2.134.3.72 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Kazakhstan

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
2.134.32.134	attackspambots	2019-10-23 19:56:55 1iNKsQ-000421-Qp SMTP connection from \(2.134.32.134.megaline.telecom.kz\) \[2.134.32.134\]:19700 I=\[193.107.88.166\]:25 closed by DROP in ACL 2019-10-23 19:57:02 1iNKsX-00042A-CO SMTP connection from \(2.134.32.134.megaline.telecom.kz\) \[2.134.32.134\]:19756 I=\[193.107.88.166\]:25 closed by DROP in ACL 2019-10-23 19:57:07 1iNKsc-00042j-JG SMTP connection from \(2.134.32.134.megaline.telecom.kz\) \[2.134.32.134\]:19784 I=\[193.107.88.166\]:25 closed by DROP in ACL ...	2020-01-30 02:09:42
2.134.37.244	attack	CloudCIX Reconnaissance Scan Detected, PTR: 2.134.37.244.megaline.telecom.kz.	2019-12-30 23:14:10

Type

Details

Datetime

2.134.32.134

attackspambots

2019-10-23 19:56:55 1iNKsQ-000421-Qp SMTP connection from \(2.134.32.134.megaline.telecom.kz\) \[2.134.32.134\]:19700 I=\[193.107.88.166\]:25 closed by DROP in ACL
2019-10-23 19:57:02 1iNKsX-00042A-CO SMTP connection from \(2.134.32.134.megaline.telecom.kz\) \[2.134.32.134\]:19756 I=\[193.107.88.166\]:25 closed by DROP in ACL
2019-10-23 19:57:07 1iNKsc-00042j-JG SMTP connection from \(2.134.32.134.megaline.telecom.kz\) \[2.134.32.134\]:19784 I=\[193.107.88.166\]:25 closed by DROP in ACL
...

2020-01-30 02:09:42

2.134.37.244

attack

CloudCIX Reconnaissance Scan Detected, PTR: 2.134.37.244.megaline.telecom.kz.

2019-12-30 23:14:10

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 2.134.3.72
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 36842
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;2.134.3.72.			IN	A

;; AUTHORITY SECTION:
.			600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022020700 1800 900 604800 86400

;; Query time: 18 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Feb 07 14:40:41 CST 2022
;; MSG SIZE  rcvd: 103

Host info

72.3.134.2.in-addr.arpa domain name pointer 2.134.3.72.megaline.telecom.kz.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
72.3.134.2.in-addr.arpa	name = 2.134.3.72.megaline.telecom.kz.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
188.166.211.194	attackspam	Nov 11 13:45:08 hanapaa sshd\[28336\]: Invalid user ber from 188.166.211.194 Nov 11 13:45:08 hanapaa sshd\[28336\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=188.166.211.194 Nov 11 13:45:10 hanapaa sshd\[28336\]: Failed password for invalid user ber from 188.166.211.194 port 34982 ssh2 Nov 11 13:49:31 hanapaa sshd\[28659\]: Invalid user asterisk from 188.166.211.194 Nov 11 13:49:31 hanapaa sshd\[28659\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=188.166.211.194	2019-11-12 08:03:35
129.211.117.47	attack	Nov 12 00:32:52 h2177944 sshd\[30417\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.211.117.47 user=mysql Nov 12 00:32:54 h2177944 sshd\[30417\]: Failed password for mysql from 129.211.117.47 port 46023 ssh2 Nov 12 00:37:11 h2177944 sshd\[30548\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.211.117.47 user=root Nov 12 00:37:13 h2177944 sshd\[30548\]: Failed password for root from 129.211.117.47 port 38789 ssh2 ...	2019-11-12 08:02:27
113.141.28.106	attackspam	Nov 11 13:33:38 tdfoods sshd\[21932\]: Invalid user down from 113.141.28.106 Nov 11 13:33:38 tdfoods sshd\[21932\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=113.141.28.106 Nov 11 13:33:40 tdfoods sshd\[21932\]: Failed password for invalid user down from 113.141.28.106 port 53193 ssh2 Nov 11 13:38:19 tdfoods sshd\[22371\]: Invalid user arrynn from 113.141.28.106 Nov 11 13:38:19 tdfoods sshd\[22371\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=113.141.28.106	2019-11-12 07:46:42
41.223.232.196	attack	Nov 12 09:04:21 our-server-hostname postfix/smtpd[26315]: connect from unknown[41.223.232.196] Nov x@x Nov x@x Nov x@x Nov x@x Nov x@x Nov x@x Nov x@x Nov x@x Nov x@x Nov x@x Nov x@x Nov x@x ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=41.223.232.196	2019-11-12 07:54:47
164.132.98.75	attackspambots	2019-11-11T23:42:22.8523411240 sshd\[10915\]: Invalid user ortense from 164.132.98.75 port 47785 2019-11-11T23:42:22.8557641240 sshd\[10915\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=164.132.98.75 2019-11-11T23:42:25.2761321240 sshd\[10915\]: Failed password for invalid user ortense from 164.132.98.75 port 47785 ssh2 ...	2019-11-12 08:13:13
155.94.254.102	attack	Nov 12 01:45:13 ncomp sshd[3765]: Invalid user test from 155.94.254.102 Nov 12 01:45:13 ncomp sshd[3765]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=155.94.254.102 Nov 12 01:45:13 ncomp sshd[3765]: Invalid user test from 155.94.254.102 Nov 12 01:45:15 ncomp sshd[3765]: Failed password for invalid user test from 155.94.254.102 port 51240 ssh2	2019-11-12 08:01:13
182.18.38.69	attackspambots	Nov 11 23:42:22 icinga sshd[5477]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.18.38.69 Nov 11 23:42:25 icinga sshd[5477]: Failed password for invalid user ching from 182.18.38.69 port 34465 ssh2 ...	2019-11-12 08:12:51
92.242.240.17	attack	2019-11-11T22:43:06.489681homeassistant sshd[29856]: Invalid user ben from 92.242.240.17 port 48234 2019-11-11T22:43:06.500036homeassistant sshd[29856]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=92.242.240.17 ...	2019-11-12 07:47:30
46.101.226.14	attack	46.101.226.14 - - \[11/Nov/2019:23:43:07 +0100\] "POST /wp-login.php HTTP/1.0" 200 5507 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" 46.101.226.14 - - \[11/Nov/2019:23:43:08 +0100\] "POST /xmlrpc.php HTTP/1.0" 200 736 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" 46.101.226.14 - - \[11/Nov/2019:23:43:10 +0100\] "POST /wp-login.php HTTP/1.0" 200 5494 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0"	2019-11-12 07:41:01
66.249.64.49	attackspam	Attempts to probe for or exploit installed web applications. - UTC+3:2019:11:12-00:42:46 SCRIPT:/product.php?***: PORT:443	2019-11-12 08:02:00
94.102.49.190	attackspam	Portscan or hack attempt detected by psad/fwsnort	2019-11-12 08:03:58
41.236.240.102	attackbots	Lines containing failures of 41.236.240.102 Nov 11 23:31:12 shared02 sshd[14116]: Invalid user admin from 41.236.240.102 port 53812 Nov 11 23:31:12 shared02 sshd[14116]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=41.236.240.102 Nov 11 23:31:13 shared02 sshd[14116]: Failed password for invalid user admin from 41.236.240.102 port 53812 ssh2 Nov 11 23:31:14 shared02 sshd[14116]: Connection closed by invalid user admin 41.236.240.102 port 53812 [preauth] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=41.236.240.102	2019-11-12 07:45:36
217.160.44.145	attackspam	Nov 10 10:21:09 microserver sshd[3436]: Invalid user ibm from 217.160.44.145 port 57986 Nov 10 10:21:09 microserver sshd[3436]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=217.160.44.145 Nov 10 10:21:11 microserver sshd[3436]: Failed password for invalid user ibm from 217.160.44.145 port 57986 ssh2 Nov 10 10:24:53 microserver sshd[3651]: Invalid user l4dserver from 217.160.44.145 port 38432 Nov 10 10:24:53 microserver sshd[3651]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=217.160.44.145 Nov 10 10:38:04 microserver sshd[5539]: Invalid user tomcat from 217.160.44.145 port 36250 Nov 10 10:38:04 microserver sshd[5539]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=217.160.44.145 Nov 10 10:38:06 microserver sshd[5539]: Failed password for invalid user tomcat from 217.160.44.145 port 36250 ssh2 Nov 10 10:41:49 microserver sshd[6284]: pam_unix(sshd:auth): authentication failure; logname=	2019-11-12 07:39:36
116.72.16.15	attackspam	Nov 11 14:54:41 XXX sshd[38529]: Invalid user admin from 116.72.16.15 port 33444	2019-11-12 08:05:20
103.94.5.42	attack	2019-11-11T23:16:17.406222abusebot-6.cloudsearch.cf sshd\[19832\]: Invalid user guest from 103.94.5.42 port 51732	2019-11-12 07:46:15

Recently Reported IPs

86.99.204.182	93.186.12.36	111.53.122.69	110.35.53.168
188.164.194.117	189.212.114.142	125.143.53.2	165.16.71.1
177.77.120.142	223.241.225.113	116.247.93.94	178.93.35.148
172.70.149.74	95.43.42.100	176.46.150.192	31.135.78.37
120.204.196.181	110.77.240.245	1.171.155.94	151.242.224.172