JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 66.132.172.193

66.132.172.193 was found in our database!

This IP was reported 1,842 times. Confidence of Abuse is 100%: ?

100%

ISP	Censys, Inc.
Usage Type	Commercial
ASN	AS398324
Hostname(s)	193.172.132.66.censys-scanner.com
Domain Name	censys.io
Country	🇺🇸 United States of America
City	Chicago, Illinois

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 66.132.172.193

Whois 66.132.172.193

IP Abuse Reports for 66.132.172.193:

This IP address has been reported a total of 1,842 times from 424 distinct sources. 66.132.172.193 was first reported on March 19th 2026, and the most recent report was 1 hour ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 manuelisus	2026-05-27 03:38:55 (1 week ago)	Honeypot HTTP: +10: honeypot_connection, +15: short_automated_session, +20: http_no_user_agent, +30: ... show more Honeypot HTTP: +10: honeypot_connection, +15: short_automated_session, +20: http_no_user_agent, +30: known_scanner_org, +25: rdns_contains_scan show less	Web App Attack Hacking
🇩🇪 dispaisyenterprises	2026-05-27 03:09:44 (1 week ago)	Honeypot [fra-de-honeypot]: Empty payload (likely service probe); 19812 [1] TCP Reported by DisPaisy ... show more Honeypot [fra-de-honeypot]: Empty payload (likely service probe); 19812 [1] TCP Reported by DisPaisy Enterprises (dispaisy.systems) using: https://github.com/sefinek/T-Pot-To-AbuseIPDB show less	Port Scan
🇬🇧 gbzret4d	2026-05-27 02:34:04 (1 week ago)	Honeypot [uk-production01]: Unauthorized traffic (243 bytes of payload); 8909 [2] TCP	Port Scan
🇨🇭 blinx	2026-05-27 01:35:17 (1 week ago)	2026-05-27T03:35:16.707648+02:00 blinx-rpi4 endlessh[359]: 2026-05-27T01:35:16.707Z CLOSE host=::fff ... show more 2026-05-27T03:35:16.707648+02:00 blinx-rpi4 endlessh[359]: 2026-05-27T01:35:16.707Z CLOSE host=::ffff:66.132.172.193 port=36000 fd=4 time=30.008 bytes=50 ... show less	Brute-Force SSH
🇧🇷 diego	2026-05-27 01:07:52 (1 week ago)	[rede-top188] 05/26/2026-22:07:52.250423, 66.132.172.193, Protocol: 6, ET DROP Dshield Block Listed ... show more [rede-top188] 05/26/2026-22:07:52.250423, 66.132.172.193, Protocol: 6, ET DROP Dshield Block Listed Source group 1 show less	Hacking
🇩🇪 Justin F. \| AS204464	2026-05-27 00:40:35 (1 week ago)	Honeypot [nx-infrastructure]: Empty payload (likely service probe); 9300 [1] TCP Reported by: Justin ... show more Honeypot [nx-infrastructure]: Empty payload (likely service probe); 9300 [1] TCP Reported by: Justin F. show less	Port Scan
Anonymous	2026-05-27 00:30:47 (1 week ago)	Kept connecting and disconnecting without issuing any commands	DDoS Attack
🇳🇱 ByeByte API	2026-05-26 19:13:27 (1 week ago)	byebyte.space auth: 5 TCP packets between 2026-05-26T19:12:53Z and 2026-05-26T19:13:26Z (33s span). ... show more byebyte.space auth: 5 TCP packets between 2026-05-26T19:12:53Z and 2026-05-26T19:13:26Z (33s span). Destinations: 25. Source ports: 7740, 61468. latest packet 60B, TTL 53, flags SYN, window 21900. All dropped at firewall. p0f: OS Linux 2.2.x-3.x (generic match), 11 hops, uptime 2d16h, link Ethernet or modem. at 2026-05-26T19:13:27Z show less	Port Scan
🇳🇱 ByeByte API	2026-05-26 19:13:26 (1 week ago)	Port scan from this IP. Firewall dropped every packet. Targeted TCP ports: 25, 8443. Activity window ... show more Port scan from this IP. Firewall dropped every packet. Targeted TCP ports: 25, 8443. Activity window: 2026-05-24 03:32 UTC to 2026-05-26 19:13 UTC. show less	Port Scan
🇲🇹 neilcaruana	2026-05-26 17:59:42 (1 week ago)	Sentinel detected an attack on port [3478]	Hacking
🇺🇸 mutebot.net	2026-05-26 17:22:26 (1 week ago)	SRC=66.132.172.193, PROTO=TCP, SPT=62018, DPT=8888 SRC=66.132.172.193, PROTO=TCP, SPT=18568, DPT=888 ... show more SRC=66.132.172.193, PROTO=TCP, SPT=62018, DPT=8888 SRC=66.132.172.193, PROTO=TCP, SPT=18568, DPT=8888 SRC=66.132.172.193, PROTO=TCP, SPT=18568, DPT=8888 SRC=66.132.172.193, PROTO=TCP, SPT=18568, DPT=8888 show less	Port Scan
🇺🇸 chronos	2026-05-26 16:36:52 (1 week ago)	[AUTORAVALT][[26/05/2026 - 13:36:52 -03:00 UTC] Attack from [Censys, Inc.] [66.132.172.193][193.172. ... show more [AUTORAVALT][[26/05/2026 - 13:36:52 -03:00 UTC] Attack from [Censys, Inc.] [66.132.172.193][193.172.132.66.censys-scanner.com] Action: BLocKed Phishing -> Phishing websites and/or email. Email Spam -> Spam email content, infected attachments, and phishing emails. Hacking... Unauthorized attempts to access the server. Spoofing -> Email sender spoofing. Brute-F] ... show less	Brute-Force Email Spam Spoofing Phishing Hacking
🇺🇸 dpinse	2026-05-26 15:59:09 (1 week ago)	This IP was detected by CrowdSec triggering crowdsecurity/http-bad-user-agent	Web App Attack Bad Web Bot
🇺🇸 alecj.com	2026-05-26 15:39:08 (1 week ago)	This IP was detected by CrowdSec triggering crowdsecurity/http-bad-user-agent	Web App Attack Bad Web Bot
🇬🇧 gbzret4d	2026-05-26 14:52:07 (1 week ago)	Honeypot [uk-production01]: Empty payload (likely service probe); 10466 [1] TCP	Port Scan

Showing 196 to 210 of 1842 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇩🇪 213.209.159.226

🇹🇼 198.235.24.53

🇺🇿 185.203.236.212

🇭🇰 150.5.169.176

🇺🇸 135.237.122.43

🇨🇳 116.178.128.204

🇳🇵 113.199.249.60

🇺🇸 107.175.156.160

🇻🇳 103.166.184.148

🇧🇩 103.86.108.224

🇫🇷 92.103.134.183

🇬🇧 80.43.219.118

🇺🇸 45.33.69.253

🇺🇸 40.124.173.224

🇺🇸 20.163.15.20

🇺🇸 216.73.160.185

🇺🇸 216.73.160.21

🇳🇱 195.178.110.30

🇬🇧 188.240.59.7

🇧🇷 186.26.82.195