2.133.1.66 - IPInfo

Basic Info

City: Astana

Region: Astana

Country: Kazakhstan

Internet Service Provider: Kazakhtelecom

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
2.133.164.41	attackbotsspam	[portscan] Port scan	2020-03-19 04:40:32
2.133.198.97	attackbots	Email rejected due to spam filtering	2020-03-04 01:28:51
2.133.118.254	attackbots	Nov 11 00:25:00 mailman postfix/smtpd[15122]: NOQUEUE: reject: RCPT from unknown[2.133.118.254]: 554 5.7.1 Service unavailable; Client host [2.133.118.254] blocked using sbl-xbl.spamhaus.org; https://www.spamhaus.org/query/ip/2.133.118.254; from= to= proto=ESMTP helo=<[5.250.142.241]> Nov 11 00:29:37 mailman postfix/smtpd[15122]: NOQUEUE: reject: RCPT from unknown[2.133.118.254]: 554 5.7.1 Service unavailable; Client host [2.133.118.254] blocked using sbl-xbl.spamhaus.org; https://www.spamhaus.org/query/ip/2.133.118.254; from= to= proto=ESMTP helo=<[5.250.142.241]>	2019-11-11 15:37:40
2.133.129.254	attackbots	Unauthorized connection attempt from IP address 2.133.129.254 on Port 445(SMB)	2019-09-09 07:15:11
2.133.146.145	attackspam	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-07-08 05:32:54,411 INFO [amun_request_handler] PortScan Detected on Port: 445 (2.133.146.145)	2019-07-08 14:28:46

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 2.133.1.66
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 24387
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;2.133.1.66.			IN	A

;; AUTHORITY SECTION:
.			141	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022121500 1800 900 604800 86400

;; Query time: 94 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Dec 15 17:41:38 CST 2022
;; MSG SIZE  rcvd: 103

Host info

66.1.133.2.in-addr.arpa domain name pointer 2.133.1.66.megaline.telecom.kz.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
66.1.133.2.in-addr.arpa	name = 2.133.1.66.megaline.telecom.kz.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
175.149.170.108	attackspambots	TCP (SYN) 175.149.170.108:32986 -> port 26, len 44	2020-05-25 17:55:18
60.170.189.102	attack	Unauthorized connection attempt detected from IP address 60.170.189.102 to port 23	2020-05-25 17:46:27
216.252.20.47	attack	May 25 00:23:08 Tower sshd[43462]: Connection from 216.252.20.47 port 34000 on 192.168.10.220 port 22 rdomain "" May 25 00:23:09 Tower sshd[43462]: Failed password for root from 216.252.20.47 port 34000 ssh2 May 25 00:23:09 Tower sshd[43462]: Received disconnect from 216.252.20.47 port 34000:11: Bye Bye [preauth] May 25 00:23:09 Tower sshd[43462]: Disconnected from authenticating user root 216.252.20.47 port 34000 [preauth]	2020-05-25 17:49:05
49.233.205.82	attackspam	May 25 04:41:36 Tower sshd[38304]: Connection from 49.233.205.82 port 60734 on 192.168.10.220 port 22 rdomain "" May 25 04:41:40 Tower sshd[38304]: Failed password for root from 49.233.205.82 port 60734 ssh2 May 25 04:41:40 Tower sshd[38304]: Received disconnect from 49.233.205.82 port 60734:11: Bye Bye [preauth] May 25 04:41:40 Tower sshd[38304]: Disconnected from authenticating user root 49.233.205.82 port 60734 [preauth]	2020-05-25 17:45:13
129.226.67.78	attackbots	May 25 07:20:01 l03 sshd[8319]: Invalid user thunder from 129.226.67.78 port 58492 ...	2020-05-25 18:05:07
189.124.8.23	attackbots	$f2bV_matches	2020-05-25 17:51:53
193.56.28.176	attackspambots	May 25 11:36:10 mail postfix/smtpd\[17441\]: warning: unknown\[193.56.28.176\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\ May 25 11:36:16 mail postfix/smtpd\[17441\]: warning: unknown\[193.56.28.176\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\ May 25 11:36:27 mail postfix/smtpd\[17441\]: warning: unknown\[193.56.28.176\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\ May 25 11:36:37 mail postfix/smtpd\[17441\]: warning: unknown\[193.56.28.176\]: SASL LOGIN authentication failed: Connection lost to authentication server\	2020-05-25 17:57:47
193.32.188.174	attackspambots	2020-05-24 22:46:20.184872-0500 localhost smtpd[4013]: NOQUEUE: reject: RCPT from s7.are7.ru[193.32.188.174]: 454 4.7.1 : Relay access denied; from= to= proto=ESMTP helo=	2020-05-25 18:11:22
93.39.104.224	attackspam	2020-05-25T11:21:10.150976 sshd[16241]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=93.39.104.224 user=root 2020-05-25T11:21:11.969690 sshd[16241]: Failed password for root from 93.39.104.224 port 45120 ssh2 2020-05-25T11:24:54.875250 sshd[16358]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=93.39.104.224 user=root 2020-05-25T11:24:56.443259 sshd[16358]: Failed password for root from 93.39.104.224 port 52470 ssh2 ...	2020-05-25 18:16:46
2001:41d0:303:3d4a::	attackbotsspam	2001:41d0:303:3d4a:: - - [25/May/2020:06:23:39 +0200] "www.ruhnke.cloud" "POST /xmlrpc.php HTTP/1.1" 200 220 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" "-" 2001:41d0:303:3d4a:: - - [25/May/2020:09:57:49 +0200] "www.ruhnke.cloud" "POST /wp-login.php HTTP/1.1" 200 2819 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" "-" 2001:41d0:303:3d4a:: - - [25/May/2020:09:57:49 +0200] "www.ruhnke.cloud" "POST /wp-login.php HTTP/1.1" 200 2819 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" "-" 2001:41d0:303:3d4a:: - - [25/May/2020:09:57:52 +0200] "www.ruhnke.cloud" "POST /xmlrpc.php HTTP/1.1" 200 261 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" "-" ...	2020-05-25 17:47:00
192.141.200.20	attackbots	May 25 11:21:01 ns382633 sshd\[20000\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.141.200.20 user=root May 25 11:21:02 ns382633 sshd\[20000\]: Failed password for root from 192.141.200.20 port 57520 ssh2 May 25 11:34:30 ns382633 sshd\[22372\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.141.200.20 user=root May 25 11:34:32 ns382633 sshd\[22372\]: Failed password for root from 192.141.200.20 port 50098 ssh2 May 25 11:38:45 ns382633 sshd\[23257\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.141.200.20 user=root	2020-05-25 18:03:49
210.18.183.120	attackbotsspam	odoo8 ...	2020-05-25 18:17:16
122.51.70.17	attackspam	SSH invalid-user multiple login try	2020-05-25 18:07:56
82.189.223.116	attackspam	SSH login attempts.	2020-05-25 17:51:02
212.237.25.210	attack	::ffff:212.237.25.210 - - [25/May/2020:05:59:10 +0200] "www.ruhnke.cloud" "POST /wp-login.php HTTP/1.1" 200 4986 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" "-" ::ffff:212.237.25.210 - - [25/May/2020:05:59:12 +0200] "www.ruhnke.cloud" "POST /xmlrpc.php HTTP/1.1" 200 220 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" "-" ::ffff:212.237.25.210 - - [25/May/2020:07:30:17 +0200] "www.ruhnke.cloud" "POST /wp-login.php HTTP/1.1" 200 4986 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" "-" ::ffff:212.237.25.210 - - [25/May/2020:07:30:20 +0200] "www.ruhnke.cloud" "POST /xmlrpc.php HTTP/1.1" 200 291 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" "-" ::ffff:212.237.25.210 - - [25/May/2020:10:14:25 +0200] "www.ruhnke.cloud" "POST /wp-login.php HTTP/1.1" 200 4986 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" "-" ...	2020-05-25 18:03:31

Recently Reported IPs

183.35.28.217	17.196.140.205	150.32.237.166	148.83.193.54
146.159.4.181	130.197.60.104	132.180.208.100	123.201.225.162
0.110.55.73	148.64.127.77	1.116.129.209	91.78.207.203
93.106.121.55	90.224.164.190	86.209.168.242	85.144.139.104
84.51.122.255	172.253.228.17	77.162.207.175	76.202.156.23