JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 66.132.172.195

66.132.172.195 was found in our database!

This IP was reported 1,901 times. Confidence of Abuse is 100%: ?

100%

ISP	Censys, Inc.
Usage Type	Commercial
ASN	AS398324
Hostname(s)	195.172.132.66.censys-scanner.com
Domain Name	censys.io
Country	🇺🇸 United States of America
City	Chicago, Illinois

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 66.132.172.195

Whois 66.132.172.195

IP Abuse Reports for 66.132.172.195:

This IP address has been reported a total of 1,901 times from 422 distinct sources. 66.132.172.195 was first reported on March 19th 2026, and the most recent report was 53 minutes ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 Zestysoft	2026-06-04 19:31:30 (53 minutes ago)	2026-06-04T19:31:21.128669+00:00 mail dovecot: imap-login: Disconnected: Connection closed (no auth ... show more 2026-06-04T19:31:21.128669+00:00 mail dovecot: imap-login: Disconnected: Connection closed (no auth attempts in 2 secs): user=<>, rip=66.132.172.195, lip=172.17.100.207, TLS: Connection closed, session=<POrElnJTyM5ChKzD> 2026-06-04T19:31:29.615965+00:00 mail dovecot: imap-login: Disconnected: Connection closed (no auth attempts in 3 secs): user=<>, rip=66.132.172.195, lip=172.17.100.207, TLS, session=<hGtGl3JTRAlChKzD> ... show less	Brute-Force
🇩🇰 swrlly	2026-06-04 17:49:05 (2 hours ago)	2 unauthorized webserver connections (30d)	Web App Attack
🇺🇸 cwytech	2026-06-04 16:50:07 (3 hours ago)	Fleet-wide ban from the Ghostfleet 👻. Triggered by scenario: cwy/global-exclusion-high.	Hacking
🇩🇪 banankicks	2026-06-04 12:16:25 (8 hours ago)	Unauthorized connection attempt detected from IP address 66.132.172.195 to port 22 (banankicks-serve ... show more Unauthorized connection attempt detected from IP address 66.132.172.195 to port 22 (banankicks-server) [A] show less	Brute-Force Exploited Host
🇯🇵 mkaraki	2026-06-04 12:00:31 (8 hours ago)	1780574431 # Service_probe # SIGNATURE_SEND # source_ip:66.132.172.195 # dst_port:49152 ...	Port Scan
🇲🇹 neilcaruana	2026-06-04 11:45:10 (8 hours ago)	Sentinel detected an attack on port [12291]	Hacking
🇩🇪 David Ferneding	2026-06-04 11:43:30 (8 hours ago)	Blocked by UFW (TCP on 9104) Source port: 19842 TTL: 57 Packet length: 60 TOS: 0x00 This report (fo ... show more Blocked by UFW (TCP on 9104) Source port: 19842 TTL: 57 Packet length: 60 TOS: 0x00 This report (for 66.132.172.195) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇦🇺 LiftUp Hosting	2026-06-04 11:28:37 (8 hours ago)	Honeypot hit: Empty payload (likely service probe); 8398 [1] TCP	Port Scan
🇫🇷 Thaliruth	2026-06-04 10:05:08 (10 hours ago)	Jun 4 12:05:07 151 dovecot: pop3-login: Login aborted: Disconnected: Too many bad commands (no auth ... show more Jun 4 12:05:07 151 dovecot: pop3-login: Login aborted: Disconnected: Too many bad commands (no auth attempts in 0 secs) (no_auth_attempts): user=<>, rip=66.132.172.195, lip=46.252.194.151, session=<jAbQrWpTQjtChKzD> Jun 4 12:05:08 151 dovecot: pop3-login: Login aborted: Disconnected: Too many bad commands (no auth attempts in 0 secs) (no_auth_attempts): user=<>, rip=66.132.172.195, lip=46.252.194.151, session=<wDzTrWpTTjtChKzD> Jun 4 12:05:08 151 dovecot: pop3-login: Login aborted: Disconnected: Too many bad commands (no auth attempts in 0 secs) (no_auth_attempts): user=<>, rip=66.132.172.195, lip=46.252.194.151, session=<vm/WrWpTUDtChKzD> ... show less	Hacking Brute-Force
🇫🇷 security.rdmc.fr	2026-06-04 08:28:44 (11 hours ago)	Port Scan Attack proto:TCP src:25670 dst:21	Port Scan
🇺🇸 donarev419	2026-06-04 08:19:22 (12 hours ago)	Port scan detected on port 17606 (connection without data transfer)	Port Scan
🇦🇺 FEWA	2026-06-04 08:15:48 (12 hours ago)	Fail2Ban Ban Triggered	Hacking Bad Web Bot Web App Attack
🇩🇪 ValtonTahiri	2026-06-04 07:58:53 (12 hours ago)	UFW blocked a suspicious connection attempt to a closed or denied port. This activity is commonly as ... show more UFW blocked a suspicious connection attempt to a closed or denied port. This activity is commonly associated with port scanning, service discovery, or automated internet probing. Technical: source_ip=66.132.172.195; proto=TCP; source_port=38724; target_port=8000; flags=SYN show less	Port Scan
🇩🇪 curiosity	2026-06-04 07:25:55 (12 hours ago)	This IP was detected by CrowdSec triggering crowdsecurity/http-bad-user-agent	Web App Attack Bad Web Bot
🇲🇳 Public CSIRT/CC of Mongolia	2026-06-04 07:18:35 (13 hours ago)	Honeypot hit: Empty payload (likely service probe); 3508 [1] TCP	Port Scan

Showing 1 to 15 of 1901 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 221.228.10.226

🇨🇳 183.232.212.207

🇳🇱 141.11.62.125

🇺🇸 136.144.35.253

🇺🇸 136.144.35.252

🇺🇸 135.237.126.123

🇯🇴 91.186.248.171

🇬🇧 87.106.67.224

🇲🇽 45.134.9.27

🇹🇷 195.174.246.10

🇳🇱 195.170.172.225

🇬🇧 193.163.125.43

🇦🇹 193.84.52.61

🇺🇸 147.185.132.125

🇺🇸 136.144.35.251

🇺🇸 136.144.35.250

🇺🇸 136.144.35.25

🇨🇳 117.80.152.104

🇳🇱 31.58.51.37

🇨🇳 14.103.46.139