1.34.18.252 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Taiwan (Province of China)

Internet Service Provider: Chunghwa Telecom Co. Ltd.

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspam	Honeypot attack, port: 81, PTR: 1-34-18-252.HINET-IP.hinet.net.	2020-01-14 13:19:16

Comments on same subnet:

IP	Type	Details	Datetime
1.34.183.217	attackbots	23/tcp [2020-09-04]1pkt	2020-09-04 21:25:37
1.34.183.217	attack	firewall-block, port(s): 23/tcp	2020-09-04 13:04:29
1.34.183.217	attack	firewall-block, port(s): 23/tcp	2020-09-04 05:33:10
1.34.180.216	attackbotsspam	firewall-block, port(s): 23/tcp	2020-07-01 13:46:11
1.34.180.144	attackbotsspam	Port probing on unauthorized port 88	2020-05-13 15:13:33
1.34.181.131	attackspam	unauthorized connection attempt	2020-02-26 15:56:16
1.34.183.212	attackbots	Honeypot attack, port: 81, PTR: 1-34-183-212.HINET-IP.hinet.net.	2020-01-31 06:54:55
1.34.183.90	attackspambots	Unauthorized connection attempt from IP address 1.34.183.90 on Port 445(SMB)	2020-01-16 23:49:23
1.34.183.83	attackspambots	unauthorized connection attempt	2020-01-09 14:43:45

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 1.34.18.252
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 29028
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;1.34.18.252.			IN	A

;; AUTHORITY SECTION:
.			592	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020011301 1800 900 604800 86400

;; Query time: 121 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Jan 14 13:19:12 CST 2020
;; MSG SIZE  rcvd: 115

Host info

252.18.34.1.in-addr.arpa domain name pointer 1-34-18-252.HINET-IP.hinet.net.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
252.18.34.1.in-addr.arpa	name = 1-34-18-252.HINET-IP.hinet.net.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
186.67.248.8	attackbotsspam	Nov 12 09:59:38 itv-usvr-01 sshd[32323]: Invalid user overskeid from 186.67.248.8 Nov 12 09:59:38 itv-usvr-01 sshd[32323]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=186.67.248.8 Nov 12 09:59:38 itv-usvr-01 sshd[32323]: Invalid user overskeid from 186.67.248.8 Nov 12 09:59:40 itv-usvr-01 sshd[32323]: Failed password for invalid user overskeid from 186.67.248.8 port 38627 ssh2 Nov 12 10:08:22 itv-usvr-01 sshd[32690]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=186.67.248.8 user=root Nov 12 10:08:24 itv-usvr-01 sshd[32690]: Failed password for root from 186.67.248.8 port 34487 ssh2	2019-11-16 09:00:50
191.34.162.186	attackspambots	Nov 16 01:05:37 lnxweb62 sshd[5977]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=191.34.162.186	2019-11-16 08:35:43
189.125.2.234	attackbots	Invalid user wwwrun from 189.125.2.234 port 28908	2019-11-16 08:46:13
186.237.140.226	attackbots	Nov 14 18:54:37 itv-usvr-01 sshd[15819]: Invalid user dour from 186.237.140.226 Nov 14 18:54:37 itv-usvr-01 sshd[15819]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=186.237.140.226 Nov 14 18:54:37 itv-usvr-01 sshd[15819]: Invalid user dour from 186.237.140.226 Nov 14 18:54:39 itv-usvr-01 sshd[15819]: Failed password for invalid user dour from 186.237.140.226 port 36049 ssh2 Nov 14 19:00:02 itv-usvr-01 sshd[16016]: Invalid user rtkit from 186.237.140.226	2019-11-16 09:01:59
84.201.30.89	attackspambots	detected by Fail2Ban	2019-11-16 08:31:17
189.115.92.79	attack	Invalid user gearhart from 189.115.92.79 port 48198	2019-11-16 08:47:26
106.13.216.239	attackspambots	Nov 16 01:24:35 vps691689 sshd[30087]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.216.239 Nov 16 01:24:36 vps691689 sshd[30087]: Failed password for invalid user 123456 from 106.13.216.239 port 60606 ssh2 ...	2019-11-16 08:40:25
2.228.163.157	attack	Nov 15 18:57:28 server sshd\[16316\]: Failed password for invalid user backup from 2.228.163.157 port 40480 ssh2 Nov 16 01:40:08 server sshd\[27477\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=2-228-163-157.ip192.fastwebnet.it user=root Nov 16 01:40:10 server sshd\[27477\]: Failed password for root from 2.228.163.157 port 43784 ssh2 Nov 16 01:58:20 server sshd\[31931\]: Invalid user www from 2.228.163.157 Nov 16 01:58:20 server sshd\[31931\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=2-228-163-157.ip192.fastwebnet.it ...	2019-11-16 09:09:09
123.148.231.165	attackbotsspam	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/123.148.231.165/ CN - 1H : (772) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : CN NAME ASN : ASN4837 IP : 123.148.231.165 CIDR : 123.148.0.0/16 PREFIX COUNT : 1262 UNIQUE IP COUNT : 56665856 ATTACKS DETECTED ASN4837 : 1H - 10 3H - 30 6H - 55 12H - 109 24H - 298 DateTime : 2019-11-15 23:58:46 INFO : Port Scan TELNET Detected and Blocked by ADMIN - data recovery	2019-11-16 08:34:18
184.22.67.14	attackspambots	Automatic report - Port Scan Attack	2019-11-16 09:03:56
85.208.96.4	attackbotsspam	15.11.2019 23:58:25 - Bad Robot Ignore Robots.txt	2019-11-16 09:02:11
176.197.191.230	attackspambots	23/tcp 5555/tcp [2019-09-30/11-15]2pkt	2019-11-16 08:35:57
222.190.143.206	attack	Nov 16 01:30:22 jane sshd[29289]: Failed password for root from 222.190.143.206 port 49023 ssh2 Nov 16 01:36:40 jane sshd[2739]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.190.143.206 ...	2019-11-16 08:49:42
106.12.128.24	attack	Nov 16 01:01:42 jane sshd[32025]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.128.24 Nov 16 01:01:43 jane sshd[32025]: Failed password for invalid user mysql from 106.12.128.24 port 33350 ssh2 ...	2019-11-16 08:32:39
196.53.224.186	attackbotsspam	2323/tcp 23/tcp... [2019-09-16/11-15]8pkt,2pt.(tcp)	2019-11-16 08:38:30

Recently Reported IPs

219.72.1.252	69.207.104.120	57.50.147.35	123.174.100.226
107.144.64.190	184.32.54.112	85.122.92.177	50.153.228.145
68.59.60.218	3.184.20.29	96.57.178.13	175.139.210.219
49.146.41.240	42.118.186.61	203.205.33.220	77.53.210.251
116.138.123.124	42.37.119.8	88.141.65.247	93.144.228.113