2.135.2.229 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Kazakhstan

Internet Service Provider: JSC Kazakhtelecom

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbots	1590580638 - 05/27/2020 13:57:18 Host: 2.135.2.229/2.135.2.229 Port: 445 TCP Blocked	2020-05-27 20:33:23

Comments on same subnet:

IP	Type	Details	Datetime
2.135.218.242	attackspambots	Unauthorized connection attempt detected from IP address 2.135.218.242 to port 21 [T]	2020-08-14 03:18:03
2.135.23.150	attackbotsspam	20/7/20@00:36:06: FAIL: Alarm-Network address from=2.135.23.150 20/7/20@00:36:06: FAIL: Alarm-Network address from=2.135.23.150 ...	2020-07-20 20:23:09
2.135.243.218	attack	Trying ports that it shouldn't be.	2020-07-18 17:01:30
2.135.23.150	attack	Honeypot attack, port: 445, PTR: PTR record not found	2020-07-15 00:41:55
2.135.220.202	attackbots	Unauthorized connection attempt detected from IP address 2.135.220.202 to port 445	2020-07-09 05:29:10
2.135.222.114	attack	Unauthorized connection attempt from IP address 2.135.222.114 on Port 445(SMB)	2020-06-02 01:50:50
2.135.220.202	attackspam	Unauthorized connection attempt from IP address 2.135.220.202 on Port 445(SMB)	2020-04-03 21:08:08
2.135.222.114	attackbotsspam	Port probing on unauthorized port 445	2020-03-06 13:54:09
2.135.222.2	attackspambots	20/3/3@08:23:30: FAIL: Alarm-Network address from=2.135.222.2 ...	2020-03-04 01:37:14
2.135.222.114	attackspambots	Unauthorized connection attempt from IP address 2.135.222.114 on Port 445(SMB)	2020-02-26 10:21:24
2.135.236.210	attack	Port scan: Attack repeated for 24 hours	2020-02-24 22:41:58
2.135.206.221	attackspam	Email rejected due to spam filtering	2020-02-24 17:16:34
2.135.222.242	attack	Honeypot attack, port: 445, PTR: PTR record not found	2020-02-19 19:14:02
2.135.222.242	attackspambots	Fail2Ban Ban Triggered	2020-02-17 20:58:29
2.135.222.114	attackbots	Unauthorised access (Feb 5) SRC=2.135.222.114 LEN=52 PREC=0x20 TTL=118 ID=27913 DF TCP DPT=445 WINDOW=8192 SYN	2020-02-05 15:20:00

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 2.135.2.229
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 25666
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;2.135.2.229.			IN	A

;; AUTHORITY SECTION:
.			331	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020052700 1800 900 604800 86400

;; Query time: 113 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed May 27 20:33:17 CST 2020
;; MSG SIZE  rcvd: 115

Host info

229.2.135.2.in-addr.arpa domain name pointer 2.135.2.229.megaline.telecom.kz.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
229.2.135.2.in-addr.arpa	name = 2.135.2.229.megaline.telecom.kz.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
220.134.174.17	attackspambots	Jun 4 14:08:25 debian-2gb-nbg1-2 kernel: \[13531263.548383\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=220.134.174.17 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=243 ID=966 DF PROTO=TCP SPT=14150 DPT=81 WINDOW=14600 RES=0x00 SYN URGP=0	2020-06-04 21:43:27
78.85.4.161	attackbots	Automatic report - XMLRPC Attack	2020-06-04 21:42:55
46.38.145.253	attack	Jun 4 15:11:05 relay postfix/smtpd\[3525\]: warning: unknown\[46.38.145.253\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jun 4 15:12:21 relay postfix/smtpd\[30333\]: warning: unknown\[46.38.145.253\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jun 4 15:12:39 relay postfix/smtpd\[3525\]: warning: unknown\[46.38.145.253\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jun 4 15:13:55 relay postfix/smtpd\[17281\]: warning: unknown\[46.38.145.253\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jun 4 15:14:13 relay postfix/smtpd\[3525\]: warning: unknown\[46.38.145.253\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2020-06-04 21:14:17
159.65.183.47	attackspam	Jun 4 02:36:19 php1 sshd\[26339\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.65.183.47 user=root Jun 4 02:36:21 php1 sshd\[26339\]: Failed password for root from 159.65.183.47 port 55148 ssh2 Jun 4 02:39:48 php1 sshd\[26744\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.65.183.47 user=root Jun 4 02:39:50 php1 sshd\[26744\]: Failed password for root from 159.65.183.47 port 58656 ssh2 Jun 4 02:43:22 php1 sshd\[26994\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.65.183.47 user=root	2020-06-04 21:12:29
116.247.81.99	attack	Jun 4 19:03:14 itv-usvr-01 sshd[473]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.247.81.99 user=root Jun 4 19:03:16 itv-usvr-01 sshd[473]: Failed password for root from 116.247.81.99 port 40754 ssh2 Jun 4 19:08:56 itv-usvr-01 sshd[685]: Invalid user 1\r from 116.247.81.99 Jun 4 19:08:56 itv-usvr-01 sshd[685]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.247.81.99 Jun 4 19:08:56 itv-usvr-01 sshd[685]: Invalid user 1\r from 116.247.81.99 Jun 4 19:08:59 itv-usvr-01 sshd[685]: Failed password for invalid user 1\r from 116.247.81.99 port 45812 ssh2	2020-06-04 21:15:20
182.61.185.49	attack	Jun 2 06:18:48 v11 sshd[22216]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.61.185.49 user=r.r Jun 2 06:18:50 v11 sshd[22216]: Failed password for r.r from 182.61.185.49 port 47882 ssh2 Jun 2 06:18:50 v11 sshd[22216]: Received disconnect from 182.61.185.49 port 47882:11: Bye Bye [preauth] Jun 2 06:18:50 v11 sshd[22216]: Disconnected from 182.61.185.49 port 47882 [preauth] Jun 2 06:26:39 v11 sshd[22967]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.61.185.49 user=r.r Jun 2 06:26:41 v11 sshd[22967]: Failed password for r.r from 182.61.185.49 port 39194 ssh2 Jun 2 06:26:41 v11 sshd[22967]: Received disconnect from 182.61.185.49 port 39194:11: Bye Bye [preauth] Jun 2 06:26:41 v11 sshd[22967]: Disconnected from 182.61.185.49 port 39194 [preauth] Jun 2 06:29:10 v11 sshd[23074]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.61......... -------------------------------	2020-06-04 21:31:33
54.38.178.106	attackspambots	Hi, 54.38.178.106 - - [04/Jun/2020:12:47:33 +0200] "GET / HTTP/1.0" 200 112475 "-" "masscan/1.0 (https://github.com/robertdavidgraham/masscan)" Default page of Apache2	2020-06-04 21:37:40
62.122.156.74	attackbots	Jun 4 14:05:49 ns382633 sshd\[27140\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=62.122.156.74 user=root Jun 4 14:05:51 ns382633 sshd\[27140\]: Failed password for root from 62.122.156.74 port 39178 ssh2 Jun 4 14:22:07 ns382633 sshd\[29919\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=62.122.156.74 user=root Jun 4 14:22:10 ns382633 sshd\[29919\]: Failed password for root from 62.122.156.74 port 37926 ssh2 Jun 4 14:26:32 ns382633 sshd\[30663\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=62.122.156.74 user=root	2020-06-04 21:24:50
49.235.134.46	attackspam	Jun 4 15:15:26 sip sshd[538861]: Failed password for root from 49.235.134.46 port 48896 ssh2 Jun 4 15:19:45 sip sshd[538884]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.235.134.46 user=root Jun 4 15:19:48 sip sshd[538884]: Failed password for root from 49.235.134.46 port 39820 ssh2 ...	2020-06-04 21:21:46
59.125.179.218	attackbotsspam	Jun 2 04:16:50 vayu sshd[567818]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=59-125-179-218.hinet-ip.hinet.net user=r.r Jun 2 04:16:53 vayu sshd[567818]: Failed password for r.r from 59.125.179.218 port 37226 ssh2 Jun 2 04:16:53 vayu sshd[567818]: Received disconnect from 59.125.179.218: 11: Bye Bye [preauth] Jun 2 04:30:41 vayu sshd[581868]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=59-125-179-218.hinet-ip.hinet.net user=r.r Jun 2 04:30:43 vayu sshd[581868]: Failed password for r.r from 59.125.179.218 port 34516 ssh2 Jun 2 04:30:43 vayu sshd[581868]: Received disconnect from 59.125.179.218: 11: Bye Bye [preauth] Jun 2 04:34:11 vayu sshd[583616]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=59-125-179-218.hinet-ip.hinet.net user=r.r Jun 2 04:34:14 vayu sshd[583616]: Failed password for r.r from 59.125.179.218 port 34594 ssh2 Ju........ -------------------------------	2020-06-04 21:24:16
104.40.17.254	attackspam	(smtpauth) Failed SMTP AUTH login from 104.40.17.254 (US/United States/-): 5 in the last 3600 secs	2020-06-04 21:18:12
222.186.173.154	attack	Jun 4 13:17:11 localhost sshd[92646]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.173.154 user=root Jun 4 13:17:12 localhost sshd[92646]: Failed password for root from 222.186.173.154 port 8032 ssh2 Jun 4 13:17:16 localhost sshd[92646]: Failed password for root from 222.186.173.154 port 8032 ssh2 Jun 4 13:17:11 localhost sshd[92646]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.173.154 user=root Jun 4 13:17:12 localhost sshd[92646]: Failed password for root from 222.186.173.154 port 8032 ssh2 Jun 4 13:17:16 localhost sshd[92646]: Failed password for root from 222.186.173.154 port 8032 ssh2 Jun 4 13:17:11 localhost sshd[92646]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.173.154 user=root Jun 4 13:17:12 localhost sshd[92646]: Failed password for root from 222.186.173.154 port 8032 ssh2 Jun 4 13:17:16 localhost sshd[92646]: ...	2020-06-04 21:19:08
82.23.130.6	attackspam	wp-login.php, xmlrpc.php	2020-06-04 21:49:11
45.232.201.131	attackbotsspam	1591272491 - 06/04/2020 14:08:11 Host: 45.232.201.131/45.232.201.131 Port: 445 TCP Blocked	2020-06-04 21:54:46
13.210.177.21	attackspam	Fail2Ban Ban Triggered	2020-06-04 21:32:43

Recently Reported IPs

247.170.72.24	200.73.130.241	163.205.219.182	196.23.217.198
189.32.93.10	58.178.158.184	84.13.243.216	110.159.212.170
215.229.64.203	209.237.50.35	17.175.194.81	171.209.130.229
119.130.219.28	119.103.165.107	117.204.89.141	29.146.8.164
95.53.250.211	117.211.185.230	200.51.84.174	229.21.157.70