JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 66.228.53.4

66.228.53.4 was found in our database!

This IP was reported 3,675 times. Confidence of Abuse is 100%: ?

100%

ISP	Linode
Usage Type	Data Center/Web Hosting/Transit
ASN	AS63949
Hostname(s)	66-228-53-4.ip.linodeusercontent.com
Domain Name	linode.com
Country	🇺🇸 United States of America
City	Richardson, Texas

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 66.228.53.4

Whois 66.228.53.4

IP Abuse Reports for 66.228.53.4:

This IP address has been reported a total of 3,675 times from 401 distinct sources. 66.228.53.4 was first reported on May 24th 2025, and the most recent report was 13 minutes ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 VanKoh	2026-06-08 00:37:52 (13 minutes ago)	66.228.53.4 - - [07/Jun/2026:18:37:50 -0600] "GET / HTTP/1.1" 302 138 "-" "Mozilla/5.0 (Macintosh; I ... show more 66.228.53.4 - - [07/Jun/2026:18:37:50 -0600] "GET / HTTP/1.1" 302 138 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 13_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36" 66.228.53.4 - - [07/Jun/2026:18:37:50 -0600] "GET / HTTP/1.1" 301 5 "http://209.126.2.186:443/" "Mozilla/5.0 (Macintosh; Intel Mac OS X 13_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36" 66.228.53.4 - - [07/Jun/2026:18:37:51 -0600] "GET / HTTP/1.1" 301 5 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 13_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36" ... show less	DDoS Attack Web App Attack
🇲🇳 Public CSIRT/CC of Mongolia	2026-06-08 00:16:13 (34 minutes ago)	Honeypot hit: HTTP/1.1 request on 4321 GET / User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 13_ ... show more Honeypot hit: HTTP/1.1 request on 4321 GET / User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 13_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36 Accept: / Accept-Encoding: gzip; 4321 [2] TCP show less	Web App Attack
🇬🇧 Deveroonie	2026-06-07 10:15:57 (14 hours ago)	2026-06-07T10:15:56.456032+00:00 ubuntu-s-1vcpu-1gb-lon1-01 sshd[773452]: banner exchange: Connectio ... show more 2026-06-07T10:15:56.456032+00:00 ubuntu-s-1vcpu-1gb-lon1-01 sshd[773452]: banner exchange: Connection from 66.228.53.4 port 57808: invalid format 2026-06-07T10:15:56.698407+00:00 ubuntu-s-1vcpu-1gb-lon1-01 sshd[773454]: banner exchange: Connection from 66.228.53.4 port 46928: invalid format ... show less	Hacking Brute-Force SSH
🇺🇸 donarev419	2026-06-07 04:25:36 (20 hours ago)	Connection to port 1604 with data transfer. Data preview:	Port Scan Hacking
🇦🇺 dyln	2026-06-07 03:53:27 (20 hours ago)	Dyls honeypot brute-force: proto8 (2 total hits)	Brute-Force
🇳🇱 ReyhZhao	2026-06-07 02:39:34 (22 hours ago)	Bunkerweb ModSecurity alert: Potential Remote Command Execution (RCE) detected. Unix shell code was ... show more Bunkerweb ModSecurity alert: Potential Remote Command Execution (RCE) detected. Unix shell code was identified within the request arguments, triggering a security rule designed to prevent application attacks. show less	Brute-Force
🇸🇬 drewf.ink	2026-06-07 02:18:55 (22 hours ago)	[02:18] Port scanning. Port(s) scanned: TCP/10000	Port Scan
🇺🇸 donarev419	2026-06-07 02:14:21 (22 hours ago)	Connection to port 999 with data transfer. Data preview: GET / HTTP/1.1 Host: 167.253.66.144:999 U ... show more Connection to port 999 with data transfer. Data preview: GET / HTTP/1.1 Host: 167.253.66.144:999 User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 13_1) A show less	Port Scan Hacking
🇧🇷 diego	2026-06-07 02:05:20 (22 hours ago)	[probe-44-49] 2026-06-07 01:47:25, Client: 66.228.53.4, Protocol: 6, Unauthorized activity to HTTP: ... show more [probe-44-49] 2026-06-07 01:47:25, Client: 66.228.53.4, Protocol: 6, Unauthorized activity to HTTP: GET / show less	Web App Attack
🇩🇰 RhQM	2026-06-07 01:43:21 (23 hours ago)		Bad Web Bot Exploited Host Web App Attack
🇬🇧 andypiper	2026-06-07 01:00:50 (23 hours ago)	CrowdSec ban for AbuseIPDB Top List	Brute-Force Web App Attack
🇩🇪 dispaisyenterprises	2026-06-07 00:22:49 (1 day ago)	Honeypot [fra-de-honeypot]: HTTP/1.1 request on 1220 GET / User-Agent: Mozilla/5.0 (Macintosh; Inte ... show more Honeypot [fra-de-honeypot]: HTTP/1.1 request on 1220 GET / User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 13_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36 Accept: / Accept-Encoding: gzip; 1220 [2] TCP Reported by DisPaisy Enterprises (dispaisy.systems) using: https://github.com/sefinek/T-Pot-To-AbuseIPDB show less	Hacking Bad Web Bot
🇺🇸 drewf.ink	2026-06-07 00:15:39 (1 day ago)	[00:15] Port scanning. Port(s) scanned: TCP/8088	Port Scan
🇲🇳 Public CSIRT/CC of Mongolia	2026-06-06 22:18:40 (1 day ago)	Honeypot hit: HTTP/1.1 request on 2021 GET / User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 13_ ... show more Honeypot hit: HTTP/1.1 request on 2021 GET / User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 13_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36 Accept: / Accept-Encoding: gzip; 2021 [2] TCP show less	Web App Attack
🇺🇸 www.winos.me	2026-06-06 21:36:46 (1 day ago)	Shield: Layer4 Port 9 Trap	Port Scan Hacking

Showing 1 to 15 of 3675 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 2604:a880:400:d1:0:4:8bfc:5001

🇳🇱 185.136.15.13

🇳🇱 176.65.139.43

🇻🇳 165.154.137.186

🇺🇸 146.88.240.103

🇰🇷 106.246.89.68

🇫🇷 82.102.18.180

🇧🇪 34.52.158.68

🇺🇸 20.65.195.25

🇸🇾 5.0.32.34

🇬🇧 195.96.139.250

🇷🇺 178.178.194.135

🇺🇸 172.110.223.97

🇺🇸 147.185.132.129

🇰🇷 121.179.93.147

🇺🇸 107.150.99.178

🇸🇾 93.113.164.108

🇵🇱 87.251.64.176

🇵🇱 77.73.129.46

🇩🇪 64.226.71.148