52.20.159.128 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): United States

运营商(isp): Amazon Technologies Inc.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbots	Unauthorized connection attempt detected from IP address 52.20.159.128 to port 2220 [J]	2020-01-23 23:22:18
attackspam	Unauthorized connection attempt detected from IP address 52.20.159.128 to port 2220 [J]	2020-01-21 23:54:40

相同子网IP讨论:

暂无关于此IP所属子网相关IP的讨论.

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 52.20.159.128
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 1940
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;52.20.159.128.			IN	A

;; AUTHORITY SECTION:
.			509	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020012100 1800 900 604800 86400

;; Query time: 109 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Jan 21 23:54:33 CST 2020
;; MSG SIZE  rcvd: 117

HOST信息:

128.159.20.52.in-addr.arpa domain name pointer ec2-52-20-159-128.compute-1.amazonaws.com.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
128.159.20.52.in-addr.arpa	name = ec2-52-20-159-128.compute-1.amazonaws.com.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
218.92.0.173	attackspambots	Dec 4 20:33:07 SilenceServices sshd[3022]: Failed password for root from 218.92.0.173 port 14046 ssh2 Dec 4 20:33:11 SilenceServices sshd[3022]: Failed password for root from 218.92.0.173 port 14046 ssh2 Dec 4 20:33:21 SilenceServices sshd[3022]: error: maximum authentication attempts exceeded for root from 218.92.0.173 port 14046 ssh2 [preauth]	2019-12-05 03:39:10
182.254.184.247	attack	Repeated brute force against a port	2019-12-05 03:24:44
202.75.207.106	attackbotsspam	firewall-block, port(s): 445/tcp	2019-12-05 03:24:30
139.155.50.40	attackspam	Lines containing failures of 139.155.50.40 Dec 2 19:52:12 shared10 sshd[19989]: Invalid user larine from 139.155.50.40 port 43908 Dec 2 19:52:12 shared10 sshd[19989]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.50.40 Dec 2 19:52:14 shared10 sshd[19989]: Failed password for invalid user larine from 139.155.50.40 port 43908 ssh2 Dec 2 19:52:14 shared10 sshd[19989]: Received disconnect from 139.155.50.40 port 43908:11: Bye Bye [preauth] Dec 2 19:52:14 shared10 sshd[19989]: Disconnected from invalid user larine 139.155.50.40 port 43908 [preauth] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=139.155.50.40	2019-12-05 03:39:57
222.186.180.8	attackbots	Dec 4 20:28:46 vps691689 sshd[31201]: Failed password for root from 222.186.180.8 port 56078 ssh2 Dec 4 20:29:00 vps691689 sshd[31201]: error: maximum authentication attempts exceeded for root from 222.186.180.8 port 56078 ssh2 [preauth] ...	2019-12-05 03:35:29
124.156.13.156	attack	Dec 4 20:21:23 vps666546 sshd\[24082\]: Invalid user don from 124.156.13.156 port 47660 Dec 4 20:21:23 vps666546 sshd\[24082\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.156.13.156 Dec 4 20:21:25 vps666546 sshd\[24082\]: Failed password for invalid user don from 124.156.13.156 port 47660 ssh2 Dec 4 20:28:18 vps666546 sshd\[24397\]: Invalid user popd from 124.156.13.156 port 39943 Dec 4 20:28:18 vps666546 sshd\[24397\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.156.13.156 ...	2019-12-05 03:33:21
120.92.123.150	attackbotsspam	Automatic report - Banned IP Access	2019-12-05 03:19:01
176.109.168.61	attackbotsspam	" "	2019-12-05 03:18:33
188.166.13.11	attack	20 attempts against mh-ssh on echoip.magehost.pro	2019-12-05 03:44:19
94.191.87.254	attackbotsspam	Dec 4 14:40:33 ny01 sshd[18502]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=94.191.87.254 Dec 4 14:40:36 ny01 sshd[18502]: Failed password for invalid user test from 94.191.87.254 port 49464 ssh2 Dec 4 14:46:51 ny01 sshd[19149]: Failed password for root from 94.191.87.254 port 55762 ssh2	2019-12-05 03:47:16
81.153.205.47	attackbots	Automatic report - Port Scan Attack	2019-12-05 03:40:15
122.51.140.164	attackspam	Lines containing failures of 122.51.140.164 Dec 3 09:37:19 myhost sshd[19470]: Invalid user cussey from 122.51.140.164 port 55846 Dec 3 09:37:19 myhost sshd[19470]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.51.140.164 Dec 3 09:37:21 myhost sshd[19470]: Failed password for invalid user cussey from 122.51.140.164 port 55846 ssh2 Dec 3 09:37:21 myhost sshd[19470]: Received disconnect from 122.51.140.164 port 55846:11: Bye Bye [preauth] Dec 3 09:37:21 myhost sshd[19470]: Disconnected from invalid user cussey 122.51.140.164 port 55846 [preauth] Dec 3 09:51:23 myhost sshd[19544]: User r.r from 122.51.140.164 not allowed because not listed in AllowUsers Dec 3 09:51:23 myhost sshd[19544]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.51.140.164 user=r.r Dec 3 09:51:25 myhost sshd[19544]: Failed password for invalid user r.r from 122.51.140.164 port 46762 ssh2 Dec 3 09:51:25 ........ ------------------------------	2019-12-05 03:29:01
218.92.0.141	attack	Dec 4 20:54:39 markkoudstaal sshd[5104]: Failed password for root from 218.92.0.141 port 47862 ssh2 Dec 4 20:54:42 markkoudstaal sshd[5104]: Failed password for root from 218.92.0.141 port 47862 ssh2 Dec 4 20:54:45 markkoudstaal sshd[5104]: Failed password for root from 218.92.0.141 port 47862 ssh2 Dec 4 20:54:49 markkoudstaal sshd[5104]: Failed password for root from 218.92.0.141 port 47862 ssh2	2019-12-05 03:55:55
69.229.6.52	attackbotsspam	Dec 4 20:24:46 eventyay sshd[26525]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=69.229.6.52 Dec 4 20:24:48 eventyay sshd[26525]: Failed password for invalid user hauan from 69.229.6.52 port 52394 ssh2 Dec 4 20:32:55 eventyay sshd[26921]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=69.229.6.52 ...	2019-12-05 03:48:43
203.128.242.166	attack	2019-12-04T19:42:17.667701shield sshd\[2027\]: Invalid user furukawa from 203.128.242.166 port 36550 2019-12-04T19:42:17.672467shield sshd\[2027\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=203.128.242.166 2019-12-04T19:42:20.038234shield sshd\[2027\]: Failed password for invalid user furukawa from 203.128.242.166 port 36550 ssh2 2019-12-04T19:49:21.867853shield sshd\[4170\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=203.128.242.166 user=root 2019-12-04T19:49:23.441064shield sshd\[4170\]: Failed password for root from 203.128.242.166 port 41915 ssh2	2019-12-05 03:54:33

最近上报的IP列表

206.189.40.248	197.251.188.154	196.219.78.108	193.235.207.92
191.55.166.69	190.181.41.234	183.82.251.206	178.47.186.85
176.95.164.239	170.231.59.92	159.65.133.33	148.66.135.237
129.21.109.48	123.24.15.33	123.21.243.193	123.20.18.183
121.202.46.255	42.84.206.157	62.146.39.201	116.97.234.250