1.34.1.148 - IPInfo

基本信息:

城市(city): Taipei

省份(region): Taipei City

国家(country): Taiwan, China

运营商(isp): Chunghwa Telecom Co. Ltd.

主机名(hostname): unknown

机构(organization): Data Communication Business Group

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspambots	TW_MAINT-TW-TWNIC_<177>1585225417 [1:2403302:56258] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 2 [Classification: Misc Attack] [Priority: 2]: {TCP} 1.34.1.148:61990	2020-03-27 00:04:08
attackspam	23/tcp [2019-10-06/11-01]2pkt	2019-11-01 17:06:51
attack	Honeypot attack, port: 23, PTR: 1-34-1-148.HINET-IP.hinet.net.	2019-08-12 02:25:11

类型

评论内容

时间

attackspambots

TW_MAINT-TW-TWNIC_<177>1585225417 [1:2403302:56258] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 2 [Classification: Misc Attack] [Priority: 2]:  {TCP} 1.34.1.148:61990

2020-03-27 00:04:08

attackspam

23/tcp
[2019-10-06/11-01]2pkt

2019-11-01 17:06:51

attack

Honeypot attack, port: 23, PTR: 1-34-1-148.HINET-IP.hinet.net.

2019-08-12 02:25:11

相同子网IP讨论:

IP	类型	评论内容	时间
1.34.16.210	attackbots	TCP (SYN) 1.34.16.210:2676 -> port 23, len 44	2020-10-05 06:54:30
1.34.16.210	attack	TCP (SYN) 1.34.16.210:2676 -> port 23, len 44	2020-10-04 23:00:08
1.34.16.210	attackbotsspam	TCP (SYN) 1.34.16.210:34293 -> port 2323, len 44	2020-10-04 14:46:03
1.34.107.92	attack	2019-12-12T22:33:27.009332suse-nuc sshd[25101]: Invalid user guest from 1.34.107.92 port 37998 ...	2020-09-27 04:26:36
1.34.117.251	attackbotsspam	2019-11-25T20:06:03.734670suse-nuc sshd[27511]: Invalid user user from 1.34.117.251 port 44506 ...	2020-09-27 04:25:39
1.34.195.88	attack	2020-09-10T07:02:08.767291suse-nuc sshd[19245]: User root from 1.34.195.88 not allowed because listed in DenyUsers ...	2020-09-27 04:25:19
1.34.107.92	attackbotsspam	2019-12-12T22:33:27.009332suse-nuc sshd[25101]: Invalid user guest from 1.34.107.92 port 37998 ...	2020-09-26 20:34:06
1.34.117.251	attackspam	2019-11-25T20:06:03.734670suse-nuc sshd[27511]: Invalid user user from 1.34.117.251 port 44506 ...	2020-09-26 20:33:08
1.34.195.88	attackbots	2020-09-10T07:02:08.767291suse-nuc sshd[19245]: User root from 1.34.195.88 not allowed because listed in DenyUsers ...	2020-09-26 20:32:52
1.34.107.92	attack	2019-12-12T22:33:27.009332suse-nuc sshd[25101]: Invalid user guest from 1.34.107.92 port 37998 ...	2020-09-26 12:18:01
1.34.195.88	attackbotsspam	2020-09-10T07:02:08.767291suse-nuc sshd[19245]: User root from 1.34.195.88 not allowed because listed in DenyUsers ...	2020-09-26 12:16:55
1.34.19.58	attackspam	firewall-block, port(s): 23/tcp	2020-09-25 11:44:19
1.34.164.204	attack	invalid user	2020-09-22 01:48:10
1.34.141.44	attackbots	Found on CINS badguys / proto=6 . srcport=44251 . dstport=23 . (2323)	2020-09-21 23:13:04
1.34.164.204	attack	Port scan followed by SSH.	2020-09-21 17:31:52

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 1.34.1.148
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 41678
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;1.34.1.148.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019081100 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Mon Aug 12 02:25:03 CST 2019
;; MSG SIZE  rcvd: 114

HOST信息:

148.1.34.1.in-addr.arpa domain name pointer 1-34-1-148.HINET-IP.hinet.net.

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
148.1.34.1.in-addr.arpa	name = 1-34-1-148.HINET-IP.hinet.net.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
200.46.28.250	attackbotsspam	02/02/2020-00:24:08.728865 200.46.28.250 Protocol: 6 ET SCAN Potential SSH Scan	2020-02-02 13:24:45
211.121.120.238	attackspambots	Unauthorized connection attempt detected from IP address 211.121.120.238 to port 5555 [J]	2020-02-02 10:23:07
139.199.164.132	attackbotsspam	Unauthorized connection attempt detected from IP address 139.199.164.132 to port 2220 [J]	2020-02-02 10:16:43
188.148.154.34	attackspambots	Honeypot attack, port: 5555, PTR: c188-148-154-34.bredband.comhem.se.	2020-02-02 13:07:14
93.174.93.163	attackspambots	Feb 2 05:58:08 debian-2gb-nbg1-2 kernel: \[2878744.008428\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=93.174.93.163 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=247 ID=9729 PROTO=TCP SPT=53224 DPT=14080 WINDOW=1024 RES=0x00 SYN URGP=0	2020-02-02 13:31:14
125.208.26.42	attack	Unauthorized connection attempt detected from IP address 125.208.26.42 to port 2220 [J]	2020-02-02 13:15:31
194.65.94.60	attack	Feb 2 05:58:23 nextcloud sshd\[1414\]: Invalid user deploy from 194.65.94.60 Feb 2 05:58:23 nextcloud sshd\[1414\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=194.65.94.60 Feb 2 05:58:25 nextcloud sshd\[1414\]: Failed password for invalid user deploy from 194.65.94.60 port 52744 ssh2	2020-02-02 13:21:36
122.52.149.209	attackbots	Honeypot attack, port: 445, PTR: www2.heandsons.com.	2020-02-02 13:17:47
92.118.38.56	attackspam	Feb 2 06:21:12 v22019058497090703 postfix/smtpd[10080]: warning: unknown[92.118.38.56]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Feb 2 06:21:44 v22019058497090703 postfix/smtpd[10080]: warning: unknown[92.118.38.56]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Feb 2 06:22:16 v22019058497090703 postfix/smtpd[10080]: warning: unknown[92.118.38.56]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2020-02-02 13:31:44
170.130.187.18	attackbotsspam	Unauthorized connection attempt detected from IP address 170.130.187.18 to port 3389 [J]	2020-02-02 10:24:09
18.217.154.61	attack	Feb 2 05:58:42 nextcloud sshd\[2014\]: Invalid user bot2 from 18.217.154.61 Feb 2 05:58:42 nextcloud sshd\[2014\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=18.217.154.61 Feb 2 05:58:43 nextcloud sshd\[2014\]: Failed password for invalid user bot2 from 18.217.154.61 port 58814 ssh2	2020-02-02 13:04:15
103.123.8.221	attack	Feb 2 04:54:56 web8 sshd\[3901\]: Invalid user user1 from 103.123.8.221 Feb 2 04:54:56 web8 sshd\[3901\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.123.8.221 Feb 2 04:54:58 web8 sshd\[3901\]: Failed password for invalid user user1 from 103.123.8.221 port 48406 ssh2 Feb 2 04:58:37 web8 sshd\[5475\]: Invalid user steam from 103.123.8.221 Feb 2 04:58:37 web8 sshd\[5475\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.123.8.221	2020-02-02 13:08:01
213.60.165.77	attackspambots	Unauthorized connection attempt detected from IP address 213.60.165.77 to port 2220 [J]	2020-02-02 13:32:09
54.37.100.120	attackspam	54.37.100.120 - - [02/Feb/2020:04:58:15 +0000] "POST /wp/wp-login.php HTTP/1.1" 200 6255 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 54.37.100.120 - - [02/Feb/2020:04:58:16 +0000] "POST /wp/xmlrpc.php HTTP/1.1" 200 403 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-02-02 13:28:24
222.186.173.215	attackspam	Unauthorized connection attempt detected from IP address 222.186.173.215 to port 22 [J]	2020-02-02 13:16:26

最近上报的IP列表

222.189.245.215	71.72.172.156	222.153.172.9	117.239.193.48
196.221.91.215	186.92.0.245	210.160.13.110	173.49.171.120
195.14.244.104	155.252.219.135	85.109.95.199	125.231.135.248
45.111.49.21	203.205.41.21	156.194.110.89	35.239.8.123
139.162.31.103	186.204.146.61	214.145.129.236	81.42.219.153