botsattackproxy	Redis bot	2024-04-23 21:05:33
65.49.20.118	attackproxy	VPN fraud	2023-06-12 13:45:52
65.49.20.110	proxy	VPN fraud	2023-06-06 12:43:08
65.49.20.101	proxy	VPN fraud	2023-06-01 16:00:58
65.49.20.107	proxy	VPN fraud	2023-05-29 12:59:34
65.49.20.100	proxy	VPN fraud	2023-05-22 12:53:45
65.49.20.114	proxy	VPN fraud	2023-04-07 13:32:29
65.49.20.124	proxy	VPN fraud	2023-04-03 13:08:01
65.49.20.105	proxy	VPN fraud	2023-03-16 13:52:13
65.49.20.123	proxy	VPN fraud	2023-03-09 14:09:02
65.49.20.90	proxy	VPN scan	2023-02-20 14:00:04
65.49.20.119	proxy	VPN fraud	2023-02-14 20:08:26
65.49.20.106	proxy	Brute force VPN	2023-02-08 14:01:13
65.49.20.77	proxy	VPN	2023-02-06 13:57:51

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 65.49.20.66
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 40859
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;65.49.20.66.			IN	A

;; AUTHORITY SECTION:
.			485	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019120501 1800 900 604800 86400

;; Query time: 177 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Dec 06 01:42:59 CST 2019
;; MSG SIZE  rcvd: 115

Host info

Host 66.20.49.65.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 66.20.49.65.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
106.12.120.207	attackbots	Mar 24 00:02:52 itv-usvr-01 sshd[31917]: Invalid user rails from 106.12.120.207 Mar 24 00:02:52 itv-usvr-01 sshd[31917]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.120.207 Mar 24 00:02:52 itv-usvr-01 sshd[31917]: Invalid user rails from 106.12.120.207 Mar 24 00:02:54 itv-usvr-01 sshd[31917]: Failed password for invalid user rails from 106.12.120.207 port 54465 ssh2 Mar 24 00:04:20 itv-usvr-01 sshd[31988]: Invalid user yn from 106.12.120.207	2020-03-28 03:50:03
106.12.148.201	attack	Mar 27 19:32:53 ks10 sshd[1012841]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.148.201 Mar 27 19:32:55 ks10 sshd[1012841]: Failed password for invalid user nabesima from 106.12.148.201 port 42332 ssh2 ...	2020-03-28 03:36:55
51.15.58.168	attack	Mar 27 20:07:06 vpn01 sshd[17864]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.15.58.168 Mar 27 20:07:08 vpn01 sshd[17864]: Failed password for invalid user mwd from 51.15.58.168 port 60482 ssh2 ...	2020-03-28 03:52:00
193.56.28.90	attackbots	Mar 27 20:51:12 host postfix/smtpd[24879]: warning: unknown[193.56.28.90]: SASL LOGIN authentication failed: authentication failure Mar 27 20:51:12 host postfix/smtpd[24879]: warning: unknown[193.56.28.90]: SASL LOGIN authentication failed: authentication failure Mar 27 20:51:12 host postfix/smtpd[24879]: warning: unknown[193.56.28.90]: SASL LOGIN authentication failed: authentication failure Mar 27 20:51:12 host postfix/smtpd[24879]: warning: unknown[193.56.28.90]: SASL LOGIN authentication failed: authentication failure Mar 27 20:51:12 host postfix/smtpd[24879]: warning: unknown[193.56.28.90]: SASL LOGIN authentication failed: authentication failure ...	2020-03-28 03:56:46
104.248.209.204	attackspambots	20 attempts against mh-ssh on echoip	2020-03-28 04:07:25
106.12.109.33	attack	Mar 27 20:49:37 ift sshd\[32851\]: Invalid user xzs from 106.12.109.33Mar 27 20:49:39 ift sshd\[32851\]: Failed password for invalid user xzs from 106.12.109.33 port 53520 ssh2Mar 27 20:51:06 ift sshd\[33403\]: Invalid user sirvine from 106.12.109.33Mar 27 20:51:09 ift sshd\[33403\]: Failed password for invalid user sirvine from 106.12.109.33 port 56982 ssh2Mar 27 20:57:05 ift sshd\[34063\]: Invalid user wgb from 106.12.109.33 ...	2020-03-28 03:53:38
106.12.15.230	attackbots	2020-03-27T19:45:28.503550librenms sshd[31148]: Invalid user xhchen from 106.12.15.230 port 45312 2020-03-27T19:45:30.415657librenms sshd[31148]: Failed password for invalid user xhchen from 106.12.15.230 port 45312 ssh2 2020-03-27T19:54:13.983931librenms sshd[31694]: Invalid user jsl from 106.12.15.230 port 51286 ...	2020-03-28 03:35:55
5.188.86.216	attack	SSH login attempts.	2020-03-28 03:39:15
36.83.101.29	attack	1585312149 - 03/27/2020 13:29:09 Host: 36.83.101.29/36.83.101.29 Port: 445 TCP Blocked	2020-03-28 04:10:35
104.250.105.131	attackbotsspam	Mar 26 19:14:38 itv-usvr-01 sshd[17027]: Invalid user dalton from 104.250.105.131 Mar 26 19:14:38 itv-usvr-01 sshd[17027]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.250.105.131 Mar 26 19:14:38 itv-usvr-01 sshd[17027]: Invalid user dalton from 104.250.105.131 Mar 26 19:14:41 itv-usvr-01 sshd[17027]: Failed password for invalid user dalton from 104.250.105.131 port 52808 ssh2 Mar 26 19:22:00 itv-usvr-01 sshd[17314]: Invalid user kiet from 104.250.105.131	2020-03-28 03:59:35
218.4.240.42	attackbotsspam	port scan and connect, tcp 1433 (ms-sql-s)	2020-03-28 03:39:37
65.49.20.67	attack	SSH login attempts.	2020-03-28 03:45:25
178.62.107.141	attackspam	SSH login attempts.	2020-03-28 04:11:27
192.241.155.88	attackspam	$f2bV_matches	2020-03-28 03:52:43
46.101.224.184	attackbotsspam	Invalid user qj from 46.101.224.184 port 38076	2020-03-28 04:00:44

Recently Reported IPs

190.167.66.149	40.83.170.197	201.90.40.1	65.96.144.205
190.75.145.221	45.117.82.93	89.184.9.78	94.158.37.115
180.247.181.222	58.57.104.6	94.29.126.69	36.228.3.124
46.34.200.230	41.89.198.253	182.216.155.154	42.112.148.142
2.82.194.73	190.207.4.174	93.174.53.150	1.193.21.178