1.34.64.213 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Taiwan, Province of China

Internet Service Provider: Chunghwa Telecom Co. Ltd.

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspambots	Unauthorized connection attempt detected from IP address 1.34.64.213 to port 4567 [J]	2020-01-21 18:50:57

Comments on same subnet:

IP	Type	Details	Datetime
1.34.64.76	attackspam	Port Scan detected! ...	2020-09-21 02:18:02
1.34.64.76	attack	Port Scan detected! ...	2020-09-20 18:18:58

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 1.34.64.213
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 3060
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;1.34.64.213.			IN	A

;; AUTHORITY SECTION:
.			557	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020012100 1800 900 604800 86400

;; Query time: 50 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Jan 21 18:50:54 CST 2020
;; MSG SIZE  rcvd: 115

Host info

213.64.34.1.in-addr.arpa domain name pointer 1-34-64-213.HINET-IP.hinet.net.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
213.64.34.1.in-addr.arpa	name = 1-34-64-213.HINET-IP.hinet.net.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
14.190.13.195	attack	Oct 17 21:44:32 server378 sshd[31472]: Address 14.190.13.195 maps to static.vnpt.vn, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT! Oct 17 21:44:32 server378 sshd[31472]: Invalid user admin from 14.190.13.195 Oct 17 21:44:32 server378 sshd[31472]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.190.13.195 Oct 17 21:44:34 server378 sshd[31472]: Failed password for invalid user admin from 14.190.13.195 port 59373 ssh2 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=14.190.13.195	2019-10-18 04:44:31
144.217.13.40	attackspam	Oct 17 10:06:57 web9 sshd\[26959\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=144.217.13.40 user=root Oct 17 10:06:58 web9 sshd\[26959\]: Failed password for root from 144.217.13.40 port 59709 ssh2 Oct 17 10:11:22 web9 sshd\[27495\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=144.217.13.40 user=root Oct 17 10:11:24 web9 sshd\[27495\]: Failed password for root from 144.217.13.40 port 51511 ssh2 Oct 17 10:15:53 web9 sshd\[28161\]: Invalid user zzzzz from 144.217.13.40 Oct 17 10:15:53 web9 sshd\[28161\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=144.217.13.40	2019-10-18 04:31:59
201.149.22.37	attackbotsspam	2019-10-17T20:19:25.294531shield sshd\[15574\]: Invalid user saklwkd from 201.149.22.37 port 54786 2019-10-17T20:19:25.299885shield sshd\[15574\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=201.149.22.37 2019-10-17T20:19:27.867998shield sshd\[15574\]: Failed password for invalid user saklwkd from 201.149.22.37 port 54786 ssh2 2019-10-17T20:23:10.648806shield sshd\[16243\]: Invalid user abc12345 from 201.149.22.37 port 37336 2019-10-17T20:23:10.654685shield sshd\[16243\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=201.149.22.37	2019-10-18 04:36:08
201.47.91.238	attack	Jan 29 08:38:03 odroid64 sshd\[5596\]: Invalid user radio from 201.47.91.238 Jan 29 08:38:03 odroid64 sshd\[5596\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=201.47.91.238 Jan 29 08:38:06 odroid64 sshd\[5596\]: Failed password for invalid user radio from 201.47.91.238 port 13064 ssh2 ...	2019-10-18 04:35:01
123.206.17.141	attackspam	2019-10-17T20:33:58.272991shield sshd\[17738\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.206.17.141 user=root 2019-10-17T20:34:00.022919shield sshd\[17738\]: Failed password for root from 123.206.17.141 port 45565 ssh2 2019-10-17T20:34:01.949527shield sshd\[17738\]: Failed password for root from 123.206.17.141 port 45565 ssh2 2019-10-17T20:34:04.493456shield sshd\[17738\]: Failed password for root from 123.206.17.141 port 45565 ssh2 2019-10-17T20:34:05.973975shield sshd\[17738\]: Failed password for root from 123.206.17.141 port 45565 ssh2	2019-10-18 04:39:47
201.46.27.170	attackbots	Feb 24 17:42:24 odroid64 sshd\[29134\]: Invalid user ubuntu from 201.46.27.170 Feb 24 17:42:24 odroid64 sshd\[29134\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=201.46.27.170 Feb 24 17:42:26 odroid64 sshd\[29134\]: Failed password for invalid user ubuntu from 201.46.27.170 port 41184 ssh2 Feb 26 13:30:40 odroid64 sshd\[3512\]: Invalid user teamspeak from 201.46.27.170 Feb 26 13:30:40 odroid64 sshd\[3512\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=201.46.27.170 Feb 26 13:30:42 odroid64 sshd\[3512\]: Failed password for invalid user teamspeak from 201.46.27.170 port 55436 ssh2 ...	2019-10-18 04:38:02
188.165.238.65	attackbotsspam	Oct 17 22:37:05 SilenceServices sshd[31575]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=188.165.238.65 Oct 17 22:37:07 SilenceServices sshd[31575]: Failed password for invalid user pyramide from 188.165.238.65 port 52752 ssh2 Oct 17 22:40:46 SilenceServices sshd[32606]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=188.165.238.65	2019-10-18 04:54:57
45.125.66.188	attack	Oct 17 21:43:29 vmanager6029 postfix/smtpd\[10590\]: warning: unknown\[45.125.66.188\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 17 21:52:47 vmanager6029 postfix/smtpd\[11027\]: warning: unknown\[45.125.66.188\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6	2019-10-18 04:54:20
123.206.39.206	attack	Oct 17 22:43:22 meumeu sshd[12541]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.206.39.206 Oct 17 22:43:25 meumeu sshd[12541]: Failed password for invalid user zena from 123.206.39.206 port 55544 ssh2 Oct 17 22:47:32 meumeu sshd[13129]: Failed password for root from 123.206.39.206 port 37746 ssh2 ...	2019-10-18 04:55:42
112.69.156.148	attackbotsspam	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/112.69.156.148/ JP - 1H : (41) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : JP NAME ASN : ASN17511 IP : 112.69.156.148 CIDR : 112.68.0.0/14 PREFIX COUNT : 82 UNIQUE IP COUNT : 3137792 WYKRYTE ATAKI Z ASN17511 : 1H - 1 3H - 1 6H - 1 12H - 2 24H - 4 DateTime : 2019-10-17 21:53:12 INFO : Port Scan TELNET Detected and Blocked by ADMIN - data recovery	2019-10-18 04:37:12
201.39.70.186	attackbots	Apr 19 05:52:54 odroid64 sshd\[18230\]: Invalid user debian from 201.39.70.186 Apr 19 05:52:54 odroid64 sshd\[18230\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=201.39.70.186 Apr 19 05:52:56 odroid64 sshd\[18230\]: Failed password for invalid user debian from 201.39.70.186 port 56464 ssh2 ...	2019-10-18 04:42:01
185.101.105.111	attack	Oct 16 17:54:37 xxxxxxx8434580 sshd[8324]: reveeclipse mapping checking getaddrinfo for symset.cooints.com [185.101.105.111] failed - POSSIBLE BREAK-IN ATTEMPT! Oct 16 17:54:37 xxxxxxx8434580 sshd[8324]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=185.101.105.111 user=r.r Oct 16 17:54:39 xxxxxxx8434580 sshd[8324]: Failed password for r.r from 185.101.105.111 port 48240 ssh2 Oct 16 17:54:39 xxxxxxx8434580 sshd[8324]: Received disconnect from 185.101.105.111: 11: Bye Bye [preauth] Oct 16 17:54:39 xxxxxxx8434580 sshd[8326]: reveeclipse mapping checking getaddrinfo for symset.cooints.com [185.101.105.111] failed - POSSIBLE BREAK-IN ATTEMPT! Oct 16 17:54:39 xxxxxxx8434580 sshd[8326]: Invalid user admin from 185.101.105.111 Oct 16 17:54:39 xxxxxxx8434580 sshd[8326]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=185.101.105.111 Oct 16 17:54:41 xxxxxxx8434580 sshd[8326]: Failed password for ........ -------------------------------	2019-10-18 04:50:02
90.201.172.217	attackspambots	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/90.201.172.217/ GB - 1H : (93) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : GB NAME ASN : ASN48210 IP : 90.201.172.217 CIDR : 90.192.0.0/12 PREFIX COUNT : 11 UNIQUE IP COUNT : 2129408 WYKRYTE ATAKI Z ASN48210 : 1H - 1 3H - 1 6H - 1 12H - 2 24H - 3 DateTime : 2019-10-17 21:52:51 INFO : Port Scan TELNET Detected and Blocked by ADMIN - data recovery	2019-10-18 04:51:39
201.39.233.40	attack	2019-10-17T20:37:42.760337abusebot-4.cloudsearch.cf sshd\[7007\]: Invalid user qaz\#EDC5tgb from 201.39.233.40 port 60176	2019-10-18 04:43:33
185.175.93.101	attackbotsspam	10/17/2019-16:25:53.090274 185.175.93.101 Protocol: 6 ET DROP Dshield Block Listed Source group 1	2019-10-18 04:58:46

Recently Reported IPs

172.112.5.169	170.78.2.10	164.52.36.196	159.224.217.0
157.122.204.6	156.236.74.53	151.177.8.4	124.115.21.51
121.10.41.105	118.254.199.191	117.71.159.49	115.135.20.10
115.55.238.82	114.32.4.112	113.220.21.46	112.118.153.204
112.4.209.190	109.105.185.128	103.116.85.182	103.101.88.186