162.158.107.20

基本信息:

城市(city): Seattle

省份(region): Washington

国家(country): United States

运营商(isp): CloudFlare Inc.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Content Delivery Network

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbotsspam	Jul 23 22:18:23 hidden kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:3f:fd:58:00:08:e3:ff:fd:90:08:00 SRC=162.158.107.20 DST=79.143.186.54 LEN=52 TOS=0x00 PREC=0x00 TTL=56 ID=17964 DF PROTO=TCP SPT=60472 DPT=80 WINDOW=65535 RES=0x00 SYN URGP=0 Jul 23 22:18:24 hidden kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:3f:fd:58:00:08:e3:ff:fd:90:08:00 SRC=162.158.107.20 DST=79.143.186.54 LEN=52 TOS=0x00 PREC=0x00 TTL=56 ID=17965 DF PROTO=TCP SPT=60472 DPT=80 WINDOW=65535 RES=0x00 SYN URGP=0 Jul 23 22:18:26 hidden kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:3f:fd:58:00:08:e3:ff:fd:90:08:00 SRC=162.158.107.20 DST=79.143.186.54 LEN=52 TOS=0x00 PREC=0x00 TTL=56 ID=17966 DF PROTO=TCP SPT=60472 DPT=80 WINDOW=65535 RES=0x00 SYN URGP=0	2020-07-24 07:43:45

类型

评论内容

时间

attackbotsspam

Jul 23 22:18:23 *hidden* kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:3f:fd:58:00:08:e3:ff:fd:90:08:00 SRC=162.158.107.20 DST=79.143.186.54 LEN=52 TOS=0x00 PREC=0x00 TTL=56 ID=17964 DF PROTO=TCP SPT=60472 DPT=80 WINDOW=65535 RES=0x00 SYN URGP=0 Jul 23 22:18:24 *hidden* kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:3f:fd:58:00:08:e3:ff:fd:90:08:00 SRC=162.158.107.20 DST=79.143.186.54 LEN=52 TOS=0x00 PREC=0x00 TTL=56 ID=17965 DF PROTO=TCP SPT=60472 DPT=80 WINDOW=65535 RES=0x00 SYN URGP=0 Jul 23 22:18:26 *hidden* kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:3f:fd:58:00:08:e3:ff:fd:90:08:00 SRC=162.158.107.20 DST=79.143.186.54 LEN=52 TOS=0x00 PREC=0x00 TTL=56 ID=17966 DF PROTO=TCP SPT=60472 DPT=80 WINDOW=65535 RES=0x00 SYN URGP=0

2020-07-24 07:43:45

相同子网IP讨论:

IP	类型	评论内容	时间
162.158.107.207	attack	Apache - FakeGoogleBot	2020-05-30 17:26:53
162.158.107.211	attackbotsspam	Apache - FakeGoogleBot	2020-05-30 17:25:01
162.158.107.233	attackspambots	Apache - FakeGoogleBot	2020-05-30 17:24:33
162.158.107.23	attack	Apache - FakeGoogleBot	2020-05-30 17:19:38
162.158.107.95	attackbots	162.158.107.95 - - [09/Feb/2020:11:50:20 +0700] "GET /robots.txt HTTP/1.1" 404 2828 "-" "Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)"	2020-02-09 19:12:02
162.158.107.11	attack	162.158.107.11 - - [09/Feb/2020:11:50:22 +0700] "GET /?_escaped_fragment_= HTTP/1.1" 200 5371 "-" "Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)"	2020-02-09 19:04:40
162.158.107.119	attackspambots	162.158.107.119 - - [09/Feb/2020:11:51:10 +0700] "GET /apple-touch-icon.png HTTP/1.1" 404 2828 "-" "Googlebot-Image/1.0"	2020-02-09 18:32:06
162.158.107.88	attackbotsspam	162.158.107.88 - - [26/Sep/2019:10:41:24 +0700] "GET /apple-touch-icon-114x114.png HTTP/1.1" 404 2828 "-" "Googlebot-Image/1.0"	2019-09-26 19:19:05
162.158.107.159	attackbotsspam	162.158.107.159 - - [26/Sep/2019:10:41:26 +0700] "GET /apple-touch-icon-76x76.png HTTP/1.1" 404 2828 "-" "Googlebot-Image/1.0"	2019-09-26 19:16:52
162.158.107.175	attack	162.158.107.175 - - [26/Sep/2019:10:41:26 +0700] "GET /apple-touch-icon-144x144.png HTTP/1.1" 404 2828 "-" "Googlebot-Image/1.0"	2019-09-26 19:15:23
162.158.107.118	attackspambots	162.158.107.118 - - [26/Sep/2019:10:41:27 +0700] "GET /apple-touch-icon.png HTTP/1.1" 404 2828 "-" "Googlebot-Image/1.0"	2019-09-26 19:14:21

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 162.158.107.20
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 62216
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;162.158.107.20.			IN	A

;; AUTHORITY SECTION:
.			298	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020072301 1800 900 604800 86400

;; Query time: 35 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Jul 24 07:43:40 CST 2020
;; MSG SIZE  rcvd: 118

HOST信息:

Host 20.107.158.162.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 20.107.158.162.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
68.183.124.53	attack	Sep 21 11:39:09 rpi sshd[25135]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=68.183.124.53 Sep 21 11:39:11 rpi sshd[25135]: Failed password for invalid user teamspeak from 68.183.124.53 port 49086 ssh2	2019-09-21 17:47:17
81.22.45.25	attack	09/21/2019-06:37:53.472085 81.22.45.25 Protocol: 6 ET SCAN NMAP -sS window 1024	2019-09-21 18:47:19
51.83.77.224	attackspambots	2019-09-21T10:55:42.230125abusebot-2.cloudsearch.cf sshd\[25410\]: Invalid user whipper from 51.83.77.224 port 57282	2019-09-21 19:18:07
23.94.16.72	attack	2019-09-21T10:58:03.795456abusebot-5.cloudsearch.cf sshd\[20676\]: Invalid user ftpusr from 23.94.16.72 port 55896	2019-09-21 19:18:54
128.199.128.215	attackbotsspam	Invalid user kelvin from 128.199.128.215 port 37730	2019-09-21 18:21:05
92.118.160.25	attack	Automatic report - Port Scan Attack	2019-09-21 17:48:17
125.27.70.169	attackspam	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/125.27.70.169/ TH - 1H : (27) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : TH NAME ASN : ASN23969 IP : 125.27.70.169 CIDR : 125.27.64.0/20 PREFIX COUNT : 1783 UNIQUE IP COUNT : 1183744 WYKRYTE ATAKI Z ASN23969 : 1H - 1 3H - 1 6H - 3 12H - 7 24H - 12 INFO : Looking for resource vulnerabilities 403 Detected and Blocked by ADMIN - data recovery	2019-09-21 19:17:24
192.160.102.168	attack	REQUESTED PAGE: /wp-admin/	2019-09-21 18:56:55
123.188.145.179	attackspambots	Unauthorised access (Sep 21) SRC=123.188.145.179 LEN=40 TTL=49 ID=15852 TCP DPT=8080 WINDOW=48910 SYN	2019-09-21 17:54:13
72.2.6.128	attack	Sep 21 12:02:17 MK-Soft-VM3 sshd[30983]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=72.2.6.128 Sep 21 12:02:19 MK-Soft-VM3 sshd[30983]: Failed password for invalid user pil from 72.2.6.128 port 50184 ssh2 ...	2019-09-21 19:01:45
185.6.9.208	attackspam	abuseConfidenceScore blocked for 12h	2019-09-21 18:54:01
67.132.78.13	attack	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-09-21 02:44:07,819 INFO [amun_request_handler] PortScan Detected on Port: 445 (67.132.78.13)	2019-09-21 18:17:27
124.156.202.243	attackspambots	Invalid user sarojini from 124.156.202.243 port 47040	2019-09-21 19:15:35
54.37.228.221	attack	Sep 21 09:25:51 XXXXXX sshd[34523]: Invalid user test from 54.37.228.221 port 44768	2019-09-21 19:01:24
106.12.42.110	attackspam	Sep 21 09:56:02 game-panel sshd[30639]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.42.110 Sep 21 09:56:04 game-panel sshd[30639]: Failed password for invalid user norman from 106.12.42.110 port 48942 ssh2 Sep 21 10:00:20 game-panel sshd[30801]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.42.110	2019-09-21 18:55:41

最近上报的IP列表

34.239.66.35	128.218.52.126	174.50.138.215	142.32.57.189
178.113.107.216	70.228.57.143	64.221.78.21	181.226.27.105
129.150.141.176	183.129.14.146	99.91.25.1	1.188.240.35
89.87.13.45	95.54.47.135	110.18.139.62	174.220.104.228
196.234.254.98	93.123.176.107	176.19.71.91	91.170.223.151