JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 66.132.186.190

66.132.186.190 was found in our database!

This IP was reported 1,655 times. Confidence of Abuse is 100%: ?

100%

ISP	Censys, Inc.
Usage Type	Commercial
ASN	AS398324
Hostname(s)	190.186.132.66.censys-scanner.com
Domain Name	censys.io
Country	🇺🇸 United States of America
City	Chicago, Illinois

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 66.132.186.190

Whois 66.132.186.190

IP Abuse Reports for 66.132.186.190:

This IP address has been reported a total of 1,655 times from 420 distinct sources. 66.132.186.190 was first reported on March 22nd 2026, and the most recent report was 1 hour ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 IP Analyzer	2026-05-29 14:30:32 (5 days ago)	Unauthorized connection attempt from IP address 66.132.186.190 on Port 993(IMAP)	Port Scan
🇯🇵 mkaraki	2026-05-29 12:23:16 (5 days ago)	1780057395 # Service_probe # SIGNATURE_SEND # source_ip:66.132.186.190 # dst_port:10002 ...	Port Scan
🇵🇱 tkhaldi	2026-05-29 11:19:45 (5 days ago)	::ffff:66.132.186.190 - - [29/May/2026:11:19:40 +0000] "GET / HTTP/1.1" 400 248 "-" "Mozilla/5.0 (co ... show more ::ffff:66.132.186.190 - - [29/May/2026:11:19:40 +0000] "GET / HTTP/1.1" 400 248 "-" "Mozilla/5.0 (compatible; CensysInspect/1.1; +https://about.censys.io/)" ::ffff:66.132.186.190 - - [29/May/2026:11:19:41 +0000] "PRI * HTTP/2.0" 400 150 "-" "-" ::ffff:66.132.186.190 - - [29/May/2026:11:19:44 +0000] "GET /login HTTP/1.1" 400 248 "-" "Mozilla/5.0 (compatible; CensysInspect/1.1; +https://about.censys.io/)" ... show less	Web App Attack
🇦🇺 LiftUp Hosting	2026-05-29 09:45:57 (5 days ago)	Honeypot hit: Empty payload (likely service probe); 18595 [1] TCP	Port Scan
🇩🇪 Justin F. \| AS204464	2026-05-29 09:29:15 (5 days ago)	Honeypot [nx-infrastructure]: Empty payload (likely service probe); 37624 [1] TCP Reported by: Justi ... show more Honeypot [nx-infrastructure]: Empty payload (likely service probe); 37624 [1] TCP Reported by: Justin F. show less	Port Scan
🇺🇸 cwytech	2026-05-29 08:17:08 (5 days ago)	Fleet-wide ban from the Ghostfleet 👻. Triggered by scenario: cwy/web-asn-lockdown-high.	Bad Web Bot Web App Attack
🇮🇳 evicky2002	2026-05-29 06:52:29 (5 days ago)	Confirmed malicious by STILWaters CTI platform (score=100, sources=1)	Hacking Brute-Force SSH
🇺🇸 dondessert.com	2026-05-29 06:28:52 (5 days ago)	2026-05-03T09:38:22.116799mail.dondessert.com sshd[254033]: Connection closed by 66.132.186.190 port ... show more 2026-05-03T09:38:22.116799mail.dondessert.com sshd[254033]: Connection closed by 66.132.186.190 port 9314 [preauth] 2026-05-29T02:28:50.668866mail.dondessert.com sshd[1024255]: Connection closed by 66.132.186.190 port 8050 [preauth] ... show less	Brute-Force SSH
🇩🇪 2048	2026-05-29 06:02:49 (5 days ago)	2026-05-29T08:02:45.382259+02:00 machodeer kernel: [2742482.912302] [UFW BLOCK] IN=ens3 OUT= MAC=RED ... show more 2026-05-29T08:02:45.382259+02:00 machodeer kernel: [2742482.912302] [UFW BLOCK] IN=ens3 OUT= MAC=REDACTED SRC=66.132.186.190 DST=REDACTED LEN=60 TOS=0x08 PREC=0x40 TTL=47 ID=23931 DF PROTO=TCP SPT=9476 DPT=25 WINDOW=21900 RES=0x00 SYN URGP=0 2026-05-29T08:02:46.393134+02:00 machodeer kernel: [2742483.923175] [UFW BLOCK] IN=ens3 OUT= MAC=REDACTED SRC=66.132.186.190 DST=REDACTED LEN=60 TOS=0x08 PREC=0x40 TTL=47 ID=23932 DF PROTO=TCP SPT=9476 DPT=25 WINDOW=21900 RES=0x00 SYN URGP=0 2026-05-29T08:02:48.444283+02:00 machodeer kernel: [2742485.971705] [UFW BLOCK] IN=ens3 OUT= MAC=REDACTED SRC=66.132.186.190 DST=REDACTED LEN=60 TOS=0x08 PREC=0x40 TTL=47 ID=23933 DF PROTO=TCP SPT=9476 DPT=25 WINDOW=21900 RES=0x00 SYN URGP=0 show less	Port Scan
🇺🇸 Bankbook8585	2026-05-29 03:18:49 (5 days ago)	T-Pot honeypot \| Dionaea honeypot: ftpd	Port Scan Hacking
🇩🇪 D3RP4UL	2026-05-29 03:11:34 (5 days ago)	Unauthorized traffic on 1723/pptpd	Port Scan
🇧🇷 diego	2026-05-29 01:43:28 (6 days ago)	[rede-164-29] 05/28/2026-22:43:28.182749, 66.132.186.190, Protocol: 6, ET DROP Dshield Block Listed ... show more [rede-164-29] 05/28/2026-22:43:28.182749, 66.132.186.190, Protocol: 6, ET DROP Dshield Block Listed Source group 1 show less	Hacking
🇩🇪 cloudmax	2026-05-29 01:28:26 (6 days ago)	Cloudmax IPS Block - Suspicious activity. Possible port scanning, service reconnaissance, or vulnera ... show more Cloudmax IPS Block - Suspicious activity. Possible port scanning, service reconnaissance, or vulnerability probing show less	Port Scan
Anonymous	2026-05-29 00:33:14 (6 days ago)	Kept connecting and disconnecting without issuing any commands	DDoS Attack
🇦🇺 LiftUp Hosting	2026-05-28 22:33:54 (6 days ago)	Honeypot hit: Empty payload (likely service probe); 48666 [1] TCP	Port Scan

Showing 121 to 135 of 1655 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇷🇺 188.92.241.150

🇺🇸 18.205.132.252

🇩🇪 172.69.113.6

🇺🇸 162.216.150.29

🇺🇸 147.185.132.126

🇺🇸 135.237.125.26

🇻🇳 103.153.254.96

🇮🇩 103.65.237.52

🇧🇪 35.195.28.95

🇦🇪 20.203.42.204

🇭🇺 195.199.210.194

🇳🇱 195.178.110.199

🇺🇸 165.232.137.226

🇨🇳 140.250.136.12

🇻🇳 116.110.6.184

🇵🇰 72.255.19.90

🇺🇸 67.205.189.163

🇯🇵 20.63.210.3

🇺🇸 216.158.231.210

🇬🇫 193.251.163.42