IP Address

65.49.20.69

IPv4 Public
US US
AS6939
HURRICANE
570 Reports
This IP is on the Blacklist High confidence threat - blocking recommended
8/10 Threat
88% Confidence
570 Reports

Threat Intelligence Analysis

AI-generated security assessment based on aggregated threat data

Above Average Risk
US
US Location
HURRICANE ASN 6939
570 Reports
Honeypot Data Source

High Risk

IP 65.49.20.69 is a high-risk address linked to sustained hacking activity, with 540 abuse reports filed against it and a threat level of 8 out of 10. The IP has been under consistent scrutiny since August 2025, with automated honeypot sensors flagging it through June 2026, indicating an ongoing and persistent threat profile rather than isolated malicious behavior.

The address is routed through AS6939, operated by Hurricane Electric in the United States. All 20 of the most recent reports originate from automated honeypot sensors, lending a high confidence score of 88 percent to the assessment. The activity frequency rating of 8 out of 10 and the volume of total reports spanning approximately 11 months confirm this is not opportunistic scanning but sustained, deliberate intrusion activity. The geographic location in the US does not diminish the risk; threat actors frequently route traffic through US-based hosting providers to obfuscate origin and exploit the reputation of major network operators.

Hacking activity as classified here encompasses a broad range of intrusion attempts, including vulnerability scanning, exploitation of unpatched services, and unauthorized access probing. The persistent nature of reports against this IP suggests automated scanning campaigns or coordinated exploitation toolkits operating continuously. For any exposed service, this translates to a concrete risk of credential compromise, data exfiltration, or foothold establishment within a network if defensive controls are absent.

Site operators should block or heavily rate-limit this address at the firewall or network edge to eliminate known malicious traffic. Deploying automated dynamic blocking tools such as fail2ban can further reduce risk by responding to repeated attack patterns without manual intervention. Ensuring all exposed services are actively patched, enforcing strong authentication requirements, and maintaining intrusion detection monitoring will provide defense-in-depth against the exploitation techniques associated with this IP address.

More threatening than 81% of monitored IPs

Threat Categories

Hacking 26
IoT Targeted 2
Exploited Host 1
Port Scan 1

Technical Details

General hacking activity includes various intrusion attempts, exploitation of vulnerabilities, and unauthorized access attempts.

Recommended Mitigations

Keep systems patched, implement intrusion detection, and follow security best practices.

Behavioral Analysis

Activity Pattern: Consistent Activity

Steady malicious activity over 4 weeks indicates persistent threat actor operations.

First Observed 11. May 2026
Last Activity 9. June 2026
Recent (7 days) 29 incidents

Reputable Network

This IP is hosted on a network (ASN 6939) with generally good reputation. The ISP HURRICANE maintains standard security practices.

The malicious activity may represent an isolated compromised system rather than systematic abuse.

Security Recommendations

Long-term blocking recommended.

This analysis is automatically generated from aggregated, anonymized threat intelligence data. No personal information is displayed or stored. Assessment accuracy depends on available data volume and diversity.

Reputation Summary

Threat Level 8/10 High
Critical
Activity Frequency 8/10 High
Confidence Score 88% Verified

Confidence History

2. Jun 2026 - 9. Jun 2026
88% Current
Stable Trend

The confidence score shows the reliability of the threat assessment based on the number and quality of reports.

Security Reports (30)

Date Categories Source Confidence
New Hacking Honeypot 75%
New Hacking Honeypot 75%
New Hacking Honeypot 75%
New Hacking Honeypot 75%
New Hacking Honeypot 75%
New Hacking Honeypot 75%
New Hacking Honeypot 75%
New Hacking Honeypot 75%
Hacking Honeypot 75%
IoT Targeted Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Exploited Host Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
IoT Targeted Honeypot 75%
Port Scan Honeypot 75%
Hacking Honeypot 75%
10 of 570 shown

Technical Details

Basic Information

IP Address
65.49.20.69
IP Version
IPv4
Network Type
Public
Tor Network
No
Network Class
Class A

Geolocation

Country
US US
ASN
AS6939
ISP
HURRICANE

DNS Information

Reverse DNS
scan-20.shadowserver.org
PTR Record
Yes
Connection Type
Static

Statistics

Total Reports
570
First Reported
15 Aug 2025
Last Reported
9 Jun 2026, 04:07

Network Reputation

Analysis of the entire network (ASN) that this IP address belongs to, providing context about the hosting provider and network-wide threat patterns.

Network Identity

AS6939
Hurricane Electric LLC
US US

Network Threat Assessment

1/10
This network appears to be relatively clean with very low threat indicators.

Network Statistics

1,007
Total IPs Monitored
42,571
Total Reports
42.3
Reports per IP

Network Context

This IP address belongs to Hurricane Electric LLC (AS6939), which manages 1,007 IP addresses in our monitoring system. Out of these, 42,571 have been reported for suspicious activities, resulting in a network-wide threat level of 1/10.

Network status: This network appears to be well-maintained with low threat indicators.

Comparative Analysis

How this IP compares to others in our threat intelligence database

81 %

Global Threat Ranking

This IP is more threatening than 81% of all IPs in our database.

High Threat Percentile

Global Comparison

Compared against 199,215 reported IPs worldwide

Threat Level 8/10 avg: 5.3 ++
Total Reports 570 avg: 23 ++

Network Comparison

Compared against 1,034 IPs in ASN 6939

Threat Level 8/10 network avg: 8.1 =
Total Reports 570 network avg: 55 ++
Network HURRICANE has overall threat level 1/10

Geographic Comparison

Compared against 38,421 IPs in US

Threat Level 8/10 country avg: 5.9 +
Total Reports 570 country avg: 41 ++
Indicators:
++ Much Higher + Higher = Similar - Lower -- Much Lower

Geographic Threat Distribution

186,914 threat incidents tracked globally • Last 24h: 18,893 Logs

FEED

Top Threat Sources

  1. 01
    US
    United States US THIS IP
    38,421 20.6%
  2. 02
    IN
    India IN
    28,931 15.5%
  3. 03
    CN
    China CN
    26,004 13.9%
  4. 04
    BR
    Brazil BR
    10,236 5.5%
  5. 05
    DE
    Germany DE
    7,138 3.8%
  6. 06
    SG
    Singapore SG
    6,475 3.5%
  7. 07
    ID
    Indonesia ID
    5,522 3%
  8. 08
    RU
    Russia RU
    4,700 2.5%
  9. 09
    PK
    Pakistan PK
    4,646 2.5%
  10. 10
    NL
    Netherlands NL
    4,354 2.3%

+40 more countries

THREAT LEVEL
LOW MED HIGH

Geographic data is aggregated and anonymized. No personal information displayed.

Map: simplemaps.com (MIT License)

Related IPs

Other IPs associated with this address through network or behavioral similarity

IPs from the same Autonomous System (AS) network provider.

20 Related IPs
9.4/10 Avg Threat
95% Avg Confidence
20 High Threat
High-risk network: Majority of related IPs are flagged
64.62.156.193 10/10
Confidence 96%
Reports 31
Location US US
1 Jun 2026
65.49.1.141 10/10
Confidence 96%
Reports 23
Location US US
7 Jun 2026
65.49.1.32 8/10
Confidence 96%
Reports 19
Location US US
7 Jun 2026
65.49.1.29 10/10
Confidence 96%
Reports 15
Location US US
23 May 2026
64.62.197.102 10/10
Confidence 96%
Reports 14
Location US US
7 Jun 2026
65.49.1.240 10/10
Confidence 95%
Reports 19
Location US US
21 May 2026
65.49.1.94 8/10
Confidence 94%
Reports 358
Location US US
8 Jun 2026
216.218.206.69 8/10
Confidence 94%
Reports 349
Location US US
9 Jun 2026
64.62.197.48 8/10
Confidence 94%
Reports 171
Location US US
9 Jun 2026
216.218.130.76 10/10
Confidence 94%
Reports 37
Location US US
5 May 2026
65.49.1.145 8/10
Confidence 94%
Reports 28
Location US US
3 Jun 2026
64.62.156.124 10/10
Confidence 94%
Reports 28
Location US US
9 Jun 2026
65.49.1.139 10/10
Confidence 94%
Reports 27
Location US US
8 Jun 2026
64.62.156.178 10/10
Confidence 94%
Reports 27
Location US US
6 Jun 2026
64.62.156.198 10/10
Confidence 94%
Reports 26
Location US US
7 Jun 2026
65.49.1.233 10/10
Confidence 94%
Reports 26
Location US US
7 Jun 2026
65.49.1.147 8/10
Confidence 94%
Reports 25
Location US US
26 May 2026
65.49.1.185 10/10
Confidence 94%
Reports 25
Location US US
7 Jun 2026
65.49.1.209 10/10
Confidence 94%
Reports 25
Location US US
2 Jun 2026
65.49.1.12 10/10
Confidence 94%
Reports 25
Location US US
5 Jun 2026

IPs from the same subnet range, likely same network segment.

20 Related IPs
8.9/10 Avg Threat
61% Avg Confidence
20 High Threat
High-risk network: Majority of related IPs are flagged
65.49.20.66 8/10
Confidence 86%
Reports 639
Location US US
9 Jun 2026
65.49.20.67 8/10
Confidence 80%
Reports 784
Location US US
9 Jun 2026
65.49.20.68 8/10
Confidence 77%
Reports 1,070
Location US US
8 Jun 2026
65.49.20.74 10/10
Confidence 73%
Reports 9
Location US US
26 May 2026
65.49.20.97 10/10
Confidence 64%
Reports 16
Location US US
27 Mar 2026
65.49.20.88 8/10
Confidence 61%
Reports 8
Location US US
30 May 2026
65.49.20.105 8/10
Confidence 60%
Reports 8
Location US US
3 Jun 2026
65.49.20.84 8/10
Confidence 58%
Reports 8
Location US US
6 Jun 2026
65.49.20.83 10/10
Confidence 58%
Reports 7
Location US US
28 May 2026
65.49.20.101 8/10
Confidence 57%
Reports 7
Location US US
3 Jun 2026
65.49.20.93 8/10
Confidence 57%
Reports 5
Location US US
3 Jun 2026
65.49.20.100 8/10
Confidence 56%
Reports 9
Location US US
21 Apr 2026
65.49.20.114 10/10
Confidence 56%
Reports 5
Location US US
3 Jun 2026
65.49.20.113 10/10
Confidence 55%
Reports 5
Location US US
29 May 2026
65.49.20.115 10/10
Confidence 54%
Reports 5
Location US US
17 May 2026
65.49.20.76 10/10
Confidence 53%
Reports 5
Location US US
30 May 2026
65.49.20.86 10/10
Confidence 53%
Reports 5
Location US US
4 Jun 2026
65.49.20.73 8/10
Confidence 52%
Reports 4
Location US US
7 Jun 2026
65.49.20.119 10/10
Confidence 51%
Reports 5
Location US US
12 May 2026
65.49.20.72 8/10
Confidence 51%
Reports 5
Location US US
13 May 2026

IPs from the same country with similar threat profiles.

15 Related IPs
8.3/10 Avg Threat
100% Avg Confidence
15 High Threat
High-risk network: Majority of related IPs are flagged
208.109.188.137 8/10
Confidence 100%
Reports 513
ISP GO-DADDY-COM-LLC
9 Jun 2026
50.6.7.129 8/10
Confidence 100%
Reports 447
ISP ORACLE-BMC-31898
22 May 2026
72.167.150.128 8/10
Confidence 100%
Reports 429
ISP GO-DADDY-COM-LLC
27 May 2026
50.6.229.148 8/10
Confidence 100%
Reports 346
ISP ORACLE-BMC-31898
9 May 2026
87.121.84.30 8/10
Confidence 100%
Reports 295
ISP Vpsvault.host Ltd
20 Apr 2026
50.6.226.221 10/10
Confidence 100%
Reports 223
ISP ORACLE-BMC-31898
2 Mar 2026
31.57.184.107 8/10
Confidence 100%
Reports 202
ISP Netiface LLC
3 Jun 2026
64.31.25.250 8/10
Confidence 100%
Reports 176
ISP Limestone Netwo...
8 Jun 2026
74.206.180.196 8/10
Confidence 100%
Reports 143
ISP MOJOHOST
4 Jun 2026
35.226.7.126 8/10
Confidence 100%
Reports 131
ISP Google LLC
18 May 2026
147.135.37.185 8/10
Confidence 100%
Reports 131
ISP OVH SAS
14 May 2026
162.241.152.21 8/10
Confidence 100%
Reports 126
ISP Network Solutio...
8 Jun 2026
38.95.35.74 8/10
Confidence 100%
Reports 112
ISP Limestone Netwo...
2 Jun 2026
50.6.169.131 8/10
Confidence 100%
Reports 106
ISP Network Solutio...
6 Jun 2026
162.214.206.32 10/10
Confidence 100%
Reports 98
ISP Unified Layer
30 May 2026

IPs with similar threat level and confidence scores.

15 Related IPs
8.9/10 Avg Threat
88% Avg Confidence
15 High Threat
High-risk network: Majority of related IPs are flagged
80.94.92.183 10/10
Confidence 88%
Reports 5,389
Location RO RO
18 May 2026
176.65.149.64 10/10
Confidence 88%
Reports 5,346
Location NL NL
9 Jun 2026
178.128.32.203 8/10
Confidence 88%
Reports 4,651
Location GB GB
9 Jun 2026
79.124.59.78 10/10
Confidence 88%
Reports 3,364
Location BG BG
9 Jun 2026
35.240.174.82 10/10
Confidence 88%
Reports 1,724
Location SG SG
31 May 2026
204.76.203.73 10/10
Confidence 88%
Reports 1,724
Location NL NL
26 May 2026
80.94.95.169 8/10
Confidence 88%
Reports 1,001
Location RO RO
24 Apr 2026
106.75.137.178 10/10
Confidence 88%
Reports 973
Location CN CN
9 Jun 2026
185.242.3.100 7/10
Confidence 88%
Reports 791
Location NL NL
13 May 2026
207.90.244.17 8/10
Confidence 88%
Reports 641
Location US US
9 Jun 2026
64.62.156.108 8/10
Confidence 88%
Reports 537
Location US US
9 Jun 2026
93.174.93.12 8/10
Confidence 88%
Reports 506
Location NL NL
9 Jun 2026
167.94.146.56 8/10
Confidence 88%
Reports 504
Location US US
9 Jun 2026
167.94.146.62 10/10
Confidence 88%
Reports 500
Location US US
8 Jun 2026
64.62.197.167 8/10
Confidence 88%
Reports 495
Location US US
9 Jun 2026

Export & Firewall Rules

Download threat data or generate firewall rules to block this IP

JSON Report

Structured data format for integration with security tools and SIEM systems.

{
    "ip_address": "65.49.20.69",
    "threat_level": 8,
    "confidence_score": 88,
    "total_reports": 570,
    "country_code": "US",
    "isp_name": "HURRICANE",
    "asn": "6939",
    "first_reported": "2025-08-15 05:56:00",
    "last_reported": "2026-06-09 04:07:23",
    "exported_at": "2026-06-09T07:00:07+02:00",
    "source": "https://reportedip.de/ip/65.49.20.69/"
}
Download JSON

GDPR Compliant: Exports contain only IP-related threat data. No personal information or reporter details are included.

Analyzed high-risk IP addresses