1.34.18.252 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Taiwan (Province of China)

Internet Service Provider: Chunghwa Telecom Co. Ltd.

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspam	Honeypot attack, port: 81, PTR: 1-34-18-252.HINET-IP.hinet.net.	2020-01-14 13:19:16

Comments on same subnet:

IP	Type	Details	Datetime
1.34.183.217	attackbots	23/tcp [2020-09-04]1pkt	2020-09-04 21:25:37
1.34.183.217	attack	firewall-block, port(s): 23/tcp	2020-09-04 13:04:29
1.34.183.217	attack	firewall-block, port(s): 23/tcp	2020-09-04 05:33:10
1.34.180.216	attackbotsspam	firewall-block, port(s): 23/tcp	2020-07-01 13:46:11
1.34.180.144	attackbotsspam	Port probing on unauthorized port 88	2020-05-13 15:13:33
1.34.181.131	attackspam	unauthorized connection attempt	2020-02-26 15:56:16
1.34.183.212	attackbots	Honeypot attack, port: 81, PTR: 1-34-183-212.HINET-IP.hinet.net.	2020-01-31 06:54:55
1.34.183.90	attackspambots	Unauthorized connection attempt from IP address 1.34.183.90 on Port 445(SMB)	2020-01-16 23:49:23
1.34.183.83	attackspambots	unauthorized connection attempt	2020-01-09 14:43:45

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 1.34.18.252
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 29028
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;1.34.18.252.			IN	A

;; AUTHORITY SECTION:
.			592	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020011301 1800 900 604800 86400

;; Query time: 121 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Jan 14 13:19:12 CST 2020
;; MSG SIZE  rcvd: 115

Host info

252.18.34.1.in-addr.arpa domain name pointer 1-34-18-252.HINET-IP.hinet.net.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
252.18.34.1.in-addr.arpa	name = 1-34-18-252.HINET-IP.hinet.net.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
217.182.74.125	attackspambots	Dec 13 14:51:29 kapalua sshd\[2520\]: Invalid user po7git from 217.182.74.125 Dec 13 14:51:29 kapalua sshd\[2520\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=125.ip-217-182-74.eu Dec 13 14:51:32 kapalua sshd\[2520\]: Failed password for invalid user po7git from 217.182.74.125 port 51006 ssh2 Dec 13 14:58:33 kapalua sshd\[3368\]: Invalid user scooter from 217.182.74.125 Dec 13 14:58:33 kapalua sshd\[3368\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=125.ip-217-182-74.eu	2019-12-14 09:12:54
66.240.205.34	attack	12/14/2019-01:34:04.124815 66.240.205.34 Protocol: 6 ET CINS Active Threat Intelligence Poor Reputation IP group 69	2019-12-14 08:43:29
89.248.160.193	attackspam	Dec 14 01:56:07 debian-2gb-nbg1-2 kernel: \[24566497.608333\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=89.248.160.193 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=247 ID=62733 PROTO=TCP SPT=57899 DPT=5990 WINDOW=1024 RES=0x00 SYN URGP=0	2019-12-14 09:14:34
188.162.199.26	attackspam	failed_logins	2019-12-14 08:59:24
218.92.0.131	attackspam	Dec 13 14:36:09 tdfoods sshd\[18083\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.131 user=root Dec 13 14:36:11 tdfoods sshd\[18083\]: Failed password for root from 218.92.0.131 port 26864 ssh2 Dec 13 14:36:24 tdfoods sshd\[18083\]: Failed password for root from 218.92.0.131 port 26864 ssh2 Dec 13 14:36:30 tdfoods sshd\[18129\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.131 user=root Dec 13 14:36:32 tdfoods sshd\[18129\]: Failed password for root from 218.92.0.131 port 58098 ssh2	2019-12-14 08:59:56
200.194.45.50	attack	MultiHost/MultiPort Probe, Scan, Hack -	2019-12-14 08:42:51
92.119.160.143	attack	Dec 14 03:37:50 debian-2gb-vpn-nbg1-1 kernel: [662246.116815] [UFW BLOCK] IN=eth0 OUT= MAC=96:00:00:38:96:44:d2:74:7f:6e:37:e3:08:00 SRC=92.119.160.143 DST=78.46.192.101 LEN=40 TOS=0x00 PREC=0x00 TTL=244 ID=10857 PROTO=TCP SPT=41598 DPT=3389 WINDOW=1024 RES=0x00 SYN URGP=0	2019-12-14 09:08:41
122.51.116.169	attackspam	SSH-BruteForce	2019-12-14 08:50:48
54.37.232.108	attackbotsspam	Dec 14 01:41:52 OPSO sshd\[13099\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.37.232.108 user=root Dec 14 01:41:55 OPSO sshd\[13099\]: Failed password for root from 54.37.232.108 port 41842 ssh2 Dec 14 01:47:03 OPSO sshd\[14292\]: Invalid user arai from 54.37.232.108 port 50546 Dec 14 01:47:03 OPSO sshd\[14292\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.37.232.108 Dec 14 01:47:05 OPSO sshd\[14292\]: Failed password for invalid user arai from 54.37.232.108 port 50546 ssh2	2019-12-14 08:54:36
167.99.75.141	attackbotsspam	Dec 14 01:33:12 srv01 sshd[9795]: Invalid user test from 167.99.75.141 port 40914 Dec 14 01:33:12 srv01 sshd[9795]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.99.75.141 Dec 14 01:33:12 srv01 sshd[9795]: Invalid user test from 167.99.75.141 port 40914 Dec 14 01:33:14 srv01 sshd[9795]: Failed password for invalid user test from 167.99.75.141 port 40914 ssh2 Dec 14 01:39:40 srv01 sshd[10414]: Invalid user rootme from 167.99.75.141 port 48368 ...	2019-12-14 08:44:26
41.87.80.26	attackspambots	Dec 13 19:49:19 TORMINT sshd\[22758\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=41.87.80.26 user=root Dec 13 19:49:21 TORMINT sshd\[22758\]: Failed password for root from 41.87.80.26 port 48918 ssh2 Dec 13 19:55:27 TORMINT sshd\[23066\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=41.87.80.26 user=root ...	2019-12-14 09:04:51
89.225.130.135	attackbots	Dec 13 18:54:53 Tower sshd[35736]: Connection from 89.225.130.135 port 58594 on 192.168.10.220 port 22 Dec 13 18:55:08 Tower sshd[35736]: Invalid user 123 from 89.225.130.135 port 58594 Dec 13 18:55:08 Tower sshd[35736]: error: Could not get shadow information for NOUSER Dec 13 18:55:08 Tower sshd[35736]: Failed password for invalid user 123 from 89.225.130.135 port 58594 ssh2 Dec 13 18:55:08 Tower sshd[35736]: Received disconnect from 89.225.130.135 port 58594:11: Bye Bye [preauth] Dec 13 18:55:08 Tower sshd[35736]: Disconnected from invalid user 123 89.225.130.135 port 58594 [preauth]	2019-12-14 09:05:41
209.17.96.154	attackbots	209.17.96.154 was recorded 12 times by 6 hosts attempting to connect to the following ports: 2161,5984,2001,5908,1521,62078. Incident counter (4h, 24h, all-time): 12, 53, 1517	2019-12-14 08:56:53
92.46.40.110	attackbots	SSH brute-force: detected 29 distinct usernames within a 24-hour window.	2019-12-14 09:04:20
124.16.139.243	attack	Dec 14 01:01:18 herz-der-gamer sshd[1307]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.16.139.243 user=mysql Dec 14 01:01:20 herz-der-gamer sshd[1307]: Failed password for mysql from 124.16.139.243 port 59428 ssh2 Dec 14 01:11:16 herz-der-gamer sshd[1491]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.16.139.243 user=root Dec 14 01:11:18 herz-der-gamer sshd[1491]: Failed password for root from 124.16.139.243 port 37106 ssh2 ...	2019-12-14 09:06:24

Recently Reported IPs

219.72.1.252	69.207.104.120	57.50.147.35	123.174.100.226
107.144.64.190	184.32.54.112	85.122.92.177	50.153.228.145
68.59.60.218	3.184.20.29	96.57.178.13	175.139.210.219
49.146.41.240	42.118.186.61	203.205.33.220	77.53.210.251
116.138.123.124	42.37.119.8	88.141.65.247	93.144.228.113