131.221.80.150

Basic Info

City: São Paulo

Region: Sao Paulo

Country: Brazil

Internet Service Provider: China Telecom do Brasil Ltda.

Hostname: unknown

Organization: China Telecom Next Generation Carrier Network

Usage Type: Commercial

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Invalid user dpi from 131.221.80.150 port 29377	2019-06-26 08:22:52

Comments on same subnet:

IP	Type	Details	Datetime
131.221.80.145	attack	2020-06-23T20:40:35.416258randservbullet-proofcloud-66.localdomain sshd[22783]: Invalid user khs from 131.221.80.145 port 58849 2020-06-23T20:40:35.420432randservbullet-proofcloud-66.localdomain sshd[22783]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=131.221.80.145 2020-06-23T20:40:35.416258randservbullet-proofcloud-66.localdomain sshd[22783]: Invalid user khs from 131.221.80.145 port 58849 2020-06-23T20:40:36.800654randservbullet-proofcloud-66.localdomain sshd[22783]: Failed password for invalid user khs from 131.221.80.145 port 58849 ssh2 ...	2020-06-24 05:24:31
131.221.80.145	attackbotsspam	Invalid user nwu from 131.221.80.145 port 19041	2020-06-22 02:40:14
131.221.80.161	attack	May 9 07:52:41 localhost sshd[1210482]: Invalid user victor from 131.221.80.161 port 34753 ...	2020-05-09 15:48:52
131.221.80.177	attack	Failed password for root from 131.221.80.177 port 16033 ssh2	2020-04-30 02:38:54
131.221.80.177	attackspam	Apr 21 06:23:02 srv01 sshd[14642]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=131.221.80.177 user=root Apr 21 06:23:04 srv01 sshd[14642]: Failed password for root from 131.221.80.177 port 19169 ssh2 Apr 21 06:28:17 srv01 sshd[22172]: Invalid user git from 131.221.80.177 port 10465 Apr 21 06:28:17 srv01 sshd[22172]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=131.221.80.177 Apr 21 06:28:17 srv01 sshd[22172]: Invalid user git from 131.221.80.177 port 10465 Apr 21 06:28:19 srv01 sshd[22172]: Failed password for invalid user git from 131.221.80.177 port 10465 ssh2 ...	2020-04-21 16:04:08
131.221.80.177	attackbotsspam	SSH Brute-Forcing (server1)	2020-04-08 13:47:25
131.221.80.177	attack	Invalid user admin from 131.221.80.177 port 17185	2020-04-04 02:02:32
131.221.80.161	attack	Unauthorized connection attempt detected from IP address 131.221.80.161 to port 2220 [J]	2020-02-02 20:51:43
131.221.80.129	attack	$f2bV_matches	2020-01-12 01:29:10
131.221.80.177	attack	Jan 7 21:24:07 gw1 sshd[13097]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=131.221.80.177 Jan 7 21:24:09 gw1 sshd[13097]: Failed password for invalid user test from 131.221.80.177 port 39713 ssh2 ...	2020-01-08 00:33:24
131.221.80.129	attack	Jan 1 15:51:53 * sshd[5488]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=131.221.80.129 Jan 1 15:51:55 * sshd[5488]: Failed password for invalid user server from 131.221.80.129 port 25121 ssh2	2020-01-02 00:40:16
131.221.80.193	attack	Dec 20 22:34:14 web9 sshd\[2661\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=131.221.80.193 user=backup Dec 20 22:34:16 web9 sshd\[2661\]: Failed password for backup from 131.221.80.193 port 10401 ssh2 Dec 20 22:41:35 web9 sshd\[3706\]: Invalid user openstack from 131.221.80.193 Dec 20 22:41:35 web9 sshd\[3706\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=131.221.80.193 Dec 20 22:41:37 web9 sshd\[3706\]: Failed password for invalid user openstack from 131.221.80.193 port 19617 ssh2	2019-12-21 16:43:44
131.221.80.177	attackspambots	Dec 19 09:07:43 dallas01 sshd[19780]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=131.221.80.177 Dec 19 09:07:45 dallas01 sshd[19780]: Failed password for invalid user minecraftserver from 131.221.80.177 port 28641 ssh2 Dec 19 09:14:55 dallas01 sshd[24966]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=131.221.80.177	2019-12-20 00:07:31
131.221.80.211	attackbotsspam	Dec 3 21:27:37 ArkNodeAT sshd\[31786\]: Invalid user mysql from 131.221.80.211 Dec 3 21:27:37 ArkNodeAT sshd\[31786\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=131.221.80.211 Dec 3 21:27:39 ArkNodeAT sshd\[31786\]: Failed password for invalid user mysql from 131.221.80.211 port 48258 ssh2	2019-12-04 05:00:29
131.221.80.211	attack	39 failed attempt(s) in the last 24h	2019-12-03 08:08:35

Whois info:

Dig info:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 131.221.80.150
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 45957
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;131.221.80.150.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019061300 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Thu Jun 13 19:59:21 CST 2019
;; MSG SIZE  rcvd: 118

Host info

Host 150.80.221.131.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 150.80.221.131.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
35.227.108.34	attackbotsspam	2020-03-21 04:55:44,781 fail2ban.actions: WARNING [ssh] Ban 35.227.108.34	2020-03-21 12:48:03
68.183.146.249	attackbots	68.183.146.249 - - \[21/Mar/2020:04:54:13 +0100\] "POST /wp-login.php HTTP/1.0" 200 7556 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" 68.183.146.249 - - \[21/Mar/2020:04:54:16 +0100\] "POST /wp-login.php HTTP/1.0" 200 7381 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" 68.183.146.249 - - \[21/Mar/2020:04:54:18 +0100\] "POST /wp-login.php HTTP/1.0" 200 7376 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0"	2020-03-21 12:55:49
37.187.1.235	attack	Mar 21 02:00:25 firewall sshd[21979]: Invalid user 1234567 from 37.187.1.235 Mar 21 02:00:27 firewall sshd[21979]: Failed password for invalid user 1234567 from 37.187.1.235 port 42636 ssh2 Mar 21 02:07:45 firewall sshd[22693]: Invalid user laboratory from 37.187.1.235 ...	2020-03-21 13:27:08
218.92.0.199	attackbotsspam	Mar 21 06:16:05 dcd-gentoo sshd[29729]: User root from 218.92.0.199 not allowed because none of user's groups are listed in AllowGroups Mar 21 06:16:08 dcd-gentoo sshd[29729]: error: PAM: Authentication failure for illegal user root from 218.92.0.199 Mar 21 06:16:05 dcd-gentoo sshd[29729]: User root from 218.92.0.199 not allowed because none of user's groups are listed in AllowGroups Mar 21 06:16:08 dcd-gentoo sshd[29729]: error: PAM: Authentication failure for illegal user root from 218.92.0.199 Mar 21 06:16:05 dcd-gentoo sshd[29729]: User root from 218.92.0.199 not allowed because none of user's groups are listed in AllowGroups Mar 21 06:16:08 dcd-gentoo sshd[29729]: error: PAM: Authentication failure for illegal user root from 218.92.0.199 Mar 21 06:16:08 dcd-gentoo sshd[29729]: Failed keyboard-interactive/pam for invalid user root from 218.92.0.199 port 13304 ssh2 ...	2020-03-21 13:21:34
185.176.27.6	attackspam	Mar 21 05:14:10 debian-2gb-nbg1-2 kernel: \[7023149.836072\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=185.176.27.6 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=245 ID=62360 PROTO=TCP SPT=53575 DPT=9109 WINDOW=1024 RES=0x00 SYN URGP=0	2020-03-21 13:18:46
182.61.25.156	attackspam	Mar 21 05:03:24 ns382633 sshd\[12361\]: Invalid user ic from 182.61.25.156 port 38284 Mar 21 05:03:24 ns382633 sshd\[12361\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.61.25.156 Mar 21 05:03:26 ns382633 sshd\[12361\]: Failed password for invalid user ic from 182.61.25.156 port 38284 ssh2 Mar 21 05:07:30 ns382633 sshd\[13195\]: Invalid user yo from 182.61.25.156 port 54646 Mar 21 05:07:30 ns382633 sshd\[13195\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.61.25.156	2020-03-21 13:04:21
45.134.179.57	attack	Mar 21 06:06:58 debian-2gb-nbg1-2 kernel: \[7026317.500451\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=45.134.179.57 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=246 ID=24596 PROTO=TCP SPT=41094 DPT=28921 WINDOW=1024 RES=0x00 SYN URGP=0	2020-03-21 13:24:43
129.211.22.160	attack	2020-03-21T03:49:00.804195dmca.cloudsearch.cf sshd[23605]: Invalid user za from 129.211.22.160 port 60978 2020-03-21T03:49:00.811552dmca.cloudsearch.cf sshd[23605]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.211.22.160 2020-03-21T03:49:00.804195dmca.cloudsearch.cf sshd[23605]: Invalid user za from 129.211.22.160 port 60978 2020-03-21T03:49:03.265712dmca.cloudsearch.cf sshd[23605]: Failed password for invalid user za from 129.211.22.160 port 60978 ssh2 2020-03-21T03:54:13.350218dmca.cloudsearch.cf sshd[23902]: Invalid user by from 129.211.22.160 port 35344 2020-03-21T03:54:13.356296dmca.cloudsearch.cf sshd[23902]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.211.22.160 2020-03-21T03:54:13.350218dmca.cloudsearch.cf sshd[23902]: Invalid user by from 129.211.22.160 port 35344 2020-03-21T03:54:15.444532dmca.cloudsearch.cf sshd[23902]: Failed password for invalid user by from 129.211.22.160 port 3 ...	2020-03-21 12:59:12
106.75.8.200	attack	Mar 21 05:34:35 plex sshd[26827]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.8.200 user=sys Mar 21 05:34:37 plex sshd[26827]: Failed password for sys from 106.75.8.200 port 48076 ssh2	2020-03-21 12:52:30
210.9.47.154	attackspambots	5x Failed Password	2020-03-21 13:14:52
149.202.55.18	attackbots	Mar 21 03:56:54 sshgateway sshd\[13950\]: Invalid user peter from 149.202.55.18 Mar 21 03:56:54 sshgateway sshd\[13950\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=18.ip-149-202-55.eu Mar 21 03:56:57 sshgateway sshd\[13950\]: Failed password for invalid user peter from 149.202.55.18 port 40304 ssh2	2020-03-21 13:30:22
185.209.0.27	attackbots	Honeypot hit.	2020-03-21 13:09:21
52.185.174.213	attackspambots	Mar 21 04:55:02 Ubuntu-1404-trusty-64-minimal sshd\[30643\]: Invalid user sshvpn from 52.185.174.213 Mar 21 04:55:02 Ubuntu-1404-trusty-64-minimal sshd\[30643\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.185.174.213 Mar 21 04:55:05 Ubuntu-1404-trusty-64-minimal sshd\[30643\]: Failed password for invalid user sshvpn from 52.185.174.213 port 56788 ssh2 Mar 21 05:04:43 Ubuntu-1404-trusty-64-minimal sshd\[6020\]: Invalid user roland from 52.185.174.213 Mar 21 05:04:43 Ubuntu-1404-trusty-64-minimal sshd\[6020\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.185.174.213	2020-03-21 12:47:39
120.89.98.72	attack	Mar 21 00:46:02 plusreed sshd[14523]: Invalid user administrator from 120.89.98.72 ...	2020-03-21 13:01:07
221.148.45.168	attack	$f2bV_matches	2020-03-21 12:46:28

Recently Reported IPs

222.109.145.187	125.88.192.246	214.248.108.196	106.81.221.156
71.37.144.145	103.97.241.114	120.36.142.234	223.41.52.113
87.80.28.10	14.169.177.232	189.134.226.139	102.133.50.117
72.74.154.34	82.102.16.132	156.94.62.197	177.156.84.80
147.213.54.101	202.165.163.82	114.116.109.83	95.103.96.122