201.68.251.14 - IPInfo

基本信息:

城市(city): Sao Vicente

省份(region): Sao Paulo

国家(country): Brazil

运营商(isp): unknown

主机名(hostname): unknown

机构(organization): TELEFÔNICA BRASIL S.A

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

暂无关于此IP的讨论, 沙发请点上方按钮

相同子网IP讨论:

暂无关于此IP所属子网相关IP的讨论.

WHOIS信息:

DIG信息:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 201.68.251.14
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 46447
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;201.68.251.14.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019061000 1800 900 604800 86400

;; Query time: 3 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Tue Jun 11 00:42:51 CST 2019
;; MSG SIZE  rcvd: 117

HOST信息:

14.251.68.201.in-addr.arpa domain name pointer 201-68-251-14.dsl.telesp.net.br.

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
14.251.68.201.in-addr.arpa	name = 201-68-251-14.dsl.telesp.net.br.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
180.175.104.206	attack	Unauthorised access (May 20) SRC=180.175.104.206 LEN=40 TTL=52 ID=9207 TCP DPT=8080 WINDOW=13905 SYN Unauthorised access (May 19) SRC=180.175.104.206 LEN=40 TTL=52 ID=61258 TCP DPT=8080 WINDOW=29749 SYN Unauthorised access (May 19) SRC=180.175.104.206 LEN=40 TTL=52 ID=9795 TCP DPT=8080 WINDOW=50755 SYN Unauthorised access (May 19) SRC=180.175.104.206 LEN=40 TTL=52 ID=49280 TCP DPT=8080 WINDOW=29749 SYN Unauthorised access (May 19) SRC=180.175.104.206 LEN=40 TTL=52 ID=4825 TCP DPT=8080 WINDOW=25580 SYN Unauthorised access (May 18) SRC=180.175.104.206 LEN=40 TTL=52 ID=36893 TCP DPT=8080 WINDOW=4640 SYN Unauthorised access (May 18) SRC=180.175.104.206 LEN=40 TTL=52 ID=64637 TCP DPT=8080 WINDOW=8459 SYN	2020-05-20 14:43:30
216.47.245.138	attackbotsspam	Unauthorised access (May 20) SRC=216.47.245.138 LEN=40 TTL=51 ID=42245 TCP DPT=8080 WINDOW=22683 SYN Unauthorised access (May 19) SRC=216.47.245.138 LEN=40 TTL=51 ID=43640 TCP DPT=8080 WINDOW=22683 SYN	2020-05-20 15:07:11
103.219.195.79	attack	DATE:2020-05-20 07:28:18, IP:103.219.195.79, PORT:ssh SSH brute force auth (docker-dc)	2020-05-20 15:06:19
200.123.119.163	attackbots	Invalid user user3 from 200.123.119.163 port 65336	2020-05-20 14:56:14
189.62.69.106	attack	$f2bV_matches	2020-05-20 15:12:02
139.59.45.45	attack	[ssh] SSH attack	2020-05-20 15:24:49
213.180.203.67	attackbots	[Wed May 20 06:41:55.162264 2020] [:error] [pid 11844:tid 140678373918464] [client 213.180.203.67:59728] [client 213.180.203.67] ModSecurity: Access denied with code 403 (phase 2). Pattern match "^[\\\\d.:]+$" at REQUEST_HEADERS:Host. [file "/etc/modsecurity/owasp-modsecurity-crs-3.2.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "696"] [id "920350"] [msg "Host header is a numeric IP address"] [data "103.27.207.197"] [severity "WARNING"] [ver "OWASP_CRS/3.2.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "OWASP_CRS"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/IP_HOST"] [tag "WASCTC/WASC-21"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "103.27.207.197"] [uri "/"] [unique_id "XsRuwxNGGN9CEqIJiAc2ogAAAcM"] ...	2020-05-20 15:13:13
175.118.126.81	attackspambots	Bruteforce detected by fail2ban	2020-05-20 15:03:43
63.83.75.101	attackspambots	May 20 02:21:13 * postfix/smtpd[5898]: connect from absorbing.szajmaszkok.com[63.83.75.101] May x@x May 20 02:21:14 * postfix/smtpd[5898]: disconnect from absorbing.szajmaszkok.com[63.83.75.101] May 20 02:21:47 * postfix/smtpd[5898]: connect from absorbing.szajmaszkok.com[63.83.75.101] May x@x May 20 02:21:47 * postfix/smtpd[5898]: disconnect from absorbing.szajmaszkok.com[63.83.75.101] May 20 02:24:37 * postfix/smtpd[8606]: connect from absorbing.szajmaszkok.com[63.83.75.101] May x@x May 20 02:24:37 * postfix/smtpd[8606]: disconnect from absorbing.szajmaszkok.com[63.83.75.101] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=63.83.75.101	2020-05-20 14:47:00
54.37.13.107	attackspam	2020-05-20T08:30:50.178676sd-86998 sshd[43010]: Invalid user gdftp from 54.37.13.107 port 33488 2020-05-20T08:30:50.180977sd-86998 sshd[43010]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=ns9.hoffmeisterdv.de 2020-05-20T08:30:50.178676sd-86998 sshd[43010]: Invalid user gdftp from 54.37.13.107 port 33488 2020-05-20T08:30:52.561161sd-86998 sshd[43010]: Failed password for invalid user gdftp from 54.37.13.107 port 33488 ssh2 2020-05-20T08:34:40.313524sd-86998 sshd[44007]: Invalid user rxr from 54.37.13.107 port 39784 ...	2020-05-20 14:50:05
159.192.143.249	attackspam	May 20 06:55:58 ourumov-web sshd\[1131\]: Invalid user cur from 159.192.143.249 port 42900 May 20 06:55:58 ourumov-web sshd\[1131\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.192.143.249 May 20 06:56:00 ourumov-web sshd\[1131\]: Failed password for invalid user cur from 159.192.143.249 port 42900 ssh2 ...	2020-05-20 14:53:52
59.90.140.125	attackbotsspam	May 19 23:56:34 * sshd[4552]: Failed password for r.r from 59.90.140.125 port 25096 ssh2 May 20 00:43:55 * sshd[9788]: Failed password for r.r from 59.90.140.125 port 25096 ssh2 May 20 01:31:10 *** sshd[15130]: Failed password for r.r from 59.90.140.125 port 25096 ssh2 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=59.90.140.125	2020-05-20 14:58:52
78.188.218.80	attackbots	Automatic report - Banned IP Access	2020-05-20 15:02:24
222.186.175.217	attack	2020-05-20T06:41:55.098402abusebot-4.cloudsearch.cf sshd[17051]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.217 user=root 2020-05-20T06:41:57.437863abusebot-4.cloudsearch.cf sshd[17051]: Failed password for root from 222.186.175.217 port 37354 ssh2 2020-05-20T06:42:03.038563abusebot-4.cloudsearch.cf sshd[17051]: Failed password for root from 222.186.175.217 port 37354 ssh2 2020-05-20T06:41:55.098402abusebot-4.cloudsearch.cf sshd[17051]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.217 user=root 2020-05-20T06:41:57.437863abusebot-4.cloudsearch.cf sshd[17051]: Failed password for root from 222.186.175.217 port 37354 ssh2 2020-05-20T06:42:03.038563abusebot-4.cloudsearch.cf sshd[17051]: Failed password for root from 222.186.175.217 port 37354 ssh2 2020-05-20T06:41:55.098402abusebot-4.cloudsearch.cf sshd[17051]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 ...	2020-05-20 14:46:13
45.40.243.251	attackspam	Automatic report - Windows Brute-Force Attack	2020-05-20 14:44:47

最近上报的IP列表

122.6.45.171	83.102.201.94	57.252.39.138	200.37.56.66
70.230.7.187	117.186.11.218	111.142.208.238	36.70.192.218
159.89.224.188	126.198.4.198	109.63.212.69	216.104.200.210
58.231.242.102	109.94.117.140	35.178.119.61	210.186.24.180
187.6.249.140	192.125.182.51	98.4.213.95	156.25.75.165