JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 66.132.172.96

66.132.172.96 was found in our database!

This IP was reported 1,859 times. Confidence of Abuse is 100%: ?

100%

ISP	Censys, Inc.
Usage Type	Commercial
ASN	AS398324
Hostname(s)	96.172.132.66.censys-scanner.com
Domain Name	censys.io
Country	🇺🇸 United States of America
City	Chicago, Illinois

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 66.132.172.96

Whois 66.132.172.96

IP Abuse Reports for 66.132.172.96:

This IP address has been reported a total of 1,859 times from 414 distinct sources. 66.132.172.96 was first reported on March 19th 2026, and the most recent report was 32 minutes ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 kingjan1999	2026-05-28 19:26:41 (6 days ago)	Blocked by UFW [24681/tcp] \| SPT: 18372 \| TTL: 56 \| LEN: 60 \| TOS: 0x00 • Reported by: github.com/se ... show more Blocked by UFW [24681/tcp] \| SPT: 18372 \| TTL: 56 \| LEN: 60 \| TOS: 0x00 • Reported by: github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇬🇧 gbzret4d	2026-05-28 18:46:07 (6 days ago)	Honeypot [uk-production01]: Empty payload (likely service probe); 3131 [1] TCP	Port Scan
🇩🇪 mittPS	2026-05-28 18:45:18 (6 days ago)	2026-05-28T20:45:17.067456+02:00 immelmann sshd[3508932]: Connection closed by 66.132.172.96 port 10 ... show more 2026-05-28T20:45:17.067456+02:00 immelmann sshd[3508932]: Connection closed by 66.132.172.96 port 10874 [preauth] ... show less	Brute-Force SSH
🇹🇭 Sawasdee	2026-05-28 18:15:37 (6 days ago)	Port Scan ...	Port Scan
🇺🇸 NetGuard	2026-05-28 14:52:47 (6 days ago)	#honeypot #netguard247 #cowrie #sshtelnetprobe Captured by NetGuard 24/7 T-Pot honeypot (netguard24- ... show more #honeypot #netguard247 #cowrie #sshtelnetprobe Captured by NetGuard 24/7 T-Pot honeypot (netguard24-7.com). Timestamp: 2026-05-28T14:52:47.219+00:00 Attacker IP: 66.132.172.96 \| Port: N/A \| Country: United States Honeypot: cowrie \| Attack: ssh_telnet_probe Source: NetGuard 24/7 (netguard24-7.com) \| PhantomGrid Defense show less	Brute-Force SSH
Anonymous	2026-05-28 09:52:25 (6 days ago)	Reported from Nginx log analysis 6. Log: 66.132.172.96 - - [28/May/2026:xx:xx:xx 0200] "GET / HTTP/ ... show more Reported from Nginx log analysis 6. Log: 66.132.172.96 - - [28/May/2026:xx:xx:xx 0200] "GET / HTTP/1.1" xxx xxx "-" "Mozilla/5.0 (compatible; CensysInspect/1.1; https://about.censys.io/)" "-" "US United States -" "AS398324" "Censys, Inc." show less	Port Scan Brute-Force SSH
🇸🇬 drewf.ink	2026-05-28 08:40:42 (1 week ago)	[08:40] Port scanning. Port(s) scanned: TCP/1723	Port Scan
Anonymous	2026-05-28 08:35:17 (1 week ago)	IP banned by Fail2Ban in jail nginx-abusive-ips	Web App Attack Brute-Force Bad Web Bot
🇦🇺 LiftUp Hosting	2026-05-28 08:15:56 (1 week ago)	Honeypot hit: Empty payload (likely service probe); 39856 [3] TCP	Port Scan
🇦🇹 Pingger Shikkoken	2026-05-28 05:29:06 (1 week ago)	2026-05-28T05:29:06+00:00 iskariot kernel: AbuseIPDB-Blacklist-Dropped: IN=ens3 OUT=ServerBridge MAC ... show more 2026-05-28T05:29:06+00:00 iskariot kernel: AbuseIPDB-Blacklist-Dropped: IN=ens3 OUT=ServerBridge MAC=b6:ab:74:e6:2e:14:84:03:28:62:88:32:08:00 SRC=66.132.172.96 DST=10.1.1.5 LEN=60 TOS=0x00 PREC=0x00 TTL=54 ID=63190 DF PROTO=TCP SPT=62886 DPT=2222 WINDOW=21900 RES=0x00 SYN URGP=0 2026-05-28T05:29:07+00:00 iskariot kernel: AbuseIPDB-Blacklist-Dropped: IN=ens3 OUT=ServerBridge MAC=b6:ab:74:e6:2e:14:84:03:28:62:88:32:08:00 SRC=66.132.172.96 DST=10.1.1.5 LEN=60 TOS=0x00 PREC=0x00 TTL=54 ID=63191 DF PROTO=TCP SPT=62886 DPT=2222 WINDOW=21900 RES=0x00 SYN URGP=0 2026-05-28T05:29:07+00:00 iskariot kernel: AbuseIPDB-Blacklist-Dropped: IN=ens3 OUT=ServerBridge MAC=b6:ab:74:e6:2e:14:84:03:28:62:88:32:08:00 SRC=66.132.172.96 DST=10.1.1.5 LEN=60 TOS=0x00 PREC=0x00 TTL=54 ID=21551 DF PROTO=TCP SPT=62900 DPT=2222 WINDOW=21900 RES=0x00 SYN URGP=0 ... show less	Hacking Brute-Force SSH
🇺🇸 sandra361	2026-05-28 05:19:01 (1 week ago)	Port scan detected: 28 attempts across 1 ports (61951). \| Evidence: REAPER_TARPIT:IN=enp1s0 OUT= SRC ... show more Port scan detected: 28 attempts across 1 ports (61951). \| Evidence: REAPER_TARPIT:IN=enp1s0 OUT= SRC=66.132.172.96 LEN=60 TOS=0x00 PREC=0x00 TTL=52 ID=63579 DF PROTO=TCP SPT=41868 DPT=61951 WINDOW=21900 RES=0x00 SYN URGP=0 show less	Port Scan
🇹🇷 pamircil	2026-05-28 04:01:06 (1 week ago)	🍯 WinnieThePooh Honeypot : Detected VNC/5900 probing attempt 💀	Port Scan Hacking Brute-Force
🇳🇱 donarev419	2026-05-28 03:55:43 (1 week ago)	Port scan detected on port 6094 (connection without data transfer)	Port Scan
🇩🇪 guldkage	2026-05-28 03:44:03 (1 week ago)	Unauthorized connection attempt detected from IP address 66.132.172.96 to port 22 (ger-03) [V]	Brute-Force Exploited Host
Anonymous	2026-05-28 03:39:40 (1 week ago)	Scenarios: http-bad-user-agent Total requests: 2 [28/May/2026:03:39:35 +0000] [Client: 66.132.172.96 ... show more Scenarios: http-bad-user-agent Total requests: 2 [28/May/2026:03:39:35 +0000] [Client: 66.132.172.96] GET [302] "/" User-Agent: "Mozilla/5.0 (compatible; CensysInspect/1.1; +https://about.censys.io/)" show less	Web App Attack

Showing 151 to 165 of 1859 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇧🇩 182.48.68.82

🇺🇸 162.216.149.185

🇺🇸 162.216.149.132

🇺🇸 162.216.149.97

🇺🇸 12.156.67.18

🇺🇸 3.19.255.151

🇺🇬 196.0.120.211

🇸🇪 155.4.244.169

🇰🇷 152.32.139.96

🇫🇮 147.185.133.67

🇮🇳 122.185.176.126

🇫🇷 91.231.89.205

🇫🇷 91.231.89.117

🇺🇸 66.132.224.18

🇳🇱 45.148.10.151

🇺🇸 34.227.225.33

🇺🇸 20.169.105.90

🇺🇸 20.168.122.38

🇨🇭 209.99.190.113

🇺🇸 195.184.76.38