2.134.3.165 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Kazakhstan

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
2.134.32.134	attackspambots	2019-10-23 19:56:55 1iNKsQ-000421-Qp SMTP connection from \(2.134.32.134.megaline.telecom.kz\) \[2.134.32.134\]:19700 I=\[193.107.88.166\]:25 closed by DROP in ACL 2019-10-23 19:57:02 1iNKsX-00042A-CO SMTP connection from \(2.134.32.134.megaline.telecom.kz\) \[2.134.32.134\]:19756 I=\[193.107.88.166\]:25 closed by DROP in ACL 2019-10-23 19:57:07 1iNKsc-00042j-JG SMTP connection from \(2.134.32.134.megaline.telecom.kz\) \[2.134.32.134\]:19784 I=\[193.107.88.166\]:25 closed by DROP in ACL ...	2020-01-30 02:09:42
2.134.37.244	attack	CloudCIX Reconnaissance Scan Detected, PTR: 2.134.37.244.megaline.telecom.kz.	2019-12-30 23:14:10

Type

Details

Datetime

2.134.32.134

attackspambots

2019-10-23 19:56:55 1iNKsQ-000421-Qp SMTP connection from \(2.134.32.134.megaline.telecom.kz\) \[2.134.32.134\]:19700 I=\[193.107.88.166\]:25 closed by DROP in ACL
2019-10-23 19:57:02 1iNKsX-00042A-CO SMTP connection from \(2.134.32.134.megaline.telecom.kz\) \[2.134.32.134\]:19756 I=\[193.107.88.166\]:25 closed by DROP in ACL
2019-10-23 19:57:07 1iNKsc-00042j-JG SMTP connection from \(2.134.32.134.megaline.telecom.kz\) \[2.134.32.134\]:19784 I=\[193.107.88.166\]:25 closed by DROP in ACL
...

2020-01-30 02:09:42

2.134.37.244

attack

CloudCIX Reconnaissance Scan Detected, PTR: 2.134.37.244.megaline.telecom.kz.

2019-12-30 23:14:10

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 2.134.3.165
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 20263
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;2.134.3.165.			IN	A

;; AUTHORITY SECTION:
.			494	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022020702 1800 900 604800 86400

;; Query time: 66 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Feb 08 07:25:17 CST 2022
;; MSG SIZE  rcvd: 104

Host info

165.3.134.2.in-addr.arpa domain name pointer 2.134.3.165.megaline.telecom.kz.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
165.3.134.2.in-addr.arpa	name = 2.134.3.165.megaline.telecom.kz.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
40.83.97.135	attack	Lines containing failures of 40.83.97.135 Sep 9 20:48:07 mellenthin sshd[16774]: User r.r from 40.83.97.135 not allowed because not listed in AllowUsers Sep 9 20:48:07 mellenthin sshd[16774]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=40.83.97.135 user=r.r Sep 9 20:48:10 mellenthin sshd[16774]: Failed password for invalid user r.r from 40.83.97.135 port 52142 ssh2 Sep 9 20:48:10 mellenthin sshd[16774]: Connection closed by invalid user r.r 40.83.97.135 port 52142 [preauth] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=40.83.97.135	2020-09-10 04:40:35
104.248.143.177	attackspambots	2020-09-09T15:33:00.175743dreamphreak.com sshd[267675]: Invalid user oracle from 104.248.143.177 port 58094 2020-09-09T15:33:02.225547dreamphreak.com sshd[267675]: Failed password for invalid user oracle from 104.248.143.177 port 58094 ssh2 ...	2020-09-10 04:46:54
220.66.155.2	attackbots	Dovecot Invalid User Login Attempt.	2020-09-10 05:03:42
190.141.172.90	attackspam	20/9/9@12:55:39: FAIL: Alarm-Network address from=190.141.172.90 20/9/9@12:55:39: FAIL: Alarm-Network address from=190.141.172.90 ...	2020-09-10 05:00:21
183.83.217.190	attackspam	$f2bV_matches	2020-09-10 04:48:13
156.54.164.58	attackspambots	Sep 9 21:49:19 lnxmail61 sshd[25174]: Failed password for root from 156.54.164.58 port 53224 ssh2 Sep 9 21:49:19 lnxmail61 sshd[25174]: Failed password for root from 156.54.164.58 port 53224 ssh2	2020-09-10 04:40:21
51.83.57.157	attackbots	(sshd) Failed SSH login from 51.83.57.157 (FR/France/ip157.ip-51-83-57.eu): 5 in the last 3600 secs	2020-09-10 04:52:55
49.234.41.108	attackspam	SSH Brute Force	2020-09-10 04:31:35
85.99.207.44	attack	Unauthorized connection attempt from IP address 85.99.207.44 on Port 445(SMB)	2020-09-10 04:52:02
199.193.204.188	attackbotsspam	Sent VOIP email and attachment which contained a trojan	2020-09-10 04:54:31
112.85.42.200	attackspam	Sep 10 01:56:22 gw1 sshd[11877]: Failed password for root from 112.85.42.200 port 31023 ssh2 Sep 10 01:56:38 gw1 sshd[11877]: Failed password for root from 112.85.42.200 port 31023 ssh2 Sep 10 01:56:38 gw1 sshd[11877]: error: maximum authentication attempts exceeded for root from 112.85.42.200 port 31023 ssh2 [preauth] ...	2020-09-10 05:03:12
36.88.247.164	attackbots	port	2020-09-10 04:59:01
82.196.9.161	attackspambots	Port Scan detected from 82.196.9.161 (NL/Netherlands/North Holland/Amsterdam-Zuidoost/-). 4 hits in the last 240 seconds	2020-09-10 05:02:01
103.147.10.222	attack	103.147.10.222 - - [09/Sep/2020:20:37:44 +0200] "GET /wp-login.php HTTP/1.1" 200 9184 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 103.147.10.222 - - [09/Sep/2020:20:37:46 +0200] "POST /wp-login.php HTTP/1.1" 200 9435 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 103.147.10.222 - - [09/Sep/2020:20:37:48 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-09-10 04:50:42
51.91.8.222	attackbots	Too many connections or unauthorized access detected from Arctic banned ip	2020-09-10 04:35:31

Recently Reported IPs

46.246.122.180	125.235.227.157	176.34.92.229	192.162.133.10
120.235.137.170	178.137.33.84	58.11.44.123	113.161.196.198
180.164.78.55	177.53.164.91	217.168.76.154	201.158.136.14
62.100.249.68	93.182.64.85	157.245.75.41	63.236.134.162
190.140.209.167	43.154.58.49	113.172.228.190	87.255.197.177