JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 66.132.172.170

66.132.172.170 was found in our database!

This IP was reported 90 times. Confidence of Abuse is 60%: ?

60%

ISP	Censys, Inc.
Usage Type	Commercial
ASN	AS398324
Hostname(s)	170.172.132.66.censys-scanner.com
Domain Name	censys.io
Country	🇺🇸 United States of America
City	Chicago, Illinois

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 66.132.172.170

Whois 66.132.172.170

IP Abuse Reports for 66.132.172.170:

This IP address has been reported a total of 90 times from 20 distinct sources. 66.132.172.170 was first reported on March 19th 2026, and the most recent report was 15 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 manuelisus	2026-06-04 05:26:36 (15 hours ago)	Honeypot HTTP: +10: honeypot_connection, +15: short_automated_session, +30: known_scanner_org, +25: ... show more Honeypot HTTP: +10: honeypot_connection, +15: short_automated_session, +30: known_scanner_org, +25: rdns_contains_scan, +10: os_server_linux show less	Web App Attack Hacking
🇩🇪 manuelisus	2026-06-04 04:34:14 (16 hours ago)	Honeypot TELNET: +10: honeypot_connection, +15: short_automated_session, +25: instant_disconnect, +2 ... show more Honeypot TELNET: +10: honeypot_connection, +15: short_automated_session, +25: instant_disconnect, +20: telnet_login_attempt, +25: telnet_default_creds show less	Brute-Force IoT Targeted
🇷🇺 genokrad	2026-06-03 12:55:56 (1 day ago)	Website scan TCP 80/443 "/" "Mozilla/5.0 (compatible; CensysInspect/1.1; +https://about.censy"	Port Scan Web App Attack
🇷🇺 SeMPaI	2026-06-02 16:19:02 (2 days ago)	[[hidden by err]] Honeypot attempt US from 66.132.172.170 to port 2200, with banner b'\x16\x03\x01\x ... show more [[hidden by err]] Honeypot attempt US from 66.132.172.170 to port 2200, with banner b'\x16\x03\x01\x00\xee\x01\x00\x00\xea\x03\x03\x8c:\x84a\x98\xf1\x86\x13\xfb"\x9f\|\xc5\xa9\xd7l\x91\x12\xab\xc4\x05\x96\xcb\xed\x86\x9c\x08"\x95\xa4\t\x9d =/\x11\x7f\xeb\xdes\'$\x9a\x1dt\xbcs.\xcbf\x9eR\xa3\x86\xa3\x8a%Qm\x95.P\xc5\|\x9d\x00&\xcc\xa8\xcc\xa9\xc0/\xc00\xc0+\xc0,' show less	Port Scan
🇩🇪 ecs.ge	2026-06-02 03:02:18 (2 days ago)	Automatic Fail2Ban report from jail plesk-modsecurity: multiple matching events detected.	Web App Attack Hacking
🇩🇪 NxtGenIT	2026-06-01 19:01:43 (3 days ago)	Tanner Honeypot hit, Event Type: , HTTP Method: GET, User Agent: , URI: /assets/touch-icon-iphone-5a ... show more Tanner Honeypot hit, Event Type: , HTTP Method: GET, User Agent: , URI: /assets/touch-icon-iphone-5a9cee0e8a51212e70b90c87c12f382c428870c0ff67d1eb034d884b78d2dae7.png show less	SSH
🇩🇪 ManagedStack	2026-05-29 17:45:02 (6 days ago)	Probing access to unauthorized locations	Hacking Exploited Host Web App Attack
🇩🇪 ManagedStack	2026-05-26 12:00:01 (1 week ago)	Probing access to unauthorized locations	Hacking Exploited Host Web App Attack
Anonymous	2026-05-25 17:56:45 (1 week ago)	2026-05-25T19:56:41.593612+02:00 gollum postfix/smtps/smtpd[273010]: lost connection after EHLO from ... show more 2026-05-25T19:56:41.593612+02:00 gollum postfix/smtps/smtpd[273010]: lost connection after EHLO from 170.172.132.66.censys-scanner.com[66.132.172.170] 2026-05-25T19:56:43.218836+02:00 gollum postfix/smtps/smtpd[273010]: lost connection after CONNECT from 170.172.132.66.censys-scanner.com[66.132.172.170] 2026-05-25T19:56:44.691832+02:00 gollum postfix/smtps/smtpd[273010]: lost connection after CONNECT from 170.172.132.66.censys-scanner.com[66.132.172.170] ... show less	DDoS Attack Brute-Force
🇩🇪 manuelisus	2026-05-22 18:11:27 (1 week ago)	Honeypot TELNET: +10: honeypot_connection, +15: short_automated_session, +25: instant_disconnect, +2 ... show more Honeypot TELNET: +10: honeypot_connection, +15: short_automated_session, +25: instant_disconnect, +20: telnet_login_attempt, +25: telnet_default_creds show less	Brute-Force IoT Targeted
🇳🇱 BellFix	2026-05-22 14:37:16 (1 week ago)	Fail2ban reported 66.132.172.170 for npm-docker	Web App Attack
Anonymous	2026-05-22 09:17:45 (1 week ago)		DNS Compromise DDoS Attack
🇩🇪 NxtGenIT	2026-05-22 03:17:07 (1 week ago)	ConPot Honeypot hit, Event Type: SNMPv1 Get.	FTP Brute-Force
🇳🇱 BellFix	2026-05-19 16:21:51 (2 weeks ago)	Fail2ban reported 66.132.172.170 for npm-docker	Web App Attack
🇩🇪 manuelisus	2026-05-19 07:05:16 (2 weeks ago)	Honeypot TELNET: +10: honeypot_connection, +15: short_automated_session, +25: instant_disconnect, +2 ... show more Honeypot TELNET: +10: honeypot_connection, +15: short_automated_session, +25: instant_disconnect, +20: telnet_login_attempt, +25: telnet_default_creds show less	Brute-Force IoT Targeted

Showing 1 to 15 of 90 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇸🇾 109.238.158.200

🇩🇪 185.91.127.85

🇺🇸 172.253.251.123

🇺🇸 147.185.132.54

🇯🇵 35.243.97.8

🇯🇵 35.200.72.104

🇧🇷 205.210.31.194

🇵🇪 190.119.63.98

🇮🇩 180.148.25.65

🇹🇭 150.95.82.21

🇫🇷 141.94.19.216

🇨🇳 111.85.244.46

🇿🇦 105.225.100.40

🇸🇬 43.172.196.38

🇩🇪 37.114.61.43

🇨🇦 4.205.28.179

🇺🇸 172.214.209.153

🇺🇸 143.42.1.71

🇮🇳 122.176.156.82

🇮🇱 85.65.68.45