JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 66.132.172.103

66.132.172.103 was found in our database!

This IP was reported 2,324 times. Confidence of Abuse is 100%: ?

100%

ISP	Censys, Inc.
Usage Type	Commercial
ASN	AS398324
Hostname(s)	103.172.132.66.censys-scanner.com
Domain Name	censys.com
Country	🇺🇸 United States of America
City	Chicago, Illinois

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 66.132.172.103

Whois 66.132.172.103

IP Abuse Reports for 66.132.172.103:

This IP address has been reported a total of 2,324 times from 475 distinct sources. 66.132.172.103 was first reported on March 19th 2026, and the most recent report was 8 minutes ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇧🇷 diego	2026-06-26 03:20:20 (8 minutes ago)	[probe-44-49] 2026-06-26 02:55:41, Client: 66.132.172.103, Protocol: 6, Unauthorized activity to HTT ... show more [probe-44-49] 2026-06-26 02:55:41, Client: 66.132.172.103, Protocol: 6, Unauthorized activity to HTTP: GET / show less	Web App Attack
🇫🇷 thecocasio	2026-06-26 02:32:25 (55 minutes ago)	PortSentry honeypot: unsolicited TCP connection to closed decoy port 1521 (Oracle) on a host running ... show more PortSentry honeypot: unsolicited TCP connection to closed decoy port 1521 (Oracle) on a host running no such service. Automated port-scan detection at 2026-06-26T02:32:24Z. show less	Port Scan
🇺🇸 donarev419	2026-06-26 02:23:26 (1 hour ago)	Connection to port 4891 with data transfer. Data preview:	Port Scan Hacking
🇺🇸 donarev419	2026-06-26 01:42:33 (1 hour ago)	Connection to port 8209 with data transfer. Data preview:	Port Scan Hacking
🇬🇧 andypiper	2026-06-26 01:02:48 (2 hours ago)	CrowdSec ban for AbuseIPDB Top List	Brute-Force Web App Attack
🇩🇪 SMi-Web	2026-06-26 00:46:24 (2 hours ago)	Blocked by firewall on hugin [2222/tcp] \| Rule: UFW \| SPT: 13104 \| TTL: 56 \| LEN: 60 \| TOS: 0x00 • R ... show more Blocked by firewall on hugin [2222/tcp] \| Rule: UFW \| SPT: 13104 \| TTL: 56 \| LEN: 60 \| TOS: 0x00 • Reported by: github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇺🇸 donarev419	2026-06-26 00:19:06 (3 hours ago)	Port scan detected on port 587 (connection without data transfer)	Port Scan
🇫🇷 bellovacorp	2026-06-26 00:11:54 (3 hours ago)	[CrowdSec/Noliae] noliae-threat-intel	Hacking
🇬🇧 Andrew	2026-06-25 22:49:15 (4 hours ago)	Blocked by UFW (TCP on port 30653). Source port: 39006 TTL: 54 Packet length: 60 TOS: 0x00 This rep ... show more Blocked by UFW (TCP on port 30653). Source port: 39006 TTL: 54 Packet length: 60 TOS: 0x00 This report (for 66.132.172.103) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
Anonymous	2026-06-25 21:52:51 (5 hours ago)	Reported from Nginx log analysis 6. Log: 66.132.172.103 - - [25/Jun/2026:xx:xx:xx 0200] "GET / HTTP ... show more Reported from Nginx log analysis 6. Log: 66.132.172.103 - - [25/Jun/2026:xx:xx:xx 0200] "GET / HTTP/1.1" xxx xxx "-" "Mozilla/5.0 (compatible; CensysInspect/1.1; https://about.censys.io/)" "-" "US United States -" "AS398324" "Censys, Inc." show less	Port Scan Brute-Force SSH
🇫🇷 Kraften	2026-06-25 20:38:29 (6 hours ago)	Dovecot imap-login ...	DDoS Attack Brute-Force
🇺🇸 sefinek.net	2026-06-25 20:08:43 (7 hours ago)	Blocked by UFW on NY01 [8443/tcp] \| SPT: 22242 \| TTL: 52 \| LEN: 60 \| TOS: 0x08 • Reported by: github ... show more Blocked by UFW on NY01 [8443/tcp] \| SPT: 22242 \| TTL: 52 \| LEN: 60 \| TOS: 0x08 • Reported by: github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇫🇷 matthieul.dev	2026-06-25 18:45:16 (8 hours ago)	Blocked by os-abuseipdb; 6 hits, proto=tcp, ports=81	Port Scan Brute-Force
Anonymous	2026-06-25 18:12:43 (9 hours ago)	$f2bV_matches	Brute-Force SSH
🇲🇳 Public CSIRT/CC of Mongolia	2026-06-25 18:00:42 (9 hours ago)	Honeypot hit: Empty payload (likely service probe); 48081 [3] TCP	Port Scan

Showing 1 to 15 of 2324 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 2607:f8b0:4001:c61::12b

🇲🇦 196.117.179.238

🇺🇸 172.216.11.21

🇺🇸 157.245.83.52

🇮🇳 103.181.160.39

🇺🇸 96.126.107.7

🇺🇿 86.62.3.154

🇩🇪 84.175.47.71

🇸🇬 79.127.170.12

🇷🇺 78.136.223.227

🇺🇸 64.62.197.96

🇳🇱 5.83.143.123

🇬🇧 2a06:4880:c000::f4

🇭🇰 223.197.145.146

🇺🇸 209.141.46.157

🇰🇭 203.144.76.204

🇨🇳 202.120.2.170

🇳🇱 195.178.110.228

🇲🇾 195.86.192.66

🇨🇳 183.197.71.197