JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 66.132.172.37

66.132.172.37 was found in our database!

This IP was reported 1,729 times. Confidence of Abuse is 100%: ?

100%

ISP	Censys, Inc.
Usage Type	Commercial
ASN	AS398324
Hostname(s)	37.172.132.66.censys-scanner.com
Domain Name	censys.io
Country	🇺🇸 United States of America
City	Chicago, Illinois

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 66.132.172.37

Whois 66.132.172.37

IP Abuse Reports for 66.132.172.37:

This IP address has been reported a total of 1,729 times from 383 distinct sources. 66.132.172.37 was first reported on March 19th 2026, and the most recent report was 1 hour ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 zupan	2026-06-02 13:14:33 (1 day ago)	Blocked by UFW on vps [8083/tcp] \| SPT: 22672 \| TTL: 53 \| LEN: 60 \| TOS: 0x00 • Reported by: github. ... show more Blocked by UFW on vps [8083/tcp] \| SPT: 22672 \| TTL: 53 \| LEN: 60 \| TOS: 0x00 • Reported by: github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇺🇸 Xarcotic	2026-06-02 12:49:22 (1 day ago)	SSH login on honeypot.	Brute-Force SSH
🇩🇪 ut-addicted.com	2026-06-02 12:46:17 (1 day ago)	Jun 2 14:46:15 www postfix/smtpd\[3025\]: lost connection after CONNECT from 37.172.132.66.censys-s ... show more Jun 2 14:46:15 www postfix/smtpd\[3025\]: lost connection after CONNECT from 37.172.132.66.censys-scanner.com\[66.132.172.37\] show less	Brute-Force Hacking
🇺🇸 cwytech	2026-06-02 11:46:39 (1 day ago)	Fleet-wide ban from the Ghostfleet 👻. Triggered by scenario: cwy/rdg-local-lockdown-high.	Bad Web Bot Web App Attack
🇩🇪 dispaisyenterprises	2026-06-02 11:27:43 (1 day ago)	Honeypot [fra-de-honeypot]: Unauthorized traffic (243 bytes of payload); 11211 [5] TCP Reported by D ... show more Honeypot [fra-de-honeypot]: Unauthorized traffic (243 bytes of payload); 11211 [5] TCP Reported by DisPaisy Enterprises (dispaisy.systems) using: https://github.com/sefinek/T-Pot-To-AbuseIPDB show less	Port Scan
🇬🇧 gbzret4d	2026-06-02 10:15:55 (2 days ago)	Honeypot [uk-production01]: Unauthorized traffic (243 bytes of payload); 5671 [2] TCP	Port Scan
🇺🇸 MPL	2026-06-02 09:16:41 (2 days ago)	tcp/26 (4 or more attempts)	Port Scan
🇦🇺 LiftUp Hosting	2026-06-02 09:16:00 (2 days ago)	Honeypot hit: Empty payload (likely service probe); 18100 [1] TCP	Port Scan
🇺🇸 gu-alvareza	2026-06-02 07:05:33 (2 days ago)	Censys.io.Scanner	Port Scan
🇬🇧 gbzret4d	2026-06-02 03:09:56 (2 days ago)	Honeypot [uk-production01]: Empty payload (likely service probe); 15412 [1] TCP	Port Scan
🇳🇱 donarev419	2026-06-02 03:09:28 (2 days ago)	Connection to port 8443 with data transfer. Data preview:	Port Scan Hacking
🇨🇭 pingusurmars	2026-06-01 22:43:17 (2 days ago)	Blocked by UFW on amperetwo [3000/tcp] Source port: 29782 TTL: 54 Packet length: 60 TOS: 0x00 This ... show more Blocked by UFW on amperetwo [3000/tcp] Source port: 29782 TTL: 54 Packet length: 60 TOS: 0x00 This report was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇩🇪 David Ferneding	2026-06-01 19:34:31 (2 days ago)	Blocked by UFW (TCP on 8899) Source port: 50308 TTL: 57 Packet length: 60 TOS: 0x00 This report (fo ... show more Blocked by UFW (TCP on 8899) Source port: 50308 TTL: 57 Packet length: 60 TOS: 0x00 This report (for 66.132.172.37) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇫🇷 Thaliruth	2026-06-01 19:19:26 (2 days ago)	Jun 1 21:19:25 151 dovecot: imap-login: Login aborted: Connection closed: SSL_accept() failed: erro ... show more Jun 1 21:19:25 151 dovecot: imap-login: Login aborted: Connection closed: SSL_accept() failed: error:0A0000EB:SSL routines::no application protocol (disconnected during TLS handshake) (tls_handshake_not_finished): user=<>, rip=66.132.172.37, lip=92.205.177.255, TLS handshaking: SSL_accept() failed: error:0A0000EB:SSL routines::no application protocol, session=<9eSPEjZTILZChKwl> Jun 1 21:19:25 151 dovecot: imap-login: Login aborted: Connection closed: SSL_accept() failed: error:0A0000EB:SSL routines::no application protocol (disconnected during TLS handshake) (tls_handshake_not_finished): user=<>, rip=66.132.172.37, lip=92.205.177.255, TLS handshaking: SSL_accept() failed: error:0A0000EB:SSL routines::no application protocol, session=<dRWTEjZTJrZChKwl> Jun 1 21:19:25 151 dovecot: imap-login: Login aborted: Connection closed: SSL_accept() failed: error:0A0000C1:SSL routines::no shared cipher (disconnected during TLS handshake) (tls_handshake_not_finished): user=<>, rip=66.132.172.37, ... show less	Hacking Brute-Force
🇿🇦 voolik.com	2026-06-01 18:33:10 (2 days ago)	2026-06-01T20:32:51.842807+02:00 bla016-truserv-jhb1-001 sshd[4150953]: refused connect from 66.132. ... show more 2026-06-01T20:32:51.842807+02:00 bla016-truserv-jhb1-001 sshd[4150953]: refused connect from 66.132.172.37 (66.132.172.37) 2026-06-01T20:33:00.332852+02:00 bla016-truserv-jhb1-001 sshd[4151497]: refused connect from 66.132.172.37 (66.132.172.37) 2026-06-01T20:33:03.598041+02:00 bla016-truserv-jhb1-001 sshd[4151668]: refused connect from 66.132.172.37 (66.132.172.37) 2026-06-01T20:33:09.088162+02:00 bla016-truserv-jhb1-001 sshd[4151831]: refused connect from 66.132.172.37 (66.132.172.37) ... show less	Brute-Force SSH

Showing 31 to 45 of 1729 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇮🇩 182.2.71.197

🇨🇳 125.124.226.217

🇰🇷 112.216.129.27

🇨🇳 106.75.188.89

🇷🇴 80.94.92.184

🇩🇪 69.5.169.95

🇦🇷 190.99.71.84

🇲🇽 187.190.35.163

🇪🇨 181.199.42.7

🇹🇼 165.154.227.8

🇨🇳 115.190.81.215

🇺🇸 64.62.156.122

🇭🇰 38.207.133.27

🇬🇧 35.203.210.245

🇷🇴 2.57.121.112

🇨🇱 190.46.217.238

🇧🇷 187.73.74.149

🇻🇳 113.169.72.178

🇮🇳 106.192.10.122

🇯🇵 104.46.226.163