Remote session ip's

Frank4207 · 30 March 2017 02:21

This is the server IP form citrix for a remote session I just ended using wireshark…

THUNDER

Does can we do anything with this info??

IP Address: 202.173.27.71
[IP Blacklist Check]
Reverse DNS: 71.27.173.202.in-addr.arpa
Hostname: mcs8-1-isp1.bgl.expertcity.com
Nameservers:

ns-a.pnap.net >> 64.94.123.4

ns-c.pnap.net >> 64.95.61.4

ns-b.pnap.net >> 64.94.123.36

ns1.citrixonline.com >> 68.64.19.195

ns3.citrixonline.com >> 173.199.19.253

ns2.citrixonline.com >> 216.115.213.19

ns-d.pnap.net >> ns-d.pnap.net

Lookup IP Address Location For IP: 202.173.27.71
Continent: Oceania (OC)
Country: Australia IP Location Find In Australia (AU)
Capital: Canberra
State: New South Wales
City Location: Sydney
Postal: 1001
ISP: Citrix Online, ASP for remote access services
Organization: Mobility Apps division
AS Number: AS16815 Mobility Apps division

Time Zone: Australia/Sydney
Local Time: 13:11:37
Timezone GMT offset: 39600
Sunrise / Sunset: 07:05 / 18:54
Extra IP Lookup Finder Info for IP Address: 202.173.27.71
Continent Lat/Lon: -18.3127 / 138.515
Country Lat/Lon: -25 / 135
City Lat/Lon: (-33.8612) / (151.1982)
IP Language: English
IP Address Speed: Broadband (Cable/DSL) Internet Speed
[ Check Internet Speed]
IP Currency: Australian dollar (AUD)
IDD Code: +61

thunder · 30 March 2017 08:49

No, this seems to be a Citrix server IP.

Frank4207 · 30 March 2017 13:27

@thunder#2966

That’s what I figured. I called citrix last night a give them a handful of support codes I have collected from the same company over the past week. So from what I gather these guys are masked fairly well…unless they use teamviewer or a program like that. Well and if they had no vpn as well.

Afootpluto · 30 March 2017 14:13

I use a link to a screenshot of a popup, to get their IP most of the time. It almost always works.

Frank4207 · 30 March 2017 16:04

@Afootpluto#2974

Off this topic I noticed a gog.com folder in my windows start menu? I deleted it. Don’t see any weird process running. Well weird to me. Does anyone know if gog.exe masks as gog.com?

thunder · 30 March 2017 17:58

@Frank4207#2975 That’s just some game website. I’ve seen ransomware disguise as gog.exe before btw.

Frank4207 · 30 March 2017 18:34

@thunder#2976

Right on..lol I think I had a scammer just cold call my cell...I looked it up and has been flagged as a computer scam would you like the number?
I would call it back but I am not currently by my computer!!

Funny since I have been doing this I have received weird calls here and there....have you ever faced this?

superseani2 · 30 March 2017 19:21

@Frank4207#2975 i know taht 0dayh vulnerabiklity is a thing, and you can get infected by VISITING an html page. So be carefull of pages loading FOREVER.

Frank4207 · 30 March 2017 22:02

@superseani2#2985

???