城市(city): unknown
省份(region): unknown
国家(country): United States
运营商(isp): unknown
主机名(hostname): unknown
机构(organization): unknown
使用类型(Usage Type): unknown
#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/resources/registry/whois/tou/
#
# If you see inaccuracies in the results, please report at
# https://www.arin.net/resources/registry/whois/inaccuracy_reporting/
#
# Copyright 1997-2026, American Registry for Internet Numbers, Ltd.
#
NetRange: 162.131.0.0 - 162.131.255.255
CIDR: 162.131.0.0/16
NetName: USPRI101
NetHandle: NET-162-131-0-0-1
Parent: NET162 (NET-162-0-0-0-0)
NetType: Direct Allocation
OriginAS:
Organization: Principal Financial Group, Inc. (PFG-1)
RegDate: 1992-11-20
Updated: 2026-03-12
Comment: -----BEGIN CERTIFICATE-----MIIDizCCAnOgAwIBAgIUPJ/Sgwmr8PAe3MjRjYNug7NIbxswDQYJKoZIhvcNAQELBQAwVTELMAkGA1UEBhMCVVMxDTALBgNVBAgMBElvd2ExEzARBgNVBAcMCkRlcyBNb2luZXMxIjAgBgNVBAoMGVByaW5jaXBhbCBGaW5hbmNpYWwgR3JvdXAwHhcNMjYwMzEwMjIyNjE0WhcNMjYwOTA2MjIyNjE0WjBVMQswCQYDVQQGEwJVUzENMAsGA1UECAwESW93YTETMBEGA1UEBwwKRGVzIE1vaW5lczEiMCAGA1UECgwZUHJpbmNpcGFsIEZpbmFuY2lhbCBHcm91cDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANTiK++2wmzPKvSVsB2sCI10JBy0XQyeEdDJM33WsXm9m6FsvWg+dEWXD1DN3b9Z/MgXTl1GwL02DYCcRNN6LDTIw3xBIO/R4g2H9krL2DGNIAodZTzpL3px/mDaHn5Fxx1TwEfU6R2XC+gCMoL8ZOIfpnH3e/t3xV+tYloCfoMwDbVK08p2FuUJC9njQA8ZosolkotRxrsRDLcyXBQx08N4heLMZjruVAH9uHaupKpWH7l6AmWjTDj29D+pYeFbhFwpCoM0byrjGT0KOr5Lzug3VGnBvgi+1jWMMBvjqk/s9w0TR4WDNALcXTcQKIPtVmiEumbt6Wp7lRGUkHZaeLMCAwEAAaNTMFEwHQYDVR0OBBYEFP270mwZfbw/HvhWyL/gqEUr+DpcMB8GA1UdIwQYMBaAFP270mwZfbw/HvhWyL/gqEUr+DpcMA8GA1UdEwEB/wQFMAMBAf8wDQYJKoZIhvcNAQELBQADggEBAK/rZh0bpwwk+3zUcReNcZd8ISzYByJb85dxjsumEhUZgycCkFZDLcNZF5X6qX0yV3i1d+63GvsKxC2Tk789QvyDRNWTueiPhZDbcOmiRelseNf0ZyR5WsdAMKuxuH+H4P6hgHTP92Ay9tHiVnqXA7X7vc9iRQ3ONDqUSFQwCCQ+OGDJIAl63vB/wN4NkcvYdq67vsB/DYxjemGmATsFKTplTwBSTAP3mdmG0VUuVQpBtZ55ZgeXVfm8tmrGIrSqhQDD4oL7DONJQ6ASqiF93tRXrS/rnNCV3SQcepwzSmFZKifRKFno4k1C+tfW71fkFrzMbPHI8NnxDr6kf7l5dFQ=-----END CERTIFICATE-----
Ref: https://rdap.arin.net/registry/ip/162.131.0.0
OrgName: Principal Financial Group, Inc.
OrgId: PFG-1
Address: IS Network Administration
Address: 711 High Street
City: Des Moines
StateProv: IA
PostalCode: 50392
Country: US
RegDate: 1992-11-20
Updated: 2026-02-04
Ref: https://rdap.arin.net/registry/entity/PFG-1
OrgAbuseHandle: NSO31-ARIN
OrgAbuseName: Network Security Operations
OrgAbusePhone: +1-515-247-5047
OrgAbuseEmail: abuse@principal.com
OrgAbuseRef: https://rdap.arin.net/registry/entity/NSO31-ARIN
OrgTechHandle: STAFF127-ARIN
OrgTechName: Stafford, Mark
OrgTechPhone: +1-515-235-6268
OrgTechEmail: stafford.mark@principal.com
OrgTechRef: https://rdap.arin.net/registry/entity/STAFF127-ARIN
OrgTechHandle: LOFTU8-ARIN
OrgTechName: Loftus, Brad
OrgTechPhone: +1-515-247-5383
OrgTechEmail: loftus.brad@principal.com
OrgTechRef: https://rdap.arin.net/registry/entity/LOFTU8-ARIN
OrgTechHandle: EWEST-ARIN
OrgTechName: Ewest, Mark
OrgTechPhone: +1-515-207-9963
OrgTechEmail: ewest.mark@principal.com
OrgTechRef: https://rdap.arin.net/registry/entity/EWEST-ARIN
OrgTechHandle: DEUTM-ARIN
OrgTechName: Deutmeyer, Brian
OrgTechPhone: +1-515-207-9608
OrgTechEmail: deutmeyer.brian@principal.com
OrgTechRef: https://rdap.arin.net/registry/entity/DEUTM-ARIN
OrgTechHandle: WATNE1-ARIN
OrgTechName: Watne, Nate
OrgTechPhone: +1-515-246-7163
OrgTechEmail: watne.nathan@principal.com
OrgTechRef: https://rdap.arin.net/registry/entity/WATNE1-ARIN
RAbuseHandle: NSO31-ARIN
RAbuseName: Network Security Operations
RAbusePhone: +1-515-247-5047
RAbuseEmail: abuse@principal.com
RAbuseRef: https://rdap.arin.net/registry/entity/NSO31-ARIN
RTechHandle: DEUTM-ARIN
RTechName: Deutmeyer, Brian
RTechPhone: +1-515-207-9608
RTechEmail: deutmeyer.brian@principal.com
RTechRef: https://rdap.arin.net/registry/entity/DEUTM-ARIN
#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/resources/registry/whois/tou/
#
# If you see inaccuracies in the results, please report at
# https://www.arin.net/resources/registry/whois/inaccuracy_reporting/
#
# Copyright 1997-2026, American Registry for Internet Numbers, Ltd.
#; <<>> DiG 9.10.3-P4-Ubuntu <<>> 162.131.32.42
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 39286
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;162.131.32.42. IN A
;; AUTHORITY SECTION:
. 30 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2026042002 1800 900 604800 86400
;; Query time: 9 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Apr 21 13:40:16 CST 2026
;; MSG SIZE rcvd: 106Host 42.32.131.162.in-addr.arpa. not found: 3(NXDOMAIN)Server: 183.60.83.19
Address: 183.60.83.19#53
** server can't find 42.32.131.162.in-addr.arpa: NXDOMAIN| IP | 类型 | 评论内容 | 时间 |
|---|---|---|---|
| 193.201.224.12 | attackbots | Sep 27 19:06:37 itv-usvr-02 sshd[27831]: Invalid user 0 from 193.201.224.12 port 56181 Sep 27 19:06:37 itv-usvr-02 sshd[27831]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=193.201.224.12 Sep 27 19:06:37 itv-usvr-02 sshd[27831]: Invalid user 0 from 193.201.224.12 port 56181 Sep 27 19:06:39 itv-usvr-02 sshd[27831]: Failed password for invalid user 0 from 193.201.224.12 port 56181 ssh2 Sep 27 19:06:37 itv-usvr-02 sshd[27831]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=193.201.224.12 Sep 27 19:06:37 itv-usvr-02 sshd[27831]: Invalid user 0 from 193.201.224.12 port 56181 Sep 27 19:06:39 itv-usvr-02 sshd[27831]: Failed password for invalid user 0 from 193.201.224.12 port 56181 ssh2 Sep 27 19:06:39 itv-usvr-02 sshd[27831]: Disconnecting invalid user 0 193.201.224.12 port 56181: Change of username or service not allowed: (0,ssh-connection) -> (22,ssh-connection) [preauth] |
2019-09-28 03:34:08 |
| 106.12.88.32 | attackbots | ssh failed login |
2019-09-28 03:26:05 |
| 165.22.123.146 | attackbots | detected by Fail2Ban |
2019-09-28 03:12:18 |
| 125.212.233.50 | attack | Sep 27 20:42:39 vmd17057 sshd\[31602\]: Invalid user arma2dm from 125.212.233.50 port 53618 Sep 27 20:42:39 vmd17057 sshd\[31602\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=125.212.233.50 Sep 27 20:42:41 vmd17057 sshd\[31602\]: Failed password for invalid user arma2dm from 125.212.233.50 port 53618 ssh2 ... |
2019-09-28 03:25:14 |
| 113.54.159.55 | attack | Sep 27 13:58:56 game-panel sshd[9967]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=113.54.159.55 Sep 27 13:58:58 game-panel sshd[9967]: Failed password for invalid user ftpuser1 from 113.54.159.55 port 39344 ssh2 Sep 27 14:03:14 game-panel sshd[10119]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=113.54.159.55 |
2019-09-28 03:30:53 |
| 159.203.190.189 | attackbots | DATE:2019-09-27 18:44:44,IP:159.203.190.189,MATCHES:10,PORT:ssh |
2019-09-28 03:19:04 |
| 46.175.243.9 | attack | Invalid user chaps from 46.175.243.9 port 59372 |
2019-09-28 03:11:13 |
| 27.223.175.144 | attackspam | (Sep 27) LEN=40 TTL=49 ID=25357 TCP DPT=8080 WINDOW=15173 SYN (Sep 27) LEN=40 TTL=49 ID=49553 TCP DPT=8080 WINDOW=61922 SYN (Sep 27) LEN=40 TTL=49 ID=62897 TCP DPT=8080 WINDOW=61922 SYN (Sep 26) LEN=40 TTL=49 ID=20779 TCP DPT=8080 WINDOW=61922 SYN (Sep 25) LEN=40 TTL=49 ID=7056 TCP DPT=8080 WINDOW=15173 SYN (Sep 25) LEN=40 TTL=49 ID=41239 TCP DPT=8080 WINDOW=61922 SYN (Sep 24) LEN=40 TTL=49 ID=12746 TCP DPT=8080 WINDOW=55449 SYN (Sep 24) LEN=40 TTL=48 ID=38207 TCP DPT=8080 WINDOW=64938 SYN (Sep 24) LEN=40 TTL=49 ID=38297 TCP DPT=8080 WINDOW=55449 SYN (Sep 23) LEN=40 TTL=49 ID=7683 TCP DPT=8080 WINDOW=64938 SYN (Sep 23) LEN=40 TTL=49 ID=34943 TCP DPT=8080 WINDOW=64938 SYN (Sep 22) LEN=40 TTL=49 ID=58337 TCP DPT=8080 WINDOW=64938 SYN (Sep 22) LEN=40 TTL=49 ID=40510 TCP DPT=8080 WINDOW=55449 SYN |
2019-09-28 03:05:35 |
| 192.3.135.166 | attackspambots | Sep 27 20:32:25 MK-Soft-VM6 sshd[25288]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.3.135.166 Sep 27 20:32:26 MK-Soft-VM6 sshd[25288]: Failed password for invalid user santana from 192.3.135.166 port 47218 ssh2 ... |
2019-09-28 02:55:36 |
| 134.175.39.246 | attack | Sep 27 20:25:51 ArkNodeAT sshd\[17008\]: Invalid user dietpi from 134.175.39.246 Sep 27 20:25:51 ArkNodeAT sshd\[17008\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.175.39.246 Sep 27 20:25:54 ArkNodeAT sshd\[17008\]: Failed password for invalid user dietpi from 134.175.39.246 port 42530 ssh2 |
2019-09-28 03:15:55 |
| 208.181.63.246 | attackbotsspam | 8080 |
2019-09-28 02:54:06 |
| 51.75.26.51 | attack | Sep 27 05:22:59 hanapaa sshd\[1580\]: Invalid user finja from 51.75.26.51 Sep 27 05:22:59 hanapaa sshd\[1580\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.ip-51-75-26.eu Sep 27 05:23:01 hanapaa sshd\[1580\]: Failed password for invalid user finja from 51.75.26.51 port 55954 ssh2 Sep 27 05:27:00 hanapaa sshd\[1992\]: Invalid user systemuser from 51.75.26.51 Sep 27 05:27:00 hanapaa sshd\[1992\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.ip-51-75-26.eu |
2019-09-28 03:16:44 |
| 77.42.86.205 | attackspambots | scan z |
2019-09-28 03:05:20 |
| 157.55.39.173 | attackbotsspam | Automatic report - Banned IP Access |
2019-09-28 02:53:25 |
| 106.12.208.211 | attack | Sep 27 18:08:07 nextcloud sshd\[18341\]: Invalid user foster from 106.12.208.211 Sep 27 18:08:07 nextcloud sshd\[18341\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.208.211 Sep 27 18:08:09 nextcloud sshd\[18341\]: Failed password for invalid user foster from 106.12.208.211 port 35952 ssh2 ... |
2019-09-28 03:14:24 |