2.134.254.193 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Kazakhstan

Internet Service Provider: Metro Ethernet Network

Hostname: unknown

Organization: unknown

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspam	2019-07-08 18:33:06 1hkWZd-0005oh-CW SMTP connection from \(2.134.254.193.megaline.telecom.kz\) \[2.134.254.193\]:20576 I=\[193.107.88.166\]:25 closed by DROP in ACL 2019-07-08 18:33:30 1hkWa1-0005pH-KS SMTP connection from \(2.134.254.193.megaline.telecom.kz\) \[2.134.254.193\]:20774 I=\[193.107.88.166\]:25 closed by DROP in ACL 2019-07-08 18:33:40 1hkWaC-0005pX-0k SMTP connection from \(2.134.254.193.megaline.telecom.kz\) \[2.134.254.193\]:20855 I=\[193.107.88.166\]:25 closed by DROP in ACL ...	2020-01-30 02:11:07

Type

Details

Datetime

attackspam

2019-07-08 18:33:06 1hkWZd-0005oh-CW SMTP connection from \(2.134.254.193.megaline.telecom.kz\) \[2.134.254.193\]:20576 I=\[193.107.88.166\]:25 closed by DROP in ACL
2019-07-08 18:33:30 1hkWa1-0005pH-KS SMTP connection from \(2.134.254.193.megaline.telecom.kz\) \[2.134.254.193\]:20774 I=\[193.107.88.166\]:25 closed by DROP in ACL
2019-07-08 18:33:40 1hkWaC-0005pX-0k SMTP connection from \(2.134.254.193.megaline.telecom.kz\) \[2.134.254.193\]:20855 I=\[193.107.88.166\]:25 closed by DROP in ACL
...

2020-01-30 02:11:07

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 2.134.254.193
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 37696
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;2.134.254.193.			IN	A

;; AUTHORITY SECTION:
.			291	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020012901 1800 900 604800 86400

;; Query time: 128 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Jan 30 02:11:02 CST 2020
;; MSG SIZE  rcvd: 117

Host info

193.254.134.2.in-addr.arpa domain name pointer 2.134.254.193.megaline.telecom.kz.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
193.254.134.2.in-addr.arpa	name = 2.134.254.193.megaline.telecom.kz.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
178.217.159.175	attackspambots	$f2bV_matches	2019-11-16 22:42:14
103.214.137.220	attackbotsspam	Unauthorized connection attempt from IP address 103.214.137.220 on Port 445(SMB)	2019-11-16 22:19:06
103.218.245.76	attackbotsspam	Unauthorised access (Nov 16) SRC=103.218.245.76 LEN=52 PREC=0x20 TTL=111 ID=32346 DF TCP DPT=445 WINDOW=8192 SYN	2019-11-16 22:14:08
201.236.195.58	attackbots	Unauthorized connection attempt from IP address 201.236.195.58 on Port 445(SMB)	2019-11-16 22:15:10
120.132.114.103	attack	$f2bV_matches	2019-11-16 22:25:09
54.203.124.33	attackspam	Nov 16 08:39:45 OPSO sshd\[8612\]: Invalid user gerfrid from 54.203.124.33 port 41224 Nov 16 08:39:45 OPSO sshd\[8612\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.203.124.33 Nov 16 08:39:47 OPSO sshd\[8612\]: Failed password for invalid user gerfrid from 54.203.124.33 port 41224 ssh2 Nov 16 08:44:09 OPSO sshd\[9578\]: Invalid user himalaya from 54.203.124.33 port 50916 Nov 16 08:44:09 OPSO sshd\[9578\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.203.124.33	2019-11-16 22:05:57
87.236.20.167	attackbotsspam	87.236.20.167 - - \[16/Nov/2019:06:16:34 +0000\] "POST /wp/wp-login.php HTTP/1.1" 200 4205 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" 87.236.20.167 - - \[16/Nov/2019:06:16:35 +0000\] "POST /wp/xmlrpc.php HTTP/1.1" 200 403 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" ...	2019-11-16 22:44:17
92.154.52.40	attackspambots	Automatic report - Port Scan Attack	2019-11-16 22:27:31
194.28.112.141	attackspam	11/16/2019-08:51:24.686304 194.28.112.141 Protocol: 6 ET SCAN NMAP -sS window 1024	2019-11-16 22:22:34
122.178.139.185	attackbots	Unauthorized connection attempt from IP address 122.178.139.185 on Port 445(SMB)	2019-11-16 22:45:57
58.250.61.78	attackspam	Invalid user test2 from 58.250.61.78 port 57314	2019-11-16 22:11:14
129.226.122.195	attackspam	Nov 16 08:19:19 vps691689 sshd[4765]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.226.122.195 Nov 16 08:19:22 vps691689 sshd[4765]: Failed password for invalid user sirpa from 129.226.122.195 port 47366 ssh2 Nov 16 08:23:30 vps691689 sshd[4858]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.226.122.195 ...	2019-11-16 22:12:15
194.37.92.48	attackbotsspam	k+ssh-bruteforce	2019-11-16 22:36:23
23.105.246.135	attackbotsspam	looking for vulnerabilities and adminer: examples - /wp-admin/admin-ajax.php?action=revslider_show_image&img=../wp-config.php - /adminer-4.6.2-mysql.php	2019-11-16 22:09:34
79.164.48.29	attackbots	11/16/2019-07:16:53.555586 79.164.48.29 Protocol: 6 ET CINS Active Threat Intelligence Poor Reputation IP group 80	2019-11-16 22:30:49

Recently Reported IPs

2.126.180.204	170.81.246.190	2.126.133.136	175.171.218.173
174.137.42.61	2.110.192.204	1.179.234.246	2.103.142.197
64.98.36.112	36.75.143.206	199.189.27.98	198.23.145.200
199.189.27.126	129.204.63.100	199.189.27.125	106.13.178.14
67.175.126.149	199.189.27.124	199.189.27.123	179.96.28.66