130.240.134.131

Basic Info

City: unknown

Region: unknown

Country: Sweden

Internet Service Provider: Lulea Tekniska Universitet

Hostname: unknown

Organization: unknown

Usage Type: University/College/School

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbotsspam	3389BruteforceFW21	2019-07-03 10:10:58

Comments on same subnet:

IP	Type	Details	Datetime
130.240.134.121	attack	Jun 11 04:28:57 km20725 sshd[25131]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=130.240.134.121 user=r.r Jun 11 04:28:59 km20725 sshd[25131]: Failed password for r.r from 130.240.134.121 port 47860 ssh2 Jun 11 04:28:59 km20725 sshd[25131]: Received disconnect from 130.240.134.121 port 47860:11: Bye Bye [preauth] Jun 11 04:28:59 km20725 sshd[25131]: Disconnected from authenticating user r.r 130.240.134.121 port 47860 [preauth] Jun 11 04:29:37 km20725 sshd[25148]: Invalid user college from 130.240.134.121 port 54406 Jun 11 04:29:37 km20725 sshd[25148]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=130.240.134.121 Jun 11 04:29:40 km20725 sshd[25148]: Failed password for invalid user college from 130.240.134.121 port 54406 ssh2 Jun 11 04:29:42 km20725 sshd[25148]: Received disconnect from 130.240.134.121 port 54406:11: Bye Bye [preauth] Jun 11 04:29:42 km20725 sshd[25148]: Disconnected ........ -------------------------------	2020-06-11 17:11:39

Type

Details

Datetime

130.240.134.121

attack

Jun 11 04:28:57 km20725 sshd[25131]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=130.240.134.121  user=r.r
Jun 11 04:28:59 km20725 sshd[25131]: Failed password for r.r from 130.240.134.121 port 47860 ssh2
Jun 11 04:28:59 km20725 sshd[25131]: Received disconnect from 130.240.134.121 port 47860:11: Bye Bye [preauth]
Jun 11 04:28:59 km20725 sshd[25131]: Disconnected from authenticating user r.r 130.240.134.121 port 47860 [preauth]
Jun 11 04:29:37 km20725 sshd[25148]: Invalid user college from 130.240.134.121 port 54406
Jun 11 04:29:37 km20725 sshd[25148]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=130.240.134.121 
Jun 11 04:29:40 km20725 sshd[25148]: Failed password for invalid user college from 130.240.134.121 port 54406 ssh2
Jun 11 04:29:42 km20725 sshd[25148]: Received disconnect from 130.240.134.121 port 54406:11: Bye Bye [preauth]
Jun 11 04:29:42 km20725 sshd[25148]: Disconnected ........
-------------------------------

2020-06-11 17:11:39

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 130.240.134.131
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 40032
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;130.240.134.131.		IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019070201 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Wed Jul 03 10:10:50 CST 2019
;; MSG SIZE  rcvd: 119

Host info

131.134.240.130.in-addr.arpa domain name pointer ip131.csse.tt.ltu.se.

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
131.134.240.130.in-addr.arpa	name = ip131.csse.tt.ltu.se.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
51.75.195.222	attackspam	Dec 18 16:38:09 sauna sshd[33050]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.75.195.222 Dec 18 16:38:12 sauna sshd[33050]: Failed password for invalid user elisen from 51.75.195.222 port 50010 ssh2 ...	2019-12-18 22:47:56
148.251.8.250	attack	Forbidden directory scan :: 2019/12/18 14:38:01 [error] 986#986: *12624 access forbidden by rule, client: 148.251.8.250, server: [censored_1], request: "GET /knowledge-base/%ht_kb_category%/regex-to-select-table-from-html-content/ HTTP/1.1", host: "www.[censored_1]"	2019-12-18 23:01:11
211.192.167.36	attackbots	Invalid user server from 211.192.167.36 port 42790 pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=211.192.167.36 Failed password for invalid user server from 211.192.167.36 port 42790 ssh2 pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=211.192.167.36 user=root Failed password for root from 211.192.167.36 port 51822 ssh2	2019-12-18 22:48:56
117.239.217.178	attack	Unauthorized connection attempt detected from IP address 117.239.217.178 to port 445	2019-12-18 22:27:20
117.50.49.223	attack	Dec 18 15:50:22 meumeu sshd[502]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.49.223 Dec 18 15:50:24 meumeu sshd[502]: Failed password for invalid user pussy from 117.50.49.223 port 51914 ssh2 Dec 18 15:56:27 meumeu sshd[1459]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.49.223 ...	2019-12-18 22:59:55
223.242.228.167	attackbots	Dec 18 07:23:38 icecube postfix/smtpd[10496]: NOQUEUE: reject: RCPT from unknown[223.242.228.167]: 554 5.7.1 Service unavailable; Client host [223.242.228.167] blocked using zen.spamhaus.org; https://www.spamhaus.org/query/ip/223.242.228.167 / https://www.spamhaus.org/sbl/query/SBLCSS; from= to= proto=ESMTP helo=	2019-12-18 22:30:14
103.63.109.74	attackbots	Dec 18 15:33:31 minden010 sshd[14431]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.63.109.74 Dec 18 15:33:33 minden010 sshd[14431]: Failed password for invalid user guest from 103.63.109.74 port 54536 ssh2 Dec 18 15:40:50 minden010 sshd[16815]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.63.109.74 ...	2019-12-18 22:45:55
1.186.45.250	attack	2019-12-18T10:13:01.070041abusebot-2.cloudsearch.cf sshd\[18226\]: Invalid user ekeren from 1.186.45.250 port 34919 2019-12-18T10:13:01.078887abusebot-2.cloudsearch.cf sshd\[18226\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=1.186.45.250 2019-12-18T10:13:02.431511abusebot-2.cloudsearch.cf sshd\[18226\]: Failed password for invalid user ekeren from 1.186.45.250 port 34919 ssh2 2019-12-18T10:22:20.544182abusebot-2.cloudsearch.cf sshd\[18241\]: Invalid user gorenflos from 1.186.45.250 port 54669	2019-12-18 22:24:24
222.186.175.155	attack	Dec 18 15:41:29 MainVPS sshd[20920]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.155 user=root Dec 18 15:41:31 MainVPS sshd[20920]: Failed password for root from 222.186.175.155 port 21062 ssh2 Dec 18 15:41:44 MainVPS sshd[20920]: Failed password for root from 222.186.175.155 port 21062 ssh2 Dec 18 15:41:29 MainVPS sshd[20920]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.155 user=root Dec 18 15:41:31 MainVPS sshd[20920]: Failed password for root from 222.186.175.155 port 21062 ssh2 Dec 18 15:41:44 MainVPS sshd[20920]: Failed password for root from 222.186.175.155 port 21062 ssh2 Dec 18 15:41:29 MainVPS sshd[20920]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.155 user=root Dec 18 15:41:31 MainVPS sshd[20920]: Failed password for root from 222.186.175.155 port 21062 ssh2 Dec 18 15:41:44 MainVPS sshd[20920]: Failed password for root from 222.18	2019-12-18 22:46:34
103.199.155.26	attack	IP was detected trying to Brute-Force SSH, FTP, Web Apps, Port-Scan or Hacking.	2019-12-18 22:32:46
163.44.158.95	attackbots	Dec 18 13:22:42 Ubuntu-1404-trusty-64-minimal sshd\[5607\]: Invalid user test from 163.44.158.95 Dec 18 13:22:42 Ubuntu-1404-trusty-64-minimal sshd\[5607\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=163.44.158.95 Dec 18 13:22:44 Ubuntu-1404-trusty-64-minimal sshd\[5607\]: Failed password for invalid user test from 163.44.158.95 port 49300 ssh2 Dec 18 13:35:37 Ubuntu-1404-trusty-64-minimal sshd\[19287\]: Invalid user admin from 163.44.158.95 Dec 18 13:35:37 Ubuntu-1404-trusty-64-minimal sshd\[19287\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=163.44.158.95	2019-12-18 22:34:17
104.130.119.168	attack	Dec 18 15:39:16 MainVPS sshd[16956]: Invalid user companyboard from 104.130.119.168 port 44436 Dec 18 15:39:16 MainVPS sshd[16956]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.130.119.168 Dec 18 15:39:16 MainVPS sshd[16956]: Invalid user companyboard from 104.130.119.168 port 44436 Dec 18 15:39:17 MainVPS sshd[16956]: Failed password for invalid user companyboard from 104.130.119.168 port 44436 ssh2 Dec 18 15:40:56 MainVPS sshd[19948]: Invalid user companyboard from 104.130.119.168 port 51116 ...	2019-12-18 22:53:27
41.249.250.209	attackbotsspam	Dec 18 10:02:07 TORMINT sshd\[1466\]: Invalid user jlange from 41.249.250.209 Dec 18 10:02:07 TORMINT sshd\[1466\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=41.249.250.209 Dec 18 10:02:09 TORMINT sshd\[1466\]: Failed password for invalid user jlange from 41.249.250.209 port 43198 ssh2 ...	2019-12-18 23:05:32
190.73.126.244	attackspambots	12/18/2019-09:37:57.252822 190.73.126.244 Protocol: 6 ET SCAN Suspicious inbound to MSSQL port 1433	2019-12-18 22:45:39
81.215.228.183	attackspambots	2019-12-18T15:27:35.022644scmdmz1 sshd[15171]: Invalid user otoniel from 81.215.228.183 port 60724 2019-12-18T15:27:35.025359scmdmz1 sshd[15171]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=81.215.228.183 2019-12-18T15:27:35.022644scmdmz1 sshd[15171]: Invalid user otoniel from 81.215.228.183 port 60724 2019-12-18T15:27:37.235303scmdmz1 sshd[15171]: Failed password for invalid user otoniel from 81.215.228.183 port 60724 ssh2 2019-12-18T15:33:31.956344scmdmz1 sshd[15933]: Invalid user 123456 from 81.215.228.183 port 41860 ...	2019-12-18 22:35:30

Recently Reported IPs

182.108.1.24	185.216.33.154	23.129.64.215	38.207.170.179
162.243.164.246	78.165.112.56	114.215.126.209	238.215.96.181
239.101.135.224	230.107.31.82	178.128.161.7	163.78.35.127
232.91.211.226	52.210.223.41	111.125.111.108	218.27.235.79
40.93.194.206	178.62.193.248	99.84.216.32	157.55.39.36