65.49.20.92 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: United States

Internet Service Provider: The Shadow Server Foundation

Hostname: unknown

Organization: unknown

Usage Type: Commercial

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspambots	443/udp 22/tcp 5683/udp... [2020-05-29/07-19]9pkt,1pt.(tcp),2pt.(udp)	2020-07-20 06:45:11

Comments on same subnet:

IP	Type	Details	Datetime
65.49.20.78	botsattack	Compromised IP	2025-01-28 22:48:38
65.49.20.67	botsattackproxy	Redis bot	2024-04-23 21:05:33
65.49.20.118	attackproxy	VPN fraud	2023-06-12 13:45:52
65.49.20.110	proxy	VPN fraud	2023-06-06 12:43:08
65.49.20.101	proxy	VPN fraud	2023-06-01 16:00:58
65.49.20.107	proxy	VPN fraud	2023-05-29 12:59:34
65.49.20.100	proxy	VPN fraud	2023-05-22 12:53:45
65.49.20.114	proxy	VPN fraud	2023-04-07 13:32:29
65.49.20.124	proxy	VPN fraud	2023-04-03 13:08:01
65.49.20.105	proxy	VPN fraud	2023-03-16 13:52:13
65.49.20.123	proxy	VPN fraud	2023-03-09 14:09:02
65.49.20.90	proxy	VPN scan	2023-02-20 14:00:04
65.49.20.119	proxy	VPN fraud	2023-02-14 20:08:26
65.49.20.106	proxy	Brute force VPN	2023-02-08 14:01:13
65.49.20.77	proxy	VPN	2023-02-06 13:57:51

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 65.49.20.92
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 41174
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;65.49.20.92.			IN	A

;; AUTHORITY SECTION:
.			550	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020071901 1800 900 604800 86400

;; Query time: 85 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Jul 20 06:45:08 CST 2020
;; MSG SIZE  rcvd: 115

Host info

Host 92.20.49.65.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 92.20.49.65.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
200.53.19.204	attackspam	2019-08-15T01:30:58.266938MailD postfix/smtpd[4086]: NOQUEUE: reject: RCPT from 200-53-19-204.acessoline.net.br[200.53.19.204]: 554 5.7.1 Service unavailable; Client host [200.53.19.204] blocked using bl.spamcop.net; Blocked - see https://www.spamcop.net/bl.shtml?200.53.19.204; from= to= proto=ESMTP helo=<200-53-19-204.acessoline.net.br> 2019-08-15T01:30:59.261761MailD postfix/smtpd[4086]: NOQUEUE: reject: RCPT from 200-53-19-204.acessoline.net.br[200.53.19.204]: 554 5.7.1 Service unavailable; Client host [200.53.19.204] blocked using bl.spamcop.net; Blocked - see https://www.spamcop.net/bl.shtml?200.53.19.204; from= to= proto=ESMTP helo=<200-53-19-204.acessoline.net.br> 2019-08-15T01:31:00.119640MailD postfix/smtpd[4086]: NOQUEUE: reject: RCPT from 200-53-19-204.acessoline.net.br[200.53.19.204]: 554 5.7.1 Service unavailable; Client host [200.53.19.204] blocked using bl.spamcop.net; Blocked - see	2019-08-15 11:19:52
47.92.31.50	attackspam	Aug 15 00:35:03 django sshd[37214]: Invalid user web from 47.92.31.50 Aug 15 00:35:03 django sshd[37214]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=47.92.31.50 Aug 15 00:35:05 django sshd[37214]: Failed password for invalid user web from 47.92.31.50 port 49350 ssh2 Aug 15 00:35:05 django sshd[37215]: Received disconnect from 47.92.31.50: 11: Bye Bye Aug 15 00:47:13 django sshd[38688]: Invalid user tom from 47.92.31.50 Aug 15 00:47:13 django sshd[38688]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=47.92.31.50 Aug 15 00:47:15 django sshd[38688]: Failed password for invalid user tom from 47.92.31.50 port 39774 ssh2 Aug 15 00:47:15 django sshd[38689]: Received disconnect from 47.92.31.50: 11: Bye Bye Aug 15 00:48:14 django sshd[38931]: Invalid user cloud from 47.92.31.50 Aug 15 00:48:14 django sshd[38931]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh rus........ -------------------------------	2019-08-15 11:21:21
116.196.115.33	attackspambots	Aug 15 06:33:01 server sshd\[4811\]: Invalid user jupyter from 116.196.115.33 port 58834 Aug 15 06:33:01 server sshd\[4811\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.196.115.33 Aug 15 06:33:04 server sshd\[4811\]: Failed password for invalid user jupyter from 116.196.115.33 port 58834 ssh2 Aug 15 06:37:17 server sshd\[9029\]: Invalid user john from 116.196.115.33 port 43014 Aug 15 06:37:17 server sshd\[9029\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.196.115.33	2019-08-15 11:42:52
167.114.152.139	attackspambots	Aug 15 05:12:33 SilenceServices sshd[6983]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.114.152.139 Aug 15 05:12:35 SilenceServices sshd[6983]: Failed password for invalid user cod4 from 167.114.152.139 port 38726 ssh2 Aug 15 05:18:12 SilenceServices sshd[11532]: Failed password for root from 167.114.152.139 port 59316 ssh2	2019-08-15 11:28:56
138.197.145.26	attackspam	Aug 15 05:48:27 www sshd\[23215\]: Invalid user git from 138.197.145.26Aug 15 05:48:29 www sshd\[23215\]: Failed password for invalid user git from 138.197.145.26 port 45480 ssh2Aug 15 05:53:06 www sshd\[23373\]: Invalid user taiwan from 138.197.145.26 ...	2019-08-15 11:09:22
119.197.77.52	attack	Aug 15 04:56:53 SilenceServices sshd[27060]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.197.77.52 Aug 15 04:56:55 SilenceServices sshd[27060]: Failed password for invalid user contact from 119.197.77.52 port 45606 ssh2 Aug 15 05:02:18 SilenceServices sshd[31529]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.197.77.52	2019-08-15 11:06:13
5.114.38.30	attack	Unauthorized connection attempt from IP address 5.114.38.30 on Port 445(SMB)	2019-08-15 11:49:21
203.150.140.31	attack	Unauthorized connection attempt from IP address 203.150.140.31 on Port 445(SMB)	2019-08-15 11:45:18
96.225.44.58	attackspambots	Unauthorized connection attempt from IP address 96.225.44.58 on Port 445(SMB)	2019-08-15 11:44:05
178.17.166.150	attack	Automatic report - Banned IP Access	2019-08-15 11:50:22
186.192.163.26	attack	Unauthorized connection attempt from IP address 186.192.163.26 on Port 445(SMB)	2019-08-15 11:16:35
94.28.28.7	attack	Unauthorized connection attempt from IP address 94.28.28.7 on Port 445(SMB)	2019-08-15 11:27:35
218.92.0.204	attackbots	Aug 15 05:30:50 mail sshd\[18486\]: Failed password for root from 218.92.0.204 port 28116 ssh2 Aug 15 05:30:52 mail sshd\[18486\]: Failed password for root from 218.92.0.204 port 28116 ssh2 Aug 15 05:30:54 mail sshd\[18486\]: Failed password for root from 218.92.0.204 port 28116 ssh2 Aug 15 05:33:50 mail sshd\[18696\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.204 user=root Aug 15 05:33:51 mail sshd\[18696\]: Failed password for root from 218.92.0.204 port 13969 ssh2	2019-08-15 11:41:06
162.243.145.98	attack	Unauthorized connection attempt from IP address 162.243.145.98 on Port 3389(RDP)	2019-08-15 11:23:05
213.135.78.237	attackspambots	Splunk® : port scan detected: Aug 14 21:25:12 testbed kernel: Firewall: TCP_IN Blocked IN=eth0 OUT= MAC=82:c6:52:d1:6e:53:c0:42:d0:39:2c:30:08:00 SRC=213.135.78.237 DST=104.248.11.191 LEN=40 TOS=0x00 PREC=0x00 TTL=244 ID=54321 PROTO=TCP SPT=59304 DPT=1542 WINDOW=65535 RES=0x00 SYN URGP=0	2019-08-15 11:19:35

Recently Reported IPs

97.239.3.191	211.241.242.230	173.24.54.134	87.52.101.240
91.183.190.118	182.108.250.42	71.255.0.122	201.151.75.62
159.89.160.31	126.203.61.12	67.108.17.120	78.208.236.60
70.226.210.170	27.208.254.144	64.234.52.225	99.254.41.158
47.33.196.137	44.220.40.0	50.99.21.17	12.235.88.69