Must be a valid IPv4 or IPv6 ip address, e.g. 127.0.0.1 or 2001:DB8:0:0:8:800:200C:417A
Basic Info

City: unknown

Region: unknown

Country: unknown

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:
No discussion about this IP yet. Click above link to make one.
Comments on same subnet:
IP Type Details Datetime
138.185.166.218 attack
spam
2020-04-15 16:02:51
138.185.166.133 attackspam
email spam
2020-03-01 19:46:06
138.185.166.254 attack
Sending SPAM email
2020-02-06 23:44:58
138.185.166.173 attackbotsspam
spam
2020-01-22 16:23:34
138.185.166.136 attackbots
Absender hat Spam-Falle ausgel?st
2019-12-19 16:15:01
138.185.166.194 attackspam
Brute force attempt
2019-08-15 05:13:26
138.185.166.166 attackspambots
Lines containing failures of 138.185.166.166
Jul 27 03:25:46 omfg postfix/smtpd[27121]: connect from unknown[138.185.166.166]
Jul x@x


........
-----------------------------------------------
https://www.blocklist.de/en/view.html?ip=138.185.166.166
2019-07-29 08:50:12
138.185.166.149 attackspam
Jul 17 15:34:24 h2421860 postfix/postscreen[29334]: CONNECT from [138.185.166.149]:57743 to [85.214.119.52]:25
Jul 17 15:34:24 h2421860 postfix/dnsblog[29337]: addr 138.185.166.149 listed by domain ix.dnsbl.xxxxxx.net as 127.0.0.2
Jul 17 15:34:24 h2421860 postfix/dnsblog[29338]: addr 138.185.166.149 listed by domain bl.spamcop.net as 127.0.0.2
Jul 17 15:34:24 h2421860 postfix/dnsblog[29338]: addr 138.185.166.149 listed by domain zen.spamhaus.org as 127.0.0.4
Jul 17 15:34:24 h2421860 postfix/dnsblog[29338]: addr 138.185.166.149 listed by domain zen.spamhaus.org as 127.0.0.3
Jul 17 15:34:24 h2421860 postfix/dnsblog[29342]: addr 138.185.166.149 listed by domain Unknown.trblspam.com as 185.53.179.7
Jul 17 15:34:24 h2421860 postfix/dnsblog[29339]: addr 138.185.166.149 listed by domain b.barracudacentral.org as 127.0.0.2
Jul 17 15:34:24 h2421860 postfix/dnsblog[29338]: addr 138.185.166.149 listed by domain dnsbl.sorbs.net as 127.0.0.6
Jul 17 15:34:24 h2421860 postfix/postscre........
-------------------------------
2019-07-18 18:23:59
138.185.166.194 attack
Jul 10 20:09:44 mxgate1 postfix/postscreen[26117]: CONNECT from [138.185.166.194]:49880 to [176.31.12.44]:25
Jul 10 20:09:44 mxgate1 postfix/dnsblog[26118]: addr 138.185.166.194 listed by domain zen.spamhaus.org as 127.0.0.4
Jul 10 20:09:44 mxgate1 postfix/dnsblog[26118]: addr 138.185.166.194 listed by domain zen.spamhaus.org as 127.0.0.3
Jul 10 20:09:44 mxgate1 postfix/dnsblog[26122]: addr 138.185.166.194 listed by domain cbl.abuseat.org as 127.0.0.2
Jul 10 20:09:44 mxgate1 postfix/dnsblog[26119]: addr 138.185.166.194 listed by domain bl.spamcop.net as 127.0.0.2
Jul 10 20:09:44 mxgate1 postfix/dnsblog[26121]: addr 138.185.166.194 listed by domain ix.dnsbl.xxxxxx.net as 127.0.0.2
Jul 10 20:09:45 mxgate1 postfix/dnsblog[26166]: addr 138.185.166.194 listed by domain b.barracudacentral.org as 127.0.0.2
Jul 10 20:09:45 mxgate1 postfix/postscreen[26117]: PREGREET 38 after 0.53 from [138.185.166.194]:49880: EHLO ip138-185-166-194.netjat.com.br

Jul 10 20:09:45 mxgate1 postfix........
-------------------------------
2019-07-11 18:27:41
Whois info:
b
Dig info:
; <<>> DiG 9.10.3-P4-Ubuntu <<>> 138.185.166.252
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 43150
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;138.185.166.252.		IN	A

;; AUTHORITY SECTION:
.			171	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022030803 1800 900 604800 86400

;; Query time: 69 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Mar 09 07:30:13 CST 2022
;; MSG SIZE  rcvd: 108
Host info
252.166.185.138.in-addr.arpa domain name pointer ip138-185-166-252.netjat.com.br.
Nslookup info:
Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
252.166.185.138.in-addr.arpa	name = ip138-185-166-252.netjat.com.br.

Authoritative answers can be found from:
Related IP info:
Related comments:
IP Type Details Datetime
138.68.242.220 attackbots
Nov 20 05:41:51 areeb-Workstation sshd[31448]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.242.220
Nov 20 05:41:53 areeb-Workstation sshd[31448]: Failed password for invalid user kahlia from 138.68.242.220 port 39848 ssh2
...
2019-11-20 08:34:17
185.100.128.30 attackbots
www.geburtshaus-fulda.de 185.100.128.30 \[19/Nov/2019:22:10:34 +0100\] "POST /wp-login.php HTTP/1.1" 200 6383 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0"
www.geburtshaus-fulda.de 185.100.128.30 \[19/Nov/2019:22:10:34 +0100\] "POST /wp-login.php HTTP/1.1" 200 6387 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0"
www.geburtshaus-fulda.de 185.100.128.30 \[19/Nov/2019:22:10:34 +0100\] "POST /xmlrpc.php HTTP/1.1" 200 4107 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0"
2019-11-20 08:40:18
37.187.18.168 attackspam
WEB Masscan Scanner Activity
2019-11-20 08:56:34
185.176.27.42 attackbots
11/19/2019-18:56:28.865705 185.176.27.42 Protocol: 6 ET DROP Dshield Block Listed Source group 1
2019-11-20 09:05:54
89.248.162.143 attackspambots
20.11.2019 00:59:03 Connection to port 445 blocked by firewall
2019-11-20 09:09:14
110.229.222.146 botsattack
110.229.222.146 - - [20/Nov/2019:09:17:09 +0800] "GET /public/ui/v1/js/sea.js HTTP/1.1" 301 194 "http://ipinfo.asytech.cn/public/ui/v1/js/sea.js" "Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)"
110.229.222.146 - - [20/Nov/2019:09:17:09 +0800] "GET /js/comm.js HTTP/1.1" 301 194 "http://ipinfo.asytech.cn/js/comm.js" "Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)"
110.229.222.146 - - [20/Nov/2019:09:17:09 +0800] "GET /data/admin/allowurl.txt HTTP/1.1" 301 194 "http://ipinfo.asytech.cn/data/admin/allowurl.txt" "Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)"
110.229.222.146 - - [20/Nov/2019:09:17:09 +0800] "GET /public/ui/v1/js/sea.js HTTP/1.1" 404 232 "http://ipinfo.asytech.cn/public/ui/v1/js/sea.js" "Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)"
110.229.222.146 - - [20/Nov/2019:09:17:09 +0800] "GET /js/comm.js HTTP/1.1" 404 232 "http://ipinfo.asytech.cn/js/comm.js" "Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)"
110.229.222.146 - - [20/Nov/2019:09:17:09 +0800] "GET /data/admin/allowurl.txt HTTP/1.1" 404 232 "http://ipinfo.asytech.cn/data/admin/allowurl.txt" "Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)"
2019-11-20 09:18:02
182.184.61.5 attackspam
Automatic report - Port Scan Attack
2019-11-20 09:07:49
72.87.95.169 attackspambots
9000/tcp 8081/tcp 85/tcp
[2019-11-07/19]3pkt
2019-11-20 08:32:01
79.143.187.243 attack
79.143.187.243 was recorded 5 times by 3 hosts attempting to connect to the following ports: 80. Incident counter (4h, 24h, all-time): 5, 5, 62
2019-11-20 08:53:03
37.59.63.219 attackbotsspam
Scanning unused Default website or suspicious access to valid sites from IP marked as abusive
2019-11-20 08:56:58
51.38.57.199 attack
Brute force attack stopped by firewall
2019-11-20 08:55:40
110.240.144.116 attack
firewall-block, port(s): 8080/tcp
2019-11-20 08:41:22
89.122.138.47 attackbotsspam
Automatic report - Port Scan Attack
2019-11-20 08:39:45
184.154.189.94 attackbotsspam
993/tcp 2222/tcp 26/tcp...
[2019-10-02/11-19]7pkt,7pt.(tcp)
2019-11-20 08:48:27
146.196.55.181 attackbotsspam
WEB Masscan Scanner Activity
2019-11-20 08:50:23

Recently Reported IPs

138.185.166.91 138.185.167.134 138.185.167.125 118.175.169.28
138.185.167.175 138.185.167.249 138.185.167.142 138.185.167.141
138.185.167.44 138.185.167.209 138.185.167.33 138.185.167.28
138.185.167.46 138.185.167.58 118.175.169.32 138.185.167.66
138.185.17.199 138.185.167.84 138.185.172.138 138.185.173.128