158.161.27.4 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Brunei Darussalam

运营商(isp): unknown

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

暂无关于此IP的讨论, 沙发请点上方按钮

相同子网IP讨论:

暂无关于此IP所属子网相关IP的讨论.

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 158.161.27.4
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 10700
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;158.161.27.4.			IN	A

;; AUTHORITY SECTION:
.			320	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022072202 1800 900 604800 86400

;; Query time: 66 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Jul 23 09:21:31 CST 2022
;; MSG SIZE  rcvd: 105

HOST信息:

b'Host 4.27.161.158.in-addr.arpa not found: 2(SERVFAIL)
'

NSLOOKUP信息:

;; Got SERVFAIL reply from 183.60.83.19, trying next server
Server:		183.60.82.98
Address:	183.60.82.98#53

** server can't find 4.27.161.158.in-addr.arpa: SERVFAIL

最新评论:

IP	类型	评论内容	时间
170.81.148.7	attackspambots	Invalid user jenkins from 170.81.148.7 port 50866	2020-02-20 15:29:14
222.186.173.183	attack	Feb 20 09:38:52 ift sshd\[18080\]: Failed password for root from 222.186.173.183 port 31434 ssh2Feb 20 09:39:03 ift sshd\[18080\]: Failed password for root from 222.186.173.183 port 31434 ssh2Feb 20 09:39:06 ift sshd\[18080\]: Failed password for root from 222.186.173.183 port 31434 ssh2Feb 20 09:39:12 ift sshd\[18124\]: Failed password for root from 222.186.173.183 port 3760 ssh2Feb 20 09:39:21 ift sshd\[18124\]: Failed password for root from 222.186.173.183 port 3760 ssh2 ...	2020-02-20 15:40:23
23.92.131.69	attack	Honeypot attack, port: 5555, PTR: dhcp-23-92-131-69.cable.user.start.ca.	2020-02-20 16:03:25
175.97.136.242	attackbots	Feb 20 10:11:17 server sshd\[12991\]: Invalid user ubuntu from 175.97.136.242 Feb 20 10:11:17 server sshd\[12991\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=175-97-136-242.dynamic.tfn.net.tw Feb 20 10:11:19 server sshd\[12991\]: Failed password for invalid user ubuntu from 175.97.136.242 port 51266 ssh2 Feb 20 10:18:14 server sshd\[13998\]: Invalid user nisuser1 from 175.97.136.242 Feb 20 10:18:14 server sshd\[13998\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=175-97-136-242.dynamic.tfn.net.tw ...	2020-02-20 15:43:16
218.92.0.195	attack	Feb 20 08:35:07 dcd-gentoo sshd[28399]: User root from 218.92.0.195 not allowed because none of user's groups are listed in AllowGroups Feb 20 08:35:11 dcd-gentoo sshd[28399]: error: PAM: Authentication failure for illegal user root from 218.92.0.195 Feb 20 08:35:07 dcd-gentoo sshd[28399]: User root from 218.92.0.195 not allowed because none of user's groups are listed in AllowGroups Feb 20 08:35:11 dcd-gentoo sshd[28399]: error: PAM: Authentication failure for illegal user root from 218.92.0.195 Feb 20 08:35:07 dcd-gentoo sshd[28399]: User root from 218.92.0.195 not allowed because none of user's groups are listed in AllowGroups Feb 20 08:35:11 dcd-gentoo sshd[28399]: error: PAM: Authentication failure for illegal user root from 218.92.0.195 Feb 20 08:35:11 dcd-gentoo sshd[28399]: Failed keyboard-interactive/pam for invalid user root from 218.92.0.195 port 41322 ssh2 ...	2020-02-20 15:42:59
175.209.255.96	attackbots	2020-02-20T07:48:41.139451shield sshd\[12327\]: Invalid user jenkins from 175.209.255.96 port 35026 2020-02-20T07:48:41.143441shield sshd\[12327\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=175.209.255.96 2020-02-20T07:48:43.401822shield sshd\[12327\]: Failed password for invalid user jenkins from 175.209.255.96 port 35026 ssh2 2020-02-20T07:52:34.933766shield sshd\[12627\]: Invalid user nagios from 175.209.255.96 port 42384 2020-02-20T07:52:34.941907shield sshd\[12627\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=175.209.255.96	2020-02-20 16:01:38
183.83.161.99	attackspam	Honeypot attack, port: 445, PTR: broadband.actcorp.in.	2020-02-20 15:35:09
117.161.92.2	attack	port scan and connect, tcp 1433 (ms-sql-s)	2020-02-20 15:45:02
165.227.121.230	attack	Feb 17 08:43:32 km20725 sshd[7195]: Did not receive identification string from 165.227.121.230 Feb 17 08:43:52 km20725 sshd[7209]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=165.227.121.230 user=r.r Feb 17 08:43:54 km20725 sshd[7209]: Failed password for r.r from 165.227.121.230 port 34524 ssh2 Feb 17 08:43:54 km20725 sshd[7209]: Received disconnect from 165.227.121.230: 11: Normal Shutdown, Thank you for playing [preauth] Feb 17 08:44:17 km20725 sshd[7294]: Invalid user oracle from 165.227.121.230 Feb 17 08:44:17 km20725 sshd[7294]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=165.227.121.230 Feb 17 08:44:18 km20725 sshd[7294]: Failed password for invalid user oracle from 165.227.121.230 port 56078 ssh2 Feb 17 08:44:19 km20725 sshd[7294]: Received disconnect from 165.227.121.230: 11: Normal Shutdown, Thank you for playing [preauth] Feb 17 08:44:41 km20725 sshd[7305]: pam_unix(sshd:........ -------------------------------	2020-02-20 15:32:43
41.164.118.136	attack	Feb 20 04:51:58 web8 sshd\[29329\]: Invalid user postgres from 41.164.118.136 Feb 20 04:51:58 web8 sshd\[29329\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=41.164.118.136 Feb 20 04:52:00 web8 sshd\[29329\]: Failed password for invalid user postgres from 41.164.118.136 port 55280 ssh2 Feb 20 04:54:17 web8 sshd\[30528\]: Invalid user web from 41.164.118.136 Feb 20 04:54:17 web8 sshd\[30528\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=41.164.118.136	2020-02-20 15:57:31
94.176.243.163	attackbotsspam	(Feb 20) LEN=44 TTL=246 ID=16136 DF TCP DPT=23 WINDOW=14600 SYN (Feb 20) LEN=44 TTL=246 ID=9495 DF TCP DPT=23 WINDOW=14600 SYN (Feb 20) LEN=44 TTL=246 ID=22438 DF TCP DPT=23 WINDOW=14600 SYN (Feb 19) LEN=44 TTL=246 ID=44072 DF TCP DPT=23 WINDOW=14600 SYN (Feb 19) LEN=44 TTL=246 ID=12968 DF TCP DPT=23 WINDOW=14600 SYN (Feb 19) LEN=44 TTL=246 ID=40595 DF TCP DPT=23 WINDOW=14600 SYN (Feb 19) LEN=44 TTL=246 ID=13364 DF TCP DPT=23 WINDOW=14600 SYN (Feb 19) LEN=44 TTL=246 ID=6833 DF TCP DPT=23 WINDOW=14600 SYN (Feb 19) LEN=44 TTL=246 ID=2139 DF TCP DPT=23 WINDOW=14600 SYN (Feb 19) LEN=44 TTL=246 ID=65165 DF TCP DPT=23 WINDOW=14600 SYN (Feb 19) LEN=44 TTL=246 ID=4704 DF TCP DPT=23 WINDOW=14600 SYN (Feb 19) LEN=44 TTL=246 ID=42444 DF TCP DPT=23 WINDOW=14600 SYN (Feb 18) LEN=44 TTL=246 ID=37664 DF TCP DPT=23 WINDOW=14600 SYN (Feb 18) LEN=44 TTL=246 ID=46343 DF TCP DPT=23 WINDOW=14600 SYN (Feb 18) LEN=44 TTL=246 ID=32814 DF TCP DPT=23 WINDOW=14600 SYN ...	2020-02-20 15:53:19
222.127.97.90	attack	Invalid user salonin from 222.127.97.90 port 18283	2020-02-20 15:52:15
121.178.212.67	attack	Feb 20 05:25:25 XXXXXX sshd[61859]: Invalid user admin from 121.178.212.67 port 44372	2020-02-20 15:36:38
220.135.139.58	attackspam	Honeypot attack, port: 81, PTR: 220-135-139-58.HINET-IP.hinet.net.	2020-02-20 15:39:21
190.82.72.134	attackbotsspam	Honeypot attack, port: 445, PTR: 190-82-72-134.static.tie.cl.	2020-02-20 15:49:05

最近上报的IP列表

158.162.124.166	158.162.173.22	158.164.50.147	158.163.192.55
158.162.63.144	158.161.240.128	158.163.111.99	158.162.83.165
158.164.101.77	158.163.173.190	158.163.234.171	158.166.153.186
158.161.86.11	158.161.216.125	158.166.1.4	158.161.75.153
158.160.12.250	158.163.149.177	158.168.114.243	158.168.205.88