JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 66.56.81.172

66.56.81.172 was found in our database!

This IP was reported 43 times. Confidence of Abuse is 9%: ?

ISP	VPN Consumer Toronto, Canada
Usage Type	Data Center/Web Hosting/Transit
ASN	AS212238
Domain Name	vpnconsumer.com
Country	🇨🇦 Canada
City	Toronto, Ontario

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 66.56.81.172

Whois 66.56.81.172

IP Abuse Reports for 66.56.81.172:

This IP address has been reported a total of 43 times from 16 distinct sources. 66.56.81.172 was first reported on August 12th 2025, and the most recent report was 2 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 2 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇹🇷 Ted Mayers	2026-05-30 20:41:13 (2 weeks ago)	DROP_INPUT detected 31 times on IPFire, port 51413	Brute-Force
🇬🇧 consul.to	2026-05-27 15:12:51 (3 weeks ago)	Web attack/malicious scanning detected	Web App Attack
🇹🇷 rtbh.com.tr	2026-03-15 20:12:04 (3 months ago)	list.rtbh.com.tr report: tcp/0	Brute-Force
🇺🇸 Ghost Rider	2026-03-14 15:05:13 (3 months ago)	RdpGuard detected brute-force attempt on SMTP	Brute-Force
🇺🇸 bigscoots.com	2026-03-14 14:53:15 (3 months ago)	(smtpauth) Failed SMTP AUTH login from 66.56.81.172 (CA/Canada/-): 5 in the last 3600 secs; Ports: 2 ... show more (smtpauth) Failed SMTP AUTH login from 66.56.81.172 (CA/Canada/-): 5 in the last 3600 secs; Ports: 25,465,587; Direction: 0; Trigger: LF_SMTPAUTH; Logs: 2026-03-14 10:52:48 dovecot_plain authenticator failed for H=([10.12.18.140]) [66.56.81.172]:32745: 535 Incorrect authentication data ([email protected]) 2026-03-14 10:52:54 dovecot_login authenticator failed for H=([10.12.18.140]) [66.56.81.172]:32745: 535 Incorrect authentication data ([email protected]) 2026-03-14 10:53:00 dovecot_plain authenticator failed for H=([10.12.18.140]) [66.56.81.172]:24349: 535 Incorrect authentication data ([email protected]) 2026-03-14 10:53:06 dovecot_login authenticator failed for H=([10.12.18.140]) [66.56.81.172]:24349: 535 Incorrect authentication data ([email protected]) 2026-03-14 10:53:14 dovecot_plain authenticator failed for H=([10.12.18.140]) [66.56.81.172]:39164: 535 Incorrect authentication data ([email protected]) show less	Brute-Force SSH
🇧🇷 SvrAdmin	2026-03-14 13:50:50 (3 months ago)	[101] (smtpauth) Failed SMTP AUTH login from 66.56.81.172 (CA/Canada/-): 5 in the last 3600 secs; Po ... show more [101] (smtpauth) Failed SMTP AUTH login from 66.56.81.172 (CA/Canada/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SMTPAUTH; Logs: 2026-03-14 10:50:23 dovecot_plain authenticator failed for H=([10.12.18.140]) [66.56.81.172]:44116: 535 Incorrect authentication data ([email protected]) 2026-03-14 10:50:29 dovecot_login authenticator failed for H=([10.12.18.140]) [66.56.81.172]:44116: 535 Incorrect authentication data ([email protected]) 2026-03-14 10:50:36 dovecot_plain authenticator failed for H=([10.12.18.140]) [66.56.81.172]:37584: 535 Incorrect authentication data ([email protected]) 2026-03-14 10:50:38 dovecot_login authenticator failed for H=([10.12.18.140]) [66.56.81.172]:37584: 535 Incorrect authentication data ([email protected]) 2026-03-14 10:50:48 dovecot_plain authenticator failed for H=([10.12.18.140]) [66.56.81.172]:32834: 535 Incorrect authentication data ([email protected]) show less	Port Scan Hacking Brute-Force Exploited Host
🇮🇹 Progetto1	2026-03-14 13:34:02 (3 months ago)	Mail - Multiple failed login attempts	Brute-Force Exploited Host
🇨🇿 lp	2026-03-14 12:12:13 (3 months ago)	Email account brute force: 4 attempts were recorded from 66.56.81.172 2026-03-14T12:54:14+01:00 warn ... show more Email account brute force: 4 attempts were recorded from 66.56.81.172 2026-03-14T12:54:14+01:00 warning: unknown[66.56.81.172]: SASL PLAIN authentication failed: authentication failure, [email protected] 2026-03-14T12:54:14+01:00 warning: unknown[66.56.81.172]: SASL LOGIN authentication failed: authentication failure, [email protected] 2026-03-14T12:54:16+01:00 warning: unknown[66.56.81.172]: SASL PLAIN authentication failed: authentication failure, [email protected] 2026-03-14T12:54:16+01:00 warning: unknown[66.56.81.172]: SASL LOGIN authentication failed: authentication failure, [email protected] show less	Brute-Force
Anonymous	2026-03-11 06:25:06 (3 months ago)	Unauthorized connection attempt detected in the last 24 hours	Hacking
Anonymous	2026-03-08 06:20:14 (3 months ago)	Unauthorized connection attempt detected in the last 24 hours	Hacking
Anonymous	2026-03-05 06:15:08 (3 months ago)	Unauthorized connection attempt detected in the last 24 hours	Hacking
Anonymous	2026-03-02 06:15:06 (3 months ago)	Unauthorized connection attempt detected in the last 24 hours	Hacking
Anonymous	2026-02-27 06:10:07 (3 months ago)	Unauthorized connection attempt detected in the last 24 hours	Hacking
Anonymous	2026-02-24 06:05:25 (3 months ago)	Unauthorized connection attempt detected in the last 24 hours	Hacking
🇺🇸 TPI-Abuse	2026-02-14 15:57:05 (4 months ago)	(mod_security) mod_security (id:225170) triggered by 66.56.81.172 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:225170) triggered by 66.56.81.172 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 10:57:01.189538 2026] [security2:error] [pid 31336:tid 31336] [client 66.56.81.172:48611] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|techoutletec.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "techoutletec.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "aZCbTW_-kxovU4mOj1-MuwAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 43 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 216.26.229.165

🇭🇰 152.32.128.204

🇱🇹 81.30.98.44

🇺🇸 2001:470:2cc:1::20f

🇰🇷 223.222.126.147

🇵🇪 179.6.7.158

🇳🇱 176.65.139.56

🇭🇰 144.48.241.162

🇨🇳 125.112.242.10

🇬🇧 86.185.58.42

🇸🇪 83.255.209.245

🇺🇸 74.124.165.222

🇺🇸 74.7.244.32

🇷🇺 45.92.177.186

🇺🇸 13.219.218.205

🇳🇿 222.152.144.48

🇸🇪 213.65.190.48

🇧🇷 170.238.160.191

🇭🇰 144.48.8.10

🇩🇪 130.12.180.196