52.20.159.128 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): United States

运营商(isp): Amazon Technologies Inc.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbots	Unauthorized connection attempt detected from IP address 52.20.159.128 to port 2220 [J]	2020-01-23 23:22:18
attackspam	Unauthorized connection attempt detected from IP address 52.20.159.128 to port 2220 [J]	2020-01-21 23:54:40

相同子网IP讨论:

暂无关于此IP所属子网相关IP的讨论.

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 52.20.159.128
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 1940
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;52.20.159.128.			IN	A

;; AUTHORITY SECTION:
.			509	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020012100 1800 900 604800 86400

;; Query time: 109 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Jan 21 23:54:33 CST 2020
;; MSG SIZE  rcvd: 117

HOST信息:

128.159.20.52.in-addr.arpa domain name pointer ec2-52-20-159-128.compute-1.amazonaws.com.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
128.159.20.52.in-addr.arpa	name = ec2-52-20-159-128.compute-1.amazonaws.com.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
192.81.215.176	attack	Oct 4 02:38:25 sachi sshd\[23279\]: Invalid user abc!@\# from 192.81.215.176 Oct 4 02:38:25 sachi sshd\[23279\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.81.215.176 Oct 4 02:38:27 sachi sshd\[23279\]: Failed password for invalid user abc!@\# from 192.81.215.176 port 55368 ssh2 Oct 4 02:42:25 sachi sshd\[23727\]: Invalid user Impact@2017 from 192.81.215.176 Oct 4 02:42:25 sachi sshd\[23727\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.81.215.176	2019-10-04 23:22:47
139.219.0.29	attackspam	Oct 4 17:24:57 legacy sshd[17092]: Failed password for root from 139.219.0.29 port 49772 ssh2 Oct 4 17:29:46 legacy sshd[17168]: Failed password for root from 139.219.0.29 port 57754 ssh2 ...	2019-10-04 23:59:45
103.225.99.36	attackspam	SSH invalid-user multiple login try	2019-10-04 23:30:30
112.85.42.72	attackspam	Oct 4 18:16:52 pkdns2 sshd\[46733\]: Failed password for root from 112.85.42.72 port 44476 ssh2Oct 4 18:17:30 pkdns2 sshd\[46769\]: Failed password for root from 112.85.42.72 port 11992 ssh2Oct 4 18:18:10 pkdns2 sshd\[46797\]: Failed password for root from 112.85.42.72 port 43543 ssh2Oct 4 18:18:51 pkdns2 sshd\[46804\]: Failed password for root from 112.85.42.72 port 35381 ssh2Oct 4 18:18:54 pkdns2 sshd\[46804\]: Failed password for root from 112.85.42.72 port 35381 ssh2Oct 4 18:18:56 pkdns2 sshd\[46804\]: Failed password for root from 112.85.42.72 port 35381 ssh2 ...	2019-10-04 23:26:11
183.167.205.103	attackspam	[munged]::80 183.167.205.103 - - [04/Oct/2019:14:25:37 +0200] "POST /[munged]: HTTP/1.1" 200 4214 "http://[munged]:/[munged]:" "Mozilla/5.0 (Windows NT 6.1; rv:60.0) Gecko/20100101 Firefox/60.0" [munged]::80 183.167.205.103 - - [04/Oct/2019:14:25:39 +0200] "POST /[munged]: HTTP/1.1" 200 4213 "http://[munged]:/[munged]:" "Mozilla/5.0 (Windows NT 6.1; rv:60.0) Gecko/20100101 Firefox/60.0" [munged]::80 183.167.205.103 - - [04/Oct/2019:14:25:41 +0200] "POST /[munged]: HTTP/1.1" 200 4213 "http://[munged]:/[munged]:" "Mozilla/5.0 (Windows NT 6.1; rv:60.0) Gecko/20100101 Firefox/60.0" [munged]::80 183.167.205.103 - - [04/Oct/2019:14:25:43 +0200] "POST /[munged]: HTTP/1.1" 200 4213 "http://[munged]:/[munged]:" "Mozilla/5.0 (Windows NT 6.1; rv:60.0) Gecko/20100101 Firefox/60.0" [munged]::80 183.167.205.103 - - [04/Oct/2019:14:25:44 +0200] "POST /[munged]: HTTP/1.1" 200 4213 "http://[munged]:/[munged]:" "Mozilla/5.0 (Windows NT 6.1; rv:60.0) Gecko/20100101 Firefox/60.0" [munged]::80 183.167.205.103 - - [04/Oct/2019:14:	2019-10-04 23:44:07
92.118.37.70	attackspam	2x TCP 3389 (RDP) since 2019-10-03 07:10	2019-10-04 23:22:21
198.108.67.40	attack	5443/tcp 3107/tcp 3076/tcp... [2019-08-03/10-03]131pkt,124pt.(tcp)	2019-10-04 23:58:28
198.108.67.39	attackbotsspam	3549/tcp 9091/tcp 2003/tcp... [2019-08-03/10-04]127pkt,117pt.(tcp)	2019-10-04 23:40:08
103.76.252.6	attackspambots	Oct 4 17:09:11 vps691689 sshd[29443]: Failed password for root from 103.76.252.6 port 32065 ssh2 Oct 4 17:14:03 vps691689 sshd[29577]: Failed password for root from 103.76.252.6 port 26754 ssh2 ...	2019-10-04 23:23:14
185.153.198.239	attackspam	Connection by 185.153.198.239 on port: 4444 got caught by honeypot at 10/4/2019 5:26:00 AM	2019-10-04 23:42:46
198.108.67.60	attackbots	3095/tcp 8821/tcp 772/tcp... [2019-08-03/10-04]126pkt,119pt.(tcp)	2019-10-04 23:43:38
5.135.223.35	attack	$f2bV_matches	2019-10-04 23:29:46
222.186.52.89	attack	Oct 4 11:59:43 debian sshd\[2774\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.52.89 user=root Oct 4 11:59:44 debian sshd\[2774\]: Failed password for root from 222.186.52.89 port 34570 ssh2 Oct 4 11:59:47 debian sshd\[2774\]: Failed password for root from 222.186.52.89 port 34570 ssh2 ...	2019-10-05 00:02:58
64.202.187.48	attackbots	Oct 4 04:09:30 friendsofhawaii sshd\[25196\]: Invalid user Electric2017 from 64.202.187.48 Oct 4 04:09:30 friendsofhawaii sshd\[25196\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=64.202.187.48 Oct 4 04:09:31 friendsofhawaii sshd\[25196\]: Failed password for invalid user Electric2017 from 64.202.187.48 port 40842 ssh2 Oct 4 04:13:50 friendsofhawaii sshd\[25535\]: Invalid user Holiday@2017 from 64.202.187.48 Oct 4 04:13:50 friendsofhawaii sshd\[25535\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=64.202.187.48	2019-10-04 23:34:17
101.254.150.102	attackspambots	[Fri Oct 04 14:26:24.220994 2019] [php5:error] [pid 17688] [client 101.254.150.102:32082] script '/data/web/construction/l.php' not found or unable to stat [Fri Oct 04 14:26:24.700971 2019] [php5:error] [pid 17461] [client 101.254.150.102:32323] script '/data/web/construction/phpinfo.php' not found or unable to stat [Fri Oct 04 14:26:25.294678 2019] [php5:error] [pid 7461] [client 101.254.150.102:32418] script '/data/web/construction/test.php' not found or unable to stat	2019-10-04 23:21:36

最近上报的IP列表

206.189.40.248	197.251.188.154	196.219.78.108	193.235.207.92
191.55.166.69	190.181.41.234	183.82.251.206	178.47.186.85
176.95.164.239	170.231.59.92	159.65.133.33	148.66.135.237
129.21.109.48	123.24.15.33	123.21.243.193	123.20.18.183
121.202.46.255	42.84.206.157	62.146.39.201	116.97.234.250