JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 66.132.172.136

66.132.172.136 was found in our database!

This IP was reported 2,671 times. Confidence of Abuse is 100%: ?

100%

ISP	Censys, Inc.
Usage Type	Commercial
ASN	AS398324
Hostname(s)	136.172.132.66.censys-scanner.com
Domain Name	censys.io
Country	🇺🇸 United States of America
City	Chicago, Illinois

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 66.132.172.136

Whois 66.132.172.136

IP Abuse Reports for 66.132.172.136:

This IP address has been reported a total of 2,671 times from 518 distinct sources. 66.132.172.136 was first reported on March 19th 2026, and the most recent report was 49 minutes ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇹🇷 SeczarSecureOps	2026-05-31 02:31:30 (4 days ago)	Auto-blocked by Seczar SecureOps — Port Scan Detection (39 events in 10min) at 2026-05-31 02:31	Port Scan
🇬🇧 andypiper	2026-05-31 01:02:18 (4 days ago)	CrowdSec ban for AbuseIPDB Top List	Brute-Force Web App Attack
🇬🇧 gbzret4d	2026-05-31 00:46:54 (4 days ago)	Honeypot [uk-production01]: Unauthorized traffic on 3306/mysqld	Port Scan
🇺🇸 donarev419	2026-05-31 00:12:42 (4 days ago)	Port scan detected on port 15261 (connection without data transfer)	Port Scan
🇩🇪 PBC	2026-05-30 23:36:49 (4 days ago)	<comment>	Port Scan
🇨🇦 senkodev	2026-05-30 23:31:06 (4 days ago)	2026-05-30T23:30:47.425408Z [cowrie.telnet.factory.HoneyPotTelnetFactory] New connection: 66.132.172 ... show more 2026-05-30T23:30:47.425408Z [cowrie.telnet.factory.HoneyPotTelnetFactory] New connection: 66.132.172.136:63996 (158.69.22.11:2223) [session: 231840ce7668] 2026-05-30T23:31:05.491783Z [cowrie.telnet.factory.HoneyPotTelnetFactory] New connection: 66.132.172.136:5062 (158.69.22.11:2223) [session: db9a4c27fc32] ... show less	Brute-Force SSH
🇺🇸 mutebot.net	2026-05-30 23:18:40 (4 days ago)	SRC=66.132.172.136, PROTO=TCP, SPT=49076, DPT=1883 SRC=66.132.172.136, PROTO=TCP, SPT=49076, DPT=188 ... show more SRC=66.132.172.136, PROTO=TCP, SPT=49076, DPT=1883 SRC=66.132.172.136, PROTO=TCP, SPT=49076, DPT=1883 SRC=66.132.172.136, PROTO=TCP, SPT=49076, DPT=1883 show less	Port Scan
🇨🇳 pengpeng	2026-05-30 23:14:14 (4 days ago)	monitor: on VM-0-7-ubuntu \| port: 24571 \| ttl: 251 script: github.com/sefinek/UFW-AbuseIPDB-Reporte ... show more monitor: on VM-0-7-ubuntu \| port: 24571 \| ttl: 251 script: github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇫🇷 arteagasoft	2026-05-30 22:35:53 (4 days ago)	2026-05-30T16:35:43.559857-06:00 23bf009e6fbf dovecot: imap-login: Login aborted: Connection closed ... show more 2026-05-30T16:35:43.559857-06:00 23bf009e6fbf dovecot: imap-login: Login aborted: Connection closed (no auth attempts in 1 secs) (no_auth_attempts): user=<>, rip=66.132.172.136, lip=192.168.30.250, TLS: Connection closed, session=<x47jlBBTWK5ChKyI> 2026-05-30T16:35:50.797812-06:00 23bf009e6fbf dovecot: imap-login: Login aborted: Too many invalid commands (no auth attempts in 0 secs) (no_auth_attempts): user=<>, rip=66.132.172.136, lip=192.168.30.250, session=<a/VblRBTiGhChKyI> 2026-05-30T16:35:52.050542-06:00 23bf009e6fbf dovecot: imap-login: Login aborted: Too many invalid commands (no auth attempts in 0 secs) (no_auth_attempts): user=<>, rip=66.132.172.136, lip=192.168.30.250, session=<tuJwlRBTmGhChKyI> ... show less	Brute-Force
🇩🇪 guldkage	2026-05-30 22:18:09 (4 days ago)	Unauthorized connection attempt detected from IP address 66.132.172.136 to port 22 (ger-02) [SSH]	Exploited Host
Anonymous	2026-05-30 22:00:43 (4 days ago)	$f2bV_matches	Brute-Force SSH
🇫🇷 polido	2026-05-30 21:26:17 (4 days ago)	Unauthorized connection attempt to port 443 from 66.132.172.136	Port Scan
🇳🇱 knock	2026-05-30 20:51:13 (4 days ago)	Knock-Knock honeypot brute-force: proto8 (13 total hits)	Brute-Force
🇩🇪 wiredalter	2026-05-30 20:35:24 (4 days ago)	Blocked by UFW on dVPS [27987/tcp] Source Port: 63696 TTL: 50 Packet Length: 60 TOS: 0x00 Analyzed ... show more Blocked by UFW on dVPS [27987/tcp] Source Port: 63696 TTL: 50 Packet Length: 60 TOS: 0x00 Analyzed by https://ip.wiredalter.com show less	Port Scan Brute-Force
Anonymous	2026-05-30 19:09:34 (4 days ago)	2026-05-30T20:09:34.035074+01:00 vps kernel: [41908344.737297] [PORTSCAN DETECTED] IN=ens3 OUT= MAC= ... show more 2026-05-30T20:09:34.035074+01:00 vps kernel: [41908344.737297] [PORTSCAN DETECTED] IN=ens3 OUT= MAC=fa:16:3e:66:f6:24:02:37:19:0d:c2:f3:08:00 SRC=66.132.172.136 DST=54.37.14.118 LEN=60 TOS=0x00 PREC=0x00 TTL=44 ID=64693 DF PROTO=TCP SPT=29656 DPT=5001 WINDOW=21900 RES=0x00 SYN URGP=0 ... show less	Port Scan Brute-Force

Showing 136 to 150 of 2671 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇵🇦 190.32.246.14

🇧🇷 179.130.33.106

🇩🇪 167.94.146.68

🇺🇸 142.111.152.166

🇳🇱 45.148.10.141

🇩🇪 37.114.61.43

🇧🇪 34.77.70.133

🇺🇸 2001:470:2cc:1::221

🇺🇸 147.185.132.236

🇺🇸 143.244.145.118

🇩🇪 138.124.228.70

🇩🇪 69.5.169.13

🇺🇸 66.132.195.83

🇬🇧 35.203.210.99

🇩🇪 172.71.172.80

🇺🇸 167.99.147.248

🇨🇳 120.48.1.211

🇺🇸 91.230.168.19

🇸🇬 43.156.201.48

🇨🇳 36.35.166.66