2.134.241.5 - IPInfo

Basic Info

City: Atyrau

Region: Atyrau Oblysy

Country: Kazakhstan

Internet Service Provider: JSC Kazakhtelecom

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Unauthorized connection attempt detected from IP address 2.134.241.5 to port 23 [J]	2020-01-05 04:02:11

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 2.134.241.5
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 11741
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;2.134.241.5.			IN	A

;; AUTHORITY SECTION:
.			273	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020010400 1800 900 604800 86400

;; Query time: 34 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Jan 05 04:02:08 CST 2020
;; MSG SIZE  rcvd: 115

Host info

5.241.134.2.in-addr.arpa domain name pointer 2.134.241.5.megaline.telecom.kz.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
5.241.134.2.in-addr.arpa	name = 2.134.241.5.megaline.telecom.kz.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
115.236.54.2	attackbots	\[2019-07-01 12:35:54\] NOTICE\[2019\] chan_sip.c: Registration from '"2066" \' failed for '115.236.54.2:5098' - Wrong password \[2019-07-01 12:35:54\] SECURITY\[2055\] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2019-07-01T12:35:54.322-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="2066",SessionID="0x7f49a80ab958",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/115.236.54.2/5098",Challenge="4ed2eda3",ReceivedChallenge="4ed2eda3",ReceivedHash="cdc682773d40949a2b9fd940383b9169" \[2019-07-01 12:35:54\] NOTICE\[2019\] chan_sip.c: Registration from '"2066" \' failed for '115.236.54.2:5098' - Wrong password \[2019-07-01 12:35:54\] SECURITY\[2055\] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2019-07-01T12:35:54.693-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="2066",SessionID="0x7f49a857b6c8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/1	2019-07-02 00:57:15
27.115.124.5	attackbots	MultiHost/MultiPort Probe, Scan, Hack -	2019-07-02 01:00:17
80.211.213.12	attack	Automatic report - Web App Attack	2019-07-02 01:03:02
1.85.82.251	attackspambots	Honeypot attack, port: 23, PTR: PTR record not found	2019-07-02 01:24:51
188.4.109.68	attackspambots	Unauthorised access (Jul 1) SRC=188.4.109.68 LEN=40 TTL=50 ID=16023 TCP DPT=23 WINDOW=16297 SYN	2019-07-02 00:47:42
24.138.129.44	attackspambots	MultiHost/MultiPort Probe, Scan, Hack -	2019-07-02 00:48:52
24.6.45.112	attackbotsspam	MultiHost/MultiPort Probe, Scan, Hack -	2019-07-02 00:55:39
125.129.83.208	attackspambots	Jul 1 15:35:32 s64-1 sshd[2805]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=125.129.83.208 Jul 1 15:35:34 s64-1 sshd[2805]: Failed password for invalid user yang from 125.129.83.208 port 60020 ssh2 Jul 1 15:37:27 s64-1 sshd[2812]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=125.129.83.208 ...	2019-07-02 01:21:38
132.232.90.20	attackspam	Jul 1 09:53:49 plusreed sshd[15482]: Invalid user tiao from 132.232.90.20 Jul 1 09:53:49 plusreed sshd[15482]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=132.232.90.20 Jul 1 09:53:49 plusreed sshd[15482]: Invalid user tiao from 132.232.90.20 Jul 1 09:53:50 plusreed sshd[15482]: Failed password for invalid user tiao from 132.232.90.20 port 52856 ssh2 ...	2019-07-02 01:41:12
80.93.96.26	attack	Jul 1 15:35:49 meumeu sshd[17277]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.93.96.26 Jul 1 15:35:52 meumeu sshd[17277]: Failed password for invalid user grassi from 80.93.96.26 port 47744 ssh2 Jul 1 15:38:19 meumeu sshd[17569]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.93.96.26 ...	2019-07-02 00:38:08
206.189.165.94	attackspambots	Reported by AbuseIPDB proxy server.	2019-07-02 01:17:49
1.26.148.194	attackspam	Honeypot attack, port: 23, PTR: PTR record not found	2019-07-02 01:18:35
96.9.154.23	attackspambots	Honeypot attack, port: 445, PTR: static-host-96-9-154-23.awasr.om.	2019-07-02 01:09:30
138.204.142.85	attackspam	Honeypot attack, port: 445, PTR: PTR record not found	2019-07-02 01:11:41
142.93.101.13	attackspam	Jul 1 18:24:58 rpi sshd[4618]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.101.13 Jul 1 18:25:00 rpi sshd[4618]: Failed password for invalid user ubuntu from 142.93.101.13 port 50194 ssh2	2019-07-02 00:44:40

Recently Reported IPs

95.16.73.62	210.212.235.51	213.86.194.100	107.151.21.197
209.203.248.147	210.12.190.40	52.108.2.235	150.142.129.35
200.222.5.141	135.22.101.144	183.48.249.142	200.207.22.31
154.157.40.228	14.39.56.255	196.221.99.111	2.201.172.158
190.162.197.244	190.44.221.74	137.138.25.199	190.239.43.18