162.158.107.20

基本信息:

城市(city): Seattle

省份(region): Washington

国家(country): United States

运营商(isp): CloudFlare Inc.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Content Delivery Network

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbotsspam	Jul 23 22:18:23 hidden kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:3f:fd:58:00:08:e3:ff:fd:90:08:00 SRC=162.158.107.20 DST=79.143.186.54 LEN=52 TOS=0x00 PREC=0x00 TTL=56 ID=17964 DF PROTO=TCP SPT=60472 DPT=80 WINDOW=65535 RES=0x00 SYN URGP=0 Jul 23 22:18:24 hidden kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:3f:fd:58:00:08:e3:ff:fd:90:08:00 SRC=162.158.107.20 DST=79.143.186.54 LEN=52 TOS=0x00 PREC=0x00 TTL=56 ID=17965 DF PROTO=TCP SPT=60472 DPT=80 WINDOW=65535 RES=0x00 SYN URGP=0 Jul 23 22:18:26 hidden kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:3f:fd:58:00:08:e3:ff:fd:90:08:00 SRC=162.158.107.20 DST=79.143.186.54 LEN=52 TOS=0x00 PREC=0x00 TTL=56 ID=17966 DF PROTO=TCP SPT=60472 DPT=80 WINDOW=65535 RES=0x00 SYN URGP=0	2020-07-24 07:43:45

类型

评论内容

时间

attackbotsspam

Jul 23 22:18:23 *hidden* kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:3f:fd:58:00:08:e3:ff:fd:90:08:00 SRC=162.158.107.20 DST=79.143.186.54 LEN=52 TOS=0x00 PREC=0x00 TTL=56 ID=17964 DF PROTO=TCP SPT=60472 DPT=80 WINDOW=65535 RES=0x00 SYN URGP=0 Jul 23 22:18:24 *hidden* kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:3f:fd:58:00:08:e3:ff:fd:90:08:00 SRC=162.158.107.20 DST=79.143.186.54 LEN=52 TOS=0x00 PREC=0x00 TTL=56 ID=17965 DF PROTO=TCP SPT=60472 DPT=80 WINDOW=65535 RES=0x00 SYN URGP=0 Jul 23 22:18:26 *hidden* kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:3f:fd:58:00:08:e3:ff:fd:90:08:00 SRC=162.158.107.20 DST=79.143.186.54 LEN=52 TOS=0x00 PREC=0x00 TTL=56 ID=17966 DF PROTO=TCP SPT=60472 DPT=80 WINDOW=65535 RES=0x00 SYN URGP=0

2020-07-24 07:43:45

相同子网IP讨论:

IP	类型	评论内容	时间
162.158.107.207	attack	Apache - FakeGoogleBot	2020-05-30 17:26:53
162.158.107.211	attackbotsspam	Apache - FakeGoogleBot	2020-05-30 17:25:01
162.158.107.233	attackspambots	Apache - FakeGoogleBot	2020-05-30 17:24:33
162.158.107.23	attack	Apache - FakeGoogleBot	2020-05-30 17:19:38
162.158.107.95	attackbots	162.158.107.95 - - [09/Feb/2020:11:50:20 +0700] "GET /robots.txt HTTP/1.1" 404 2828 "-" "Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)"	2020-02-09 19:12:02
162.158.107.11	attack	162.158.107.11 - - [09/Feb/2020:11:50:22 +0700] "GET /?_escaped_fragment_= HTTP/1.1" 200 5371 "-" "Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)"	2020-02-09 19:04:40
162.158.107.119	attackspambots	162.158.107.119 - - [09/Feb/2020:11:51:10 +0700] "GET /apple-touch-icon.png HTTP/1.1" 404 2828 "-" "Googlebot-Image/1.0"	2020-02-09 18:32:06
162.158.107.88	attackbotsspam	162.158.107.88 - - [26/Sep/2019:10:41:24 +0700] "GET /apple-touch-icon-114x114.png HTTP/1.1" 404 2828 "-" "Googlebot-Image/1.0"	2019-09-26 19:19:05
162.158.107.159	attackbotsspam	162.158.107.159 - - [26/Sep/2019:10:41:26 +0700] "GET /apple-touch-icon-76x76.png HTTP/1.1" 404 2828 "-" "Googlebot-Image/1.0"	2019-09-26 19:16:52
162.158.107.175	attack	162.158.107.175 - - [26/Sep/2019:10:41:26 +0700] "GET /apple-touch-icon-144x144.png HTTP/1.1" 404 2828 "-" "Googlebot-Image/1.0"	2019-09-26 19:15:23
162.158.107.118	attackspambots	162.158.107.118 - - [26/Sep/2019:10:41:27 +0700] "GET /apple-touch-icon.png HTTP/1.1" 404 2828 "-" "Googlebot-Image/1.0"	2019-09-26 19:14:21

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 162.158.107.20
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 62216
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;162.158.107.20.			IN	A

;; AUTHORITY SECTION:
.			298	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020072301 1800 900 604800 86400

;; Query time: 35 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Jul 24 07:43:40 CST 2020
;; MSG SIZE  rcvd: 118

HOST信息:

Host 20.107.158.162.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 20.107.158.162.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
142.93.174.86	attackspam	142.93.174.86 - - \[19/Dec/2019:15:35:23 +0100\] "POST /wp-login.php HTTP/1.0" 200 7612 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" 142.93.174.86 - - \[19/Dec/2019:15:35:24 +0100\] "POST /wp-login.php HTTP/1.0" 200 7437 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" 142.93.174.86 - - \[19/Dec/2019:15:35:25 +0100\] "POST /wp-login.php HTTP/1.0" 200 7432 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0"	2019-12-20 02:31:09
51.38.33.178	attackbots	Dec 19 18:09:21 meumeu sshd[27336]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.38.33.178 Dec 19 18:09:22 meumeu sshd[27336]: Failed password for invalid user leland from 51.38.33.178 port 37152 ssh2 Dec 19 18:14:30 meumeu sshd[27993]: Failed password for root from 51.38.33.178 port 40431 ssh2 ...	2019-12-20 02:54:44
35.226.26.122	attackbots	RDPBruteCAu	2019-12-20 02:34:55
159.203.81.28	attackspam	Dec 19 08:55:13 hpm sshd\[19114\]: Invalid user hoon from 159.203.81.28 Dec 19 08:55:13 hpm sshd\[19114\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.203.81.28 Dec 19 08:55:15 hpm sshd\[19114\]: Failed password for invalid user hoon from 159.203.81.28 port 41408 ssh2 Dec 19 09:00:22 hpm sshd\[19807\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.203.81.28 user=mysql Dec 19 09:00:24 hpm sshd\[19807\]: Failed password for mysql from 159.203.81.28 port 44394 ssh2	2019-12-20 03:01:49
159.89.160.91	attack	" "	2019-12-20 02:33:29
45.55.222.162	attackbotsspam	Oct 10 07:02:01 vtv3 sshd[11931]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.55.222.162 Oct 10 07:13:43 vtv3 sshd[17590]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.55.222.162 user=root Oct 10 07:13:45 vtv3 sshd[17590]: Failed password for root from 45.55.222.162 port 60822 ssh2 Oct 10 07:17:41 vtv3 sshd[19622]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.55.222.162 user=root Oct 10 07:17:44 vtv3 sshd[19622]: Failed password for root from 45.55.222.162 port 43244 ssh2 Oct 10 07:21:33 vtv3 sshd[21568]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.55.222.162 user=root Oct 10 07:33:16 vtv3 sshd[27073]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.55.222.162 user=root Oct 10 07:33:18 vtv3 sshd[27073]: Failed password for root from 45.55.222.162 port 57696 ssh2 Oct 10 07:37:18 vt	2019-12-20 02:29:28
112.85.42.176	attackspambots	Dec 19 13:26:51 TORMINT sshd\[5321\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.176 user=root Dec 19 13:26:53 TORMINT sshd\[5321\]: Failed password for root from 112.85.42.176 port 56174 ssh2 Dec 19 13:27:08 TORMINT sshd\[5328\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.176 user=root ...	2019-12-20 02:42:32
37.187.248.39	attackspam	Dec 19 23:27:36 gw1 sshd[32393]: Failed password for root from 37.187.248.39 port 38296 ssh2 ...	2019-12-20 03:00:59
69.94.143.194	attackbots	Dec 19 16:37:32 grey postfix/smtpd\[23251\]: NOQUEUE: reject: RCPT from stile.nabhaa.com\[69.94.143.194\]: 554 5.7.1 Service unavailable\; Client host \[69.94.143.194\] blocked using truncate.gbudb.net\; http://www.gbudb.com/truncate/ \[69.94.143.194\]\; from=\ to=\ proto=ESMTP helo=\ ...	2019-12-20 02:32:46
119.113.176.103	attackbotsspam	Dec 19 15:59:12 dev0-dcde-rnet sshd[31588]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.113.176.103 Dec 19 15:59:14 dev0-dcde-rnet sshd[31588]: Failed password for invalid user info from 119.113.176.103 port 12159 ssh2 Dec 19 16:03:42 dev0-dcde-rnet sshd[31612]: Failed password for root from 119.113.176.103 port 2901 ssh2	2019-12-20 02:55:57
222.186.175.212	attackspam	Dec 19 19:47:17 loxhost sshd\[22023\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.212 user=root Dec 19 19:47:19 loxhost sshd\[22023\]: Failed password for root from 222.186.175.212 port 54176 ssh2 Dec 19 19:47:22 loxhost sshd\[22023\]: Failed password for root from 222.186.175.212 port 54176 ssh2 Dec 19 19:47:25 loxhost sshd\[22023\]: Failed password for root from 222.186.175.212 port 54176 ssh2 Dec 19 19:47:29 loxhost sshd\[22023\]: Failed password for root from 222.186.175.212 port 54176 ssh2 ...	2019-12-20 02:51:13
216.218.206.114	attackbots	firewall-block, port(s): 873/tcp	2019-12-20 02:59:00
128.199.224.215	attackbotsspam	Dec 19 18:36:44 Ubuntu-1404-trusty-64-minimal sshd\[26954\]: Invalid user mynear from 128.199.224.215 Dec 19 18:36:44 Ubuntu-1404-trusty-64-minimal sshd\[26954\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.224.215 Dec 19 18:36:46 Ubuntu-1404-trusty-64-minimal sshd\[26954\]: Failed password for invalid user mynear from 128.199.224.215 port 39506 ssh2 Dec 19 18:47:23 Ubuntu-1404-trusty-64-minimal sshd\[512\]: Invalid user zaccary from 128.199.224.215 Dec 19 18:47:23 Ubuntu-1404-trusty-64-minimal sshd\[512\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.224.215	2019-12-20 02:36:10
222.240.1.0	attack	$f2bV_matches	2019-12-20 02:43:50
81.45.56.199	attack	Dec 19 18:55:39 localhost sshd[51072]: Failed password for root from 81.45.56.199 port 36834 ssh2 Dec 19 19:02:15 localhost sshd[51254]: Failed password for invalid user 123 from 81.45.56.199 port 58722 ssh2 Dec 19 19:07:43 localhost sshd[51345]: Failed password for invalid user karademir from 81.45.56.199 port 37092 ssh2	2019-12-20 02:41:19

最近上报的IP列表

34.239.66.35	128.218.52.126	174.50.138.215	142.32.57.189
178.113.107.216	70.228.57.143	64.221.78.21	181.226.27.105
129.150.141.176	183.129.14.146	99.91.25.1	1.188.240.35
89.87.13.45	95.54.47.135	110.18.139.62	174.220.104.228
196.234.254.98	93.123.176.107	176.19.71.91	91.170.223.151