城市(city): Shymkent
省份(region): Shymkent
国家(country): Kazakhstan
运营商(isp): Kazakhtelecom
主机名(hostname): unknown
机构(organization): unknown
使用类型(Usage Type): unknown
| IP | 类型 | 评论内容 | 时间 |
|---|---|---|---|
| 2.134.171.82 | attack | Email rejected due to spam filtering |
2020-08-20 15:55:21 |
| 2.134.170.243 | attack | Unauthorized connection attempt from IP address 2.134.170.243 on Port 445(SMB) |
2020-07-07 20:55:05 |
| 2.134.191.170 | attackspam | Unauthorized connection attempt detected from IP address 2.134.191.170 to port 445 |
2020-07-02 02:11:42 |
| 2.134.178.201 | attackspam | 1591680271 - 06/09/2020 07:24:31 Host: 2.134.178.201/2.134.178.201 Port: 445 TCP Blocked |
2020-06-09 19:09:20 |
| 2.134.171.186 | attack | Unauthorized connection attempt from IP address 2.134.171.186 on Port 445(SMB) |
2020-05-25 20:04:20 |
| 2.134.170.174 | attack | Port Scan detected! ... |
2020-05-25 18:29:25 |
| 2.134.176.32 | attackspam | Unauthorized connection attempt from IP address 2.134.176.32 on Port 445(SMB) |
2020-05-16 19:17:52 |
| 2.134.183.238 | attackspam | 20/5/13@08:38:54: FAIL: Alarm-Network address from=2.134.183.238 ... |
2020-05-13 21:19:40 |
| 2.134.182.34 | attackbotsspam | Unauthorized connection attempt from IP address 2.134.182.34 on Port 445(SMB) |
2020-05-03 20:26:20 |
| 2.134.174.156 | attackspambots | Unauthorized connection attempt from IP address 2.134.174.156 on Port 445(SMB) |
2020-04-29 06:38:53 |
| 2.134.177.190 | attack | 1586750019 - 04/13/2020 05:53:39 Host: 2.134.177.190/2.134.177.190 Port: 445 TCP Blocked |
2020-04-13 16:39:29 |
| 2.134.182.228 | attackbots | 20/3/27@23:52:40: FAIL: Alarm-Network address from=2.134.182.228 20/3/27@23:52:41: FAIL: Alarm-Network address from=2.134.182.228 ... |
2020-03-28 14:17:15 |
| 2.134.178.239 | attack | SpamScore above: 10.0 |
2020-03-18 00:19:52 |
| 2.134.172.235 | attackbotsspam | Unauthorized connection attempt from IP address 2.134.172.235 on Port 445(SMB) |
2020-03-14 00:29:27 |
| 2.134.166.218 | attackspambots | 1582926956 - 02/28/2020 22:55:56 Host: 2.134.166.218/2.134.166.218 Port: 445 TCP Blocked |
2020-02-29 08:41:27 |
b; <<>> DiG 9.10.3-P4-Ubuntu <<>> 2.134.1.16
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 32805
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;2.134.1.16. IN A
;; AUTHORITY SECTION:
. 450 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2022012001 1800 900 604800 86400
;; Query time: 18 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Jan 21 10:00:03 CST 2022
;; MSG SIZE rcvd: 10316.1.134.2.in-addr.arpa domain name pointer 2.134.1.16.megaline.telecom.kz.Server: 183.60.83.19
Address: 183.60.83.19#53
Non-authoritative answer:
16.1.134.2.in-addr.arpa name = 2.134.1.16.megaline.telecom.kz.
Authoritative answers can be found from:| IP | 类型 | 评论内容 | 时间 |
|---|---|---|---|
| 132.232.33.30 | attackbotsspam | Jan 1 21:10:33 server sshd\[29168\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=132.232.33.30 user=bin Jan 1 21:10:35 server sshd\[29168\]: Failed password for bin from 132.232.33.30 port 38146 ssh2 Jan 1 21:16:12 server sshd\[30068\]: Invalid user kriston from 132.232.33.30 Jan 1 21:16:12 server sshd\[30068\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=132.232.33.30 Jan 1 21:16:14 server sshd\[30068\]: Failed password for invalid user kriston from 132.232.33.30 port 49128 ssh2 ... |
2020-01-02 02:41:02 |
| 140.143.163.113 | attack | SSH bruteforce (Triggered fail2ban) |
2020-01-02 03:11:09 |
| 195.231.0.89 | attackbots | B: f2b ssh aggressive 3x |
2020-01-02 02:46:22 |
| 109.15.50.94 | attack | Jan 1 16:14:52 icinga sshd[13453]: Failed password for root from 109.15.50.94 port 44608 ssh2 Jan 1 16:51:00 icinga sshd[16922]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=109.15.50.94 ... |
2020-01-02 02:52:04 |
| 60.191.82.80 | attack | Jan 1 09:11:48 penfold sshd[32447]: Invalid user kuxhausen from 60.191.82.80 port 40644 Jan 1 09:11:48 penfold sshd[32447]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=60.191.82.80 Jan 1 09:11:50 penfold sshd[32447]: Failed password for invalid user kuxhausen from 60.191.82.80 port 40644 ssh2 Jan 1 09:11:50 penfold sshd[32447]: Received disconnect from 60.191.82.80 port 40644:11: Bye Bye [preauth] Jan 1 09:11:50 penfold sshd[32447]: Disconnected from 60.191.82.80 port 40644 [preauth] Jan 1 09:27:38 penfold sshd[601]: Invalid user boogie from 60.191.82.80 port 46786 Jan 1 09:27:38 penfold sshd[601]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=60.191.82.80 Jan 1 09:27:40 penfold sshd[601]: Failed password for invalid user boogie from 60.191.82.80 port 46786 ssh2 Jan 1 09:27:40 penfold sshd[601]: Received disconnect from 60.191.82.80 port 46786:11: Bye Bye [preauth] Jan 1 09........ ------------------------------- |
2020-01-02 03:15:54 |
| 222.255.115.237 | attackbots | Jan 1 15:46:58 vmd26974 sshd[3123]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.255.115.237 Jan 1 15:46:59 vmd26974 sshd[3123]: Failed password for invalid user jenkins from 222.255.115.237 port 58774 ssh2 ... |
2020-01-02 03:12:21 |
| 109.77.114.126 | attackbotsspam | Unauthorized connection attempt detected from IP address 109.77.114.126 to port 26 |
2020-01-02 02:40:44 |
| 182.61.105.89 | attackspambots | Jan 1 15:45:22 MK-Soft-VM7 sshd[17619]: Failed password for root from 182.61.105.89 port 52480 ssh2 Jan 1 15:47:11 MK-Soft-VM7 sshd[17637]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.61.105.89 ... |
2020-01-02 03:07:16 |
| 58.119.4.58 | attackbotsspam | Unauthorised access (Jan 1) SRC=58.119.4.58 LEN=44 TTL=233 ID=15935 TCP DPT=1433 WINDOW=1024 SYN |
2020-01-02 02:46:02 |
| 217.112.142.148 | attack | Lines containing failures of 217.112.142.148 Jan 1 15:26:42 shared01 postfix/smtpd[22527]: connect from accept.yobaat.com[217.112.142.148] Jan 1 15:26:42 shared01 policyd-spf[24105]: prepend Received-SPF: Pass (mailfrom) identhostnamey=mailfrom; client-ip=217.112.142.148; helo=accept.moveincool.com; envelope-from=x@x Jan x@x Jan 1 15:26:42 shared01 postfix/smtpd[22527]: disconnect from accept.yobaat.com[217.112.142.148] ehlo=1 mail=1 rcpt=0/1 data=0/1 quhostname=1 commands=3/5 Jan 1 15:28:52 shared01 postfix/smtpd[21352]: connect from accept.yobaat.com[217.112.142.148] Jan 1 15:28:52 shared01 policyd-spf[24160]: prepend Received-SPF: Pass (mailfrom) identhostnamey=mailfrom; client-ip=217.112.142.148; helo=accept.moveincool.com; envelope-from=x@x Jan x@x Jan 1 15:28:52 shared01 postfix/smtpd[21352]: disconnect from accept.yobaat.com[217.112.142.148] ehlo=1 mail=1 rcpt=0/1 data=0/1 quhostname=1 commands=3/5 Jan 1 15:29:15 shared01 postfix/smtpd[21352]: connect from ........ ------------------------------ |
2020-01-02 02:45:46 |
| 151.80.42.234 | attack | Jan 1 19:42:02 haigwepa sshd[19477]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=151.80.42.234 Jan 1 19:42:03 haigwepa sshd[19477]: Failed password for invalid user smmsp from 151.80.42.234 port 38990 ssh2 ... |
2020-01-02 02:43:27 |
| 52.36.131.219 | attackspam | 01/01/2020-19:45:19.410621 52.36.131.219 Protocol: 6 SURICATA TLS invalid record/traffic |
2020-01-02 02:56:26 |
| 60.254.112.10 | attack | Jan 1 15:46:50 debian-2gb-nbg1-2 kernel: \[149342.219041\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=60.254.112.10 DST=195.201.40.59 LEN=44 TOS=0x00 PREC=0x00 TTL=49 ID=23821 PROTO=TCP SPT=25800 DPT=23 WINDOW=28096 RES=0x00 SYN URGP=0 |
2020-01-02 03:16:23 |
| 150.95.110.90 | attackbotsspam | SSH Brute Force, server-1 sshd[14596]: Failed password for invalid user public from 150.95.110.90 port 49138 ssh2 |
2020-01-02 02:54:33 |
| 116.48.139.212 | attackbots | Dec 26 07:41:51 server6 sshd[2058]: Failed password for invalid user carevic from 116.48.139.212 port 47257 ssh2 Dec 26 07:41:51 server6 sshd[2058]: Received disconnect from 116.48.139.212: 11: Bye Bye [preauth] Dec 26 10:19:01 server6 sshd[21639]: Failed password for invalid user spark from 116.48.139.212 port 43117 ssh2 Dec 26 10:19:01 server6 sshd[21639]: Received disconnect from 116.48.139.212: 11: Bye Bye [preauth] Dec 26 11:21:24 server6 sshd[31966]: Failed password for r.r from 116.48.139.212 port 53605 ssh2 Dec 26 11:21:24 server6 sshd[31966]: Received disconnect from 116.48.139.212: 11: Bye Bye [preauth] Dec 31 07:45:54 server6 sshd[27423]: Failed password for r.r from 116.48.139.212 port 43964 ssh2 Dec 31 07:45:55 server6 sshd[27423]: Received disconnect from 116.48.139.212: 11: Bye Bye [preauth] Dec 31 08:06:25 server6 sshd[7267]: Connection closed by 116.48.139.212 [preauth] Dec 31 08:09:38 server6 sshd[8480]: Failed password for r.r from 116.48.139.212 port........ ------------------------------- |
2020-01-02 03:00:30 |