65.49.20.71 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: United States

Internet Service Provider: The Shadow Server Foundation

Hostname: unknown

Organization: unknown

Usage Type: Commercial

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	1579006888 - 01/14/2020 14:01:28 Host: 65.49.20.71/65.49.20.71 Port: 443 UDP Blocked	2020-01-15 00:47:03
attackspambots	[portscan] tcp/22 [SSH] *(RWIN=65535)(12251243)	2019-12-25 21:41:44

Comments on same subnet:

IP	Type	Details	Datetime
65.49.20.78	botsattack	Compromised IP	2025-01-28 22:48:38
65.49.20.67	botsattackproxy	Redis bot	2024-04-23 21:05:33
65.49.20.118	attackproxy	VPN fraud	2023-06-12 13:45:52
65.49.20.110	proxy	VPN fraud	2023-06-06 12:43:08
65.49.20.101	proxy	VPN fraud	2023-06-01 16:00:58
65.49.20.107	proxy	VPN fraud	2023-05-29 12:59:34
65.49.20.100	proxy	VPN fraud	2023-05-22 12:53:45
65.49.20.114	proxy	VPN fraud	2023-04-07 13:32:29
65.49.20.124	proxy	VPN fraud	2023-04-03 13:08:01
65.49.20.105	proxy	VPN fraud	2023-03-16 13:52:13
65.49.20.123	proxy	VPN fraud	2023-03-09 14:09:02
65.49.20.90	proxy	VPN scan	2023-02-20 14:00:04
65.49.20.119	proxy	VPN fraud	2023-02-14 20:08:26
65.49.20.106	proxy	Brute force VPN	2023-02-08 14:01:13
65.49.20.77	proxy	VPN	2023-02-06 13:57:51

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 65.49.20.71
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 41544
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;65.49.20.71.			IN	A

;; AUTHORITY SECTION:
.			173	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019122500 1800 900 604800 86400

;; Query time: 37 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Dec 25 21:41:38 CST 2019
;; MSG SIZE  rcvd: 115

Host info

Host 71.20.49.65.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 71.20.49.65.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
36.80.235.234	attackspam	Honeypot attack, port: 81, PTR: PTR record not found	2019-10-28 15:55:21
69.171.73.9	attack	Oct 28 07:00:57 work-partkepr sshd\[29369\]: Invalid user jboss from 69.171.73.9 port 49518 Oct 28 07:00:57 work-partkepr sshd\[29369\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=69.171.73.9 ...	2019-10-28 16:13:22
104.238.110.15	attack	Automatic report - XMLRPC Attack	2019-10-28 16:23:58
37.9.169.13	attackbots	Automatic report - Banned IP Access	2019-10-28 16:11:37
39.74.132.160	attackbotsspam	Honeypot attack, port: 23, PTR: PTR record not found	2019-10-28 16:13:42
111.123.65.88	attackbots	Unauthorised access (Oct 28) SRC=111.123.65.88 LEN=40 TOS=0x10 PREC=0x40 TTL=50 ID=2952 TCP DPT=23 WINDOW=60672 SYN	2019-10-28 16:24:31
51.254.204.190	attackspambots	Oct 28 05:46:52 www5 sshd\[22889\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.254.204.190 user=root Oct 28 05:46:54 www5 sshd\[22889\]: Failed password for root from 51.254.204.190 port 43538 ssh2 Oct 28 05:50:27 www5 sshd\[23707\]: Invalid user test0 from 51.254.204.190 Oct 28 05:50:27 www5 sshd\[23707\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.254.204.190 ...	2019-10-28 16:26:24
182.53.227.164	attackbots	445/tcp [2019-10-28]1pkt	2019-10-28 16:13:56
88.129.208.35	attackspambots	Honeypot attack, port: 23, PTR: h88-129-208-35.cust.a3fiber.se.	2019-10-28 16:02:08
132.232.7.197	attackspambots	Oct 28 06:55:09 pornomens sshd\[25930\]: Invalid user 123@asdQWE from 132.232.7.197 port 34540 Oct 28 06:55:09 pornomens sshd\[25930\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=132.232.7.197 Oct 28 06:55:12 pornomens sshd\[25930\]: Failed password for invalid user 123@asdQWE from 132.232.7.197 port 34540 ssh2 ...	2019-10-28 16:24:59
85.53.231.161	attack	23/tcp [2019-10-28]1pkt	2019-10-28 16:04:53
92.83.7.122	attackbotsspam	85/tcp [2019-10-28]1pkt	2019-10-28 16:05:54
211.232.39.8	attack	Oct 28 07:47:49 localhost sshd\[34898\]: Invalid user maroon from 211.232.39.8 port 21486 Oct 28 07:47:49 localhost sshd\[34898\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=211.232.39.8 Oct 28 07:47:51 localhost sshd\[34898\]: Failed password for invalid user maroon from 211.232.39.8 port 21486 ssh2 Oct 28 07:52:15 localhost sshd\[35042\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=211.232.39.8 user=root Oct 28 07:52:18 localhost sshd\[35042\]: Failed password for root from 211.232.39.8 port 61162 ssh2 ...	2019-10-28 15:59:47
184.30.210.217	attack	10/28/2019-08:42:59.521321 184.30.210.217 Protocol: 6 SURICATA TLS invalid record/traffic	2019-10-28 15:52:21
51.68.143.28	attack	Oct 27 20:03:13 hpm sshd\[3175\]: Invalid user zole from 51.68.143.28 Oct 27 20:03:13 hpm sshd\[3175\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=28.ip-51-68-143.eu Oct 27 20:03:15 hpm sshd\[3175\]: Failed password for invalid user zole from 51.68.143.28 port 57264 ssh2 Oct 27 20:07:12 hpm sshd\[3500\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=28.ip-51-68-143.eu user=root Oct 27 20:07:13 hpm sshd\[3500\]: Failed password for root from 51.68.143.28 port 39098 ssh2	2019-10-28 16:05:37

Recently Reported IPs

121.122.108.227	87.11.192.69	111.88.246.121	77.237.177.210
36.122.111.37	63.81.87.116	150.120.221.207	34.92.123.255
4.191.154.38	218.31.161.253	29.68.118.24	136.80.78.103
15.51.39.78	217.183.241.17	132.162.120.74	128.0.129.192
94.221.143.52	3.135.235.115	150.228.85.202	112.242.158.240