2.132.200.249 - IPInfo

Basic Info

City: Karaganda

Region: Karaganda

Country: Kazakhstan

Internet Service Provider: JSC Kazakhtelecom

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbots	Telnet/23 MH Probe, BF, Hack -	2019-12-27 04:50:49

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 2.132.200.249
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 7811
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;2.132.200.249.			IN	A

;; AUTHORITY SECTION:
.			502	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019122601 1800 900 604800 86400

;; Query time: 110 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Dec 27 04:50:46 CST 2019
;; MSG SIZE  rcvd: 117

Host info

249.200.132.2.in-addr.arpa domain name pointer 2.132.200.249.megaline.telecom.kz.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
249.200.132.2.in-addr.arpa	name = 2.132.200.249.megaline.telecom.kz.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
2.147.45.27	attackspambots	1590412591 - 05/25/2020 15:16:31 Host: 2.147.45.27/2.147.45.27 Port: 445 TCP Blocked	2020-05-26 00:18:24
89.144.47.246	attackbots	TCP (SYN) 89.144.47.246:50577 -> port 3389, len 44	2020-05-25 23:53:49
91.204.61.161	attackbots	Dovecot Invalid User Login Attempt.	2020-05-26 00:37:15
189.207.39.203	attackbots	DATE:2020-05-25 14:01:03, IP:189.207.39.203, PORT:telnet Telnet brute force auth on honeypot server (epe-honey1-hq)	2020-05-26 00:06:13
200.88.48.99	attackbots	May 25 13:21:47 Ubuntu-1404-trusty-64-minimal sshd\[341\]: Invalid user johanna from 200.88.48.99 May 25 13:21:47 Ubuntu-1404-trusty-64-minimal sshd\[341\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.88.48.99 May 25 13:21:49 Ubuntu-1404-trusty-64-minimal sshd\[341\]: Failed password for invalid user johanna from 200.88.48.99 port 44834 ssh2 May 25 14:00:43 Ubuntu-1404-trusty-64-minimal sshd\[19438\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.88.48.99 user=root May 25 14:00:45 Ubuntu-1404-trusty-64-minimal sshd\[19438\]: Failed password for root from 200.88.48.99 port 44610 ssh2	2020-05-26 00:28:14
175.24.138.103	attackbots	$f2bV_matches	2020-05-26 00:32:33
106.12.192.91	attackbotsspam	May 25 14:50:22 h2779839 sshd[25717]: Invalid user admin from 106.12.192.91 port 47504 May 25 14:50:22 h2779839 sshd[25717]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.192.91 May 25 14:50:22 h2779839 sshd[25717]: Invalid user admin from 106.12.192.91 port 47504 May 25 14:50:24 h2779839 sshd[25717]: Failed password for invalid user admin from 106.12.192.91 port 47504 ssh2 May 25 14:53:46 h2779839 sshd[25793]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.192.91 user=root May 25 14:53:48 h2779839 sshd[25793]: Failed password for root from 106.12.192.91 port 34472 ssh2 May 25 14:57:16 h2779839 sshd[26007]: Invalid user noguiez from 106.12.192.91 port 49706 May 25 14:57:16 h2779839 sshd[26007]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.192.91 May 25 14:57:16 h2779839 sshd[26007]: Invalid user noguiez from 106.12.192.91 port 49706 May 25 ...	2020-05-26 00:15:07
103.48.192.48	attack	SSH Bruteforce attack	2020-05-26 00:12:58
133.242.231.162	attackspambots	May 25 15:24:42 tuxlinux sshd[33251]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=133.242.231.162 user=root May 25 15:24:44 tuxlinux sshd[33251]: Failed password for root from 133.242.231.162 port 49422 ssh2 May 25 15:24:42 tuxlinux sshd[33251]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=133.242.231.162 user=root May 25 15:24:44 tuxlinux sshd[33251]: Failed password for root from 133.242.231.162 port 49422 ssh2 May 25 15:28:52 tuxlinux sshd[33338]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=133.242.231.162 user=root ...	2020-05-26 00:31:52
195.57.73.197	attack	Honeypot attack, port: 445, PTR: PTR record not found	2020-05-25 23:55:11
59.56.99.130	attackspambots	May 25 16:04:35 vps647732 sshd[24277]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=59.56.99.130 May 25 16:04:38 vps647732 sshd[24277]: Failed password for invalid user admin from 59.56.99.130 port 49963 ssh2 ...	2020-05-25 23:47:29
222.186.42.136	attack	May 25 17:49:51 * sshd[26204]: Failed password for root from 222.186.42.136 port 29687 ssh2	2020-05-25 23:51:17
49.204.183.117	attackbots	Unauthorized connection attempt from IP address 49.204.183.117 on Port 445(SMB)	2020-05-26 00:28:43
188.162.65.65	attackspambots	Unauthorized connection attempt from IP address 188.162.65.65 on Port 445(SMB)	2020-05-26 00:34:10
52.186.40.140	attackbotsspam	May 25 17:26:41 dhoomketu sshd[181710]: Failed password for root from 52.186.40.140 port 2048 ssh2 May 25 17:31:00 dhoomketu sshd[181801]: Invalid user admin from 52.186.40.140 port 2048 May 25 17:31:00 dhoomketu sshd[181801]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.186.40.140 May 25 17:31:00 dhoomketu sshd[181801]: Invalid user admin from 52.186.40.140 port 2048 May 25 17:31:02 dhoomketu sshd[181801]: Failed password for invalid user admin from 52.186.40.140 port 2048 ssh2 ...	2020-05-26 00:08:41

Recently Reported IPs

219.78.90.21	198.212.194.244	45.172.189.15	116.43.142.31
202.94.186.37	210.255.0.163	1.122.253.124	118.38.72.120
82.200.189.204	39.221.65.128	22.225.139.182	160.153.101.115
156.165.249.132	50.193.26.157	80.239.137.148	97.255.147.143
249.153.76.21	220.232.41.240	202.126.88.50	239.193.8.96