City: unknown
Region: unknown
Country: Kazakhstan
Internet Service Provider: unknown
Hostname: unknown
Organization: unknown
Usage Type: unknown
| IP | Type | Details | Datetime |
|---|---|---|---|
| 2.134.28.68 | attack | Unauthorized connection attempt from IP address 2.134.28.68 on Port 445(SMB) |
2020-07-09 02:38:18 |
| 2.134.202.108 | attackspam | Port probing on unauthorized port 445 |
2020-06-10 14:30:05 |
| 2.134.240.168 | attackspambots | SSH bruteforce more then 50 syn to 22 port per 10 seconds. |
2020-05-21 17:04:41 |
| 2.134.242.89 | attack | DATE:2020-02-09 00:04:11, IP:2.134.242.89, PORT:telnet Telnet brute force auth on honeypot server (honey-neo-dc) |
2020-02-09 08:07:43 |
| 2.134.242.89 | attackbots | Unauthorized connection attempt detected from IP address 2.134.242.89 to port 23 [J] |
2020-02-05 19:48:28 |
| 2.134.254.193 | attackspam | 2019-07-08 18:33:06 1hkWZd-0005oh-CW SMTP connection from \(2.134.254.193.megaline.telecom.kz\) \[2.134.254.193\]:20576 I=\[193.107.88.166\]:25 closed by DROP in ACL 2019-07-08 18:33:30 1hkWa1-0005pH-KS SMTP connection from \(2.134.254.193.megaline.telecom.kz\) \[2.134.254.193\]:20774 I=\[193.107.88.166\]:25 closed by DROP in ACL 2019-07-08 18:33:40 1hkWaC-0005pX-0k SMTP connection from \(2.134.254.193.megaline.telecom.kz\) \[2.134.254.193\]:20855 I=\[193.107.88.166\]:25 closed by DROP in ACL ... |
2020-01-30 02:11:07 |
| 2.134.240.111 | attackbots | Telnet/23 MH Probe, BF, Hack - |
2020-01-10 04:22:58 |
| 2.134.241.5 | attack | Unauthorized connection attempt detected from IP address 2.134.241.5 to port 23 [J] |
2020-01-05 04:02:11 |
| 2.134.226.58 | attackbots | namecheap spam |
2019-08-28 16:13:23 |
| 2.134.204.20 | attack | fell into ViewStateTrap:wien2018 |
2019-07-18 15:03:28 |
| 2.134.204.20 | attackspam | /posting.php?mode=post&f=3 |
2019-07-05 04:43:59 |
b
; <<>> DiG 9.10.3-P4-Ubuntu <<>> 2.134.2.28
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 45528
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;2.134.2.28. IN A
;; AUTHORITY SECTION:
. 30 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2025020302 1800 900 604800 86400
;; Query time: 143 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Feb 04 06:40:19 CST 2025
;; MSG SIZE rcvd: 103
28.2.134.2.in-addr.arpa domain name pointer 2.134.2.28.dynamic.telecom.kz.
Server: 183.60.83.19
Address: 183.60.83.19#53
Non-authoritative answer:
28.2.134.2.in-addr.arpa name = 2.134.2.28.dynamic.telecom.kz.
Authoritative answers can be found from:
| IP | Type | Details | Datetime |
|---|---|---|---|
| 189.8.108.161 | attack | Apr 4 15:48:47 localhost sshd[119476]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=189.8.108.161 user=root Apr 4 15:48:50 localhost sshd[119476]: Failed password for root from 189.8.108.161 port 57802 ssh2 Apr 4 15:53:35 localhost sshd[119957]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=189.8.108.161 user=root Apr 4 15:53:37 localhost sshd[119957]: Failed password for root from 189.8.108.161 port 38944 ssh2 Apr 4 15:58:23 localhost sshd[120418]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=189.8.108.161 user=root Apr 4 15:58:25 localhost sshd[120418]: Failed password for root from 189.8.108.161 port 48318 ssh2 ... |
2020-04-05 01:27:44 |
| 106.13.178.103 | attackspambots | $f2bV_matches |
2020-04-05 01:49:05 |
| 54.37.66.73 | attackspambots | 2020-04-04T18:00:25.047568librenms sshd[4899]: Failed password for root from 54.37.66.73 port 44006 ssh2 2020-04-04T18:04:11.768353librenms sshd[4975]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=73.ip-54-37-66.eu user=root 2020-04-04T18:04:14.259588librenms sshd[4975]: Failed password for root from 54.37.66.73 port 50774 ssh2 ... |
2020-04-05 01:52:44 |
| 152.32.134.90 | attackbots | Apr 4 10:12:13 pixelmemory sshd[28950]: Failed password for root from 152.32.134.90 port 57520 ssh2 Apr 4 10:22:50 pixelmemory sshd[31648]: Failed password for root from 152.32.134.90 port 41416 ssh2 ... |
2020-04-05 01:48:50 |
| 5.196.38.15 | attackspam | Apr 4 15:30:52 legacy sshd[31289]: Failed password for root from 5.196.38.15 port 54298 ssh2 Apr 4 15:34:33 legacy sshd[31398]: Failed password for root from 5.196.38.15 port 59460 ssh2 ... |
2020-04-05 01:47:45 |
| 51.83.57.157 | attackspam | SSH authentication failure x 6 reported by Fail2Ban ... |
2020-04-05 01:23:53 |
| 51.77.194.232 | attack | Apr 4 08:09:04 Tower sshd[6117]: refused connect from 200.88.48.99 (200.88.48.99) Apr 4 13:13:01 Tower sshd[6117]: Connection from 51.77.194.232 port 57690 on 192.168.10.220 port 22 rdomain "" Apr 4 13:13:02 Tower sshd[6117]: Failed password for root from 51.77.194.232 port 57690 ssh2 Apr 4 13:13:02 Tower sshd[6117]: Received disconnect from 51.77.194.232 port 57690:11: Bye Bye [preauth] Apr 4 13:13:02 Tower sshd[6117]: Disconnected from authenticating user root 51.77.194.232 port 57690 [preauth] |
2020-04-05 01:42:34 |
| 40.115.30.190 | attackbotsspam | Apr 4 15:38:44 hell sshd[12650]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=40.115.30.190 Apr 4 15:38:46 hell sshd[12650]: Failed password for invalid user storm from 40.115.30.190 port 53484 ssh2 ... |
2020-04-05 01:26:41 |
| 42.98.155.130 | attackspambots | Honeypot attack, port: 5555, PTR: 42-98-155-130.static.netvigator.com. |
2020-04-05 01:30:58 |
| 3.86.30.66 | attackspambots | Automatically reported by fail2ban report script (mx1) |
2020-04-05 01:34:43 |
| 62.110.11.66 | attackspambots | Apr 4 17:31:06 game-panel sshd[19866]: Failed password for root from 62.110.11.66 port 52608 ssh2 Apr 4 17:34:54 game-panel sshd[20046]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=62.110.11.66 Apr 4 17:34:56 game-panel sshd[20046]: Failed password for invalid user sunfang from 62.110.11.66 port 35256 ssh2 |
2020-04-05 01:50:04 |
| 91.134.235.254 | attack | Port probing on unauthorized port 17133 |
2020-04-05 01:11:49 |
| 91.15.182.151 | attack | 21 attempts against mh-misbehave-ban on float |
2020-04-05 01:23:37 |
| 118.25.3.29 | attackbotsspam | (sshd) Failed SSH login from 118.25.3.29 (CN/China/-): 2 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Apr 4 15:38:30 ubnt-55d23 sshd[25920]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.25.3.29 user=root Apr 4 15:38:32 ubnt-55d23 sshd[25920]: Failed password for root from 118.25.3.29 port 47319 ssh2 |
2020-04-05 01:43:18 |
| 141.98.81.182 | attackspam | 2020-04-04T17:12:48.444182shield sshd\[23538\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=141.98.81.182 user=root 2020-04-04T17:12:51.110251shield sshd\[23538\]: Failed password for root from 141.98.81.182 port 35537 ssh2 2020-04-04T17:13:31.256225shield sshd\[23654\]: Invalid user admin from 141.98.81.182 port 43263 2020-04-04T17:13:31.258851shield sshd\[23654\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=141.98.81.182 2020-04-04T17:13:32.494671shield sshd\[23654\]: Failed password for invalid user admin from 141.98.81.182 port 43263 ssh2 |
2020-04-05 01:13:49 |