JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 66.132.172.102

66.132.172.102 was found in our database!

This IP was reported 1,941 times. Confidence of Abuse is 100%: ?

100%

ISP	Censys, Inc.
Usage Type	Commercial
ASN	AS398324
Hostname(s)	102.172.132.66.censys-scanner.com
Domain Name	censys.io
Country	🇺🇸 United States of America
City	Chicago, Illinois

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 66.132.172.102

Whois 66.132.172.102

IP Abuse Reports for 66.132.172.102:

This IP address has been reported a total of 1,941 times from 422 distinct sources. 66.132.172.102 was first reported on March 19th 2026, and the most recent report was 36 minutes ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 chrisj	2026-06-04 15:50:09 (36 minutes ago)	2026-06-04T15:49:40.408038+00:00 aws postfix/smtps/smtpd[199416]: lost connection after EHLO from 10 ... show more 2026-06-04T15:49:40.408038+00:00 aws postfix/smtps/smtpd[199416]: lost connection after EHLO from 102.172.132.66.censys-scanner.com[66.132.172.102] 2026-06-04T15:50:04.356420+00:00 aws postfix/smtps/smtpd[199416]: lost connection after CONNECT from 102.172.132.66.censys-scanner.com[66.132.172.102] 2026-06-04T15:50:09.021444+00:00 aws postfix/smtps/smtpd[199416]: lost connection after CONNECT from 102.172.132.66.censys-scanner.com[66.132.172.102] ... show less	Brute-Force
🇺🇸 Rocky Mountain Bioengineering Symposium	2026-06-04 14:40:16 (1 hour ago)	Jun 4 08:40:15 KORD-B sshd[566616]: Connection closed by 66.132.172.102 port 22048 [preauth] ...	Brute-Force SSH
🇦🇺 LiftUp Hosting	2026-06-04 12:04:37 (4 hours ago)	Honeypot hit: Empty payload (likely service probe); 44694 [3] TCP	Port Scan
🇨🇳 pengpeng	2026-06-04 08:15:25 (8 hours ago)	monitor: on VM-0-7-ubuntu \| port: 8000 \| ttl: 251 script: github.com/sefinek/UFW-AbuseIPDB-Reporter	Port Scan
🇩🇪 ValtonTahiri	2026-06-04 07:41:48 (8 hours ago)	UFW blocked a suspicious connection attempt to a closed or denied port. This activity is commonly as ... show more UFW blocked a suspicious connection attempt to a closed or denied port. This activity is commonly associated with port scanning, service discovery, or automated internet probing. Technical: source_ip=66.132.172.102; proto=TCP; source_port=29768; target_port=5000; flags=SYN show less	Port Scan
🇺🇸 donarev419	2026-06-04 07:19:13 (9 hours ago)	Port scan detected on port 5779 (connection without data transfer)	Port Scan
🇫🇷 pm33	2026-06-04 07:14:21 (9 hours ago)	Unsolicited connection attempts or aggressive port scan.	Port Scan
🇺🇸 gu-alvareza	2026-06-04 07:05:47 (9 hours ago)	Censys.io.Scanner	Port Scan
Anonymous	2026-06-04 06:40:37 (9 hours ago)	Cowrie SSH honeypot: cowrie.session.connect	Brute-Force SSH
🇳🇴 tmiland	2026-06-04 05:45:53 (10 hours ago)	Suricata Detected 16 attacks from 66.132.172.102.; ET DROP Dshield Block Listed Source group 1; IP: ... show more Suricata Detected 16 attacks from 66.132.172.102.; ET DROP Dshield Block Listed Source group 1; IP: 66.132.172.102; Ports: 29750; Direction: to_server; Trigger: DROP; Category: Misc Attack; Severity: 2 show less	Port Scan
🇧🇷 diego	2026-06-04 04:15:20 (12 hours ago)	[probe-44-49] 2026-06-04 03:54:25, Client: 66.132.172.102, Protocol: 6, Unauthorized activity to HTT ... show more [probe-44-49] 2026-06-04 03:54:25, Client: 66.132.172.102, Protocol: 6, Unauthorized activity to HTTP: GET / show less	Web App Attack
🇩🇪 dispaisyenterprises	2026-06-04 03:40:57 (12 hours ago)	Honeypot [fra-de-honeypot]: Empty payload (likely service probe); 30703 [2] TCP Reported by DisPaisy ... show more Honeypot [fra-de-honeypot]: Empty payload (likely service probe); 30703 [2] TCP Reported by DisPaisy Enterprises (dispaisy.systems) using: https://github.com/sefinek/T-Pot-To-AbuseIPDB show less	Port Scan
🇲🇳 Public CSIRT/CC of Mongolia	2026-06-04 00:24:33 (16 hours ago)	Honeypot hit: Unauthorized traffic (7 bytes of payload); 2456 [4] TCP	Port Scan
🇧🇪 sid3windr	2026-06-03 23:28:38 (16 hours ago)	SSH port scan (Tarpitted for 10s, wasted 0B)	Port Scan SSH
🇲🇹 neilcaruana	2026-06-03 18:50:15 (21 hours ago)	Sentinel detected an attack on port [40284]	Hacking

Showing 1 to 15 of 1941 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇳🇱 195.178.110.30

🇨🇴 181.48.176.246

🇫🇮 147.185.133.114

🇸🇪 83.255.209.245

🇱🇹 77.90.185.33

🇺🇸 67.223.117.122

🇮🇶 62.3.56.187

🇬🇧 45.137.126.10

🇲🇲 37.111.53.110

🇨🇦 20.220.200.248

🇺🇸 208.88.75.246

🇻🇳 203.113.174.95

🇺🇸 172.214.209.153

🇮🇹 172.213.16.198

🇨🇳 120.26.202.34

🇧🇩 103.239.252.132

🇮🇶 65.20.204.2

🇧🇪 198.235.24.232

🇨🇮 196.47.175.50

🇧🇷 191.0.124.24