JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 66.132.172.32

66.132.172.32 was found in our database!

This IP was reported 1,445 times. Confidence of Abuse is 100%: ?

100%

ISP	Censys, Inc.
Usage Type	Commercial
ASN	AS398324
Hostname(s)	32.172.132.66.censys-scanner.com
Domain Name	censys.io
Country	🇺🇸 United States of America
City	Chicago, Illinois

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 66.132.172.32

Whois 66.132.172.32

IP Abuse Reports for 66.132.172.32:

This IP address has been reported a total of 1,445 times from 367 distinct sources. 66.132.172.32 was first reported on March 19th 2026, and the most recent report was 49 minutes ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇹🇭 Sawasdee	2026-06-03 04:15:19 (1 day ago)	Port Scan ...	Port Scan
🇺🇸 Hobby Bob	2026-06-02 22:19:05 (1 day ago)	Jun 2 22:19:05 server dovecot: pop3-login: Disconnected: Connection closed (no auth attempts in 15 s ... show more Jun 2 22:19:05 server dovecot: pop3-login: Disconnected: Connection closed (no auth attempts in 15 secs): user=, rip=66.132.172.32, lip=X.X.X.X session= show less	Port Scan Hacking
🇺🇸 ras07	2026-06-02 22:00:07 (1 day ago)	Brute force SSH login attempts.	Brute-Force SSH
🇬🇧 sandra361	2026-06-02 21:44:02 (1 day ago)	Port scan detected: 31 attempts across 1 ports (61248). \| Evidence: REAPER_TARPIT:IN=enp1s0f0 OUT= S ... show more Port scan detected: 31 attempts across 1 ports (61248). \| Evidence: REAPER_TARPIT:IN=enp1s0f0 OUT= SRC=66.132.172.32 LEN=60 TOS=0x00 PREC=0x00 TTL=51 ID=41805 DF PROTO=TCP SPT=5648 DPT=61248 WINDOW=21900 RES=0x00 SYN URGP=0 show less	Port Scan
🇩🇪 IP Analyzer	2026-06-02 21:30:32 (1 day ago)	Unauthorized connection attempt from IP address 66.132.172.32 on Port 443	Port Scan
🇭🇰 sandra361	2026-06-02 20:57:02 (1 day ago)	Port scan detected: 35 attempts across 1 ports (443). \| Evidence: REAPER_TARPIT:IN=eth0 OUT= SRC=66. ... show more Port scan detected: 35 attempts across 1 ports (443). \| Evidence: REAPER_TARPIT:IN=eth0 OUT= SRC=66.132.172.32 LEN=60 TOS=0x14 PREC=0x00 TTL=51 ID=12185 DF PROTO=TCP SPT=12318 DPT=443 WINDOW=21900 RES=0x00 SYN URGP=0 show less	Port Scan
🇲🇳 Public CSIRT/CC of Mongolia	2026-06-02 19:46:18 (1 day ago)	Honeypot hit: Empty payload (likely service probe); 49071 [1] TCP	Port Scan
🇵🇱 sefinek.net	2026-06-02 17:24:16 (1 day ago)	Honeypot hit: Empty payload (likely service probe); 21902 [1] TCP Reported by: https://github.com/se ... show more Honeypot hit: Empty payload (likely service probe); 21902 [1] TCP Reported by: https://github.com/sefinek/T-Pot-To-AbuseIPDB show less	Port Scan
🇯🇵 www.winos.me	2026-06-02 17:22:14 (1 day ago)	Shield: Layer4 Port 9 Trap	Port Scan Hacking
🇩🇪 ValtonTahiri	2026-06-02 16:54:02 (1 day ago)	UFW blocked a suspicious connection attempt to a closed or denied port. This activity is commonly as ... show more UFW blocked a suspicious connection attempt to a closed or denied port. This activity is commonly associated with port scanning, service discovery, or automated internet probing. Technical: source_ip=66.132.172.32; proto=TCP; source_port=64980; target_port=8080; flags=SYN show less	Port Scan
🇫🇷 Fasetech	2026-05-28 04:52:00 (1 week ago)	SecLedge detected suspicious activity. Score: 127.8. Sensor: T-Pot.	Brute-Force
🇺🇸 66691337	2026-05-25 10:25:20 (1 week ago)	May 19 15:54:03 (1779220443.984997) danted[109767]: info: block(1): tcp/accept ]: 66.132.172.32.1396 ... show more May 19 15:54:03 (1779220443.984997) danted[109767]: info: block(1): tcp/accept ]: 66.132.172.32.13964 216.144.227.115.1080: error after reading 3 bytes in 1 second: client offered no acceptable authentication method May 19 15:54:03 (1779220443.984997) danted[109767]: info: block(1): tcp/accept ]: 66.132.172.32.13964 216.144.227.115.1080: error after reading 3 bytes in 1 second: client offered no acceptable authentication method May 19 15:54:03 (1779220443.984997) danted[109767]: info: block(1): tcp/accept ]: 66.132.172.32.13964 216.144.227.115.1080: error after reading 3 bytes in 1 second: client offered no acceptable authentication method May 19 15:54:03 (1779220443.984997) danted[109767]: info: block(1): tcp/accept ]: 66.132.172.32.13964 216.144.227.115.1080: error after reading 3 bytes in 1 second: client offered no acceptable authentication method May 19 15:54:03 (1779220443.984997) danted[109767]: info: block(1): tcp/accept ]: 66.132.172.32.13964 216.144.227.115.1080: error after ... show less	Brute-Force Web App Attack
🇳🇱 BellFix	2026-05-22 14:37:19 (1 week ago)	Fail2ban reported 66.132.172.32 for npm-docker	Web App Attack
🇮🇱 spd.co.il	2026-05-22 00:02:54 (1 week ago)	Web application attack detected	Hacking Web App Attack
🇦🇺 LiftUp Hosting	2026-05-21 15:34:01 (1 week ago)	Honeypot hit: Unauthorized traffic (8 bytes of payload); 5672 [2] TCP	Port Scan

Showing 31 to 45 of 1445 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇬🇧 198.178.235.41

🇳🇱 176.65.139.231

🇺🇸 162.216.149.94

🇺🇸 104.236.83.40

🇧🇷 170.80.65.140

🇨🇳 117.149.196.167

🇧🇬 91.191.209.98

🇬🇧 81.19.219.216

🇺🇸 74.7.242.43

🇫🇷 51.159.149.103

🇩🇪 47.245.138.182

🇳🇱 45.148.10.152

🇬🇧 31.14.254.55

🇬🇧 31.14.254.4

🇰🇷 175.118.127.138

🇰🇷 119.192.210.110

🇳🇱 45.148.10.141

🇺🇸 13.68.133.98

🇦🇷 190.3.61.18

🇭🇰 185.239.84.249