1.34.107.92 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Taiwan, Province of China

Internet Service Provider: Chunghwa Telecom Co. Ltd.

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	2019-12-12T22:33:27.009332suse-nuc sshd[25101]: Invalid user guest from 1.34.107.92 port 37998 ...	2020-09-27 04:26:36
attackbotsspam	2019-12-12T22:33:27.009332suse-nuc sshd[25101]: Invalid user guest from 1.34.107.92 port 37998 ...	2020-09-26 20:34:06
attack	2019-12-12T22:33:27.009332suse-nuc sshd[25101]: Invalid user guest from 1.34.107.92 port 37998 ...	2020-09-26 12:18:01
attackspam	Invalid user web from 1.34.107.92 port 58377	2020-02-23 07:24:47
attackspam	$f2bV_matches	2020-02-21 04:13:04
attack	Feb 11 01:25:14 MK-Soft-VM4 sshd[4058]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=1.34.107.92 Feb 11 01:25:16 MK-Soft-VM4 sshd[4058]: Failed password for invalid user txh from 1.34.107.92 port 45253 ssh2 ...	2020-02-11 09:10:39
attackspambots	Feb 10 10:00:39 pornomens sshd\[16535\]: Invalid user mbj from 1.34.107.92 port 49540 Feb 10 10:00:39 pornomens sshd\[16535\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=1.34.107.92 Feb 10 10:00:41 pornomens sshd\[16535\]: Failed password for invalid user mbj from 1.34.107.92 port 49540 ssh2 ...	2020-02-10 18:18:18
attackbotsspam	Feb 9 07:07:13 vps647732 sshd[13323]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=1.34.107.92 Feb 9 07:07:15 vps647732 sshd[13323]: Failed password for invalid user guf from 1.34.107.92 port 48702 ssh2 ...	2020-02-09 14:14:54
attack	Feb 8 09:37:19 cp sshd[8508]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=1.34.107.92	2020-02-08 17:20:45
attack	Feb 6 15:43:25 hcbbdb sshd\[29491\]: Invalid user nto from 1.34.107.92 Feb 6 15:43:25 hcbbdb sshd\[29491\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=1-34-107-92.hinet-ip.hinet.net Feb 6 15:43:26 hcbbdb sshd\[29491\]: Failed password for invalid user nto from 1.34.107.92 port 41231 ssh2 Feb 6 15:47:18 hcbbdb sshd\[29902\]: Invalid user rrg from 1.34.107.92 Feb 6 15:47:18 hcbbdb sshd\[29902\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=1-34-107-92.hinet-ip.hinet.net	2020-02-07 00:12:26
attackspambots	Jan 22 09:52:26 gw1 sshd[18307]: Failed password for root from 1.34.107.92 port 50177 ssh2 ...	2020-01-22 13:02:49
attackbots	Jan 17 14:28:51 localhost sshd\[23677\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=1.34.107.92 user=root Jan 17 14:28:53 localhost sshd\[23677\]: Failed password for root from 1.34.107.92 port 36641 ssh2 Jan 17 14:30:30 localhost sshd\[23879\]: Invalid user ross from 1.34.107.92 Jan 17 14:30:30 localhost sshd\[23879\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=1.34.107.92 Jan 17 14:30:32 localhost sshd\[23879\]: Failed password for invalid user ross from 1.34.107.92 port 52842 ssh2 ...	2020-01-17 21:48:52
attackspambots	Jan 5 13:10:12 hanapaa sshd\[29970\]: Invalid user ymo from 1.34.107.92 Jan 5 13:10:12 hanapaa sshd\[29970\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=1-34-107-92.hinet-ip.hinet.net Jan 5 13:10:14 hanapaa sshd\[29970\]: Failed password for invalid user ymo from 1.34.107.92 port 55399 ssh2 Jan 5 13:15:37 hanapaa sshd\[30515\]: Invalid user cj from 1.34.107.92 Jan 5 13:15:37 hanapaa sshd\[30515\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=1-34-107-92.hinet-ip.hinet.net	2020-01-06 08:15:25
attackspam	Dec 29 00:05:20 dedicated sshd[15276]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=1.34.107.92 user=root Dec 29 00:05:22 dedicated sshd[15276]: Failed password for root from 1.34.107.92 port 55154 ssh2	2019-12-29 07:33:04
attackspam	Dec 7 22:24:45 web9 sshd\[6139\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=1.34.107.92 user=root Dec 7 22:24:47 web9 sshd\[6139\]: Failed password for root from 1.34.107.92 port 44748 ssh2 Dec 7 22:32:04 web9 sshd\[7784\]: Invalid user eh from 1.34.107.92 Dec 7 22:32:04 web9 sshd\[7784\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=1.34.107.92 Dec 7 22:32:07 web9 sshd\[7784\]: Failed password for invalid user eh from 1.34.107.92 port 51681 ssh2	2019-12-08 16:50:10

Comments on same subnet:

IP	Type	Details	Datetime
1.34.107.134	attackbots	Mar 16 15:44:01 debian-2gb-nbg1-2 kernel: \[6628961.239342\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=1.34.107.134 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=53 ID=22283 PROTO=TCP SPT=56317 DPT=4567 WINDOW=44165 RES=0x00 SYN URGP=0	2020-03-17 01:01:20

Type

Details

Datetime

1.34.107.134

attackbots

Mar 16 15:44:01 debian-2gb-nbg1-2 kernel: \[6628961.239342\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=1.34.107.134 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=53 ID=22283 PROTO=TCP SPT=56317 DPT=4567 WINDOW=44165 RES=0x00 SYN URGP=0

2020-03-17 01:01:20

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 1.34.107.92
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 8850
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;1.34.107.92.			IN	A

;; AUTHORITY SECTION:
.			291	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019120800 1800 900 604800 86400

;; Query time: 49 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Dec 08 16:50:05 CST 2019
;; MSG SIZE  rcvd: 115

Host info

92.107.34.1.in-addr.arpa domain name pointer 1-34-107-92.HINET-IP.hinet.net.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
92.107.34.1.in-addr.arpa	name = 1-34-107-92.HINET-IP.hinet.net.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
181.46.68.85	attackspam	php WP PHPmyadamin ABUSE blocked for 12h	2020-08-13 16:21:06
183.250.89.179	attackspam	Port scan denied	2020-08-13 16:08:20
141.98.9.160	attack	SSH Brute-Force attacks	2020-08-13 15:59:22
212.70.149.3	attackbots	Aug 13 10:13:45 galaxy event: galaxy/lswi: smtp: nanon@uni-potsdam.de [212.70.149.3] authentication failure using internet password Aug 13 10:14:02 galaxy event: galaxy/lswi: smtp: naohiko@uni-potsdam.de [212.70.149.3] authentication failure using internet password Aug 13 10:14:22 galaxy event: galaxy/lswi: smtp: naoma@uni-potsdam.de [212.70.149.3] authentication failure using internet password Aug 13 10:14:41 galaxy event: galaxy/lswi: smtp: naomi@uni-potsdam.de [212.70.149.3] authentication failure using internet password Aug 13 10:15:00 galaxy event: galaxy/lswi: smtp: nara@uni-potsdam.de [212.70.149.3] authentication failure using internet password ...	2020-08-13 16:16:12
167.71.219.169	attackspam	Aug 13 10:21:49 cosmoit sshd[13155]: Failed password for root from 167.71.219.169 port 54044 ssh2	2020-08-13 16:33:13
91.201.247.202	attackspambots	1597290746 - 08/13/2020 05:52:26 Host: 91.201.247.202/91.201.247.202 Port: 445 TCP Blocked	2020-08-13 16:00:44
131.100.25.143	attackspam	From send-alceu-1618-alkosa.com.br-8@viptop.com.br Thu Aug 13 02:25:14 2020 Received: from mm25-143.viptop.com.br ([131.100.25.143]:54427)	2020-08-13 16:17:16
94.182.17.152	attack	Port probing on unauthorized port 8080	2020-08-13 16:39:05
45.55.88.16	attackspam	Aug 13 14:26:43 webhost01 sshd[1042]: Failed password for root from 45.55.88.16 port 60448 ssh2 ...	2020-08-13 16:01:01
45.55.180.7	attack	Aug 13 09:24:59 piServer sshd[20358]: Failed password for root from 45.55.180.7 port 34332 ssh2 Aug 13 09:30:10 piServer sshd[21039]: Failed password for root from 45.55.180.7 port 48719 ssh2 ...	2020-08-13 15:56:15
106.13.37.213	attackbots	failed root login	2020-08-13 16:20:29
14.237.170.71	attack	1597290706 - 08/13/2020 05:51:46 Host: 14.237.170.71/14.237.170.71 Port: 445 TCP Blocked	2020-08-13 16:28:48
187.190.236.88	attack	Aug 13 07:04:19 sshd\[21639\]: User root from fixed-187-190-236-88.totalplay.net not allowed because not listed in AllowUsersAug 13 07:04:21 sshd\[21639\]: Failed password for invalid user root from 187.190.236.88 port 46750 ssh2 ...	2020-08-13 15:57:59
212.70.149.19	attackbotsspam	2020-08-13 10:03:10 dovecot_login authenticator failed for $User$ \[212.70.149.19\]: 535 Incorrect authentication data $set_id=danielo@no-server.de$ 2020-08-13 10:03:12 dovecot_login authenticator failed for $User$ \[212.70.149.19\]: 535 Incorrect authentication data $set_id=danielo@no-server.de$ 2020-08-13 10:03:21 dovecot_login authenticator failed for $User$ \[212.70.149.19\]: 535 Incorrect authentication data $set_id=daniels@no-server.de$ 2020-08-13 10:03:28 dovecot_login authenticator failed for $User$ \[212.70.149.19\]: 535 Incorrect authentication data $set_id=daniels@no-server.de$ 2020-08-13 10:03:36 dovecot_login authenticator failed for $User$ \[212.70.149.19\]: 535 Incorrect authentication data $set_id=daniels@no-server.de$ 2020-08-13 10:03:38 dovecot_login authenticator failed for $User$ \[212.70.149.19\]: 535 Incorrect authentication data $set_id=daniels@no-server.de$ ...	2020-08-13 16:09:23
65.49.20.68	attack	Icarus honeypot on github	2020-08-13 16:22:04

Recently Reported IPs

94.51.85.211	218.13.180.139	239.22.68.187	172.23.154.101
61.114.157.185	96.132.54.178	26.39.218.126	8.67.36.36
146.97.84.245	238.99.15.150	14.83.100.222	227.48.163.3
13.145.51.155	23.16.234.69	33.242.186.32	33.145.133.126
90.252.222.5	68.242.2.127	46.146.202.132	78.112.178.30