JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 66.132.172.33

66.132.172.33 was found in our database!

This IP was reported 1,718 times. Confidence of Abuse is 100%: ?

100%

ISP	Censys, Inc.
Usage Type	Commercial
ASN	AS398324
Hostname(s)	33.172.132.66.censys-scanner.com
Domain Name	censys.io
Country	🇺🇸 United States of America
City	Chicago, Illinois

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 66.132.172.33

Whois 66.132.172.33

IP Abuse Reports for 66.132.172.33:

This IP address has been reported a total of 1,718 times from 400 distinct sources. 66.132.172.33 was first reported on March 19th 2026, and the most recent report was 11 minutes ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 SSP	2026-05-30 18:20:02 (4 days ago)	Automatic report from iptables firewall - detected malicious activity	DDoS Attack Brute-Force SSH Web App Attack Port Scan Hacking
🇦🇺 CalmBrain	2026-05-30 16:00:46 (4 days ago)	This IP was detected by CrowdSec triggering crowdsecurity/http-bad-user-agent	Web App Attack Bad Web Bot
Anonymous	2026-05-30 15:36:29 (4 days ago)	May 30 15:36:20 imap-login: Info: Disconnected: Connection closed (no auth attempts in 1 secs): user ... show more May 30 15:36:20 imap-login: Info: Disconnected: Connection closed (no auth attempts in 1 secs): user=<>, rip=66.132.172.33, lip=X.X.X.X, TLS: Connection closed, session=<PqQXuQpTnlhChKwh> May 30 15:36:25 imap-login: Info: Disconnected: Connection closed: SSL_accept() failed: error:0A000102:SSL routines::unsupported protocol (no auth attempts in 0 secs): user=<>, rip=66.132.172.33, lip=X.X.X.X, TLS handshaking: SSL_accept() failed: error:0A000102:SSL routines::unsupported protocol, session=<KKdquQpTCFlChKwh> May 30 15:36:28 imap-login: Info: Disconnected: Connection closed: SSL_accept() failed: error:0A000102:SSL routines::unsupported protocol (no auth attempts in 0 secs): user=<>, rip=66.132.172.33, lip=X.X.X.X, TLS handshaking: SSL_accept() failed: error:0A000102:SSL routines::unsupported protocol, session=<7V6YuQpT3KtChKwh> ... show less	Brute-Force
🇯🇵 mkaraki	2026-05-30 12:23:36 (4 days ago)	1780143815 # Service_probe # SIGNATURE_SEND # source_ip:66.132.172.33 # dst_port:33561 ...	Port Scan
🇺🇸 walnuts	2026-05-30 08:49:45 (4 days ago)	Automated: Triggered nginx security jail (nginx-444) - probing blocked paths on web server	Bad Web Bot Web App Attack
🇮🇳 evicky2002	2026-05-30 08:05:12 (4 days ago)	Confirmed malicious by STILWaters CTI platform (score=100, sources=1)	Hacking Brute-Force SSH
🇺🇸 gu-alvareza	2026-05-30 07:05:28 (4 days ago)	Censys.io.Scanner	Port Scan
Anonymous	2026-05-30 07:02:57 (4 days ago)	$f2bV_matches	Brute-Force SSH
🇺🇸 Bankbook8585	2026-05-30 06:33:42 (4 days ago)	T-Pot honeypot \| Honeytrap: port 44818	Port Scan Hacking
🇳🇱 donarev419	2026-05-30 03:33:07 (5 days ago)	Port scan detected on port 5005 (connection without data transfer)	Port Scan
🇺🇸 donarev419	2026-05-30 01:34:51 (5 days ago)	Port scan detected on port 18821 (connection without data transfer)	Port Scan
🇩🇪 Lazentis	2026-05-30 01:13:23 (5 days ago)	Unauthorized access attempt to port 8080 (tcp)	Brute-Force SSH
🇦🇺 LiftUp Hosting	2026-05-29 23:33:58 (5 days ago)	Honeypot hit: Empty payload (likely service probe); 28811 [1] TCP	Port Scan
🇲🇳 Public CSIRT/CC of Mongolia	2026-05-29 23:22:21 (5 days ago)	Honeypot hit: Empty payload (likely service probe); 30005 [1] TCP	Port Scan
🇩🇪 acadeova	2026-05-29 21:38:59 (5 days ago)	Blocked by UFW on vps4 [111/tcp] Source port: 21500 TTL: 54 Packet length: 60 TOS: 0x00 This report ... show more Blocked by UFW on vps4 [111/tcp] Source port: 21500 TTL: 54 Packet length: 60 TOS: 0x00 This report was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan

Showing 91 to 105 of 1718 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇧🇪 198.235.24.164

🇻🇳 171.244.61.79

🇸🇬 103.189.234.96

🇮🇳 103.171.39.147

🇺🇸 99.14.134.67

🇺🇸 66.132.186.202

🇮🇳 45.43.45.254

🇮🇳 36.255.6.224

🇬🇧 35.203.210.192

🇧🇪 35.187.171.233

🇨🇦 15.223.88.155

🇨🇦 4.206.92.183

🇺🇸 216.25.89.111

🇺🇸 205.210.31.92

🇨🇳 202.105.98.252

🇺🇸 170.9.16.186

🇩🇪 167.94.146.63

🇨🇳 115.191.3.249

🇷🇺 94.198.1.94

🇷🇴 80.94.95.236