2.133.70.113 - IPInfo

Basic Info

City: Almaty

Region: Almaty

Country: Kazakhstan

Internet Service Provider: JSC Kazakhtelecom

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Email rejected due to spam filtering	2020-02-27 06:00:53

Comments on same subnet:

IP	Type	Details	Datetime
2.133.70.201	attackbots	Oct 4 22:25:08 mailman postfix/smtpd[3769]: NOQUEUE: reject: RCPT from unknown[2.133.70.201]: 554 5.7.1 Service unavailable; Client host [2.133.70.201] blocked using sbl-xbl.spamhaus.org; https://www.spamhaus.org/query/ip/2.133.70.201 / https://www.spamhaus.org/sbl/query/SBLCSS; from= to= proto=ESMTP helo=<[2.133.70.201]> Oct 4 22:46:06 mailman postfix/smtpd[3938]: NOQUEUE: reject: RCPT from unknown[2.133.70.201]: 554 5.7.1 Service unavailable; Client host [2.133.70.201] blocked using sbl-xbl.spamhaus.org; https://www.spamhaus.org/sbl/query/SBLCSS / https://www.spamhaus.org/query/ip/2.133.70.201; from= to= proto=ESMTP helo=<[2.133.70.201]>	2019-10-05 18:20:34

Type

Details

Datetime

2.133.70.201

attackbots

Oct  4 22:25:08 mailman postfix/smtpd[3769]: NOQUEUE: reject: RCPT from unknown[2.133.70.201]: 554 5.7.1 Service unavailable; Client host [2.133.70.201] blocked using sbl-xbl.spamhaus.org; https://www.spamhaus.org/query/ip/2.133.70.201 / https://www.spamhaus.org/sbl/query/SBLCSS; from= to= proto=ESMTP helo=<[2.133.70.201]>
Oct  4 22:46:06 mailman postfix/smtpd[3938]: NOQUEUE: reject: RCPT from unknown[2.133.70.201]: 554 5.7.1 Service unavailable; Client host [2.133.70.201] blocked using sbl-xbl.spamhaus.org; https://www.spamhaus.org/sbl/query/SBLCSS / https://www.spamhaus.org/query/ip/2.133.70.201; from= to= proto=ESMTP helo=<[2.133.70.201]>

2019-10-05 18:20:34

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 2.133.70.113
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 53386
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;2.133.70.113.			IN	A

;; AUTHORITY SECTION:
.			194	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020022602 1800 900 604800 86400

;; Query time: 57 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Feb 27 06:00:47 CST 2020
;; MSG SIZE  rcvd: 116

Host info

113.70.133.2.in-addr.arpa domain name pointer 2.133.70.113.megaline.telecom.kz.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
113.70.133.2.in-addr.arpa	name = 2.133.70.113.megaline.telecom.kz.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
118.74.160.158	attack	Port 1433 Scan	2019-06-24 08:26:41
62.210.89.199	attack	MultiHost/MultiPort Probe, Scan, Hack -	2019-06-24 08:38:51
104.248.185.25	attackspam	¯\_(ツ)_/¯	2019-06-24 08:36:11
59.110.152.52	attackspam	firewall-block, port(s): 1433/tcp, 7002/tcp, 9200/tcp	2019-06-24 08:50:50
96.73.2.215	attackspambots	Wordpress Admin Login attack	2019-06-24 08:52:39
173.226.134.224	attackspambots	firewall-block, port(s): 623/tcp	2019-06-24 09:03:58
104.236.81.204	attackbotsspam	$f2bV_matches	2019-06-24 08:37:37
199.249.230.100	attackspambots	pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=199.249.230.100 user=root Failed password for root from 199.249.230.100 port 64938 ssh2 Failed password for root from 199.249.230.100 port 64938 ssh2 Failed password for root from 199.249.230.100 port 64938 ssh2 Failed password for root from 199.249.230.100 port 64938 ssh2	2019-06-24 08:40:37
119.29.11.214	attack	Jun 23 11:27:32 * sshd[20433]: Failed password for invalid user shou from 119.29.11.214 port 37364 ssh2 Jun 23 11:29:07 * sshd[20442]: Failed password for invalid user jhartley from 119.29.11.214 port 43811 ssh2 Jun 23 11:29:47 * sshd[20449]: Failed password for invalid user sylvie from 119.29.11.214 port 45971 ssh2 Jun 23 11:30:17 * sshd[20452]: Failed password for invalid user bserver from 119.29.11.214 port 48214 ssh2 Jun 23 11:30:56 * sshd[20454]: Failed password for invalid user vbox from 119.29.11.214 port 50356 ssh2 Jun 23 11:31:30 * sshd[20459]: Failed password for invalid user monitor from 119.29.11.214 port 52549 ssh2 Jun 23 11:32:06 * sshd[20461]: Failed password for invalid user telekom from 119.29.11.214 port 54719 ssh2 Jun 23 11:32:36 * sshd[20468]: Failed password for invalid user nagios from 119.29.11.214 port 56886 ssh2 Jun 23 11:33:09 * sshd[20470]: Failed password for invalid user ecqadmin from 119.29.11.214 port 59083 ssh2 Jun 23 11:33:43 * sshd[20474]: Failed password	2019-06-24 08:30:38
14.55.204.70	attackspam	Jun 16 18:30:44 wp sshd[4625]: Bad protocol version identification '' from 14.55.204.70 port 60944 Jun 16 18:31:15 wp sshd[4626]: Invalid user support from 14.55.204.70 Jun 16 18:31:17 wp sshd[4626]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.55.204.70 Jun 16 18:31:19 wp sshd[4626]: Failed password for invalid user support from 14.55.204.70 port 39282 ssh2 Jun 16 18:31:22 wp sshd[4626]: Connection closed by 14.55.204.70 [preauth] Jun 16 18:31:55 wp sshd[4630]: Invalid user ubnt from 14.55.204.70 Jun 16 18:31:57 wp sshd[4630]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.55.204.70 Jun 16 18:31:59 wp sshd[4630]: Failed password for invalid user ubnt from 14.55.204.70 port 44102 ssh2 Jun 16 18:32:02 wp sshd[4630]: Connection closed by 14.55.204.70 [preauth] Jun 16 18:32:26 wp sshd[4632]: Invalid user cisco from 14.55.204.70 Jun 16 18:32:29 wp sshd[4632]: pam_unix(sshd:auth): aut........ -------------------------------	2019-06-24 08:44:46
119.201.109.155	attackbotsspam	Jun 23 23:20:59 thevastnessof sshd[3016]: Failed password for root from 119.201.109.155 port 51366 ssh2 ...	2019-06-24 08:30:21
191.115.24.172	attackspam	firewall-block, port(s): 80/tcp	2019-06-24 08:40:58
129.211.125.141	attackspam	Jun 23 19:59:37 XXXXXX sshd[44953]: Invalid user direccion from 129.211.125.141 port 49978	2019-06-24 08:46:40
192.227.158.57	attack	NAME : CC-192-227-206-64-26 CIDR : 192.227.206.64/26 DDoS attack USA - New York - block certain countries :) IP: 192.227.158.57 Denial-of-Service Attack (DoS) Detected and Blocked by ADMIN - data recovery https://help-dysk.pl	2019-06-24 08:59:01
158.69.193.32	attackbots	Jun 23 21:59:53 cvbmail sshd\[18637\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=158.69.193.32 user=root Jun 23 21:59:56 cvbmail sshd\[18637\]: Failed password for root from 158.69.193.32 port 34248 ssh2 Jun 23 21:59:58 cvbmail sshd\[18637\]: Failed password for root from 158.69.193.32 port 34248 ssh2	2019-06-24 08:49:18

Recently Reported IPs

211.140.253.157	75.32.109.147	31.162.106.164	198.67.99.119
181.66.206.133	151.247.32.231	91.166.101.184	94.74.162.99
186.53.11.109	5.140.191.34	86.184.233.106	112.79.185.247
77.247.110.89	201.200.210.78	220.162.159.1	93.198.156.29
75.176.69.171	93.48.208.177	68.167.194.147	85.26.113.21