162.158.107.20

基本信息:

城市(city): Seattle

省份(region): Washington

国家(country): United States

运营商(isp): CloudFlare Inc.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Content Delivery Network

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbotsspam	Jul 23 22:18:23 hidden kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:3f:fd:58:00:08:e3:ff:fd:90:08:00 SRC=162.158.107.20 DST=79.143.186.54 LEN=52 TOS=0x00 PREC=0x00 TTL=56 ID=17964 DF PROTO=TCP SPT=60472 DPT=80 WINDOW=65535 RES=0x00 SYN URGP=0 Jul 23 22:18:24 hidden kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:3f:fd:58:00:08:e3:ff:fd:90:08:00 SRC=162.158.107.20 DST=79.143.186.54 LEN=52 TOS=0x00 PREC=0x00 TTL=56 ID=17965 DF PROTO=TCP SPT=60472 DPT=80 WINDOW=65535 RES=0x00 SYN URGP=0 Jul 23 22:18:26 hidden kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:3f:fd:58:00:08:e3:ff:fd:90:08:00 SRC=162.158.107.20 DST=79.143.186.54 LEN=52 TOS=0x00 PREC=0x00 TTL=56 ID=17966 DF PROTO=TCP SPT=60472 DPT=80 WINDOW=65535 RES=0x00 SYN URGP=0	2020-07-24 07:43:45

类型

评论内容

时间

attackbotsspam

Jul 23 22:18:23 *hidden* kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:3f:fd:58:00:08:e3:ff:fd:90:08:00 SRC=162.158.107.20 DST=79.143.186.54 LEN=52 TOS=0x00 PREC=0x00 TTL=56 ID=17964 DF PROTO=TCP SPT=60472 DPT=80 WINDOW=65535 RES=0x00 SYN URGP=0 Jul 23 22:18:24 *hidden* kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:3f:fd:58:00:08:e3:ff:fd:90:08:00 SRC=162.158.107.20 DST=79.143.186.54 LEN=52 TOS=0x00 PREC=0x00 TTL=56 ID=17965 DF PROTO=TCP SPT=60472 DPT=80 WINDOW=65535 RES=0x00 SYN URGP=0 Jul 23 22:18:26 *hidden* kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:3f:fd:58:00:08:e3:ff:fd:90:08:00 SRC=162.158.107.20 DST=79.143.186.54 LEN=52 TOS=0x00 PREC=0x00 TTL=56 ID=17966 DF PROTO=TCP SPT=60472 DPT=80 WINDOW=65535 RES=0x00 SYN URGP=0

2020-07-24 07:43:45

相同子网IP讨论:

IP	类型	评论内容	时间
162.158.107.207	attack	Apache - FakeGoogleBot	2020-05-30 17:26:53
162.158.107.211	attackbotsspam	Apache - FakeGoogleBot	2020-05-30 17:25:01
162.158.107.233	attackspambots	Apache - FakeGoogleBot	2020-05-30 17:24:33
162.158.107.23	attack	Apache - FakeGoogleBot	2020-05-30 17:19:38
162.158.107.95	attackbots	162.158.107.95 - - [09/Feb/2020:11:50:20 +0700] "GET /robots.txt HTTP/1.1" 404 2828 "-" "Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)"	2020-02-09 19:12:02
162.158.107.11	attack	162.158.107.11 - - [09/Feb/2020:11:50:22 +0700] "GET /?_escaped_fragment_= HTTP/1.1" 200 5371 "-" "Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)"	2020-02-09 19:04:40
162.158.107.119	attackspambots	162.158.107.119 - - [09/Feb/2020:11:51:10 +0700] "GET /apple-touch-icon.png HTTP/1.1" 404 2828 "-" "Googlebot-Image/1.0"	2020-02-09 18:32:06
162.158.107.88	attackbotsspam	162.158.107.88 - - [26/Sep/2019:10:41:24 +0700] "GET /apple-touch-icon-114x114.png HTTP/1.1" 404 2828 "-" "Googlebot-Image/1.0"	2019-09-26 19:19:05
162.158.107.159	attackbotsspam	162.158.107.159 - - [26/Sep/2019:10:41:26 +0700] "GET /apple-touch-icon-76x76.png HTTP/1.1" 404 2828 "-" "Googlebot-Image/1.0"	2019-09-26 19:16:52
162.158.107.175	attack	162.158.107.175 - - [26/Sep/2019:10:41:26 +0700] "GET /apple-touch-icon-144x144.png HTTP/1.1" 404 2828 "-" "Googlebot-Image/1.0"	2019-09-26 19:15:23
162.158.107.118	attackspambots	162.158.107.118 - - [26/Sep/2019:10:41:27 +0700] "GET /apple-touch-icon.png HTTP/1.1" 404 2828 "-" "Googlebot-Image/1.0"	2019-09-26 19:14:21

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 162.158.107.20
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 62216
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;162.158.107.20.			IN	A

;; AUTHORITY SECTION:
.			298	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020072301 1800 900 604800 86400

;; Query time: 35 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Jul 24 07:43:40 CST 2020
;; MSG SIZE  rcvd: 118

HOST信息:

Host 20.107.158.162.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 20.107.158.162.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
223.247.183.184	attackspambots	Unauthorized connection attempt detected from IP address 223.247.183.184 to port 7001	2020-01-01 01:51:19
106.13.36.145	attackspambots	Dec 30 23:29:35 server sshd\[30214\]: Invalid user sa from 106.13.36.145 Dec 30 23:29:35 server sshd\[30214\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.36.145 Dec 30 23:29:37 server sshd\[30214\]: Failed password for invalid user sa from 106.13.36.145 port 43796 ssh2 Dec 31 18:37:22 server sshd\[399\]: Invalid user kolbekk from 106.13.36.145 Dec 31 18:37:22 server sshd\[399\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.36.145 ...	2020-01-01 01:37:24
42.117.58.4	attackspam	Unauthorized connection attempt detected from IP address 42.117.58.4 to port 23	2020-01-01 02:14:45
111.20.101.65	attackbotsspam	Unauthorized connection attempt detected from IP address 111.20.101.65 to port 8080	2020-01-01 02:06:02
49.88.112.66	attack	Dec 31 14:01:14 firewall sshd[24308]: Failed password for root from 49.88.112.66 port 52094 ssh2 Dec 31 14:05:04 firewall sshd[24337]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.88.112.66 user=root Dec 31 14:05:07 firewall sshd[24337]: Failed password for root from 49.88.112.66 port 18308 ssh2 ...	2020-01-01 01:34:59
77.247.108.119	attackspam	Unauthorized connection attempt detected from IP address 77.247.108.119 to port 443	2020-01-01 02:09:23
209.17.96.66	attackbots	The IP has triggered Cloudflare WAF. CF-Ray: 54d8605e2f73f029 \| WAF_Rule_ID: ipr24 \| WAF_Kind: firewall \| CF_Action: challenge \| Country: US \| CF_IPClass: noRecord \| Protocol: HTTP/1.1 \| Method: GET \| Host: lab.skk.moe \| User-Agent: Mozilla/5.0 (compatible; Nimbostratus-Bot/v1.3.2; http://cloudsystemnetworks.com) \| CF_DC: EWR. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).	2020-01-01 01:38:13
125.124.89.100	attack	Unauthorized connection attempt detected from IP address 125.124.89.100 to port 8545	2020-01-01 01:57:23
218.69.248.98	attack	Unauthorized connection attempt detected from IP address 218.69.248.98 to port 1433	2020-01-01 01:52:18
60.176.172.166	attackbots	Unauthorized connection attempt detected from IP address 60.176.172.166 to port 5555	2020-01-01 02:10:36
58.57.50.14	attackbots	Unauthorized connection attempt detected from IP address 58.57.50.14 to port 445	2020-01-01 02:12:21
51.68.47.45	attackbots	Unauthorized connection attempt detected from IP address 51.68.47.45 to port 22	2020-01-01 01:40:59
61.136.86.12	attackbotsspam	19/12/31@10:16:31: FAIL: Alarm-Telnet address from=61.136.86.12 ...	2020-01-01 02:09:40
122.144.131.141	attackspambots	Unauthorized connection attempt detected from IP address 122.144.131.141 to port 8080	2020-01-01 01:50:01
195.98.93.220	attackspambots	Honeypot attack, port: 23, PTR: PTR record not found	2020-01-01 01:54:12

最近上报的IP列表

34.239.66.35	128.218.52.126	174.50.138.215	142.32.57.189
178.113.107.216	70.228.57.143	64.221.78.21	181.226.27.105
129.150.141.176	183.129.14.146	99.91.25.1	1.188.240.35
89.87.13.45	95.54.47.135	110.18.139.62	174.220.104.228
196.234.254.98	93.123.176.107	176.19.71.91	91.170.223.151