1.34.20.158 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Taiwan, China

Internet Service Provider: Chunghwa Telecom Co. Ltd.

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	[H1.VM2] Blocked by UFW	2020-06-05 03:47:45

Comments on same subnet:

IP	Type	Details	Datetime
1.34.200.167	attackspam	Port probing on unauthorized port 9530	2020-08-05 06:13:34
1.34.20.62	attackspambots	23/tcp [2020-06-28]1pkt	2020-07-01 17:43:28
1.34.209.150	attack	Honeypot attack, port: 81, PTR: 1-34-209-150.HINET-IP.hinet.net.	2020-02-20 03:04:34
1.34.209.63	attack	Feb 18 05:53:38 debian-2gb-nbg1-2 kernel: \[4260834.401438\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=1.34.209.63 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=243 ID=9708 DF PROTO=TCP SPT=9393 DPT=23 WINDOW=14600 RES=0x00 SYN URGP=0	2020-02-18 17:00:25
1.34.209.99	attack	Honeypot attack, port: 81, PTR: 1-34-209-99.HINET-IP.hinet.net.	2020-01-11 07:26:57

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 1.34.20.158
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 49220
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;1.34.20.158.			IN	A

;; AUTHORITY SECTION:
.			450	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020060401 1800 900 604800 86400

;; Query time: 161 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Jun 05 03:47:42 CST 2020
;; MSG SIZE  rcvd: 115

Host info

158.20.34.1.in-addr.arpa domain name pointer 1-34-20-158.HINET-IP.hinet.net.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
158.20.34.1.in-addr.arpa	name = 1-34-20-158.HINET-IP.hinet.net.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
45.133.99.6	attackspambots	2020-04-01 23:38:10 dovecot_login authenticator failed for $\[45.133.99.6\]$ \[45.133.99.6\]: 535 Incorrect authentication data $set_id=german@sensecell.de$ 2020-04-01 23:38:18 dovecot_login authenticator failed for $\[45.133.99.6\]$ \[45.133.99.6\]: 535 Incorrect authentication data 2020-04-01 23:38:28 dovecot_login authenticator failed for $\[45.133.99.6\]$ \[45.133.99.6\]: 535 Incorrect authentication data 2020-04-01 23:38:34 dovecot_login authenticator failed for $\[45.133.99.6\]$ \[45.133.99.6\]: 535 Incorrect authentication data 2020-04-01 23:38:47 dovecot_login authenticator failed for $\[45.133.99.6\]$ \[45.133.99.6\]: 535 Incorrect authentication data ...	2020-04-02 05:42:30
192.144.218.143	attack	SSH Invalid Login	2020-04-02 05:55:56
51.83.45.65	attackspam	SSH Invalid Login	2020-04-02 05:53:51
159.89.163.226	attackbots	Apr 1 23:13:02 sso sshd[14679]: Failed password for root from 159.89.163.226 port 59938 ssh2 ...	2020-04-02 05:52:42
167.56.111.127	attackbotsspam	(mod_security) mod_security (id:240335) triggered by 167.56.111.127 (UY/Uruguay/r167-56-111-127.dialup.adsl.anteldata.net.uy): 5 in the last 3600 secs	2020-04-02 06:00:32
58.208.196.207	attack	(sshd) Failed SSH login from 58.208.196.207 (CN/China/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Apr 2 00:07:18 srv sshd[6732]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.208.196.207 user=root Apr 2 00:07:20 srv sshd[6732]: Failed password for root from 58.208.196.207 port 58594 ssh2 Apr 2 00:16:48 srv sshd[7357]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.208.196.207 user=root Apr 2 00:16:50 srv sshd[7357]: Failed password for root from 58.208.196.207 port 36290 ssh2 Apr 2 00:53:14 srv sshd[8222]: Invalid user user from 58.208.196.207 port 37250	2020-04-02 06:12:39
201.209.155.72	attackspambots	Attempt to attack host OS, exploiting network vulnerabilities, on 01-04-2020 22:15:26.	2020-04-02 05:59:42
206.189.114.0	attack	Apr 1 23:45:57 sshd\[27642\]: User root from 206.189.114.0 not allowed because not listed in AllowUsersApr 1 23:45:59 sshd\[27642\]: Failed password for invalid user root from 206.189.114.0 port 44532 ssh2 ...	2020-04-02 06:02:44
106.52.19.218	attack	SSH Invalid Login	2020-04-02 06:01:48
116.232.55.198	attackspambots	Unauthorized connection attempt from IP address 116.232.55.198 on Port 445(SMB)	2020-04-02 05:44:02
111.42.102.127	attackspambots	GPON Home Routers Remote Code Execution Vulnerability	2020-04-02 05:51:06
95.167.39.12	attackbots	$f2bV_matches	2020-04-02 06:07:21
46.177.32.44	attackbots	Unauthorized connection attempt from IP address 46.177.32.44 on Port 445(SMB)	2020-04-02 05:54:25
81.0.100.136	attack	scan r	2020-04-02 06:08:18
113.125.44.80	attackspam	Apr 1 23:15:26 host sshd[14776]: Invalid user mr from 113.125.44.80 port 46306 ...	2020-04-02 05:58:27

Recently Reported IPs

129.37.45.59	209.208.15.116	118.190.135.128	242.196.105.209
2.172.188.84	184.227.156.86	33.196.140.184	143.70.148.217
146.14.39.241	7.167.92.29	3.63.116.195	44.75.89.132
175.146.175.67	154.21.81.64	50.17.215.249	131.70.189.255
225.157.67.109	187.28.106.242	88.235.155.69	36.76.108.69