65.49.20.72 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: United States

Internet Service Provider: The Shadow Server Foundation

Hostname: unknown

Organization: unknown

Usage Type: Commercial

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	SSH break in attempt ...	2020-09-20 22:38:13
attack	SSH break in attempt ...	2020-09-20 14:28:45
attackbotsspam	Found on CINS badguys / proto=17 . srcport=45231 . dstport=443 . (2306)	2020-09-20 06:28:32

Comments on same subnet:

IP	Type	Details	Datetime
65.49.20.78	botsattack	Compromised IP	2025-01-28 22:48:38
65.49.20.67	botsattackproxy	Redis bot	2024-04-23 21:05:33
65.49.20.118	attackproxy	VPN fraud	2023-06-12 13:45:52
65.49.20.110	proxy	VPN fraud	2023-06-06 12:43:08
65.49.20.101	proxy	VPN fraud	2023-06-01 16:00:58
65.49.20.107	proxy	VPN fraud	2023-05-29 12:59:34
65.49.20.100	proxy	VPN fraud	2023-05-22 12:53:45
65.49.20.114	proxy	VPN fraud	2023-04-07 13:32:29
65.49.20.124	proxy	VPN fraud	2023-04-03 13:08:01
65.49.20.105	proxy	VPN fraud	2023-03-16 13:52:13
65.49.20.123	proxy	VPN fraud	2023-03-09 14:09:02
65.49.20.90	proxy	VPN scan	2023-02-20 14:00:04
65.49.20.119	proxy	VPN fraud	2023-02-14 20:08:26
65.49.20.106	proxy	Brute force VPN	2023-02-08 14:01:13
65.49.20.77	proxy	VPN	2023-02-06 13:57:51

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 65.49.20.72
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 38451
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;65.49.20.72.			IN	A

;; AUTHORITY SECTION:
.			239	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019111701 1800 900 604800 86400

;; Query time: 93 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Nov 18 06:37:24 CST 2019
;; MSG SIZE  rcvd: 115

Host info

Host 72.20.49.65.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 72.20.49.65.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
62.235.138.54	attackspam	unauthorized connection attempt	2020-01-26 17:24:37
112.85.42.174	attackbots	Jan 26 09:56:41 plex sshd[17371]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.174 user=root Jan 26 09:56:43 plex sshd[17371]: Failed password for root from 112.85.42.174 port 44814 ssh2	2020-01-26 17:16:47
110.45.155.101	attack	Unauthorized connection attempt detected from IP address 110.45.155.101 to port 2220 [J]	2020-01-26 17:56:31
139.59.84.111	attack	Unauthorized connection attempt detected from IP address 139.59.84.111 to port 2220 [J]	2020-01-26 17:38:47
190.9.132.186	attackbotsspam	Jan 26 08:39:32 pkdns2 sshd\[7147\]: Invalid user tryton from 190.9.132.186Jan 26 08:39:34 pkdns2 sshd\[7147\]: Failed password for invalid user tryton from 190.9.132.186 port 60970 ssh2Jan 26 08:42:27 pkdns2 sshd\[7326\]: Failed password for root from 190.9.132.186 port 43900 ssh2Jan 26 08:45:13 pkdns2 sshd\[7517\]: Invalid user test from 190.9.132.186Jan 26 08:45:15 pkdns2 sshd\[7517\]: Failed password for invalid user test from 190.9.132.186 port 55061 ssh2Jan 26 08:48:04 pkdns2 sshd\[7674\]: Failed password for backup from 190.9.132.186 port 37990 ssh2 ...	2020-01-26 17:29:27
103.236.115.138	attack	20 attempts against mh-ssh on echoip	2020-01-26 17:29:46
49.88.112.73	attackbots	Jan 26 09:13:00 game-panel sshd[23627]: Failed password for root from 49.88.112.73 port 19973 ssh2 Jan 26 09:13:03 game-panel sshd[23627]: Failed password for root from 49.88.112.73 port 19973 ssh2 Jan 26 09:13:05 game-panel sshd[23627]: Failed password for root from 49.88.112.73 port 19973 ssh2	2020-01-26 17:28:30
152.67.67.89	attackspambots	Unauthorized connection attempt detected from IP address 152.67.67.89 to port 2220 [J]	2020-01-26 17:22:27
202.137.134.215	attack	Jan 26 04:48:33 *** sshd[11104]: Invalid user admin from 202.137.134.215	2020-01-26 17:15:03
52.50.100.140	attack	26.01.2020 05:47:25 - RDP Login Fail Detected by https://www.elinox.de/RDP-Wächter	2020-01-26 17:30:25
45.67.14.179	attackbots	[portscan] tcp/22 [SSH] *(RWIN=65535)(01261133)	2020-01-26 17:49:56
122.166.227.27	attackbotsspam	Jan 26 05:00:43 firewall sshd[5832]: Invalid user tiger from 122.166.227.27 Jan 26 05:00:46 firewall sshd[5832]: Failed password for invalid user tiger from 122.166.227.27 port 48826 ssh2 Jan 26 05:04:07 firewall sshd[5903]: Invalid user edward from 122.166.227.27 ...	2020-01-26 17:27:03
177.27.218.243	attack	Unauthorized connection attempt detected from IP address 177.27.218.243 to port 2220 [J]	2020-01-26 17:32:45
113.191.41.79	attack	Unauthorized connection attempt detected from IP address 113.191.41.79 to port 22 [J]	2020-01-26 17:39:13
185.4.125.130	attack	Unauthorized connection attempt detected from IP address 185.4.125.130 to port 2220 [J]	2020-01-26 17:45:00

Recently Reported IPs

80.137.117.212	36.110.132.116	74.121.190.26	81.156.12.173
60.198.107.35	197.62.99.102	218.245.5.44	123.148.210.76
77.8.140.231	62.219.50.252	103.253.26.199	87.6.4.61
76.220.214.120	74.66.94.83	125.44.211.175	79.44.247.100
132.219.105.169	185.110.21.165	113.188.10.198	186.244.6.4