2.134.37.244 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Kazakhstan

Internet Service Provider: JSC Kazakhtelecom

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	CloudCIX Reconnaissance Scan Detected, PTR: 2.134.37.244.megaline.telecom.kz.	2019-12-30 23:14:10

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 2.134.37.244
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 63860
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;2.134.37.244.			IN	A

;; AUTHORITY SECTION:
.			526	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019123000 1800 900 604800 86400

;; Query time: 182 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Dec 30 23:21:57 CST 2019
;; MSG SIZE  rcvd: 116

Host info

244.37.134.2.in-addr.arpa domain name pointer 2.134.37.244.megaline.telecom.kz.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
244.37.134.2.in-addr.arpa	name = 2.134.37.244.megaline.telecom.kz.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
116.203.141.92	attackspambots	116.203.141.92 - - [02/Jul/2019:16:07:20 +0200] "GET /wp-login.php HTTP/1.1" 200 4405 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 116.203.141.92 - - [02/Jul/2019:16:07:20 +0200] "POST /wp-login.php HTTP/1.1" 200 4405 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 116.203.141.92 - - [02/Jul/2019:16:07:20 +0200] "GET /wp-login.php HTTP/1.1" 200 4405 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 116.203.141.92 - - [02/Jul/2019:16:07:20 +0200] "POST /wp-login.php HTTP/1.1" 200 4405 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 116.203.141.92 - - [02/Jul/2019:16:07:20 +0200] "GET /wp-login.php HTTP/1.1" 200 4405 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 116.203.141.92 - - [02/Jul/2019:16:07:21 +0200] "POST /wp-login.php HTTP/1.1" 200 4405 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2019-07-02 22:14:58
122.195.200.137	attack	Jul 2 16:12:15 dev0-dcde-rnet sshd[9899]: Failed password for root from 122.195.200.137 port 20261 ssh2 Jul 2 16:12:26 dev0-dcde-rnet sshd[9901]: Failed password for root from 122.195.200.137 port 57114 ssh2	2019-07-02 22:28:29
118.241.122.226	attackbotsspam	SSH Bruteforce attack	2019-07-02 22:43:08
190.1.201.152	attackbots	Feb 27 03:54:08 motanud sshd\[14173\]: Invalid user livia from 190.1.201.152 port 46556 Feb 27 03:54:08 motanud sshd\[14173\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.1.201.152 Feb 27 03:54:10 motanud sshd\[14173\]: Failed password for invalid user livia from 190.1.201.152 port 46556 ssh2	2019-07-02 22:47:16
51.15.191.156	attack	RDP Bruteforce	2019-07-02 22:36:41
35.221.86.234	attackspambots	Automatic report - Web App Attack	2019-07-02 22:49:05
147.228.47.210	attack	Jul 2 15:55:35 * sshd[31671]: Invalid user pi from 147.228.47.210 Jul 2 15:55:35 * sshd[31673]: Invalid user pi from 147.228.47.210 Jul 2 15:55:37 * sshd[31671]: Failed password for invalid user pi from 147.228.47.210 port 49084 ssh2 Jul 2 15:55:37 * sshd[31673]: Failed password for invalid user pi from 147.228.47.210 port 49104 ssh2 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=147.228.47.210	2019-07-02 22:35:43
153.36.236.242	attackbotsspam	Jul 2 14:26:24 MK-Soft-VM7 sshd\[3425\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=153.36.236.242 user=root Jul 2 14:26:26 MK-Soft-VM7 sshd\[3425\]: Failed password for root from 153.36.236.242 port 28590 ssh2 Jul 2 14:26:29 MK-Soft-VM7 sshd\[3425\]: Failed password for root from 153.36.236.242 port 28590 ssh2 ...	2019-07-02 22:27:50
196.52.43.58	attackspam	scan z	2019-07-02 22:53:40
218.87.46.173	attackspam	imap-login: Disconnected \(auth failed, 1 attempts in 7	2019-07-02 22:45:14
190.111.90.149	attackspambots	Mar 8 11:36:48 motanud sshd\[11609\]: Invalid user fx from 190.111.90.149 port 50053 Mar 8 11:36:48 motanud sshd\[11609\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.111.90.149 Mar 8 11:36:50 motanud sshd\[11609\]: Failed password for invalid user fx from 190.111.90.149 port 50053 ssh2	2019-07-02 22:20:47
54.199.227.116	attackbots	Brute forcing RDP port 3389	2019-07-02 22:26:04
139.198.18.120	attack	Jul 2 15:10:22 minden010 sshd[27203]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.198.18.120 Jul 2 15:10:24 minden010 sshd[27203]: Failed password for invalid user dominique from 139.198.18.120 port 34068 ssh2 Jul 2 15:17:19 minden010 sshd[29614]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.198.18.120 ...	2019-07-02 21:42:17
190.1.203.180	attack	Jan 16 06:00:08 motanud sshd\[27233\]: Invalid user changem from 190.1.203.180 port 53928 Jan 16 06:00:08 motanud sshd\[27233\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.1.203.180 Jan 16 06:00:10 motanud sshd\[27233\]: Failed password for invalid user changem from 190.1.203.180 port 53928 ssh2	2019-07-02 22:44:51
132.148.129.180	attackbots	Jul 2 14:03:54 *** sshd[24493]: Invalid user internatsschule from 132.148.129.180	2019-07-02 23:05:02

Recently Reported IPs

36.73.160.249	212.35.185.62	5.182.211.104	162.143.171.40
82.229.11.91	116.97.46.28	49.231.176.19	42.180.146.151
86.62.92.70	203.177.46.158	177.134.157.218	94.42.196.106
42.179.54.78	113.20.100.173	2.95.111.85	102.139.185.15
61.85.66.215	183.193.234.138	74.162.115.169	42.157.129.26