AbuseIPDB » 65.49.20.68
65.49.20.68 was found in our database!
This IP was reported 42,541 times. Confidence of Abuse is 100%: ?
ISP | The Shadowserver Foundation, Inc. |
---|---|
Usage Type | Fixed Line ISP |
ASN | AS6939 |
Hostname(s) |
68.64-26.20.49.65.in-addr.arpa scan-19.shadowserver.org |
Domain Name | shadowserver.org |
Country |
![]() |
City | San Jose, California |
IP info including ISP, Usage Type, and Location provided by IPInfo. Updated biweekly.
IP Abuse Reports for 65.49.20.68:
This IP address has been reported a total of 42,541 times from 1,046 distinct sources. 65.49.20.68 was first reported on , and the most recent report was .
Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.
Reporter | IoA Timestamp in UTC | Comment | Categories | |
---|---|---|---|---|
![]() |
Port probe to tcp/22 (ssh)
[srv135] |
Port Scan Brute-Force SSH | ||
![]() |
SSH abuse or brute-force attack from 65.49.20.68
|
Brute-Force SSH | ||
![]() |
ThreatBook Intelligence: Zombie,Scanner more details on https://threatbook.io/ip/65.49.20.68
|
SSH | ||
![]() |
Fail2ban picked up 65.49.20.68 attacking nginx
|
Web App Attack | ||
![]() |
[2025-06-24 18:55:41.156644] TELNET/8080 Unautorized connection, Suspicious Mirai Botnet.
|
DDoS Attack Port Scan Hacking Brute-Force IoT Targeted | ||
![]() |
[Birdo SSH Honeypot] SSH login attempt
|
Port Scan Hacking Brute-Force Exploited Host SSH | ||
![]() |
Spam email content, infected attachments, phishing emails and mail login attempts.
|
Phishing Email Spam Brute-Force | ||
![]() |
1750769935 # Service_probe # SIGNATURE_SEND # source_ip:65.49.20.68 # dst_port:1801
... |
Port Scan | ||
![]() |
Port probe to tcp/80 (http)
[srv126] |
Port Scan Bad Web Bot Web App Attack | ||
![]() |
Port probe to tcp/80 (http)
[srv126] |
Port Scan Bad Web Bot Web App Attack | ||
![]() |
SSH bruteforce attempt
|
Brute-Force SSH | ||
![]() |
SSH BruteForce attack
|
SSH | ||
![]() |
|
Web App Attack | ||
![]() |
Automatic report from KMD firewall log.
|
Port Scan Hacking Brute-Force | ||
![]() |
Web vulnerability probing
|
Web App Attack |
Showing 1 to 15 of 42541 reports
Is this your IP? You may request to takedown any associated reports. We will attempt to verify your ownership. Request Takedown 🚩