131.108.157.50

Basic Info

City: unknown

Region: unknown

Country: Brazil

Internet Service Provider: Meganet Brasil

Hostname: unknown

Organization: unknown

Usage Type: Commercial

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Tried our host z.	2020-07-06 01:52:43

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 131.108.157.50
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 65269
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;131.108.157.50.			IN	A

;; AUTHORITY SECTION:
.			358	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020070501 1800 900 604800 86400

;; Query time: 105 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Jul 06 01:52:38 CST 2020
;; MSG SIZE  rcvd: 118

Host info

50.157.108.131.in-addr.arpa domain name pointer 131-108-157-50.meganetbrasil.com.br.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
50.157.108.131.in-addr.arpa	name = 131-108-157-50.meganetbrasil.com.br.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
185.104.157.210	attack	1577344470 - 12/26/2019 08:14:30 Host: 185.104.157.210/185.104.157.210 Port: 445 TCP Blocked	2019-12-26 22:04:19
14.207.25.153	attack	Unauthorized connection attempt from IP address 14.207.25.153 on Port 445(SMB)	2019-12-26 21:52:18
171.229.74.235	attackspam	This IP Address sent many spam to @bit.co.id mhamdanrifai@gmail.com is administrator	2019-12-26 21:28:21
51.68.123.192	attack	Invalid user admin from 51.68.123.192 port 42420	2019-12-26 21:40:50
178.222.218.40	attackbotsspam	Dec 26 00:42:41 tdfoods sshd\[13932\]: Invalid user ftpuser from 178.222.218.40 Dec 26 00:42:41 tdfoods sshd\[13932\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=178-222-218-40.dynamic.isp.telekom.rs Dec 26 00:42:43 tdfoods sshd\[13932\]: Failed password for invalid user ftpuser from 178.222.218.40 port 60932 ssh2 Dec 26 00:45:03 tdfoods sshd\[14108\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=178-222-218-40.dynamic.isp.telekom.rs user=root Dec 26 00:45:05 tdfoods sshd\[14108\]: Failed password for root from 178.222.218.40 port 39172 ssh2	2019-12-26 21:56:25
80.82.78.211	attackbotsspam	MultiHost/MultiPort Probe, Scan, Hack -	2019-12-26 21:47:13
80.211.143.24	attack	\[2019-12-26 07:58:29\] NOTICE\[2839\] chan_sip.c: Registration from '"55555" \' failed for '80.211.143.24:5082' - Wrong password \[2019-12-26 07:58:29\] SECURITY\[2857\] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2019-12-26T07:58:29.281-0500",Severity="Error",Service="SIP",EventVersion="2",AccountID="55555",SessionID="0x7f0fb4a5a908",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/80.211.143.24/5082",Challenge="4ac27446",ReceivedChallenge="4ac27446",ReceivedHash="cff0d3cb28346efde55b8befa6741e0e" \[2019-12-26 07:59:22\] NOTICE\[2839\] chan_sip.c: Registration from '"48" \' failed for '80.211.143.24:5098' - Wrong password \[2019-12-26 07:59:22\] SECURITY\[2857\] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2019-12-26T07:59:22.427-0500",Severity="Error",Service="SIP",EventVersion="2",AccountID="48",SessionID="0x7f0fb4a5a908",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/8	2019-12-26 21:21:43
43.242.245.82	attackbots	Attempt to attack host OS, exploiting network vulnerabilities, on 26-12-2019 06:20:10.	2019-12-26 21:49:32
114.221.14.22	attack	SSH/22 MH Probe, BF, Hack -	2019-12-26 22:02:06
185.209.0.51	attackbots	12/26/2019-08:27:01.337420 185.209.0.51 Protocol: 6 ET DROP Dshield Block Listed Source group 1	2019-12-26 21:39:25
193.70.39.175	attackspam	Dec 26 09:22:25 vps46666688 sshd[18083]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=193.70.39.175 Dec 26 09:22:27 vps46666688 sshd[18083]: Failed password for invalid user ching-me from 193.70.39.175 port 33410 ssh2 ...	2019-12-26 21:22:24
89.37.192.194	attackbots	email spam	2019-12-26 21:43:49
222.186.175.155	attackbotsspam	Dec 26 13:52:05 zeus sshd[30240]: Failed password for root from 222.186.175.155 port 7286 ssh2 Dec 26 13:52:11 zeus sshd[30240]: Failed password for root from 222.186.175.155 port 7286 ssh2 Dec 26 13:52:15 zeus sshd[30240]: Failed password for root from 222.186.175.155 port 7286 ssh2 Dec 26 13:52:20 zeus sshd[30240]: Failed password for root from 222.186.175.155 port 7286 ssh2 Dec 26 13:52:25 zeus sshd[30240]: Failed password for root from 222.186.175.155 port 7286 ssh2 Dec 26 13:52:26 zeus sshd[30240]: error: maximum authentication attempts exceeded for root from 222.186.175.155 port 7286 ssh2 [preauth]	2019-12-26 21:59:35
111.225.216.67	attackbots	12/26/2019-13:01:16.733914 111.225.216.67 Protocol: 6 ET SCAN Suspicious inbound to MSSQL port 1433	2019-12-26 21:40:01
185.175.93.14	attack	Dec 26 14:12:25 debian-2gb-nbg1-2 kernel: \[1018673.732312\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=185.175.93.14 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=246 ID=63514 PROTO=TCP SPT=54160 DPT=37538 WINDOW=1024 RES=0x00 SYN URGP=0	2019-12-26 21:33:37

Recently Reported IPs

54.198.164.27	49.235.111.100	160.124.156.67	36.67.143.183
118.89.247.168	118.174.15.242	177.73.28.199	59.41.93.235
14.45.41.137	223.16.79.225	118.140.197.98	45.144.65.49
140.143.240.147	81.159.177.84	178.128.13.79	10.36.19.162
64.42.92.217	163.140.52.145	48.193.235.204	11.153.62.126