JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 66.132.172.109

66.132.172.109 was found in our database!

This IP was reported 1,815 times. Confidence of Abuse is 100%: ?

100%

ISP	Censys, Inc.
Usage Type	Commercial
ASN	AS398324
Hostname(s)	109.172.132.66.censys-scanner.com
Domain Name	censys.io
Country	🇺🇸 United States of America
City	Chicago, Illinois

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 66.132.172.109

Whois 66.132.172.109

IP Abuse Reports for 66.132.172.109:

This IP address has been reported a total of 1,815 times from 423 distinct sources. 66.132.172.109 was first reported on March 19th 2026, and the most recent report was 11 minutes ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇵🇱 axiomofchoice.xyz	2026-03-20 15:35:47 (2 months ago)	endlessh trap: attempts=8 total_time_stuck=120.151s	Port Scan SSH Hacking
🇺🇸 Starburst SysOp Team	2026-03-20 14:53:44 (2 months ago)	Host header is a numeric IP address. Pattern match "(?:^( (920350-stl2-17)	Hacking Bad Web Bot
🇩🇪 dispaisyenterprises	2026-03-20 14:45:45 (2 months ago)	Honeypot hit: Empty payload (likely service probe); 25090 [1] TCP Reported by: https://github.com/se ... show more Honeypot hit: Empty payload (likely service probe); 25090 [1] TCP Reported by: https://github.com/sefinek/T-Pot-To-AbuseIPDB show less	Port Scan
🇹🇷 Threat.live	2026-03-20 11:10:32 (2 months ago)	Suspicious activity, tcp/21930	Port Scan
🇩🇪 ghostwarriors	2026-03-20 10:20:20 (2 months ago)	Unauthorized connection attempt detected, SSH Brute-Force	Brute-Force Port Scan SSH
🇬🇧 2048	2026-03-20 09:40:50 (2 months ago)	2026-03-20T10:40:46.504075+01:00 machodeer kernel: [2256465.502234] [UFW BLOCK] IN=ens3 OUT= MAC=RED ... show more 2026-03-20T10:40:46.504075+01:00 machodeer kernel: [2256465.502234] [UFW BLOCK] IN=ens3 OUT= MAC=REDACTED SRC=66.132.172.109 DST=REDACTED LEN=60 TOS=0x00 PREC=0x00 TTL=48 ID=21824 DF PROTO=TCP SPT=52394 DPT=4800 WINDOW=21900 RES=0x00 SYN URGP=0 2026-03-20T10:40:47.529618+01:00 machodeer kernel: [2256466.525527] [UFW BLOCK] IN=ens3 OUT= MAC=REDACTED SRC=66.132.172.109 DST=REDACTED LEN=60 TOS=0x00 PREC=0x00 TTL=48 ID=9361 DF PROTO=TCP SPT=52428 DPT=4800 WINDOW=21900 RES=0x00 SYN URGP=0 2026-03-20T10:40:48.551069+01:00 machodeer kernel: [2256467.549302] [UFW BLOCK] IN=ens3 OUT= MAC=REDACTED SRC=66.132.172.109 DST=REDACTED LEN=60 TOS=0x00 PREC=0x00 TTL=48 ID=9362 DF PROTO=TCP SPT=52428 DPT=4800 WINDOW=21900 RES=0x00 SYN URGP=0 show less	Port Scan
🇫🇮 6kilowatti	2026-03-20 07:59:55 (2 months ago)	2026-03-20T09:59:54.533094+02:00 6kw kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:16:3e:b6:e7:09:78:9a:18 ... show more 2026-03-20T09:59:54.533094+02:00 6kw kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:16:3e:b6:e7:09:78:9a:18:bd:57:7e:08:00 SRC=66.132.172.109 DST=5.61.88.83 LEN=60 TOS=0x00 PREC=0x00 TTL=51 ID=18240 DF PROTO=TCP SPT=35604 DPT=56666 WINDOW=21900 RES=0x00 SYN URGP=0 ... show less	Port Scan
🇧🇷 SOC-BR	2026-03-20 07:20:49 (2 months ago)	Attack detected by Fortinet - tools: Censys.io.Scanner - 2026-03-19 16:34:56 - Source Port 45786	Port Scan Hacking
🇫🇷 ISPLtd	2026-03-20 07:03:06 (2 months ago)	Mar 20 04:03:03 66.132.172.109 TCP SPT=58756 DPT=2345 SYN Mar 20 04:03:04 66.132.172.109 TCP SPT=587 ... show more Mar 20 04:03:03 66.132.172.109 TCP SPT=58756 DPT=2345 SYN Mar 20 04:03:04 66.132.172.109 TCP SPT=58770 DPT=2345 SYN Mar 20 04:03:05 66.132.172.109 TCP SPT=58770 DPT=2345 WIN ... show less	Port Scan
🇧🇷 somosbr	2026-03-20 06:46:44 (2 months ago)	[2026-03-20T06:46:44Z] Unsolicited scan from 66.132.172.109 to port 40879/tcp	Port Scan
🇫🇷 ISPLtd	2026-03-20 06:45:08 (2 months ago)	Mar 20 03:45:04 66.132.172.109 TCP SPT=57222 DPT=8009 SYN Mar 20 03:45:05 66.132.172.109 TCP SPT=572 ... show more Mar 20 03:45:04 66.132.172.109 TCP SPT=57222 DPT=8009 SYN Mar 20 03:45:05 66.132.172.109 TCP SPT=57222 DPT=8009 SYN Mar 20 03:45:08 66.132.172.109 TCP SPT=57222 DPT=8009 ... show less	Port Scan
🇹🇷 Threat.live	2026-03-20 06:20:04 (2 months ago)	Suspicious activity, tcp/4085	Port Scan
🇫🇷 dusfor72	2026-03-20 06:19:25 (2 months ago)	aggressive portscan ...	Port Scan
🇩🇪 bescared	2026-03-20 05:36:44 (2 months ago)	F2B - Malicious activity detected. Excessive port scans.	Port Scan
🇺🇸 xmission.com	2026-03-20 05:29:16 (2 months ago)	Blocked by UFW (TCP on 18017) Source port: 35006 TTL: 55 Packet length: 60 TOS: 0x00 This report (f ... show more Blocked by UFW (TCP on 18017) Source port: 35006 TTL: 55 Packet length: 60 TOS: 0x00 This report (for 66.132.172.109) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan

Showing 1786 to 1800 of 1815 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇳🇱 176.65.139.254

🇹🇼 152.32.232.185

🇮🇳 117.248.21.20

🇳🇱 45.153.34.195

🇬🇧 31.14.254.116

🇪🇹 196.189.224.179

🇺🇸 165.154.206.223

🇷🇴 92.84.130.90

🇰🇷 59.26.193.177

🇩🇪 213.209.159.226

🇸🇬 129.227.75.98

🇺🇸 74.7.227.42

🇩🇪 51.75.149.221

🇹🇼 36.230.103.182

🇮🇩 36.88.180.115

🇺🇸 35.252.141.163

🇮🇩 182.3.9.130

🇫🇷 130.185.119.80

🇹🇼 104.199.176.250

🇨🇳 101.96.193.131