131.161.11.66 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Brazil

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
131.161.119.172	attack	Suspicious access to SMTP/POP/IMAP services.	2020-06-09 19:05:16

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 131.161.11.66
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 29316
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;131.161.11.66.			IN	A

;; AUTHORITY SECTION:
.			287	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022062202 1800 900 604800 86400

;; Query time: 69 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Jun 23 05:57:21 CST 2022
;; MSG SIZE  rcvd: 106

Host info

66.11.161.131.in-addr.arpa domain name pointer dynamic-131-161-11-66.gptelecomprovedor.net.br.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
66.11.161.131.in-addr.arpa	name = dynamic-131-161-11-66.gptelecomprovedor.net.br.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
185.176.27.178	attackspam	Oct 20 21:21:59 mc1 kernel: \[2885675.997623\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:11:a9:7b:d2:74:7f:6e:37:e3:08:00 SRC=185.176.27.178 DST=159.69.205.51 LEN=40 TOS=0x00 PREC=0x00 TTL=244 ID=9139 PROTO=TCP SPT=50501 DPT=10799 WINDOW=1024 RES=0x00 SYN URGP=0 Oct 20 21:22:09 mc1 kernel: \[2885685.495377\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:11:a9:7b:d2:74:7f:6e:37:e3:08:00 SRC=185.176.27.178 DST=159.69.205.51 LEN=40 TOS=0x00 PREC=0x00 TTL=245 ID=38577 PROTO=TCP SPT=50501 DPT=51816 WINDOW=1024 RES=0x00 SYN URGP=0 Oct 20 21:25:30 mc1 kernel: \[2885886.282152\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:11:a9:7b:d2:74:7f:6e:37:e3:08:00 SRC=185.176.27.178 DST=159.69.205.51 LEN=40 TOS=0x00 PREC=0x00 TTL=245 ID=22389 PROTO=TCP SPT=50501 DPT=36398 WINDOW=1024 RES=0x00 SYN URGP=0 ...	2019-10-21 03:36:17
123.206.17.141	attackbots	2019-10-20T18:58:43.081310shield sshd\[9644\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.206.17.141 user=root 2019-10-20T18:58:44.905732shield sshd\[9644\]: Failed password for root from 123.206.17.141 port 2255 ssh2 2019-10-20T18:58:47.581707shield sshd\[9644\]: Failed password for root from 123.206.17.141 port 2255 ssh2 2019-10-20T18:58:49.187939shield sshd\[9644\]: Failed password for root from 123.206.17.141 port 2255 ssh2 2019-10-20T18:58:51.401771shield sshd\[9644\]: Failed password for root from 123.206.17.141 port 2255 ssh2	2019-10-21 03:01:49
138.197.188.208	attack	Lines containing failures of 138.197.188.208 Oct 18 23:57:51 kvm05 sshd[29315]: Did not receive identification string from 138.197.188.208 port 60826 Oct 18 23:57:51 kvm05 sshd[29317]: Did not receive identification string from 138.197.188.208 port 44214 Oct 19 00:01:27 kvm05 sshd[29572]: Invalid user postgres from 138.197.188.208 port 54130 Oct 19 00:01:27 kvm05 sshd[29573]: Invalid user postgres from 138.197.188.208 port 42510 Oct 19 00:01:27 kvm05 sshd[29572]: Received disconnect from 138.197.188.208 port 54130:11: Normal Shutdown, Thank you for playing [preauth] Oct 19 00:01:27 kvm05 sshd[29572]: Disconnected from invalid user postgres 138.197.188.208 port 54130 [preauth] Oct 19 00:01:27 kvm05 sshd[29573]: Received disconnect from 138.197.188.208 port 42510:11: Normal Shutdown, Thank you for playing [preauth] Oct 19 00:01:27 kvm05 sshd[29573]: Disconnected from invalid user postgres 138.197.188.208 port 42510 [preauth] Oct 19 00:01:54 kvm05 sshd[29592]: Invalid user ........ ------------------------------	2019-10-21 03:26:15
185.40.15.212	attack	" "	2019-10-21 03:11:30
178.62.181.74	attackbots	Oct 20 13:48:35 DAAP sshd[1490]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.62.181.74 user=root Oct 20 13:48:37 DAAP sshd[1490]: Failed password for root from 178.62.181.74 port 51765 ssh2 Oct 20 13:52:36 DAAP sshd[1518]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.62.181.74 user=root Oct 20 13:52:38 DAAP sshd[1518]: Failed password for root from 178.62.181.74 port 43248 ssh2 Oct 20 13:56:40 DAAP sshd[1534]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.62.181.74 user=root Oct 20 13:56:42 DAAP sshd[1534]: Failed password for root from 178.62.181.74 port 34730 ssh2 ...	2019-10-21 03:22:23
188.165.255.8	attack	Automatic report - Banned IP Access	2019-10-21 03:32:08
95.159.142.102	attackbotsspam	[portscan] Port scan	2019-10-21 03:29:19
45.136.110.14	attackspam	Port scan on 12 port(s): 6850 9628 11156 14798 18472 24724 42503 48311 50650 51540 58003 59236	2019-10-21 03:04:00
178.128.90.40	attack	Oct 20 20:04:44 MK-Soft-VM4 sshd[22762]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.128.90.40 Oct 20 20:04:46 MK-Soft-VM4 sshd[22762]: Failed password for invalid user Pass2016 from 178.128.90.40 port 59026 ssh2 ...	2019-10-21 03:18:55
222.186.175.169	attack	Oct 21 00:50:08 areeb-Workstation sshd[20616]: Failed password for root from 222.186.175.169 port 21830 ssh2 Oct 21 00:50:26 areeb-Workstation sshd[20616]: error: maximum authentication attempts exceeded for root from 222.186.175.169 port 21830 ssh2 [preauth] ...	2019-10-21 03:25:51
159.65.172.240	attackspam	fail2ban	2019-10-21 03:13:02
198.211.117.194	attack	198.211.117.194 - - [20/Oct/2019:23:03:41 +0400] "POST /GponForm/diag_Form?style/ HTTP/1.1" 502 157 "-" "curl/7.3.2" ...	2019-10-21 03:08:31
41.250.64.10	attackbotsspam	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/41.250.64.10/ MA - 1H : (5) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : MA NAME ASN : ASN36903 IP : 41.250.64.10 CIDR : 41.250.64.0/21 PREFIX COUNT : 843 UNIQUE IP COUNT : 1734656 ATTACKS DETECTED ASN36903 : 1H - 1 3H - 2 6H - 2 12H - 3 24H - 4 DateTime : 2019-10-20 13:56:11 INFO : Port Scan TELNET Detected and Blocked by ADMIN - data recovery	2019-10-21 03:35:43
185.8.174.170	attack	xmlrpc attack	2019-10-21 03:20:43
112.220.85.26	attackspam	Oct 20 12:09:23 plusreed sshd[18830]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.220.85.26 user=root Oct 20 12:09:25 plusreed sshd[18830]: Failed password for root from 112.220.85.26 port 32828 ssh2 ...	2019-10-21 03:31:10

Recently Reported IPs

131.161.11.89	138.118.235.148	131.161.10.249	131.161.11.15
131.161.11.56	131.161.10.225	137.226.108.32	137.226.249.58
137.226.243.254	137.226.32.188	169.229.35.18	137.226.248.107
137.226.247.214	131.161.10.246	169.229.39.39	131.161.11.13
169.229.48.123	169.229.35.236	169.229.38.81	137.226.245.226