Private IP Addresses Showing In Public Webserver Logging

Today I was spelunking through some logging on the Squarespace backend, and found something peculiar.

The IP address marked by the red frame is a so-called private IP address.

In the Internet addressing architecture, a private network is a network that uses private IP address space, following the standards set by RFC 1918 and RFC 4193. These addresses are commonly used for home, office, and enterprise local area networks (LANs), when globally routable addresses are not mandatory, or are not available for the intended network applications.

These shouldn't show up in the logging of a webserver which is connected to the Internet. Further investigation revealed several other IP addresses;

07/29 at 10:29:20 AM 10.16.121.170
07/27 at 03:46:44 PM 10.31.238.253
07/27 at 08:27:18 AM 10.197.128.25
07/27 at 06:47:17 PM 10.31.245.14
07/25 at 02:08:42 PM 10.86.114.66
07/24 at 12:15:31 PM 10.71.209.105
07/28 at 02:27:47 AM 192.168.100.2
07/27 at 11:11:14 PM 192.168.14.63
07/27 at 03:28:20 PM 192.168.1.24
07/27 at 03:14:36 PM 192.168.7.17
07/27 at 08:25:04 AM 192.168.26.218
07/25 at 05:07:24 PM 192.168.10.2

I opened a support ticket @Squarespace to check if these might be internal addresses. If so, they are using a lot of internal networks.

Posted on July 29, 2012 by Willem and filed under Internet, Website and tagged Private IP logging.