131.108.87.145

Basic Info

City: unknown

Region: unknown

Country: Brazil

Internet Service Provider: PGF Telecomunicacoes Ltda

Hostname: unknown

Organization: unknown

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Unauthorized connection attempt from IP address 131.108.87.145 on Port 445(SMB)	2020-03-07 08:54:22

Comments on same subnet:

IP	Type	Details	Datetime
131.108.87.177	attack	1601935273 - 10/06/2020 00:01:13 Host: 131.108.87.177/131.108.87.177 Port: 445 TCP Blocked ...	2020-10-07 01:14:36
131.108.87.177	attackspambots	1601935273 - 10/06/2020 00:01:13 Host: 131.108.87.177/131.108.87.177 Port: 445 TCP Blocked ...	2020-10-06 17:09:26
131.108.87.88	attackspam	Unauthorized connection attempt from IP address 131.108.87.88 on Port 445(SMB)	2020-08-13 09:06:31
131.108.87.177	attack	Honeypot attack, port: 445, PTR: static-131.108.87.177-pgftelecom.com.br.	2020-07-25 04:11:32
131.108.87.177	attackbotsspam	Honeypot attack, port: 445, PTR: static-131.108.87.177-pgftelecom.com.br.	2020-06-17 06:06:17
131.108.87.26	attackbots	Unauthorized connection attempt from IP address 131.108.87.26 on Port 445(SMB)	2020-04-14 21:20:26
131.108.87.177	attackspam	Unauthorized connection attempt from IP address 131.108.87.177 on Port 445(SMB)	2019-11-23 05:00:57
131.108.87.177	attack	Unauthorized connection attempt from IP address 131.108.87.177 on Port 445(SMB)	2019-10-12 08:01:48
131.108.87.25	attackspam	Unauthorized connection attempt from IP address 131.108.87.25 on Port 445(SMB)	2019-09-20 12:04:18
131.108.87.207	attack	445/tcp 445/tcp 445/tcp... [2019-07-13/24]5pkt,1pt.(tcp)	2019-07-25 01:58:45

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 131.108.87.145
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 13600
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;131.108.87.145.			IN	A

;; AUTHORITY SECTION:
.			182	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020030601 1800 900 604800 86400

;; Query time: 45 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Mar 07 08:54:18 CST 2020
;; MSG SIZE  rcvd: 118

Host info

Host 145.87.108.131.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 145.87.108.131.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
31.204.181.238	attackbotsspam	0,37-04/05 concatform PostRequest-Spammer scoring: maputo01_x2b	2019-07-17 16:08:59
193.34.174.104	attackbots	Automatic report - Port Scan Attack	2019-07-17 16:38:44
188.246.226.71	attackspambots	SPLUNK port scan detected	2019-07-17 16:44:52
178.62.224.96	attackbots	Jul 17 09:36:42 giegler sshd[22449]: Invalid user dev from 178.62.224.96 port 36997	2019-07-17 16:04:53
110.139.129.188	attack	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-07-17 00:45:21,226 INFO [shellcode_manager] (110.139.129.188) no match, writing hexdump (9c38f3d76b968a9d1134b19522980231 :2247277) - MS17010 (EternalBlue)	2019-07-17 16:07:09
94.41.61.115	attackspambots	port scan and connect, tcp 23 (telnet)	2019-07-17 16:10:03
209.141.52.61	attackspambots	MultiHost/MultiPort Probe, Scan, Hack -	2019-07-17 16:21:22
116.74.123.28	attack	firewall-block, port(s): 23/tcp	2019-07-17 16:52:03
97.88.15.95	attackbots	2019-07-17T10:19:56.308054lon01.zurich-datacenter.net sshd\[25647\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=97-88-15-95.dhcp.roch.mn.charter.com user=redis 2019-07-17T10:19:58.730394lon01.zurich-datacenter.net sshd\[25647\]: Failed password for redis from 97.88.15.95 port 55546 ssh2 2019-07-17T10:20:01.198331lon01.zurich-datacenter.net sshd\[25647\]: Failed password for redis from 97.88.15.95 port 55546 ssh2 2019-07-17T10:20:03.422683lon01.zurich-datacenter.net sshd\[25647\]: Failed password for redis from 97.88.15.95 port 55546 ssh2 2019-07-17T10:20:05.574600lon01.zurich-datacenter.net sshd\[25647\]: Failed password for redis from 97.88.15.95 port 55546 ssh2 ...	2019-07-17 16:21:45
45.160.138.186	attackbotsspam	Jul 17 08:03:37 offspring postfix/smtpd[27867]: connect from unknown[45.160.138.186] Jul 17 08:03:41 offspring postfix/smtpd[27867]: warning: unknown[45.160.138.186]: SASL CRAM-MD5 authentication failed: authentication failure Jul 17 08:03:41 offspring postfix/smtpd[27867]: warning: unknown[45.160.138.186]: SASL PLAIN authentication failed: authentication failure Jul 17 08:03:43 offspring postfix/smtpd[27867]: warning: unknown[45.160.138.186]: SASL LOGIN authentication failed: authentication failure ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=45.160.138.186	2019-07-17 16:41:44
94.23.196.219	attackbots	MultiHost/MultiPort Probe, Scan, Hack -	2019-07-17 16:16:33
103.78.180.116	attackbotsspam	port scan and connect, tcp 80 (http)	2019-07-17 16:07:33
78.188.240.11	attack	2019-07-16T10:11:50.731695stt-1.[munged] kernel: [7317930.512733] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:97:36:58:84:78:ac:57:aa:c1:08:00 SRC=78.188.240.11 DST=[mungedIP1] LEN=44 TOS=0x00 PREC=0x00 TTL=47 ID=47198 PROTO=TCP SPT=56025 DPT=52869 WINDOW=42153 RES=0x00 SYN URGP=0 2019-07-16T10:48:57.037163stt-1.[munged] kernel: [7320156.810885] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:97:36:58:84:78:ac:57:aa:c1:08:00 SRC=78.188.240.11 DST=[mungedIP1] LEN=44 TOS=0x00 PREC=0x00 TTL=47 ID=26200 PROTO=TCP SPT=56025 DPT=52869 WINDOW=42153 RES=0x00 SYN URGP=0 2019-07-17T02:11:22.031957stt-1.[munged] kernel: [7375501.626886] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:97:36:58:84:78:ac:57:aa:c1:08:00 SRC=78.188.240.11 DST=[mungedIP1] LEN=44 TOS=0x00 PREC=0x00 TTL=48 ID=36938 PROTO=TCP SPT=56025 DPT=52869 WINDOW=42153 RES=0x00 SYN URGP=0	2019-07-17 16:19:34
196.27.127.61	attack	Jul 17 08:05:06 dev0-dcde-rnet sshd[20238]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=196.27.127.61 Jul 17 08:05:08 dev0-dcde-rnet sshd[20238]: Failed password for invalid user owen from 196.27.127.61 port 58080 ssh2 Jul 17 08:11:17 dev0-dcde-rnet sshd[20255]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=196.27.127.61	2019-07-17 16:20:41
14.169.237.171	attackbots	port scan and connect, tcp 22 (ssh)	2019-07-17 16:24:09

Recently Reported IPs

195.114.147.66	177.135.26.154	168.197.30.183	37.105.99.215
96.9.245.184	79.166.19.130	36.71.232.21	182.109.77.189
183.120.206.231	213.230.86.214	176.194.108.40	39.155.212.90
183.88.0.204	114.105.156.65	61.223.119.15	186.227.236.234
54.36.135.150	250.104.50.140	45.232.20.65	187.136.196.78