城市(city): Taichung
省份(region): Taichung
国家(country): Taiwan, China
运营商(isp): Chunghwa
主机名(hostname): unknown
机构(organization): unknown
使用类型(Usage Type): unknown
% [whois.apnic.net]
% Whois data copyright terms http://www.apnic.net/db/dbcopyright.html
% Information related to '211.75.128.0 - 211.75.255.255'
% Abuse contact for '211.75.128.0 - 211.75.255.255' is 'abuse@hinet.net'
inetnum: 211.75.128.0 - 211.75.255.255
netname: HINET-NET
descr: Data Communication Business Group,
descr: Chunghwa Telecom Co.,Ltd.
descr: No.21, Sec.1, Xinyi Rd., Taipei City
descr: 10048, Taiwan
country: TW
admin-c: HN27-AP
tech-c: HN27-AP
abuse-c: AT939-AP
status: ALLOCATED PORTABLE
mnt-by: MAINT-TW-TWNIC
mnt-irt: IRT-HINET-AP
last-modified: 2025-11-07T02:32:43Z
source: APNIC
irt: IRT-HINET-AP
address: Chunghwa Telecom Co.,Ltd.
address: No.21-3, Sec. 1, Xinyi Rd., Taipei 10048, Taiwan, R.O.C.
address: Taipei
phone: +886-2-2322-3495
e-mail: network-adm@hinet.net
abuse-mailbox: abuse@hinet.net
admin-c: TR391-AP
tech-c: TR391-AP
remarks: (oid:HINET)
auth: # Filtered
mnt-by: MAINT-TW-TWNIC
last-modified: 2025-11-06T07:20:07Z
source: APNIC
role: ABUSE TWNICAP
country: ZZ
address: 3F., No. 123, Sec. 4, Bade Rd., Songshan Dist., Taipei 105, Taiwan
phone: +000000000
e-mail: hostmaster@twnic.tw
admin-c: TWA2-AP
tech-c: TWA2-AP
nic-hdl: AT939-AP
remarks: Generated from irt object IRT-TWNIC-AP
remarks: hostmaster@twnic.tw was validated on 2025-05-23
abuse-mailbox: hostmaster@twnic.tw
mnt-by: APNIC-ABUSE
last-modified: 2025-05-23T00:02:10Z
source: APNIC
person: HINET Network-Adm
address: CHTD, Chunghwa Telecom Co., Ltd.
address: No. 21, Sec. 21, Hsin-Yi Rd.,
address: Taipei Taiwan 100
country: TW
phone: +886 2 2322 3495
phone: +886 2 2322 3442
phone: +886 2 2344 3007
fax-no: +886 2 2344 2513
fax-no: +886 2 2395 5671
e-mail: network-adm@hinet.net
nic-hdl: HN27-AP
remarks: (hid:HN184-TW)
mnt-by: MAINT-TW-TWNIC
last-modified: 2025-08-28T07:34:45Z
source: APNIC
% This query was served by the APNIC Whois Service version 1.88.47 (WHOIS-AU4); <<>> DiG 9.10.3-P4-Ubuntu <<>> 211.75.198.188
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 44625
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;211.75.198.188. IN A
;; AUTHORITY SECTION:
. 29 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2026030100 1800 900 604800 86400
;; Query time: 9 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Mar 01 23:09:52 CST 2026
;; MSG SIZE rcvd: 107188.198.75.211.in-addr.arpa domain name pointer 211-75-198-188.hinet-ip.hinet.net.Server: 183.60.83.19
Address: 183.60.83.19#53
Non-authoritative answer:
188.198.75.211.in-addr.arpa name = 211-75-198-188.hinet-ip.hinet.net.
Authoritative answers can be found from:| IP | 类型 | 评论内容 | 时间 |
|---|---|---|---|
| 162.243.158.185 | attackbotsspam | Sep 28 09:06:09 markkoudstaal sshd[19028]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=162.243.158.185 Sep 28 09:06:11 markkoudstaal sshd[19028]: Failed password for invalid user secure from 162.243.158.185 port 50930 ssh2 Sep 28 09:10:16 markkoudstaal sshd[19495]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=162.243.158.185 |
2019-09-28 17:10:56 |
| 42.224.138.191 | attack | Unauthorised access (Sep 28) SRC=42.224.138.191 LEN=40 TTL=49 ID=63279 TCP DPT=8080 WINDOW=51803 SYN Unauthorised access (Sep 28) SRC=42.224.138.191 LEN=40 TTL=49 ID=63816 TCP DPT=8080 WINDOW=5387 SYN Unauthorised access (Sep 28) SRC=42.224.138.191 LEN=40 TTL=49 ID=32342 TCP DPT=8080 WINDOW=60880 SYN Unauthorised access (Sep 28) SRC=42.224.138.191 LEN=40 TTL=49 ID=51139 TCP DPT=8080 WINDOW=60880 SYN |
2019-09-28 17:25:25 |
| 54.37.204.154 | attackbots | 'Fail2Ban' |
2019-09-28 17:39:40 |
| 59.72.112.47 | attack | Sep 28 11:05:37 bouncer sshd\[31604\]: Invalid user rack from 59.72.112.47 port 59156 Sep 28 11:05:37 bouncer sshd\[31604\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=59.72.112.47 Sep 28 11:05:40 bouncer sshd\[31604\]: Failed password for invalid user rack from 59.72.112.47 port 59156 ssh2 ... |
2019-09-28 17:44:55 |
| 121.44.151.123 | attack | 19/9/27@23:49:41: FAIL: IoT-Telnet address from=121.44.151.123 ... |
2019-09-28 17:38:46 |
| 106.12.125.27 | attack | Sep 28 07:42:00 XXX sshd[2335]: Invalid user parker from 106.12.125.27 port 53206 |
2019-09-28 17:17:16 |
| 106.245.255.19 | attackspambots | Sep 28 09:01:19 web8 sshd\[17158\]: Invalid user takim from 106.245.255.19 Sep 28 09:01:19 web8 sshd\[17158\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.245.255.19 Sep 28 09:01:21 web8 sshd\[17158\]: Failed password for invalid user takim from 106.245.255.19 port 38276 ssh2 Sep 28 09:05:55 web8 sshd\[19439\]: Invalid user server from 106.245.255.19 Sep 28 09:05:55 web8 sshd\[19439\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.245.255.19 |
2019-09-28 17:16:55 |
| 164.68.122.164 | attack | /var/log/messages:Sep 27 14:15:59 sanyalnet-cloud-vps audispd: node=sanyalnet-cloud-vps.freeddns.org type=CRYPTO_SESSION msg=audhostname(1569593759.431:52006): pid=15381 uid=0 auid=4294967295 ses=4294967295 msg='op=start direction=from-server cipher=aes256-ctr ksize=256 mac=hmac-sha1 pfs=ecdh-sha2-nistp256 spid=15382 suid=74 rport=34506 laddr=104.167.106.93 lport=22 exe="/usr/sbin/sshd" hostname=? addr=164.68.122.164 terminal=? res=success' /var/log/messages:Sep 27 14:15:59 sanyalnet-cloud-vps audispd: node=sanyalnet-cloud-vps.freeddns.org type=CRYPTO_SESSION msg=audhostname(1569593759.435:52007): pid=15381 uid=0 auid=4294967295 ses=4294967295 msg='op=start direction=from-client cipher=aes256-ctr ksize=256 mac=hmac-sha1 pfs=ecdh-sha2-nistp256 spid=15382 suid=74 rport=34506 laddr=104.167.106.93 lport=22 exe="/usr/sbin/sshd" hostname=? addr=164.68.122.164 terminal=? res=success' /var/log/messages:Sep 27 14:16:00 sanyalnet-cloud-vps fail2ban.filter[1378]: INFO [sshd] Fou........ ------------------------------- |
2019-09-28 17:32:12 |
| 89.219.10.226 | attackbotsspam | 19/9/27@23:49:41: FAIL: Alarm-Intrusion address from=89.219.10.226 ... |
2019-09-28 17:37:38 |
| 45.148.10.70 | attackspam | Sep 28 10:37:04 mail postfix/smtpd\[4298\]: warning: unknown\[45.148.10.70\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\ Sep 28 10:38:15 mail postfix/smtpd\[3520\]: warning: unknown\[45.148.10.70\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\ Sep 28 11:09:00 mail postfix/smtpd\[4644\]: warning: unknown\[45.148.10.70\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\ Sep 28 11:10:09 mail postfix/smtpd\[4644\]: warning: unknown\[45.148.10.70\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\ |
2019-09-28 17:25:01 |
| 106.12.11.79 | attackspambots | $f2bV_matches |
2019-09-28 17:42:34 |
| 80.211.239.102 | attack | Sep 28 07:57:53 sshgateway sshd\[24631\]: Invalid user ftpprod from 80.211.239.102 Sep 28 07:57:53 sshgateway sshd\[24631\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.211.239.102 Sep 28 07:57:55 sshgateway sshd\[24631\]: Failed password for invalid user ftpprod from 80.211.239.102 port 46936 ssh2 |
2019-09-28 17:40:47 |
| 142.4.1.222 | attack | WordPress wp-login brute force :: 142.4.1.222 0.132 BYPASS [28/Sep/2019:15:08:34 1000] [censored_1] "POST /wp-login.php HTTP/1.1" 200 3972 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" |
2019-09-28 17:47:57 |
| 80.211.10.47 | attackbotsspam | Invalid user andy from 80.211.10.47 port 10407 |
2019-09-28 17:21:59 |
| 134.209.232.72 | attack | Port scan attempt detected by AWS-CCS, CTS, India |
2019-09-28 17:14:08 |