JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 66.132.172.209

66.132.172.209 was found in our database!

This IP was reported 2,326 times. Confidence of Abuse is 100%: ?

100%

ISP	Censys, Inc.
Usage Type	Commercial
ASN	AS398324
Hostname(s)	209.172.132.66.censys-scanner.com
Domain Name	censys.com
Country	🇺🇸 United States of America
City	Chicago, Illinois

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 66.132.172.209

Whois 66.132.172.209

IP Abuse Reports for 66.132.172.209:

This IP address has been reported a total of 2,326 times from 450 distinct sources. 66.132.172.209 was first reported on March 20th 2026, and the most recent report was 3 minutes ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 sandra361	2026-06-27 10:23:02 (3 minutes ago)	Port scan detected: 20 attempts across 1 ports (21802). \| Evidence: REAPER_TARPIT: IN=ens3 SRC=66.13 ... show more Port scan detected: 20 attempts across 1 ports (21802). \| Evidence: REAPER_TARPIT: IN=ens3 SRC=66.132.172.209 LEN=60 TOS=0x00 PREC=0x00 TTL=61 ID=1688 DF PROTO=TCP SPT=62932 DPT=21802 WINDOW=21900 RES=0x00 SYN URGP=0 show less	Port Scan
🇩🇪 SMi-Web	2026-06-27 08:10:44 (2 hours ago)	Blocked by firewall on hugin [443/tcp] \| Rule: Blocklist \| SPT: 47942 \| TTL: 53 \| LEN: 60 \| TOS: 0x0 ... show more Blocked by firewall on hugin [443/tcp] \| Rule: Blocklist \| SPT: 47942 \| TTL: 53 \| LEN: 60 \| TOS: 0x00 • Reported by: github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇺🇸 terraforge.fun	2026-06-27 07:27:01 (2 hours ago)	Blocked by on us-2-terraforge [45001/tcp] \| SPT: 54340 \| TTL: 58 \| LEN: 60 \| TOS: 0x00 • Reported by ... show more Blocked by on us-2-terraforge [45001/tcp] \| SPT: 54340 \| TTL: 58 \| LEN: 60 \| TOS: 0x00 • Reported by: terraforge.fun show less	Port Scan
🇺🇸 donarev419	2026-06-27 07:14:56 (3 hours ago)	Port scan detected on port 5242 (connection without data transfer)	Port Scan
🇩🇪 dispaisyenterprises	2026-06-27 06:57:51 (3 hours ago)	Honeypot [fra-de-honeypot]: Empty payload (likely service probe); 50162 [1] TCP Reported by DisPaisy ... show more Honeypot [fra-de-honeypot]: Empty payload (likely service probe); 50162 [1] TCP Reported by DisPaisy Enterprises (dispaisy.systems) using: https://github.com/sefinek/T-Pot-To-AbuseIPDB show less	Port Scan
🇫🇷 security.rdmc.fr	2026-06-27 03:16:53 (7 hours ago)	Port Scan Attack proto:TCP src:42172 dst:21	Port Scan
🇲🇳 Public CSIRT/CC of Mongolia	2026-06-27 00:51:54 (9 hours ago)	Honeypot hit: Empty payload (likely service probe); 7071 [1] TCP	Port Scan
🇺🇸 Antairus	2026-06-26 21:01:31 (13 hours ago)	Port scan detected. Scanned ports: 8443. Detected by firewall.	Port Scan
🇬🇧 tpguy825	2026-06-26 20:34:05 (13 hours ago)	SSH bruteforce from 66.132.172.209 port 18498, stuck in tarpit for 30.025 secs	Hacking Brute-Force SSH
🇸🇬 drewf.ink	2026-06-26 18:23:49 (16 hours ago)	[18:23] Port scanning. Port(s) scanned: TCP/6000	Port Scan
🇩🇪 Axel	2026-06-26 17:19:18 (17 hours ago)	[2026-06-26 17:19:18 UTC] Honeypot Alt SSH connection attempt \| AXFRA HONEYPOT	SSH
🇩🇪 ITSNF	2026-06-26 17:05:03 (17 hours ago)	Blocked by os-abuseipdb; 9 hits, proto=tcp, ports=25	Port Scan Hacking
🇩🇪 dispaisyenterprises	2026-06-26 16:51:49 (17 hours ago)	Honeypot [fra-de-honeypot]: Empty payload (likely service probe); 9467 [1] TCP Reported by DisPaisy ... show more Honeypot [fra-de-honeypot]: Empty payload (likely service probe); 9467 [1] TCP Reported by DisPaisy Enterprises (dispaisy.systems) using: https://github.com/sefinek/T-Pot-To-AbuseIPDB show less	Port Scan
🇦🇹 Pingger Shikkoken	2026-06-26 16:41:31 (17 hours ago)	2026-06-26T16:41:31+00:00 iskariot kernel: AbuseIPDB-Blacklist-Dropped: IN=ens3 OUT=ServerBridge MAC ... show more 2026-06-26T16:41:31+00:00 iskariot kernel: AbuseIPDB-Blacklist-Dropped: IN=ens3 OUT=ServerBridge MAC=b6:ab:74:e6:2e:14:84:03:28:62:88:32:08:00 SRC=66.132.172.209 DST=10.1.1.11 LEN=60 TOS=0x00 PREC=0x00 TTL=54 ID=41291 DF PROTO=TCP SPT=44146 DPT=992 WINDOW=21900 RES=0x00 SYN URGP=0 2026-06-26T16:41:32+00:00 iskariot kernel: AbuseIPDB-Blacklist-Dropped: IN=ens3 OUT=ServerBridge MAC=b6:ab:74:e6:2e:14:84:03:28:62:88:32:08:00 SRC=66.132.172.209 DST=10.1.1.11 LEN=60 TOS=0x00 PREC=0x00 TTL=54 ID=41292 DF PROTO=TCP SPT=44146 DPT=992 WINDOW=21900 RES=0x00 SYN URGP=0 2026-06-26T16:41:34+00:00 iskariot kernel: AbuseIPDB-Blacklist-Dropped: IN=ens3 OUT=ServerBridge MAC=b6:ab:74:e6:2e:14:84:03:28:62:88:32:08:00 SRC=66.132.172.209 DST=10.1.1.11 LEN=60 TOS=0x00 PREC=0x00 TTL=54 ID=41293 DF PROTO=TCP SPT=44146 DPT=992 WINDOW=21900 RES=0x00 SYN URGP=0 ... show less	Hacking Bad Web Bot
🇩🇪 ZIME	2026-06-26 16:27:28 (17 hours ago)	UFW BLOCK Report: Total attempts: 4 Top ports and details: - Port 3306 (4x): MySQL Brute / Exp ... show more UFW BLOCK Report: Total attempts: 4 Top ports and details: - Port 3306 (4x): MySQL Brute / Exploit (e.g., weak root passwords, authentication bypass CVEs) Source IP: 66.132.172.209 \| this report is autogenerated by ZIME Cloud show less	SQL Injection Brute-Force

Showing 1 to 15 of 2326 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇫🇮 178.20.210.208

🇺🇸 147.185.132.184

🇰🇷 121.173.173.48

🇺🇸 45.131.193.243

🇬🇧 2a06:4880:6000::86

🇬🇧 217.146.80.109

🇺🇸 216.16.101.175

🇮🇳 203.193.147.37

🇧🇪 198.235.24.149

🇺🇸 162.216.150.244

🇫🇮 147.185.133.50

🇧🇷 147.15.20.173

🇨🇳 113.248.165.149

🇨🇳 112.31.109.13

🇺🇸 104.28.251.191

🇸🇮 102.220.160.154

🇫🇷 91.231.89.68

🇺🇸 72.51.57.27

🇫🇷 180.149.196.82

🇺🇸 172.210.9.131