1.34.1.148 - IPInfo

基本信息:

城市(city): Taipei

省份(region): Taipei City

国家(country): Taiwan, China

运营商(isp): Chunghwa Telecom Co. Ltd.

主机名(hostname): unknown

机构(organization): Data Communication Business Group

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspambots	TW_MAINT-TW-TWNIC_<177>1585225417 [1:2403302:56258] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 2 [Classification: Misc Attack] [Priority: 2]: {TCP} 1.34.1.148:61990	2020-03-27 00:04:08
attackspam	23/tcp [2019-10-06/11-01]2pkt	2019-11-01 17:06:51
attack	Honeypot attack, port: 23, PTR: 1-34-1-148.HINET-IP.hinet.net.	2019-08-12 02:25:11

类型

评论内容

时间

attackspambots

TW_MAINT-TW-TWNIC_<177>1585225417 [1:2403302:56258] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 2 [Classification: Misc Attack] [Priority: 2]:  {TCP} 1.34.1.148:61990

2020-03-27 00:04:08

attackspam

23/tcp
[2019-10-06/11-01]2pkt

2019-11-01 17:06:51

attack

Honeypot attack, port: 23, PTR: 1-34-1-148.HINET-IP.hinet.net.

2019-08-12 02:25:11

相同子网IP讨论:

IP	类型	评论内容	时间
1.34.16.210	attackbots	TCP (SYN) 1.34.16.210:2676 -> port 23, len 44	2020-10-05 06:54:30
1.34.16.210	attack	TCP (SYN) 1.34.16.210:2676 -> port 23, len 44	2020-10-04 23:00:08
1.34.16.210	attackbotsspam	TCP (SYN) 1.34.16.210:34293 -> port 2323, len 44	2020-10-04 14:46:03
1.34.107.92	attack	2019-12-12T22:33:27.009332suse-nuc sshd[25101]: Invalid user guest from 1.34.107.92 port 37998 ...	2020-09-27 04:26:36
1.34.117.251	attackbotsspam	2019-11-25T20:06:03.734670suse-nuc sshd[27511]: Invalid user user from 1.34.117.251 port 44506 ...	2020-09-27 04:25:39
1.34.195.88	attack	2020-09-10T07:02:08.767291suse-nuc sshd[19245]: User root from 1.34.195.88 not allowed because listed in DenyUsers ...	2020-09-27 04:25:19
1.34.107.92	attackbotsspam	2019-12-12T22:33:27.009332suse-nuc sshd[25101]: Invalid user guest from 1.34.107.92 port 37998 ...	2020-09-26 20:34:06
1.34.117.251	attackspam	2019-11-25T20:06:03.734670suse-nuc sshd[27511]: Invalid user user from 1.34.117.251 port 44506 ...	2020-09-26 20:33:08
1.34.195.88	attackbots	2020-09-10T07:02:08.767291suse-nuc sshd[19245]: User root from 1.34.195.88 not allowed because listed in DenyUsers ...	2020-09-26 20:32:52
1.34.107.92	attack	2019-12-12T22:33:27.009332suse-nuc sshd[25101]: Invalid user guest from 1.34.107.92 port 37998 ...	2020-09-26 12:18:01
1.34.195.88	attackbotsspam	2020-09-10T07:02:08.767291suse-nuc sshd[19245]: User root from 1.34.195.88 not allowed because listed in DenyUsers ...	2020-09-26 12:16:55
1.34.19.58	attackspam	firewall-block, port(s): 23/tcp	2020-09-25 11:44:19
1.34.164.204	attack	invalid user	2020-09-22 01:48:10
1.34.141.44	attackbots	Found on CINS badguys / proto=6 . srcport=44251 . dstport=23 . (2323)	2020-09-21 23:13:04
1.34.164.204	attack	Port scan followed by SSH.	2020-09-21 17:31:52

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 1.34.1.148
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 41678
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;1.34.1.148.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019081100 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Mon Aug 12 02:25:03 CST 2019
;; MSG SIZE  rcvd: 114

HOST信息:

148.1.34.1.in-addr.arpa domain name pointer 1-34-1-148.HINET-IP.hinet.net.

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
148.1.34.1.in-addr.arpa	name = 1-34-1-148.HINET-IP.hinet.net.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
165.22.102.107	attackbots	$f2bV_matches	2019-08-19 01:11:01
60.207.126.182	attackbotsspam	:	2019-08-19 01:52:35
2.89.95.7	attackspam	Unauthorized connection attempt from IP address 2.89.95.7 on Port 445(SMB)	2019-08-19 01:58:16
80.11.67.223	attackspam	Automatic report - Banned IP Access	2019-08-19 02:02:13
5.88.161.197	attack	Aug 18 17:14:07 hcbbdb sshd\[23963\]: Invalid user sonar from 5.88.161.197 Aug 18 17:14:07 hcbbdb sshd\[23963\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=net-5-88-161-197.cust.vodafonedsl.it Aug 18 17:14:09 hcbbdb sshd\[23963\]: Failed password for invalid user sonar from 5.88.161.197 port 23476 ssh2 Aug 18 17:20:58 hcbbdb sshd\[24747\]: Invalid user topic from 5.88.161.197 Aug 18 17:20:58 hcbbdb sshd\[24747\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=net-5-88-161-197.cust.vodafonedsl.it	2019-08-19 01:26:12
218.173.143.77	attackbotsspam	19/8/18@09:00:55: FAIL: IoT-Telnet address from=218.173.143.77 ...	2019-08-19 01:39:02
146.185.130.101	attackspambots	Aug 18 06:00:26 php1 sshd\[26121\]: Invalid user deletee from 146.185.130.101 Aug 18 06:00:26 php1 sshd\[26121\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=146.185.130.101 Aug 18 06:00:28 php1 sshd\[26121\]: Failed password for invalid user deletee from 146.185.130.101 port 56896 ssh2 Aug 18 06:05:01 php1 sshd\[26499\]: Invalid user wendy from 146.185.130.101 Aug 18 06:05:01 php1 sshd\[26499\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=146.185.130.101	2019-08-19 01:12:41
41.208.222.165	attackbots	Aug 18 14:24:30 XXX sshd[12347]: Invalid user earl from 41.208.222.165 port 40496	2019-08-19 01:57:31
121.157.82.222	attackspam	Aug 18 17:31:36 XXX sshd[15781]: Invalid user ofsaa from 121.157.82.222 port 54864	2019-08-19 01:38:23
182.73.194.130	attackspam	Unauthorized connection attempt from IP address 182.73.194.130 on Port 445(SMB)	2019-08-19 01:44:14
185.200.118.72	attackbots	3389/tcp 1194/udp 1723/tcp... [2019-06-18/08-18]43pkt,3pt.(tcp),1pt.(udp)	2019-08-19 01:31:47
91.108.130.178	attackbots	RDP Scan	2019-08-19 01:23:24
103.236.253.28	attack	ssh failed login	2019-08-19 01:34:11
51.68.189.69	attackspambots	Aug 18 17:09:36 MK-Soft-VM7 sshd\[30945\]: Invalid user ansible from 51.68.189.69 port 44690 Aug 18 17:09:36 MK-Soft-VM7 sshd\[30945\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.68.189.69 Aug 18 17:09:38 MK-Soft-VM7 sshd\[30945\]: Failed password for invalid user ansible from 51.68.189.69 port 44690 ssh2 ...	2019-08-19 01:27:31
209.234.207.92	attack	:	2019-08-19 02:03:37

最近上报的IP列表

222.189.245.215	71.72.172.156	222.153.172.9	117.239.193.48
196.221.91.215	186.92.0.245	210.160.13.110	173.49.171.120
195.14.244.104	155.252.219.135	85.109.95.199	125.231.135.248
45.111.49.21	203.205.41.21	156.194.110.89	35.239.8.123
139.162.31.103	186.204.146.61	214.145.129.236	81.42.219.153