131.196.94.166

Basic Info

City: unknown

Region: unknown

Country: Brazil

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
131.196.94.196	attackbotsspam	failed_logins	2020-09-16 19:35:25
131.196.94.226	attack	Brute force attempt	2020-09-01 04:18:32
131.196.94.71	attackspam	failed_logins	2020-08-30 21:09:46
131.196.94.152	attackspam	(smtpauth) Failed SMTP AUTH login from 131.196.94.152 (BR/Brazil/static-131-196-94-152.globaltelecombr.com.br): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: 2020-08-29 16:33:51 plain authenticator failed for ([131.196.94.152]) [131.196.94.152]: 535 Incorrect authentication data (set_id=info@fmc-co.com)	2020-08-30 03:31:17
131.196.94.45	attackbotsspam	Jul 24 13:13:48 mail.srvfarm.net postfix/smtps/smtpd[2242306]: warning: unknown[131.196.94.45]: SASL PLAIN authentication failed: Jul 24 13:13:48 mail.srvfarm.net postfix/smtps/smtpd[2242306]: lost connection after AUTH from unknown[131.196.94.45] Jul 24 13:16:02 mail.srvfarm.net postfix/smtps/smtpd[2256931]: warning: unknown[131.196.94.45]: SASL PLAIN authentication failed: Jul 24 13:16:02 mail.srvfarm.net postfix/smtps/smtpd[2256931]: lost connection after AUTH from unknown[131.196.94.45] Jul 24 13:23:41 mail.srvfarm.net postfix/smtpd[2241871]: warning: unknown[131.196.94.45]: SASL PLAIN authentication failed:	2020-07-25 01:25:41

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 131.196.94.166
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 48608
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;131.196.94.166.			IN	A

;; AUTHORITY SECTION:
.			599	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022021300 1800 900 604800 86400

;; Query time: 65 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Feb 13 14:32:32 CST 2022
;; MSG SIZE  rcvd: 107

Host info

166.94.196.131.in-addr.arpa domain name pointer static-131-196-94-166.globaltelecombr.com.br.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
166.94.196.131.in-addr.arpa	name = static-131-196-94-166.globaltelecombr.com.br.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
198.211.123.196	attackspambots	Dec 17 06:58:31 zeus sshd[9538]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=198.211.123.196 Dec 17 06:58:33 zeus sshd[9538]: Failed password for invalid user 321 from 198.211.123.196 port 54320 ssh2 Dec 17 07:04:15 zeus sshd[9767]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=198.211.123.196 Dec 17 07:04:17 zeus sshd[9767]: Failed password for invalid user idc520 from 198.211.123.196 port 34676 ssh2	2019-12-17 15:19:23
185.143.223.104	attack	Dec 17 07:48:56 debian-2gb-nbg1-2 kernel: \[218116.451634\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=185.143.223.104 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=246 ID=46074 PROTO=TCP SPT=59270 DPT=5215 WINDOW=1024 RES=0x00 SYN URGP=0	2019-12-17 15:17:45
159.203.88.222	attack	Dec 17 13:39:05 itv-usvr-01 sshd[5874]: Invalid user nunez from 159.203.88.222 Dec 17 13:39:05 itv-usvr-01 sshd[5874]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.203.88.222 Dec 17 13:39:05 itv-usvr-01 sshd[5874]: Invalid user nunez from 159.203.88.222 Dec 17 13:39:07 itv-usvr-01 sshd[5874]: Failed password for invalid user nunez from 159.203.88.222 port 38146 ssh2 Dec 17 13:45:05 itv-usvr-01 sshd[6137]: Invalid user server from 159.203.88.222	2019-12-17 15:15:08
213.129.114.212	attack	Dec 17 06:59:14 l02a sshd[21916]: Invalid user admin from 213.129.114.212 Dec 17 06:59:14 l02a sshd[21916]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=213.129.114.212 Dec 17 06:59:14 l02a sshd[21916]: Invalid user admin from 213.129.114.212 Dec 17 06:59:16 l02a sshd[21916]: Failed password for invalid user admin from 213.129.114.212 port 44610 ssh2	2019-12-17 15:16:57
176.107.130.221	attack	SIP Server BruteForce Attack	2019-12-17 14:49:38
51.254.123.131	attackbotsspam	Dec 17 06:32:05 goofy sshd\[11494\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.254.123.131 user=root Dec 17 06:32:07 goofy sshd\[11494\]: Failed password for root from 51.254.123.131 port 42404 ssh2 Dec 17 06:40:37 goofy sshd\[1854\]: Invalid user gateway from 51.254.123.131 Dec 17 06:40:37 goofy sshd\[1854\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.254.123.131 Dec 17 06:40:40 goofy sshd\[1854\]: Failed password for invalid user gateway from 51.254.123.131 port 43236 ssh2	2019-12-17 14:44:21
149.56.132.202	attackbots	Dec 17 07:30:18 vpn01 sshd[2339]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=149.56.132.202 Dec 17 07:30:21 vpn01 sshd[2339]: Failed password for invalid user repec from 149.56.132.202 port 53738 ssh2 ...	2019-12-17 14:50:01
62.210.119.149	attack	Dec 17 06:25:55 yesfletchmain sshd\[3502\]: User root from 62.210.119.149 not allowed because not listed in AllowUsers Dec 17 06:25:55 yesfletchmain sshd\[3502\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=62.210.119.149 user=root Dec 17 06:25:57 yesfletchmain sshd\[3502\]: Failed password for invalid user root from 62.210.119.149 port 39720 ssh2 Dec 17 06:30:55 yesfletchmain sshd\[3815\]: Invalid user sparling from 62.210.119.149 port 33556 Dec 17 06:30:55 yesfletchmain sshd\[3815\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=62.210.119.149 ...	2019-12-17 14:45:03
168.90.77.156	attackbotsspam	Honeypot attack, port: 23, PTR: 168-90-77-156.micks.com.br.	2019-12-17 15:20:34
153.122.46.31	attackbotsspam	$f2bV_matches	2019-12-17 14:59:23
63.240.240.74	attackbots	Invalid user tennis from 63.240.240.74 port 33198 pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=63.240.240.74 Failed password for invalid user tennis from 63.240.240.74 port 33198 ssh2 Invalid user xu from 63.240.240.74 port 37643 pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=63.240.240.74	2019-12-17 15:04:22
51.77.185.73	attackbots	Detected By Fail2ban	2019-12-17 14:52:22
220.174.181.174	attackbots	Port Scan	2019-12-17 15:16:32
103.51.103.10	attackspam	Unauthorized connection attempt from IP address 103.51.103.10 on Port 445(SMB)	2019-12-17 15:17:23
148.235.57.183	attack	Dec 16 20:39:22 tdfoods sshd\[32571\]: Invalid user smmsp from 148.235.57.183 Dec 16 20:39:22 tdfoods sshd\[32571\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.235.57.183 Dec 16 20:39:24 tdfoods sshd\[32571\]: Failed password for invalid user smmsp from 148.235.57.183 port 49012 ssh2 Dec 16 20:45:47 tdfoods sshd\[798\]: Invalid user dolley from 148.235.57.183 Dec 16 20:45:47 tdfoods sshd\[798\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.235.57.183	2019-12-17 14:59:39

Recently Reported IPs

131.221.131.18	131.196.94.175	131.213.120.75	131.221.161.27
131.221.163.82	131.221.161.244	131.221.188.176	131.226.66.218
131.221.229.20	131.221.189.42	131.226.65.169	131.255.106.197
131.255.133.6	131.255.30.85	131.255.37.152	131.255.230.14
131.221.194.89	131.255.37.95	131.255.253.201	131.255.9.52