JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 66.132.195.31

66.132.195.31 was found in our database!

This IP was reported 1,558 times. Confidence of Abuse is 100%: ?

100%

ISP	Censys, Inc.
Usage Type	Commercial
ASN	AS398324
Hostname(s)	31.195.132.66.censys-scanner.com
Domain Name	censys.io
Country	🇺🇸 United States of America
City	Chicago, Illinois

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 66.132.195.31

Whois 66.132.195.31

IP Abuse Reports for 66.132.195.31:

This IP address has been reported a total of 1,558 times from 371 distinct sources. 66.132.195.31 was first reported on March 22nd 2026, and the most recent report was 13 minutes ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 EinfxchFinn	2026-03-31 12:24:39 (2 months ago)	Unauthorized connection attempt to port 9443 from 66.132.195.31	Port Scan
🇦🇺 LiftUp Hosting	2026-03-31 11:52:08 (2 months ago)	Honeypot hit: Empty payload (likely service probe); 46172 [1] TCP	Port Scan
🇺🇸 ISPLtd	2026-03-31 08:15:25 (2 months ago)	Mar 31 05:15:24 skyler postfix/smtpd[13292]: improper command pipelining after CONNECT from 31.195.1 ... show more Mar 31 05:15:24 skyler postfix/smtpd[13292]: improper command pipelining after CONNECT from 31.195.132.66.censys-scanner.com[66.132.195.31]: \026\003\003\001\247\001\000\001\243\003\003\347\212\3236G\344!Q\021k2-?m\254\247p\357Ka~*(\331\t\261\333\264\371\341\005\231 \233\333\217iS\362a\233\331C\\\030\020\353\375\253i\035p\346\361d\001%U\n)sp\331\237F\000\212\000\026\0003\000g\300\236\300\242\000\236\0009\000k\300\237\300\243\000\237 Mar 31 05:15:24 skyler postfix/smtpd[13292]: improper command pipelining after CONNECT from 31.195.132.66.censys-scanner.com[66.132.195.31]: \026\003\003\001\247\001\000\001\243\003\0039?R\036\305a \024p\223q\362s\365\243\|aw>A<\263\266T+\300kA\311\035Y\f ;\357#\203\310\335\322\201\3 ... show less	Email Spam
🇺🇸 MPL	2026-03-31 07:55:54 (2 months ago)	tcp/54441 (6 or more attempts)	Port Scan
🇺🇸 MPL	2026-03-31 07:55:54 (2 months ago)	tcp ports: 8482,54441 (22 or more attempts)	Port Scan
🇩🇪 Mykola Spesivtsev	2026-03-31 06:55:24 (2 months ago)	HTTP Tarpit detected bot activity:TargetPort:80, Path:/, Method:GET, UA:Mozilla/5.0 (compatible; Cen ... show more HTTP Tarpit detected bot activity:TargetPort:80, Path:/, Method:GET, UA:Mozilla/5.0 (compatible; CensysInspect/1.1; +https://about.censys.io/) show less	Port Scan Web App Attack Bad Web Bot
🇹🇷 Threat.live	2026-03-31 06:35:15 (2 months ago)	Suspicious activity, tcp/8372	Port Scan
🇺🇸 ISPLtd	2026-03-31 06:29:12 (2 months ago)	Mar 31 00:29:09 66.132.195.31 TCP SPT=51158 DPT=8889 SYN Mar 31 00:29:10 66.132.195.31 TCP SPT=51170 ... show more Mar 31 00:29:09 66.132.195.31 TCP SPT=51158 DPT=8889 SYN Mar 31 00:29:10 66.132.195.31 TCP SPT=51170 DPT=8889 SYN Mar 31 00:29:11 66.132.195.31 TCP SPT=51170 DPT=8889 ... show less	Port Scan
🇺🇸 mutebot.net	2026-03-31 06:17:30 (2 months ago)	SRC=66.132.195.31, PROTO=TCP, SPT=41108, DPT=6688 SRC=66.132.195.31, PROTO=TCP, SPT=41108, DPT=6688 ... show more SRC=66.132.195.31, PROTO=TCP, SPT=41108, DPT=6688 SRC=66.132.195.31, PROTO=TCP, SPT=41108, DPT=6688 SRC=66.132.195.31, PROTO=TCP, SPT=63626, DPT=6688 SRC=66.132.195.31, PROTO=TCP, SPT=63626, DPT=6688 SRC=66.132.195.31, PROTO=TCP, SPT=63642, DPT=6688 show less	Port Scan
🇲🇳 Public CSIRT/CC of Mongolia	2026-03-31 05:20:27 (2 months ago)	Honeypot hit: Empty payload (likely service probe); 44819 [1] TCP	Port Scan
🇫🇷 ISPLtd	2026-03-31 04:16:44 (2 months ago)	Mar 31 01:16:43 66.132.195.31 TCP SPT=64886 DPT=8006 SYN Mar 31 01:16:44 66.132.195.31 TCP SPT=64886 ... show more Mar 31 01:16:43 66.132.195.31 TCP SPT=64886 DPT=8006 SYN Mar 31 01:16:44 66.132.195.31 TCP SPT=64886 DPT=8006 SYN Mar 31 01:16:44 66.132.195.31 TCP SPT=64900 DPT=8006 ... show less	Port Scan
🇬🇧 www.elivecd.org	2026-03-31 03:02:03 (2 months ago)	2026/03/31 04:02:03 [error] 282992#282992: 7420 FastCGI sent in stderr: "PHP message: BOT WARNING: ... show more 2026/03/31 04:02:03 [error] 282992#282992: 7420 FastCGI sent in stderr: "PHP message: BOT WARNING: visitor used the honeypot: 66.132.195.31, you should ban it for long time (honeypot form function-abuseipdb)" while reading response header from upstream, client: 66.132.195.31, server: www.elivecd.org, request: "GET /0rq329bl8iqfg HTTP/1.1", upstream: "fastcgi://unix:/run/php/php8.2-fpm-elivewp.sock:", host: "78.141.243.157" ... show less	Web Spam Email Spam
🇺🇸 drewf.ink	2026-03-31 02:21:37 (2 months ago)	[02:21] Port scanning. Port(s) scanned: TCP/3306	Port Scan
🇩🇪 Trashware	2026-03-31 01:38:52 (2 months ago)	Malicious connection attempt	Hacking Web App Attack
🇯🇵 mkaraki	2026-03-31 00:03:47 (2 months ago)	1774915424 # Service_probe # SIGNATURE_SEND # source_ip:66.132.195.31 # dst_port:39763 ...	Port Scan

Showing 1381 to 1395 of 1558 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 216.180.246.209

🇺🇸 205.210.31.104

🇺🇸 195.184.76.246

🇧🇷 177.22.168.43

🇭🇰 165.154.20.228

🇺🇸 151.240.63.107

🇭🇰 45.142.154.98

🇵🇰 14.1.107.210

🇹🇼 198.235.24.78

🇺🇸 162.241.192.24

🇺🇸 162.216.150.36

🇺🇸 162.216.149.123

🇮🇳 128.185.116.114

🇻🇳 103.200.25.198

🇨🇦 85.217.149.16

🇺🇸 64.62.197.17

🇨🇾 62.228.126.113

🇺🇸 45.33.89.53

🇻🇪 38.51.194.208

🇦🇺 217.217.118.44