131.72.220.134

Basic Info

City: unknown

Region: unknown

Country: Brazil

Internet Service Provider: Sec. de Estado de Plan. e Orcamento do DF

Hostname: unknown

Organization: unknown

Usage Type: Government

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbots	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-09-10 18:02:29,314 INFO [amun_request_handler] PortScan Detected on Port: 445 (131.72.220.134)	2019-09-11 08:56:30

Comments on same subnet:

IP	Type	Details	Datetime
131.72.220.153	attack	Unauthorized connection attempt from IP address 131.72.220.153 on Port 445(SMB)	2019-10-30 05:17:21

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 131.72.220.134
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 51503
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;131.72.220.134.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019091003 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Wed Sep 11 08:56:23 CST 2019
;; MSG SIZE  rcvd: 118

Host info

134.220.72.131.in-addr.arpa domain name pointer 131.72.220.134-gdfnet.df.gov.br.

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
134.220.72.131.in-addr.arpa	name = 131.72.220.134-gdfnet.df.gov.br.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
80.87.66.20	attackspambots	Lines containing failures of 80.87.66.20 Feb 13 10:36:19 shared04 sshd[1198]: Invalid user admin from 80.87.66.20 port 62837 Feb 13 10:36:23 shared04 sshd[1198]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.87.66.20 Feb 13 10:36:25 shared04 sshd[1198]: Failed password for invalid user admin from 80.87.66.20 port 62837 ssh2 Feb 13 10:36:25 shared04 sshd[1198]: Connection closed by invalid user admin 80.87.66.20 port 62837 [preauth] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=80.87.66.20	2020-02-14 00:57:37
104.203.93.2	attackspam	firewall-block, port(s): 17990/tcp	2020-02-14 01:07:22
14.215.176.178	attackbots	ICMP MH Probe, Scan /Distributed -	2020-02-14 00:57:13
113.160.220.138	attackspambots	Feb 13 04:40:41 cumulus sshd[19470]: Did not receive identification string from 113.160.220.138 port 64249 Feb 13 04:40:41 cumulus sshd[19468]: Did not receive identification string from 113.160.220.138 port 64267 Feb 13 04:40:41 cumulus sshd[19469]: Did not receive identification string from 113.160.220.138 port 64234 Feb 13 04:40:45 cumulus sshd[19474]: Invalid user dircreate from 113.160.220.138 port 57047 Feb 13 04:40:45 cumulus sshd[19474]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=113.160.220.138 Feb 13 04:40:45 cumulus sshd[19476]: Invalid user dircreate from 113.160.220.138 port 53629 Feb 13 04:40:45 cumulus sshd[19476]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=113.160.220.138 Feb 13 04:40:47 cumulus sshd[19474]: Failed password for invalid user dircreate from 113.160.220.138 port 57047 ssh2 Feb 13 04:40:47 cumulus sshd[19474]: Connection closed by 113.160.220.138 port 5........ -------------------------------	2020-02-14 01:27:00
85.204.116.146	attack	Feb 13 06:36:51 hpm sshd\[12175\]: Invalid user conan from 85.204.116.146 Feb 13 06:36:51 hpm sshd\[12175\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=85.204.116.146 Feb 13 06:36:53 hpm sshd\[12175\]: Failed password for invalid user conan from 85.204.116.146 port 53088 ssh2 Feb 13 06:44:17 hpm sshd\[13118\]: Invalid user bruno from 85.204.116.146 Feb 13 06:44:17 hpm sshd\[13118\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=85.204.116.146	2020-02-14 00:48:04
14.161.26.155	attackspambots	IMAP brute force ...	2020-02-14 01:00:21
181.41.101.254	attackbotsspam	1581601683 - 02/13/2020 14:48:03 Host: 181.41.101.254/181.41.101.254 Port: 445 TCP Blocked	2020-02-14 01:02:18
171.78.217.129	attackbotsspam	Lines containing failures of 171.78.217.129 Feb 13 10:34:20 shared12 sshd[1121]: Did not receive identification string from 171.78.217.129 port 63513 Feb 13 10:34:25 shared12 sshd[1122]: Invalid user support from 171.78.217.129 port 54670 Feb 13 10:34:25 shared12 sshd[1122]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=171.78.217.129 Feb 13 10:34:27 shared12 sshd[1122]: Failed password for invalid user support from 171.78.217.129 port 54670 ssh2 Feb 13 10:34:28 shared12 sshd[1122]: Connection closed by invalid user support 171.78.217.129 port 54670 [preauth] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=171.78.217.129	2020-02-14 00:49:25
177.189.244.193	attackspambots	Feb 13 14:40:20 srv-ubuntu-dev3 sshd[91627]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=177.189.244.193 user=news Feb 13 14:40:22 srv-ubuntu-dev3 sshd[91627]: Failed password for news from 177.189.244.193 port 42853 ssh2 Feb 13 14:44:03 srv-ubuntu-dev3 sshd[91936]: Invalid user test from 177.189.244.193 Feb 13 14:44:03 srv-ubuntu-dev3 sshd[91936]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=177.189.244.193 Feb 13 14:44:03 srv-ubuntu-dev3 sshd[91936]: Invalid user test from 177.189.244.193 Feb 13 14:44:06 srv-ubuntu-dev3 sshd[91936]: Failed password for invalid user test from 177.189.244.193 port 57065 ssh2 Feb 13 14:47:55 srv-ubuntu-dev3 sshd[92301]: Invalid user manager from 177.189.244.193 Feb 13 14:47:55 srv-ubuntu-dev3 sshd[92301]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=177.189.244.193 Feb 13 14:47:55 srv-ubuntu-dev3 sshd[92301]: Invalid user ma ...	2020-02-14 01:12:50
49.235.42.39	attack	Feb 13 16:08:53 plex sshd[8904]: Invalid user noah from 49.235.42.39 port 43958	2020-02-14 00:55:49
14.215.176.180	attackbots	ICMP MH Probe, Scan /Distributed -	2020-02-14 00:50:17
67.229.93.16	attackspam	389/udp 389/udp [2020-02-13]2pkt	2020-02-14 00:56:56
202.131.227.60	attackspam	Feb 13 17:58:15 silence02 sshd[31045]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.131.227.60 Feb 13 17:58:18 silence02 sshd[31045]: Failed password for invalid user eddie from 202.131.227.60 port 37800 ssh2 Feb 13 18:06:58 silence02 sshd[2388]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.131.227.60	2020-02-14 01:29:55
61.76.169.138	attackbots	Feb 13 14:31:44 ns382633 sshd\[25838\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.76.169.138 user=root Feb 13 14:31:46 ns382633 sshd\[25838\]: Failed password for root from 61.76.169.138 port 1102 ssh2 Feb 13 14:47:52 ns382633 sshd\[28526\]: Invalid user luka from 61.76.169.138 port 7571 Feb 13 14:47:52 ns382633 sshd\[28526\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.76.169.138 Feb 13 14:47:53 ns382633 sshd\[28526\]: Failed password for invalid user luka from 61.76.169.138 port 7571 ssh2	2020-02-14 01:09:03
148.66.133.91	attackspambots	Invalid user scpuser from 148.66.133.91 port 55928	2020-02-14 01:26:41

Recently Reported IPs

56.4.109.9	253.126.78.119	52.217.194.11	11.46.11.98
23.143.134.205	46.34.106.127	86.254.42.5	195.42.18.51
146.175.151.240	182.92.89.197	221.25.167.22	241.104.208.158
10.92.254.95	228.4.227.37	35.168.147.94	255.134.203.132
201.1.87.237	20.36.96.70	124.64.116.189	118.169.241.2