JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 66.132.224.89

66.132.224.89 was found in our database!

This IP was reported 1,247 times. Confidence of Abuse is 100%: ?

100%

ISP	Censys, Inc.
Usage Type	Commercial
ASN	AS398324
Hostname(s)	89.224.132.66.censys-scanner.com
Domain Name	censys.io
Country	🇺🇸 United States of America
City	Chicago, Illinois

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 66.132.224.89

Whois 66.132.224.89

IP Abuse Reports for 66.132.224.89:

This IP address has been reported a total of 1,247 times from 368 distinct sources. 66.132.224.89 was first reported on March 22nd 2026, and the most recent report was 3 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 chronos	2026-03-29 21:34:54 (2 months ago)	[AUTORAVALT][[29/03/2026 - 18:34:54 -03:00 UTC] Attack from [Censys, Inc.] [66.132.224.89][89.224.13 ... show more [AUTORAVALT][[29/03/2026 - 18:34:54 -03:00 UTC] Attack from [Censys, Inc.] [66.132.224.89][89.224.132.66.censys-scanner.com] Action: BLocKed Phishing -> Phishing websites and/or email. Email Spam -> Spam email content, infected attachments, and phishing emails. Hacking... Unauthorized attempts to access the server. Spoofing -> Email sender spoofing. Brute-For] ... show less	Brute-Force Email Spam Spoofing Phishing Hacking
🇩🇪 guldkage	2026-03-29 20:14:09 (2 months ago)	Unauthorized connection attempt detected from IP address 66.132.224.89 to port 22 (ger-01) [SSH]	Exploited Host
🇩🇪 celestialcity	2026-03-29 16:40:05 (2 months ago)	Blocked by UFW on celestialcityeu [2096/tcp] \| SPT: 19416 \| TTL: 48 \| LEN: 60 \| TOS: 0x00 • Reported ... show more Blocked by UFW on celestialcityeu [2096/tcp] \| SPT: 19416 \| TTL: 48 \| LEN: 60 \| TOS: 0x00 • Reported by: github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇨🇭 MLCloud	2026-03-29 10:33:41 (2 months ago)	Honeypot hit: Empty payload (likely service probe); 1900 [1] TCP	Port Scan
Anonymous	2026-03-29 10:09:10 (2 months ago)	fail2ban:piguard:14,18	Port Scan Brute-Force
🇹🇷 Threat.live	2026-03-29 09:25:19 (2 months ago)	Suspicious activity, tcp/24180	Port Scan
🇺🇸 Xarcotic	2026-03-29 08:37:07 (2 months ago)	SSH login on honeypot.	Brute-Force SSH
🇬🇧 OptimusGO	2026-03-29 07:14:42 (2 months ago)	Malicious activity detected: web_attack Server: commstackbc (185.127.18.66) Attack: web_attack Time ... show more Malicious activity detected: web_attack Server: commstackbc (185.127.18.66) Attack: web_attack Timestamp: 2026-03-29 08:14:42 UTC Log evidence: 03/29/2026-08:14:41.398295 [] [1:1000101:2] SECURITY Port Scan Detected - Multiple Unauthorized Ports [] [Classification: Attempted Information Leak] [Priority: 1] {TCP} 66.132.224.89:1494 -> 185.127.18.66:44301 03/29/2026-08:14:41.460843 [] [1:1000101:2] SECURITY Port Scan Detected - Multiple Unauthorized Ports [] [Classification: Attempted Information Leak] [Priority: 1] {TCP} 66.132.224.89:1504 -> 185.127.18.66:44301 show less	Port Scan Brute-Force
🇫🇷 ISPLtd	2026-03-29 07:07:18 (2 months ago)	Mar 29 04:07:16 66.132.224.89 TCP SPT=58152 DPT=8182 SYN Mar 29 04:07:17 66.132.224.89 TCP SPT=58158 ... show more Mar 29 04:07:16 66.132.224.89 TCP SPT=58152 DPT=8182 SYN Mar 29 04:07:17 66.132.224.89 TCP SPT=58158 DPT=8182 SYN Mar 29 04:07:18 66.132.224.89 TCP SPT=58158 DPT=8182 ... show less	Port Scan
🇩🇪 ISPLtd	2026-03-29 06:19:05 (2 months ago)	Mar 29 03:19:03 66.132.224.89 TCP SPT=50292 DPT=9001 SYN Mar 29 03:19:04 66.132.224.89 TCP SPT=50308 ... show more Mar 29 03:19:03 66.132.224.89 TCP SPT=50292 DPT=9001 SYN Mar 29 03:19:04 66.132.224.89 TCP SPT=50308 DPT=9001 SYN Mar 29 03:19:05 66.132.224.89 TCP SPT=50308 DPT=9001 ... show less	Port Scan
🇫🇷 ISPLtd	2026-03-28 22:44:28 (2 months ago)	Mar 28 19:44:27 66.132.224.89 TCP SPT=44388 DPT=5678 SYN Mar 28 19:44:27 66.132.224.89 TCP SPT=44402 ... show more Mar 28 19:44:27 66.132.224.89 TCP SPT=44388 DPT=5678 SYN Mar 28 19:44:27 66.132.224.89 TCP SPT=44402 DPT=5678 SYN Mar 28 19:44:28 66.132.224.89 TCP SPT=13290 DPT=5678 ... show less	Port Scan
🇫🇷 900cm	2026-03-28 20:11:17 (2 months ago)	Mar 28 21:10:17 localhost postfix/smtpd[2945520]: improper command pipelining after CONNECT from 89. ... show more Mar 28 21:10:17 localhost postfix/smtpd[2945520]: improper command pipelining after CONNECT from 89.224.132.66.censys-scanner.com[66.132.224.89]: \000\000\000j\376SMB@\000\001\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000$\000\003\000\001\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000 Mar 28 21:10:17 localhost postfix/smtpd[2945522]: improper command pipelining after CONNECT from 89.224.132.66.censys-scanner.com[66.132.224.89]: \000\000\000/\377SMBr\000\000\000\000\030C\310\000\000\000\000\000\000\000\000\000\000\000\000\377\377\377\376\000\000\000\000\000\f\000\002NT LM 0.12\000 Mar 28 21:11:17 localhost postfix/smtpd[2947175]: improper command pipelining after CONNECT from 89.224.132.66.censys-scanner.com[66.132.224.89]: \020\022\000\004MQTT\004 ... show less	Port Scan Brute-Force SSH
Anonymous	2026-03-28 17:30:12 (2 months ago)	Triggered: repeated knocking on closed ports.	Port Scan
🇹🇭 Sawasdee	2026-03-28 17:28:35 (2 months ago)	Port Scan ...	Port Scan
🇺🇸 etu brutus	2026-03-28 17:03:16 (2 months ago)	66.132.224.89 Blocked by [Attack Vector List] ...	Hacking Brute-Force Exploited Host

Showing 1111 to 1125 of 1247 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇧🇪 198.235.24.164

🇻🇳 171.244.61.79

🇸🇬 103.189.234.96

🇮🇳 103.171.39.147

🇺🇸 99.14.134.67

🇺🇸 66.132.186.202

🇮🇳 45.43.45.254

🇮🇳 36.255.6.224

🇬🇧 35.203.210.192

🇧🇪 35.187.171.233

🇨🇦 15.223.88.155

🇨🇦 4.206.92.183

🇺🇸 216.25.89.111

🇺🇸 205.210.31.92

🇨🇳 202.105.98.252

🇺🇸 170.9.16.186

🇩🇪 167.94.146.63

🇨🇳 115.191.3.249

🇷🇺 94.198.1.94

🇷🇴 80.94.95.236