JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 66.132.172.36

66.132.172.36 was found in our database!

This IP was reported 2,204 times. Confidence of Abuse is 100%: ?

100%

ISP	Censys, Inc.
Usage Type	Commercial
ASN	AS398324
Hostname(s)	36.172.132.66.censys-scanner.com
Domain Name	censys.com
Country	🇺🇸 United States of America
City	Chicago, Illinois

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 66.132.172.36

Whois 66.132.172.36

IP Abuse Reports for 66.132.172.36:

This IP address has been reported a total of 2,204 times from 454 distinct sources. 66.132.172.36 was first reported on March 19th 2026, and the most recent report was 2 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 matthieul.dev	2026-06-27 03:20:27 (2 hours ago)	Blocked by os-abuseipdb; 3 hits, proto=tcp, ports=32400	Port Scan Brute-Force
🇺🇸 donarev419	2026-06-27 02:24:10 (3 hours ago)	Connection to port 10260 with data transfer. Data preview: KDT_PLC_M	Port Scan Hacking
🇬🇧 gbzret4d	2026-06-27 00:58:49 (4 hours ago)	Honeypot [uk-production01]: Empty payload (likely service probe); 15443 [1] TCP	Port Scan
🇩🇪 ghostwarriors	2026-06-27 00:50:27 (4 hours ago)	Unauthorized connection attempt detected, SSH Brute-Force	Brute-Force Port Scan SSH
🇩🇪 zupan	2026-06-27 00:46:31 (4 hours ago)	Blocked by UFW on vps [3000/tcp] \| SPT: 55978 \| TTL: 48 \| LEN: 60 \| TOS: 0x00 • Reported by: github. ... show more Blocked by UFW on vps [3000/tcp] \| SPT: 55978 \| TTL: 48 \| LEN: 60 \| TOS: 0x00 • Reported by: github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇧🇬 Stoyko Stoykov	2026-06-26 21:58:43 (7 hours ago)	66.132.172.36 - - [27/Jun/2026:00:58:42 +0300] "GET / HTTP/1.1" 200 8322 "-" "Mozilla/5.0 (compatibl ... show more 66.132.172.36 - - [27/Jun/2026:00:58:42 +0300] "GET / HTTP/1.1" 200 8322 "-" "Mozilla/5.0 (compatible; CensysInspect/1.1; +https://about.censys.io/)" ... show less	Hacking Web App Attack
🇩🇪 D3vNu11	2026-06-26 20:48:02 (8 hours ago)	Level: (LOW): Known Attacker via Cowrie IOC Country: United States 1x -> Target Country: Frankreich ... show more Level: (LOW): Known Attacker via Cowrie IOC Country: United States 1x -> Target Country: Frankreich SSH show less	Hacking Brute-Force SSH
Anonymous	2026-06-26 20:36:07 (8 hours ago)	2026-06-26 22:36:01.062 [3388450] no MAIL in SMTP connection from 36.172.132.66.censys-scanner.com ( ... show more 2026-06-26 22:36:01.062 [3388450] no MAIL in SMTP connection from 36.172.132.66.censys-scanner.com (www.censys.io) [66.132.172.36]:31390 I=[217.197.86.168]:465 Ci=3388450 D=0.935s X=TLS1.3:ECDHE_X25519__ECDSA_SECP384R1_SHA384__CHACHA20_POLY1305:256 CV=no C=EHLO 2026-06-26 22:36:02.958 [3388461] no MAIL in SMTP connection from 36.172.132.66.censys-scanner.com [66.132.172.36]:31402 I=[217.197.86.168]:465 Ci=3388461 D=0.410s X=TLS1.2:ECDHE_X25519__ECDSA_SHA256__CHACHA20_POLY1305:256 CV=no 2026-06-26 22:36:04.653 [3388465] no MAIL in SMTP connection from 36.172.132.66.censys-scanner.com [66.132.172.36]:31408 I=[217.197.86.168]:465 Ci=3388465 D=0.348s X=TLS1.1:ECDHE_X25519__ECDSA_SHA1__AES_128_CBC__SHA1:128 CV=no ... show less	Brute-Force
🇺🇸 LotPhantom	2026-06-26 19:17:09 (10 hours ago)	2026-06-26T19:17:08.567128+00:00 bridginggaps kernel: [UFW BLOCK] IN=eth0 OUT= MAC=2e:bc:64:1d:2c:e1 ... show more 2026-06-26T19:17:08.567128+00:00 bridginggaps kernel: [UFW BLOCK] IN=eth0 OUT= MAC=2e:bc:64:1d:2c:e1:fe:00:00:00:01:01:08:00 SRC=66.132.172.36 DST=157.230.217.55 LEN=60 TOS=0x00 PREC=0x00 TTL=56 ID=19217 DF PROTO=TCP SPT=28694 DPT=3306 WINDOW=21900 RES=0x00 SYN URGP=0 ... show less	Port Scan Hacking
🇩🇪 dispaisyenterprises	2026-06-26 18:57:49 (10 hours ago)	Honeypot [fra-de-honeypot]: Empty payload (likely service probe); 9559 [1] TCP Reported by DisPaisy ... show more Honeypot [fra-de-honeypot]: Empty payload (likely service probe); 9559 [1] TCP Reported by DisPaisy Enterprises (dispaisy.systems) using: https://github.com/sefinek/T-Pot-To-AbuseIPDB show less	Port Scan
🇩🇪 bescared	2026-06-26 18:27:28 (11 hours ago)	F2B - Malicious activity detected. Unauthorized connection attempt: SSH. -151302cd-	Port Scan SSH
🇫🇷 security.rdmc.fr	2026-06-26 16:50:32 (12 hours ago)	Port Scan Attack proto:TCP src:41712 dst:21	Port Scan
Anonymous	2026-06-26 16:42:06 (12 hours ago)	2026-06-26T17:42:05.783060+01:00 vps kernel: [44232270.091891] [PORTSCAN DETECTED] IN=ens3 OUT= MAC= ... show more 2026-06-26T17:42:05.783060+01:00 vps kernel: [44232270.091891] [PORTSCAN DETECTED] IN=ens3 OUT= MAC=fa:16:3e:66:f6:24:02:37:19:0d:c2:f3:08:00 SRC=66.132.172.36 DST=54.37.14.118 LEN=60 TOS=0x00 PREC=0x00 TTL=45 ID=23678 DF PROTO=TCP SPT=39040 DPT=5090 WINDOW=21900 RES=0x00 SYN URGP=0 ... show less	Port Scan Brute-Force
🇩🇪 dispaisyenterprises	2026-06-26 11:21:48 (18 hours ago)	Honeypot [fra-de-honeypot]: Empty payload (likely service probe); 14265 [1] TCP Reported by DisPaisy ... show more Honeypot [fra-de-honeypot]: Empty payload (likely service probe); 14265 [1] TCP Reported by DisPaisy Enterprises (dispaisy.systems) using: https://github.com/sefinek/T-Pot-To-AbuseIPDB show less	Port Scan
🇺🇸 OceanTreasure	2026-06-26 11:20:03 (18 hours ago)	tcp/25; Repeated SMTP SYNs (≥3/120 s) (R18) @ 2026-06-26T11:10:17Z	Brute-Force

Showing 1 to 15 of 2204 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇻🇳 42.112.247.130

🇩🇪 8.211.47.30

🇺🇸 216.73.216.52

🇲🇾 195.86.192.66

🇮🇳 182.95.229.110

🇩🇪 176.9.125.27

🇺🇸 165.154.162.212

🇺🇸 165.154.36.105

🇪🇪 158.173.75.8

🇻🇳 116.99.49.208

🇳🇱 92.63.197.5

🇺🇸 52.154.19.226

🇻🇳 27.64.203.228

🇬🇧 2a06:4880:8000::b4

🇧🇷 205.210.31.192

🇺🇸 172.210.9.231

🇭🇰 152.32.213.68

🇺🇸 147.185.132.159

🇻🇳 116.99.168.247

🇺🇸 100.49.117.77