131.108.2.66 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: None

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
131.108.244.231	attackspam	Sep 23 01:57:22 mail.srvfarm.net postfix/smtpd[3985810]: warning: unknown[131.108.244.231]: SASL PLAIN authentication failed: Sep 23 01:57:22 mail.srvfarm.net postfix/smtpd[3985810]: lost connection after AUTH from unknown[131.108.244.231] Sep 23 01:59:26 mail.srvfarm.net postfix/smtpd[3986729]: warning: unknown[131.108.244.231]: SASL PLAIN authentication failed: Sep 23 01:59:26 mail.srvfarm.net postfix/smtpd[3986729]: lost connection after AUTH from unknown[131.108.244.231] Sep 23 02:00:02 mail.srvfarm.net postfix/smtpd[3986728]: warning: unknown[131.108.244.231]: SASL PLAIN authentication failed:	2020-09-23 20:03:33
131.108.244.231	attack	Sep 23 01:57:22 mail.srvfarm.net postfix/smtpd[3985810]: warning: unknown[131.108.244.231]: SASL PLAIN authentication failed: Sep 23 01:57:22 mail.srvfarm.net postfix/smtpd[3985810]: lost connection after AUTH from unknown[131.108.244.231] Sep 23 01:59:26 mail.srvfarm.net postfix/smtpd[3986729]: warning: unknown[131.108.244.231]: SASL PLAIN authentication failed: Sep 23 01:59:26 mail.srvfarm.net postfix/smtpd[3986729]: lost connection after AUTH from unknown[131.108.244.231] Sep 23 02:00:02 mail.srvfarm.net postfix/smtpd[3986728]: warning: unknown[131.108.244.231]: SASL PLAIN authentication failed:	2020-09-23 12:24:48
131.108.244.231	attack	Sep 22 18:53:13 mail.srvfarm.net postfix/smtpd[3675052]: warning: unknown[131.108.244.231]: SASL PLAIN authentication failed: Sep 22 18:53:13 mail.srvfarm.net postfix/smtpd[3675052]: lost connection after AUTH from unknown[131.108.244.231] Sep 22 18:54:39 mail.srvfarm.net postfix/smtpd[3675787]: warning: unknown[131.108.244.231]: SASL PLAIN authentication failed: Sep 22 18:54:40 mail.srvfarm.net postfix/smtpd[3675787]: lost connection after AUTH from unknown[131.108.244.231] Sep 22 18:58:14 mail.srvfarm.net postfix/smtps/smtpd[3675876]: warning: unknown[131.108.244.231]: SASL PLAIN authentication failed:	2020-09-23 04:10:59
131.108.230.18	attack	Attempted connection to port 445.	2020-08-19 06:50:48
131.108.251.1	attack	Jul 28 05:15:06 mail.srvfarm.net postfix/smtps/smtpd[2329113]: warning: unknown[131.108.251.1]: SASL PLAIN authentication failed: Jul 28 05:15:07 mail.srvfarm.net postfix/smtps/smtpd[2329113]: lost connection after AUTH from unknown[131.108.251.1] Jul 28 05:18:52 mail.srvfarm.net postfix/smtps/smtpd[2338002]: warning: unknown[131.108.251.1]: SASL PLAIN authentication failed: Jul 28 05:18:53 mail.srvfarm.net postfix/smtps/smtpd[2338002]: lost connection after AUTH from unknown[131.108.251.1] Jul 28 05:21:02 mail.srvfarm.net postfix/smtps/smtpd[2335259]: warning: unknown[131.108.251.1]: SASL PLAIN authentication failed:	2020-07-28 17:47:45
131.108.243.200	attackspam	Received: from cn-srv11.caisnetwork.com.br (mail.caisnetwork.com.br [131.108.243.200]) caisnetwork.com.br	2020-07-23 14:37:42
131.108.216.41	attackspam	(smtpauth) Failed SMTP AUTH login from 131.108.216.41 (BR/Brazil/-): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: 2020-07-11 08:25:15 plain authenticator failed for ([131.108.216.41]) [131.108.216.41]: 535 Incorrect authentication data (set_id=info@zarlif.com)	2020-07-11 14:31:10
131.108.244.68	attackbotsspam	(smtpauth) Failed SMTP AUTH login from 131.108.244.68 (BR/Brazil/-): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: 2020-07-10 09:58:11 plain authenticator failed for ([131.108.244.68]) [131.108.244.68]: 535 Incorrect authentication data (set_id=info)	2020-07-10 14:22:07
131.108.254.126	attack	2323/tcp [2020-06-08]1pkt	2020-06-08 13:03:44
131.108.254.149	attack	DATE:2020-06-06 14:33:44, IP:131.108.254.149, PORT:telnet Telnet brute force auth on honeypot server (epe-honey1-hq)	2020-06-06 21:51:46
131.108.254.25	attack	firewall-block, port(s): 23/tcp	2020-03-25 17:45:56
131.108.231.110	attackbots	9090/tcp [2019-09-29]1pkt	2019-09-30 01:50:43
131.108.255.110	attackbots	Port Scan: TCP/23	2019-09-20 21:22:54
131.108.245.144	attackbotsspam	Unauthorized SMTP/IMAP/POP3 connection attempt	2019-09-11 13:01:38
131.108.244.198	attack	Sep 6 19:33:37 mailman postfix/smtpd[25424]: warning: unknown[131.108.244.198]: SASL PLAIN authentication failed: authentication failure	2019-09-07 17:37:42

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 131.108.2.66
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 61929
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;131.108.2.66.			IN	A

;; AUTHORITY SECTION:
.			370	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022030802 1800 900 604800 86400

;; Query time: 64 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Mar 09 05:26:22 CST 2022
;; MSG SIZE  rcvd: 105

Host info

Host 66.2.108.131.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 66.2.108.131.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
118.201.138.94	attack	Mar 7 06:48:34 master sshd[11573]: Failed password for root from 118.201.138.94 port 56818 ssh2	2020-03-07 20:05:24
103.126.30.122	attack	Email rejected due to spam filtering	2020-03-07 20:03:11
122.51.149.126	attackspambots	Mar 7 07:40:19 pkdns2 sshd\[10754\]: Invalid user oracle from 122.51.149.126Mar 7 07:40:21 pkdns2 sshd\[10754\]: Failed password for invalid user oracle from 122.51.149.126 port 46288 ssh2Mar 7 07:44:03 pkdns2 sshd\[10880\]: Invalid user hexiujing from 122.51.149.126Mar 7 07:44:06 pkdns2 sshd\[10880\]: Failed password for invalid user hexiujing from 122.51.149.126 port 32806 ssh2Mar 7 07:47:53 pkdns2 sshd\[11040\]: Invalid user guest from 122.51.149.126Mar 7 07:47:55 pkdns2 sshd\[11040\]: Failed password for invalid user guest from 122.51.149.126 port 47558 ssh2 ...	2020-03-07 19:54:11
110.139.63.109	attackspam	Lines containing failures of 110.139.63.109 Mar 7 06:33:29 shared11 sshd[16634]: Invalid user admin from 110.139.63.109 port 56578 Mar 7 06:33:30 shared11 sshd[16634]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=110.139.63.109 Mar 7 06:33:32 shared11 sshd[16634]: Failed password for invalid user admin from 110.139.63.109 port 56578 ssh2 Mar 7 06:33:33 shared11 sshd[16634]: Connection closed by invalid user admin 110.139.63.109 port 56578 [preauth] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=110.139.63.109	2020-03-07 20:26:55
43.229.92.103	attack	Honeypot attack, port: 445, PTR: PTR record not found	2020-03-07 20:08:52
185.220.101.61	attackbots	Automatic report - Banned IP Access	2020-03-07 19:57:47
51.75.133.250	attack	2020-03-07T07:24:59.861284abusebot-3.cloudsearch.cf sshd[1839]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=250.ip-51-75-133.eu user=root 2020-03-07T07:25:02.018071abusebot-3.cloudsearch.cf sshd[1839]: Failed password for root from 51.75.133.250 port 47344 ssh2 2020-03-07T07:29:07.031727abusebot-3.cloudsearch.cf sshd[2055]: Invalid user debian from 51.75.133.250 port 41546 2020-03-07T07:29:07.039871abusebot-3.cloudsearch.cf sshd[2055]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=250.ip-51-75-133.eu 2020-03-07T07:29:07.031727abusebot-3.cloudsearch.cf sshd[2055]: Invalid user debian from 51.75.133.250 port 41546 2020-03-07T07:29:08.911033abusebot-3.cloudsearch.cf sshd[2055]: Failed password for invalid user debian from 51.75.133.250 port 41546 ssh2 2020-03-07T07:33:15.662561abusebot-3.cloudsearch.cf sshd[2267]: Invalid user odoo from 51.75.133.250 port 36102 ...	2020-03-07 20:33:48
221.194.137.28	attack	Invalid user couchdb from 221.194.137.28 port 33278	2020-03-07 20:17:46
125.214.51.171	attackbots	Email rejected due to spam filtering	2020-03-07 20:01:16
175.214.73.166	attackbotsspam	Automatic report - Port Scan Attack	2020-03-07 19:59:40
176.36.81.224	attack	$f2bV_matches	2020-03-07 20:14:19
109.200.30.163	attack	Email rejected due to spam filtering	2020-03-07 19:55:26
219.148.37.34	attack	Mar 7 12:45:38 ns382633 sshd\[11798\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=219.148.37.34 user=root Mar 7 12:45:40 ns382633 sshd\[11798\]: Failed password for root from 219.148.37.34 port 50232 ssh2 Mar 7 12:59:46 ns382633 sshd\[14381\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=219.148.37.34 user=root Mar 7 12:59:47 ns382633 sshd\[14381\]: Failed password for root from 219.148.37.34 port 62044 ssh2 Mar 7 13:08:02 ns382633 sshd\[16001\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=219.148.37.34 user=root	2020-03-07 20:20:55
46.101.184.111	attackbotsspam	port scan and connect, tcp 23 (telnet)	2020-03-07 20:16:23
36.72.58.245	attackbotsspam	Unauthorized connection attempt from IP address 36.72.58.245 on Port 445(SMB)	2020-03-07 20:29:22

Recently Reported IPs

131.108.216.44	118.172.207.232	131.108.220.57	131.108.231.30
131.108.230.13	131.108.210.97	131.108.208.54	131.108.234.17
118.172.207.52	131.108.237.131	131.108.237.59	131.108.234.101
131.108.234.23	131.108.237.62	131.108.244.11	131.108.244.90
131.108.240.77	131.108.245.92	131.108.234.6	131.108.248.254