JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 66.132.186.172

66.132.186.172 was found in our database!

This IP was reported 2,068 times. Confidence of Abuse is 100%: ?

100%

ISP	Censys, Inc.
Usage Type	Commercial
ASN	AS398324
Hostname(s)	172.186.132.66.censys-scanner.com
Domain Name	censys.com
Country	🇺🇸 United States of America
City	Chicago, Illinois

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 66.132.186.172

Whois 66.132.186.172

IP Abuse Reports for 66.132.186.172:

This IP address has been reported a total of 2,068 times from 460 distinct sources. 66.132.186.172 was first reported on March 21st 2026, and the most recent report was 52 minutes ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇨🇦 Luhte	2026-06-28 10:03:26 (52 minutes ago)	Unsolicited TCP connection from 66.132.186.172 to port 0 at 2026-06-28T10:03:26Z. Source IP complete ... show more Unsolicited TCP connection from 66.132.186.172 to port 0 at 2026-06-28T10:03:26Z. Source IP completed three-way handshake to non-public service on this host. Detected by automated intrusion monitoring. show less	Port Scan Hacking
🇩🇪 london2038.com	2026-06-28 05:49:27 (5 hours ago)	Unsolicited connect to 2222/TCP 2026-06-28 07:42:25.333983179 +0200 CEST, 66.132.186.172:5802, closi ... show more Unsolicited connect to 2222/TCP 2026-06-28 07:42:25.333983179 +0200 CEST, 66.132.186.172:5802, closing 2026-06-28 07:42:31.162594288 +0200 CEST, 66.132.186.172:8750, closing show less	Port Scan SSH
🇬🇧 gbzret4d	2026-06-28 02:51:50 (8 hours ago)	Honeypot [uk-production01]: Empty payload (likely service probe); 61616 [2] TCP	Port Scan
🇹🇭 MWA SOC	2026-06-28 02:46:14 (8 hours ago)		Hacking
🇳🇱 Nerdscave Hosting	2026-06-28 01:48:50 (9 hours ago)	[SMB Honeypot Report] Timestamp: 2026-06-28 01:48:49 UTC Port: 28462 Attempted credentials (Base64): ... show more [SMB Honeypot Report] Timestamp: 2026-06-28 01:48:49 UTC Port: 28462 Attempted credentials (Base64): alNNQkB8AXwkfAN8AXwQAnwDAgM= Attack Type: Unauthorized SMB connection attempt show less	Brute-Force Port Scan Hacking
🇬🇧 sandra361	2026-06-28 00:38:04 (10 hours ago)	Port scan detected: 40 attempts across 1 ports (19999). \| Evidence: REAPER_TARPIT: IN=enp1s0f0 SRC=6 ... show more Port scan detected: 40 attempts across 1 ports (19999). \| Evidence: REAPER_TARPIT: IN=enp1s0f0 SRC=66.132.186.172 LEN=60 TOS=0x00 PREC=0x00 TTL=54 ID=1183 DF PROTO=TCP SPT=19728 DPT=19999 WINDOW=21900 RES=0x00 SYN URGP=0 show less	Port Scan
🇺🇸 donarev419	2026-06-28 00:37:55 (10 hours ago)	Port scan detected on port 9253 (connection without data transfer)	Port Scan
🇲🇳 Public CSIRT/CC of Mongolia	2026-06-27 23:21:24 (11 hours ago)	Honeypot hit: Empty payload (likely service probe); 58783 [1] TCP	Port Scan
🇮🇱 spd.co.il	2026-06-27 23:02:56 (11 hours ago)	Web application attack detected	Hacking Web App Attack
🇩🇪 sandra361	2026-06-27 22:01:05 (12 hours ago)	Port scan detected: 9 attempts across 1 ports (31779). \| Evidence: REAPER_TARPIT: IN=ens3 SRC=66.132 ... show more Port scan detected: 9 attempts across 1 ports (31779). \| Evidence: REAPER_TARPIT: IN=ens3 SRC=66.132.186.172 LEN=60 TOS=0x00 PREC=0x00 TTL=60 ID=16134 DF PROTO=TCP SPT=17810 DPT=31779 WINDOW=21900 RES=0x00 SYN URGP=0 show less	Port Scan
🇿🇦 slartybartfast69420blazit	2026-06-27 20:39:00 (14 hours ago)	Fail2ban picked up 66.132.186.172 attacking nginx	Web App Attack
🇩🇰 castipo	2026-06-27 19:10:22 (15 hours ago)	nginx-bad-ua :: 66.132.186.172 - - [28/Jun/2026:02:10:22 +0700] "GET / HTTP/1.1" 301 162 "-" "Mozill ... show more nginx-bad-ua :: 66.132.186.172 - - [28/Jun/2026:02:10:22 +0700] "GET / HTTP/1.1" 301 162 "-" "Mozilla/5.0 (compatible; CensysInspect/1.1; +https://[host]/)" host="[ip]" cfip="-" cfray="-" show less	Bad Web Bot
🇩🇪 acadeova	2026-06-27 19:01:45 (15 hours ago)	🚨 Recon detected (nft drop) SRC=66.132.186.172 Observed=TCP dpt=8000 in=enp0s6 ttl=59 Time=recent(jo ... show more 🚨 Recon detected (nft drop) SRC=66.132.186.172 Observed=TCP dpt=8000 in=enp0s6 ttl=59 Time=recent(journalctl: 10 minutes ago) Assessment=Generic scanning / reconnaissance (PORT_SCAN) show less	Port Scan
🇯🇵 S.O.B.A. Dev.	2026-06-27 17:44:39 (17 hours ago)	Persistent port scanning or vulnerability scanning	Port Scan
🇬🇧 AdrianT	2026-06-27 17:16:06 (17 hours ago)	SMTP port scanning	Port Scan

Showing 1 to 15 of 2068 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇭🇰 190.92.239.22

🇧🇷 138.97.243.57

🇬🇧 2a06:4880:8000::b5

🇺🇸 192.185.4.92

🇮🇹 172.213.2.229

🇧🇷 138.97.243.74

🇧🇷 138.97.242.33

🇧🇷 138.97.241.39

🇫🇷 95.111.235.75

🇩🇪 64.89.163.173

🇺🇸 54.197.108.167

🇯🇵 43.133.220.37

🇮🇷 2.190.48.140

🇺🇸 162.216.149.114

🇧🇷 138.97.243.32

🇧🇷 138.97.241.221

🇧🇷 138.97.241.171

🇳🇱 134.122.48.159

🇨🇳 112.22.12.184

🇺🇸 104.23.5.198