1.34.1.148 - IPInfo

基本信息:

城市(city): Taipei

省份(region): Taipei City

国家(country): Taiwan, China

运营商(isp): Chunghwa Telecom Co. Ltd.

主机名(hostname): unknown

机构(organization): Data Communication Business Group

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspambots	TW_MAINT-TW-TWNIC_<177>1585225417 [1:2403302:56258] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 2 [Classification: Misc Attack] [Priority: 2]: {TCP} 1.34.1.148:61990	2020-03-27 00:04:08
attackspam	23/tcp [2019-10-06/11-01]2pkt	2019-11-01 17:06:51
attack	Honeypot attack, port: 23, PTR: 1-34-1-148.HINET-IP.hinet.net.	2019-08-12 02:25:11

类型

评论内容

时间

attackspambots

TW_MAINT-TW-TWNIC_<177>1585225417 [1:2403302:56258] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 2 [Classification: Misc Attack] [Priority: 2]:  {TCP} 1.34.1.148:61990

2020-03-27 00:04:08

attackspam

23/tcp
[2019-10-06/11-01]2pkt

2019-11-01 17:06:51

attack

Honeypot attack, port: 23, PTR: 1-34-1-148.HINET-IP.hinet.net.

2019-08-12 02:25:11

相同子网IP讨论:

IP	类型	评论内容	时间
1.34.16.210	attackbots	TCP (SYN) 1.34.16.210:2676 -> port 23, len 44	2020-10-05 06:54:30
1.34.16.210	attack	TCP (SYN) 1.34.16.210:2676 -> port 23, len 44	2020-10-04 23:00:08
1.34.16.210	attackbotsspam	TCP (SYN) 1.34.16.210:34293 -> port 2323, len 44	2020-10-04 14:46:03
1.34.107.92	attack	2019-12-12T22:33:27.009332suse-nuc sshd[25101]: Invalid user guest from 1.34.107.92 port 37998 ...	2020-09-27 04:26:36
1.34.117.251	attackbotsspam	2019-11-25T20:06:03.734670suse-nuc sshd[27511]: Invalid user user from 1.34.117.251 port 44506 ...	2020-09-27 04:25:39
1.34.195.88	attack	2020-09-10T07:02:08.767291suse-nuc sshd[19245]: User root from 1.34.195.88 not allowed because listed in DenyUsers ...	2020-09-27 04:25:19
1.34.107.92	attackbotsspam	2019-12-12T22:33:27.009332suse-nuc sshd[25101]: Invalid user guest from 1.34.107.92 port 37998 ...	2020-09-26 20:34:06
1.34.117.251	attackspam	2019-11-25T20:06:03.734670suse-nuc sshd[27511]: Invalid user user from 1.34.117.251 port 44506 ...	2020-09-26 20:33:08
1.34.195.88	attackbots	2020-09-10T07:02:08.767291suse-nuc sshd[19245]: User root from 1.34.195.88 not allowed because listed in DenyUsers ...	2020-09-26 20:32:52
1.34.107.92	attack	2019-12-12T22:33:27.009332suse-nuc sshd[25101]: Invalid user guest from 1.34.107.92 port 37998 ...	2020-09-26 12:18:01
1.34.195.88	attackbotsspam	2020-09-10T07:02:08.767291suse-nuc sshd[19245]: User root from 1.34.195.88 not allowed because listed in DenyUsers ...	2020-09-26 12:16:55
1.34.19.58	attackspam	firewall-block, port(s): 23/tcp	2020-09-25 11:44:19
1.34.164.204	attack	invalid user	2020-09-22 01:48:10
1.34.141.44	attackbots	Found on CINS badguys / proto=6 . srcport=44251 . dstport=23 . (2323)	2020-09-21 23:13:04
1.34.164.204	attack	Port scan followed by SSH.	2020-09-21 17:31:52

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 1.34.1.148
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 41678
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;1.34.1.148.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019081100 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Mon Aug 12 02:25:03 CST 2019
;; MSG SIZE  rcvd: 114

HOST信息:

148.1.34.1.in-addr.arpa domain name pointer 1-34-1-148.HINET-IP.hinet.net.

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
148.1.34.1.in-addr.arpa	name = 1-34-1-148.HINET-IP.hinet.net.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
49.151.35.225	attack	Honeypot attack, port: 445, PTR: dsl.49.151.35.225.pldt.net.	2020-01-06 06:58:02
118.141.152.250	attack	Honeypot attack, port: 5555, PTR: sr-250-152-141-118-on-nets.com.	2020-01-06 07:04:59
147.139.132.146	attackbots	Jan 5 19:40:36 vps46666688 sshd[27454]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=147.139.132.146 Jan 5 19:40:38 vps46666688 sshd[27454]: Failed password for invalid user sysadmin from 147.139.132.146 port 49658 ssh2 ...	2020-01-06 07:01:17
14.142.132.2	attackspam	firewall-block, port(s): 445/tcp	2020-01-06 07:16:53
45.141.56.32	attackbots	Attempted to connect 2 times to port 22 TCP	2020-01-06 07:10:22
103.219.204.19	attackbotsspam	Jan 6 00:26:54 www sshd\[42880\]: Invalid user cassie from 103.219.204.19Jan 6 00:26:56 www sshd\[42880\]: Failed password for invalid user cassie from 103.219.204.19 port 4818 ssh2Jan 6 00:28:53 www sshd\[42888\]: Invalid user tao from 103.219.204.19 ...	2020-01-06 06:46:38
46.229.168.162	attack	Malicious Traffic/Form Submission	2020-01-06 06:44:22
91.134.240.73	attackspam	Unauthorized connection attempt detected from IP address 91.134.240.73 to port 2220 [J]	2020-01-06 07:15:51
58.187.54.13	attackbots	20/1/5@17:29:03: FAIL: Alarm-Network address from=58.187.54.13 20/1/5@17:29:03: FAIL: Alarm-Network address from=58.187.54.13 ...	2020-01-06 07:03:56
212.47.238.207	attackspambots	Unauthorized connection attempt detected from IP address 212.47.238.207 to port 2220 [J]	2020-01-06 06:44:54
54.36.238.211	attack	\[2020-01-05 16:50:36\] NOTICE\[2839\] chan_sip.c: Registration from '"603" \' failed for '54.36.238.211:5089' - Wrong password \[2020-01-05 16:50:36\] SECURITY\[2857\] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2020-01-05T16:50:36.641-0500",Severity="Error",Service="SIP",EventVersion="2",AccountID="603",SessionID="0x7f0fb40aad28",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/54.36.238.211/5089",Challenge="5ceee562",ReceivedChallenge="5ceee562",ReceivedHash="f8aa14a36dc15b83adf5ca7e345edca3" \[2020-01-05 16:50:36\] NOTICE\[2839\] chan_sip.c: Registration from '"603" \' failed for '54.36.238.211:5089' - Wrong password \[2020-01-05 16:50:36\] SECURITY\[2857\] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2020-01-05T16:50:36.761-0500",Severity="Error",Service="SIP",EventVersion="2",AccountID="603",SessionID="0x7f0fb447f838",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/54.3	2020-01-06 06:48:41
197.253.22.197	attackbots	Honeypot attack, port: 445, PTR: PTR record not found	2020-01-06 07:06:30
36.6.57.220	attackspambots	2020-01-05 15:49:56 H=(ylmf-pc) [36.6.57.220]:50604 I=[192.147.25.65]:25 rejected EHLO or HELO ylmf-pc: CHECK_HELO: ylmf-pc 2020-01-05 15:49:56 H=(ylmf-pc) [36.6.57.220]:53723 I=[192.147.25.65]:25 rejected EHLO or HELO ylmf-pc: CHECK_HELO: ylmf-pc 2020-01-05 15:49:57 H=(ylmf-pc) [36.6.57.220]:58034 I=[192.147.25.65]:25 rejected EHLO or HELO ylmf-pc: CHECK_HELO: ylmf-pc 2020-01-05 15:49:57 H=(ylmf-pc) [36.6.57.220]:53530 I=[192.147.25.65]:25 rejected EHLO or HELO ylmf-pc: CHECK_HELO: ylmf-pc ...	2020-01-06 07:20:08
213.136.68.63	attackspam	MultiHost/MultiPort Probe, Scan, Hack -	2020-01-06 06:59:41
121.230.178.94	attackbots	2020-01-05 15:49:52 dovecot_login authenticator failed for (ziwxr) [121.230.178.94]:60024 I=[192.147.25.65]:25: 535 Incorrect authentication data (set_id=wangpeng@lerctr.org) 2020-01-05 15:49:59 dovecot_login authenticator failed for (oktaw) [121.230.178.94]:60024 I=[192.147.25.65]:25: 535 Incorrect authentication data (set_id=wangpeng@lerctr.org) 2020-01-05 15:50:10 dovecot_login authenticator failed for (sdgys) [121.230.178.94]:60024 I=[192.147.25.65]:25: 535 Incorrect authentication data (set_id=wangpeng@lerctr.org) ...	2020-01-06 07:07:39

最近上报的IP列表

222.189.245.215	71.72.172.156	222.153.172.9	117.239.193.48
196.221.91.215	186.92.0.245	210.160.13.110	173.49.171.120
195.14.244.104	155.252.219.135	85.109.95.199	125.231.135.248
45.111.49.21	203.205.41.21	156.194.110.89	35.239.8.123
139.162.31.103	186.204.146.61	214.145.129.236	81.42.219.153