2.134.10.103 - IPInfo

Basic Info

City: Karaganda

Region: Karaganda

Country: Kazakhstan

Internet Service Provider: JSC Kazakhtelecom

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Unauthorized connection attempt from IP address 2.134.10.103 on Port 445(SMB)	2019-11-29 02:59:51

Comments on same subnet:

IP	Type	Details	Datetime
2.134.106.217	attackbots	" "	2019-07-31 18:59:18

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 2.134.10.103
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 2149
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;2.134.10.103.			IN	A

;; AUTHORITY SECTION:
.			582	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019112802 1800 900 604800 86400

;; Query time: 61 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Nov 29 02:59:48 CST 2019
;; MSG SIZE  rcvd: 116

Host info

103.10.134.2.in-addr.arpa domain name pointer 2.134.10.103.megaline.telecom.kz.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
103.10.134.2.in-addr.arpa	name = 2.134.10.103.megaline.telecom.kz.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
180.179.236.177	attack	May 26 10:07:58 Ubuntu-1404-trusty-64-minimal sshd\[13264\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.179.236.177 user=root May 26 10:07:59 Ubuntu-1404-trusty-64-minimal sshd\[13264\]: Failed password for root from 180.179.236.177 port 57794 ssh2 May 26 10:22:59 Ubuntu-1404-trusty-64-minimal sshd\[26408\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.179.236.177 user=root May 26 10:23:01 Ubuntu-1404-trusty-64-minimal sshd\[26408\]: Failed password for root from 180.179.236.177 port 34258 ssh2 May 26 10:27:04 Ubuntu-1404-trusty-64-minimal sshd\[30090\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.179.236.177 user=root	2020-05-26 19:08:01
217.196.21.114	attackbotsspam	Unauthorized connection attempt from IP address 217.196.21.114 on Port 445(SMB)	2020-05-26 19:16:33
161.35.77.116	attackbotsspam	May2609:29:43server2kernel:Firewall:\TCP_INBlocked\IN=eth0OUT=MAC=00:16:3e:3f:7a:43:52:54:00:a2:7f:43:08:00SRC=161.35.77.116DST=136.243.224.54LEN=40TOS=0x00PREC=0x00TTL=57ID=40430PROTO=TCPSPT=22375DPT=23WINDOW=31311RES=0x00SYNURGP=0May2609:29:58server2kernel:Firewall:\TCP_INBlocked\IN=eth0OUT=MAC=00:16:3e:3f:7a:43:52:54:00:a2:7f:43:08:00SRC=161.35.77.116DST=136.243.224.54LEN=40TOS=0x00PREC=0x00TTL=57ID=40430PROTO=TCPSPT=22375DPT=23WINDOW=31311RES=0x00SYNURGP=0May2609:30:01server2kernel:Firewall:\TCP_INBlocked\IN=eth0OUT=MAC=00:16:3e:3f:7a:43:52:54:00:a2:7f:43:08:00SRC=161.35.77.116DST=136.243.224.54LEN=40TOS=0x00PREC=0x00TTL=57ID=40430PROTO=TCPSPT=22375DPT=23WINDOW=31311RES=0x00SYNURGP=0May2609:30:02server2kernel:Firewall:\TCP_INBlocked\IN=eth0OUT=MAC=00:16:3e:3f:7a:43:52:54:00:a2:7f:43:08:00SRC=161.35.77.116DST=136.243.224.54LEN=40TOS=0x00PREC=0x00TTL=57ID=40430PROTO=TCPSPT=22375DPT=23WINDOW=31311RES=0x00SYNURGP=0May2609:30:04server2kernel:Firewall:\TCP_INBlocked\IN=eth0OUT=MAC=00:16:3e:3f:7a:43:52	2020-05-26 19:01:41
222.186.42.7	attackspam	May 26 01:13:56 php1 sshd\[12544\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.42.7 user=root May 26 01:13:59 php1 sshd\[12544\]: Failed password for root from 222.186.42.7 port 56702 ssh2 May 26 01:14:01 php1 sshd\[12544\]: Failed password for root from 222.186.42.7 port 56702 ssh2 May 26 01:14:03 php1 sshd\[12544\]: Failed password for root from 222.186.42.7 port 56702 ssh2 May 26 01:14:08 php1 sshd\[12559\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.42.7 user=root	2020-05-26 19:21:08
185.212.48.30	attack	Unauthorized connection attempt detected from IP address 185.212.48.30 to port 445	2020-05-26 18:50:52
218.78.213.143	attackspambots	May 26 11:18:58 ncomp sshd[9104]: Invalid user unreal from 218.78.213.143 May 26 11:18:58 ncomp sshd[9104]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.78.213.143 May 26 11:18:58 ncomp sshd[9104]: Invalid user unreal from 218.78.213.143 May 26 11:19:00 ncomp sshd[9104]: Failed password for invalid user unreal from 218.78.213.143 port 13135 ssh2	2020-05-26 19:06:08
5.248.234.21	attackbots	Unauthorized connection attempt from IP address 5.248.234.21 on Port 445(SMB)	2020-05-26 19:16:07
2.236.188.179	attack	May 26 12:33:41 minden010 sshd[13607]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=2.236.188.179 May 26 12:33:43 minden010 sshd[13607]: Failed password for invalid user test from 2.236.188.179 port 59236 ssh2 May 26 12:41:09 minden010 sshd[17984]: Failed password for root from 2.236.188.179 port 38796 ssh2 ...	2020-05-26 19:04:18
118.25.108.11	attackspam	May 26 11:24:25 pl3server sshd[19440]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.25.108.11 user=r.r May 26 11:24:27 pl3server sshd[19440]: Failed password for r.r from 118.25.108.11 port 56700 ssh2 May 26 11:24:27 pl3server sshd[19440]: Received disconnect from 118.25.108.11 port 56700:11: Bye Bye [preauth] May 26 11:24:27 pl3server sshd[19440]: Disconnected from 118.25.108.11 port 56700 [preauth] May 26 11:29:39 pl3server sshd[24683]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.25.108.11 user=r.r ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=118.25.108.11	2020-05-26 18:53:11
38.78.210.125	attackbots	May 25 21:54:02 web1 sshd\[17687\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=38.78.210.125 user=root May 25 21:54:05 web1 sshd\[17687\]: Failed password for root from 38.78.210.125 port 41728 ssh2 May 25 21:55:36 web1 sshd\[17815\]: Invalid user q1w2e3r4t5 from 38.78.210.125 May 25 21:55:36 web1 sshd\[17815\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=38.78.210.125 May 25 21:55:39 web1 sshd\[17815\]: Failed password for invalid user q1w2e3r4t5 from 38.78.210.125 port 53229 ssh2	2020-05-26 18:50:34
5.238.56.217	attackbotsspam	Unauthorized connection attempt from IP address 5.238.56.217 on Port 445(SMB)	2020-05-26 19:00:16
176.113.115.248	attackspambots	Port-scan: detected 210 distinct ports within a 24-hour window.	2020-05-26 19:19:11
51.83.73.115	attack	May 25 21:56:44 php1 sshd\[29524\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.83.73.115 user=root May 25 21:56:45 php1 sshd\[29524\]: Failed password for root from 51.83.73.115 port 40646 ssh2 May 25 21:59:23 php1 sshd\[30296\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.83.73.115 user=sshd May 25 21:59:25 php1 sshd\[30296\]: Failed password for sshd from 51.83.73.115 port 33554 ssh2 May 25 22:02:03 php1 sshd\[30506\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.83.73.115 user=root	2020-05-26 18:41:22
67.205.137.32	attackbotsspam	(sshd) Failed SSH login from 67.205.137.32 (US/United States/dev.pana): 5 in the last 3600 secs	2020-05-26 18:52:09
174.138.34.155	attackspambots	May 26 10:59:19 xeon sshd[11560]: Failed password for invalid user test from 174.138.34.155 port 59844 ssh2	2020-05-26 18:51:33

Recently Reported IPs

211.228.94.141	91.166.62.79	190.225.52.120	202.108.197.176
3.251.103.167	205.231.126.80	131.96.49.96	217.253.87.246
67.229.135.18	24.34.8.221	103.60.176.46	98.152.219.104
221.88.241.202	79.0.139.41	41.45.163.58	143.92.37.221
149.241.108.159	119.29.175.190	122.245.198.117	39.220.78.189