JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 66.132.172.211

66.132.172.211 was found in our database!

This IP was reported 1,837 times. Confidence of Abuse is 100%: ?

100%

ISP	Censys, Inc.
Usage Type	Commercial
ASN	AS398324
Hostname(s)	211.172.132.66.censys-scanner.com
Domain Name	censys.io
Country	🇺🇸 United States of America
City	Chicago, Illinois

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 66.132.172.211

Whois 66.132.172.211

IP Abuse Reports for 66.132.172.211:

This IP address has been reported a total of 1,837 times from 412 distinct sources. 66.132.172.211 was first reported on March 20th 2026, and the most recent report was 1 minute ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 masterguru	2026-05-27 11:54:32 (1 week ago)	(modsec_5080) ModSec 5080: Infrastructure subdomain probe from 66.132.172.211 (US/United States/211. ... show more (modsec_5080) ModSec 5080: Infrastructure subdomain probe from 66.132.172.211 (US/United States/211.172.132.66.censys-scanner.com): 1 in the last 3600 secs (0-195) show less	Hacking
Anonymous	2026-05-27 11:41:51 (1 week ago)	Blocked by UFW (TCP on 8180) Source port: 20066 TTL: 49 Packet length: 60 TOS: 0x14 This report (fo ... show more Blocked by UFW (TCP on 8180) Source port: 20066 TTL: 49 Packet length: 60 TOS: 0x14 This report (for 66.132.172.211) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇩🇪 Justin F. \| AS204464	2026-05-27 10:52:39 (1 week ago)	Honeypot [nx-infrastructure]: Empty payload (likely service probe); 9142 [1] TCP Reported by: Justin ... show more Honeypot [nx-infrastructure]: Empty payload (likely service probe); 9142 [1] TCP Reported by: Justin F. show less	Port Scan
🇦🇺 afleventoffice.com.au	2026-05-27 10:44:23 (1 week ago)	\x16\x03\x01\x01\x16\x01	Web App Attack
🇺🇸 donarev419	2026-05-27 07:18:16 (1 week ago)	Port scan detected on port 2080 (connection without data transfer)	Port Scan
🇩🇪 dispaisyenterprises	2026-05-27 06:27:45 (1 week ago)	Honeypot [fra-de-honeypot]: Empty payload (likely service probe); 25161 [1] TCP Reported by DisPaisy ... show more Honeypot [fra-de-honeypot]: Empty payload (likely service probe); 25161 [1] TCP Reported by DisPaisy Enterprises (dispaisy.systems) using: https://github.com/sefinek/T-Pot-To-AbuseIPDB show less	Port Scan
🇬🇧 seniorlinuxadmin	2026-05-27 06:04:14 (1 week ago)	66.132.172.211 - - [27/May/2026:07:04:12 +0100] " " 400 162 "-" "-"	Port Scan Web App Attack
🇬🇧 gbzret4d	2026-05-27 04:58:03 (1 week ago)	Honeypot [uk-production01]: Empty payload (likely service probe); 54269 [1] TCP	Port Scan
🇩🇪 celestialcity	2026-05-27 04:13:00 (1 week ago)	Blocked by UFW on celestialcityeu [110/tcp] \| SPT: 57560 \| TTL: 48 \| LEN: 60 \| TOS: 0x00 • Reported ... show more Blocked by UFW on celestialcityeu [110/tcp] \| SPT: 57560 \| TTL: 48 \| LEN: 60 \| TOS: 0x00 • Reported by: github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇧🇷 diego	2026-05-27 03:52:43 (1 week ago)	[rede-164-29] 05/27/2026-00:52:43.338047, 66.132.172.211, Protocol: 6, ET DROP Dshield Block Listed ... show more [rede-164-29] 05/27/2026-00:52:43.338047, 66.132.172.211, Protocol: 6, ET DROP Dshield Block Listed Source group 1 show less	Hacking
🇺🇸 donarev419	2026-05-27 02:41:47 (1 week ago)	Connection to port 4343 with data transfer. Data preview:	Port Scan Hacking
🇦🇺 LiftUp Hosting	2026-05-26 23:34:01 (1 week ago)	Honeypot hit: Unauthorized traffic (6 bytes of payload); 2403 [2] TCP	Port Scan
🇩🇪 Axel	2026-05-26 20:41:40 (1 week ago)	[2026-05-26 20:41:40 UTC] Honeypot VNC Web Interface connection attempt \| AXFRA HONEYPOT	Exploited Host
🇫🇷 mailox	2026-05-26 19:35:47 (1 week ago)	Unauthorized SSH connection on tarpit ...	SSH
🇿🇦 voolik.com	2026-05-26 18:02:08 (1 week ago)	2026-05-26T20:01:48.660507+02:00 bla016-truserv-jhb1-001 sshd[45636]: refused connect from 66.132.17 ... show more 2026-05-26T20:01:48.660507+02:00 bla016-truserv-jhb1-001 sshd[45636]: refused connect from 66.132.172.211 (66.132.172.211) 2026-05-26T20:01:57.687531+02:00 bla016-truserv-jhb1-001 sshd[46037]: refused connect from 66.132.172.211 (66.132.172.211) 2026-05-26T20:02:01.017215+02:00 bla016-truserv-jhb1-001 sshd[46372]: refused connect from 66.132.172.211 (66.132.172.211) 2026-05-26T20:02:06.766005+02:00 bla016-truserv-jhb1-001 sshd[46605]: refused connect from 66.132.172.211 (66.132.172.211) ... show less	Brute-Force SSH

Showing 166 to 180 of 1837 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 110.177.179.49

🇷🇴 92.118.39.236

🇺🇸 150.107.38.137

🇹🇭 147.50.231.36

🇬🇧 143.110.168.60

🇲🇲 103.59.163.133

🇫🇷 91.231.89.154

🇺🇸 91.230.168.241

🇳🇱 80.82.70.133

🇫🇷 45.92.108.157

🇺🇸 31.57.63.117

🇸🇮 5.157.73.47

🇷🇺 212.233.86.96

🇮🇩 202.10.54.27

🇭🇰 144.48.8.86

🇬🇧 138.68.151.160

🇮🇳 128.185.218.18

🇺🇸 96.127.152.236

🇨🇦 57.134.215.133

🇺🇸 20.57.198.224