124.248.152.20

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Japan

运营商(isp): unknown

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

暂无关于此IP的讨论, 沙发请点上方按钮

相同子网IP讨论:

暂无关于此IP所属子网相关IP的讨论.

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 124.248.152.20
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 6901
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;124.248.152.20.			IN	A

;; AUTHORITY SECTION:
.			281	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022021702 1800 900 604800 86400

;; Query time: 19 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Feb 18 10:50:16 CST 2022
;; MSG SIZE  rcvd: 107

HOST信息:

20.152.248.124.in-addr.arpa domain name pointer o4042-331.kagoya.net.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
20.152.248.124.in-addr.arpa	name = o4042-331.kagoya.net.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
200.206.81.154	attack	May 3 00:53:48 ift sshd\[39031\]: Failed password for root from 200.206.81.154 port 40614 ssh2May 3 00:57:32 ift sshd\[39780\]: Invalid user wwwrun from 200.206.81.154May 3 00:57:34 ift sshd\[39780\]: Failed password for invalid user wwwrun from 200.206.81.154 port 39166 ssh2May 3 01:01:25 ift sshd\[40450\]: Invalid user ggc from 200.206.81.154May 3 01:01:27 ift sshd\[40450\]: Failed password for invalid user ggc from 200.206.81.154 port 37717 ssh2 ...	2020-05-03 08:26:31
178.154.200.116	attackbotsspam	[Sun May 03 03:32:24.029283 2020] [:error] [pid 24018:tid 139939790259968] [client 178.154.200.116:56396] [client 178.154.200.116] ModSecurity: Access denied with code 403 (phase 2). Pattern match "^[\\\\d.:]+$" at REQUEST_HEADERS:Host. [file "/etc/modsecurity/owasp-modsecurity-crs-3.2.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "696"] [id "920350"] [msg "Host header is a numeric IP address"] [data "103.27.207.197"] [severity "WARNING"] [ver "OWASP_CRS/3.2.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "OWASP_CRS"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/IP_HOST"] [tag "WASCTC/WASC-21"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "103.27.207.197"] [uri "/"] [unique_id "Xq3Y2L43rJIGTQDypFE2HgAABaI"] ...	2020-05-03 08:44:26
185.216.140.27	attackspambots	Persistent port scanner - incrediserve.net	2020-05-03 08:13:04
185.176.27.14	attack	05/03/2020-00:57:18.564615 185.176.27.14 Protocol: 6 ET DROP Dshield Block Listed Source group 1	2020-05-03 08:25:28
171.103.56.134	attack	Invalid user admin from 171.103.56.134 port 38524	2020-05-03 08:15:07
129.211.124.29	attack	2020-05-03T01:55:38.884515sd-86998 sshd[30411]: Invalid user ubuntu from 129.211.124.29 port 43648 2020-05-03T01:55:38.888185sd-86998 sshd[30411]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.211.124.29 2020-05-03T01:55:38.884515sd-86998 sshd[30411]: Invalid user ubuntu from 129.211.124.29 port 43648 2020-05-03T01:55:41.031889sd-86998 sshd[30411]: Failed password for invalid user ubuntu from 129.211.124.29 port 43648 ssh2 2020-05-03T02:01:40.376364sd-86998 sshd[30969]: Invalid user marcela from 129.211.124.29 port 54756 ...	2020-05-03 08:13:50
106.12.220.19	attackbots	May 3 00:54:17 server sshd[15822]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.220.19 May 3 00:54:20 server sshd[15822]: Failed password for invalid user grq from 106.12.220.19 port 56036 ssh2 May 3 00:57:38 server sshd[16143]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.220.19 ...	2020-05-03 08:22:13
198.46.135.250	attack	[2020-05-02 20:19:44] NOTICE[1170][C-00009a93] chan_sip.c: Call from '' (198.46.135.250:53267) to extension '0081046520458223' rejected because extension not found in context 'public'. [2020-05-02 20:19:44] SECURITY[1184] res_security_log.c: SecurityEvent="FailedACL",EventTV="2020-05-02T20:19:44.263-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="0081046520458223",SessionID="0x7f6c085d4d48",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/198.46.135.250/53267",ACLName="no_extension_match" [2020-05-02 20:21:11] NOTICE[1170][C-00009a94] chan_sip.c: Call from '' (198.46.135.250:53343) to extension '+81046520458223' rejected because extension not found in context 'public'. [2020-05-02 20:21:11] SECURITY[1184] res_security_log.c: SecurityEvent="FailedACL",EventTV="2020-05-02T20:21:11.452-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="+81046520458223",SessionID="0x7f6c085d4d48",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4 ...	2020-05-03 08:24:14
180.76.36.158	attackbotsspam	2020-05-02T20:25:38.961836dmca.cloudsearch.cf sshd[27831]: Invalid user gb from 180.76.36.158 port 52756 2020-05-02T20:25:38.967888dmca.cloudsearch.cf sshd[27831]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.76.36.158 2020-05-02T20:25:38.961836dmca.cloudsearch.cf sshd[27831]: Invalid user gb from 180.76.36.158 port 52756 2020-05-02T20:25:41.019840dmca.cloudsearch.cf sshd[27831]: Failed password for invalid user gb from 180.76.36.158 port 52756 ssh2 2020-05-02T20:32:40.941644dmca.cloudsearch.cf sshd[28244]: Invalid user wyq from 180.76.36.158 port 56626 2020-05-02T20:32:40.948433dmca.cloudsearch.cf sshd[28244]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.76.36.158 2020-05-02T20:32:40.941644dmca.cloudsearch.cf sshd[28244]: Invalid user wyq from 180.76.36.158 port 56626 2020-05-02T20:32:43.266341dmca.cloudsearch.cf sshd[28244]: Failed password for invalid user wyq from 180.76.36.158 port 56626 ...	2020-05-03 08:28:23
184.154.139.20	attack	(From 1) 1	2020-05-03 08:47:15
45.134.179.57	attackspam	May 3 02:33:59 debian-2gb-nbg1-2 kernel: \[10724945.399512\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=45.134.179.57 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=246 ID=49866 PROTO=TCP SPT=50173 DPT=2611 WINDOW=1024 RES=0x00 SYN URGP=0	2020-05-03 08:36:43
36.57.89.173	attackspambots	Brute Force - Postfix	2020-05-03 08:23:06
212.64.3.137	attack	May 2 23:50:39 localhost sshd[77900]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=212.64.3.137 user=root May 2 23:50:41 localhost sshd[77900]: Failed password for root from 212.64.3.137 port 57204 ssh2 May 2 23:55:49 localhost sshd[78435]: Invalid user med from 212.64.3.137 port 60182 May 2 23:55:49 localhost sshd[78435]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=212.64.3.137 May 2 23:55:49 localhost sshd[78435]: Invalid user med from 212.64.3.137 port 60182 May 2 23:55:51 localhost sshd[78435]: Failed password for invalid user med from 212.64.3.137 port 60182 ssh2 ...	2020-05-03 08:34:21
142.93.107.175	attackbotsspam	May 3 02:25:04 nextcloud sshd\[1764\]: Invalid user navarrete from 142.93.107.175 May 3 02:25:04 nextcloud sshd\[1764\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.107.175 May 3 02:25:06 nextcloud sshd\[1764\]: Failed password for invalid user navarrete from 142.93.107.175 port 60602 ssh2	2020-05-03 08:38:18
156.96.119.148	attackbots	2020-05-03T02:28:06.963394+02:00 lumpi kernel: [13755421.597450] INPUT:DROP:SPAMHAUS_DROP:IN=eth0 OUT= MAC=52:54:a2:01:a5:04:d2:74:7f:6e:37:e3:08:00 SRC=156.96.119.148 DST=78.46.199.189 LEN=40 TOS=0x00 PREC=0x00 TTL=242 ID=37967 DF PROTO=TCP SPT=16 DPT=9000 WINDOW=512 RES=0x00 SYN URGP=0 ...	2020-05-03 08:44:58

最近上报的IP列表

124.243.244.20	124.247.194.140	124.248.154.97	124.248.152.52
124.248.157.188	124.248.169.99	124.248.158.192	124.248.157.163
124.248.168.36	124.248.174.2	124.248.239.142	124.248.158.38
124.248.239.120	124.248.239.249	124.248.170.237	124.248.239.76
124.248.239.204	124.251.121.25	124.251.100.193	124.251.6.133