Must be a valid IPv4 or IPv6 ip address, e.g. 127.0.0.1 or 2001:DB8:0:0:8:800:200C:417A
Basic Info

City: unknown

Region: unknown

Country: Brazil

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:
No discussion about this IP yet. Click above link to make one.
Comments on same subnet:
IP Type Details Datetime
131.161.119.172 attack
Suspicious access to SMTP/POP/IMAP services.
2020-06-09 19:05:16
Whois info:
b
Dig info:
; <<>> DiG 9.10.3-P4-Ubuntu <<>> 131.161.11.66
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 29316
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;131.161.11.66.			IN	A

;; AUTHORITY SECTION:
.			287	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022062202 1800 900 604800 86400

;; Query time: 69 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Jun 23 05:57:21 CST 2022
;; MSG SIZE  rcvd: 106
Host info
66.11.161.131.in-addr.arpa domain name pointer dynamic-131-161-11-66.gptelecomprovedor.net.br.
Nslookup info:
Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
66.11.161.131.in-addr.arpa	name = dynamic-131-161-11-66.gptelecomprovedor.net.br.

Authoritative answers can be found from:
Related IP info:
Related comments:
IP Type Details Datetime
185.176.27.178 attackspam
Oct 20 21:21:59 mc1 kernel: \[2885675.997623\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:11:a9:7b:d2:74:7f:6e:37:e3:08:00 SRC=185.176.27.178 DST=159.69.205.51 LEN=40 TOS=0x00 PREC=0x00 TTL=244 ID=9139 PROTO=TCP SPT=50501 DPT=10799 WINDOW=1024 RES=0x00 SYN URGP=0 
Oct 20 21:22:09 mc1 kernel: \[2885685.495377\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:11:a9:7b:d2:74:7f:6e:37:e3:08:00 SRC=185.176.27.178 DST=159.69.205.51 LEN=40 TOS=0x00 PREC=0x00 TTL=245 ID=38577 PROTO=TCP SPT=50501 DPT=51816 WINDOW=1024 RES=0x00 SYN URGP=0 
Oct 20 21:25:30 mc1 kernel: \[2885886.282152\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:11:a9:7b:d2:74:7f:6e:37:e3:08:00 SRC=185.176.27.178 DST=159.69.205.51 LEN=40 TOS=0x00 PREC=0x00 TTL=245 ID=22389 PROTO=TCP SPT=50501 DPT=36398 WINDOW=1024 RES=0x00 SYN URGP=0 
...
2019-10-21 03:36:17
123.206.17.141 attackbots
2019-10-20T18:58:43.081310shield sshd\[9644\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.206.17.141  user=root
2019-10-20T18:58:44.905732shield sshd\[9644\]: Failed password for root from 123.206.17.141 port 2255 ssh2
2019-10-20T18:58:47.581707shield sshd\[9644\]: Failed password for root from 123.206.17.141 port 2255 ssh2
2019-10-20T18:58:49.187939shield sshd\[9644\]: Failed password for root from 123.206.17.141 port 2255 ssh2
2019-10-20T18:58:51.401771shield sshd\[9644\]: Failed password for root from 123.206.17.141 port 2255 ssh2
2019-10-21 03:01:49
138.197.188.208 attack
Lines containing failures of 138.197.188.208
Oct 18 23:57:51 kvm05 sshd[29315]: Did not receive identification string from 138.197.188.208 port 60826
Oct 18 23:57:51 kvm05 sshd[29317]: Did not receive identification string from 138.197.188.208 port 44214
Oct 19 00:01:27 kvm05 sshd[29572]: Invalid user postgres from 138.197.188.208 port 54130
Oct 19 00:01:27 kvm05 sshd[29573]: Invalid user postgres from 138.197.188.208 port 42510
Oct 19 00:01:27 kvm05 sshd[29572]: Received disconnect from 138.197.188.208 port 54130:11: Normal Shutdown, Thank you for playing [preauth]
Oct 19 00:01:27 kvm05 sshd[29572]: Disconnected from invalid user postgres 138.197.188.208 port 54130 [preauth]
Oct 19 00:01:27 kvm05 sshd[29573]: Received disconnect from 138.197.188.208 port 42510:11: Normal Shutdown, Thank you for playing [preauth]
Oct 19 00:01:27 kvm05 sshd[29573]: Disconnected from invalid user postgres 138.197.188.208 port 42510 [preauth]
Oct 19 00:01:54 kvm05 sshd[29592]: Invalid user ........
------------------------------
2019-10-21 03:26:15
185.40.15.212 attack
" "
2019-10-21 03:11:30
178.62.181.74 attackbots
Oct 20 13:48:35 DAAP sshd[1490]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.62.181.74  user=root
Oct 20 13:48:37 DAAP sshd[1490]: Failed password for root from 178.62.181.74 port 51765 ssh2
Oct 20 13:52:36 DAAP sshd[1518]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.62.181.74  user=root
Oct 20 13:52:38 DAAP sshd[1518]: Failed password for root from 178.62.181.74 port 43248 ssh2
Oct 20 13:56:40 DAAP sshd[1534]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.62.181.74  user=root
Oct 20 13:56:42 DAAP sshd[1534]: Failed password for root from 178.62.181.74 port 34730 ssh2
...
2019-10-21 03:22:23
188.165.255.8 attack
Automatic report - Banned IP Access
2019-10-21 03:32:08
95.159.142.102 attackbotsspam
[portscan] Port scan
2019-10-21 03:29:19
45.136.110.14 attackspam
Port scan on 12 port(s): 6850 9628 11156 14798 18472 24724 42503 48311 50650 51540 58003 59236
2019-10-21 03:04:00
178.128.90.40 attack
Oct 20 20:04:44 MK-Soft-VM4 sshd[22762]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.128.90.40 
Oct 20 20:04:46 MK-Soft-VM4 sshd[22762]: Failed password for invalid user Pass2016 from 178.128.90.40 port 59026 ssh2
...
2019-10-21 03:18:55
222.186.175.169 attack
Oct 21 00:50:08 areeb-Workstation sshd[20616]: Failed password for root from 222.186.175.169 port 21830 ssh2
Oct 21 00:50:26 areeb-Workstation sshd[20616]: error: maximum authentication attempts exceeded for root from 222.186.175.169 port 21830 ssh2 [preauth]
...
2019-10-21 03:25:51
159.65.172.240 attackspam
fail2ban
2019-10-21 03:13:02
198.211.117.194 attack
198.211.117.194 - - [20/Oct/2019:23:03:41 +0400] "POST /GponForm/diag_Form?style/ HTTP/1.1" 502 157 "-" "curl/7.3.2"
...
2019-10-21 03:08:31
41.250.64.10 attackbotsspam
IP Ban Report :  
 https://help-dysk.pl/wordpress-firewall-plugins/ip/41.250.64.10/ 
 
 MA - 1H : (5)  
 Protection Against DDoS WordPress plugin :  
 "odzyskiwanie danych help-dysk" 
 IP Address Ranges by Country : MA 
 NAME ASN : ASN36903 
 
 IP : 41.250.64.10 
 
 CIDR : 41.250.64.0/21 
 
 PREFIX COUNT : 843 
 
 UNIQUE IP COUNT : 1734656 
 
 
 ATTACKS DETECTED ASN36903 :  
  1H - 1 
  3H - 2 
  6H - 2 
 12H - 3 
 24H - 4 
 
 DateTime : 2019-10-20 13:56:11 
 
 INFO : Port Scan TELNET Detected and Blocked by ADMIN  - data recovery
2019-10-21 03:35:43
185.8.174.170 attack
xmlrpc attack
2019-10-21 03:20:43
112.220.85.26 attackspam
Oct 20 12:09:23 plusreed sshd[18830]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.220.85.26  user=root
Oct 20 12:09:25 plusreed sshd[18830]: Failed password for root from 112.220.85.26 port 32828 ssh2
...
2019-10-21 03:31:10

Recently Reported IPs

131.161.11.89 138.118.235.148 131.161.10.249 131.161.11.15
131.161.11.56 131.161.10.225 137.226.108.32 137.226.249.58
137.226.243.254 137.226.32.188 169.229.35.18 137.226.248.107
137.226.247.214 131.161.10.246 169.229.39.39 131.161.11.13
169.229.48.123 169.229.35.236 169.229.38.81 137.226.245.226