JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 66.132.186.199

66.132.186.199 was found in our database!

This IP was reported 1,912 times. Confidence of Abuse is 100%: ?

100%

ISP	Censys, Inc.
Usage Type	Commercial
ASN	AS398324
Hostname(s)	199.186.132.66.censys-scanner.com
Domain Name	censys.com
Country	🇺🇸 United States of America
City	Chicago, Illinois

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 66.132.186.199

Whois 66.132.186.199

IP Abuse Reports for 66.132.186.199:

This IP address has been reported a total of 1,912 times from 413 distinct sources. 66.132.186.199 was first reported on March 22nd 2026, and the most recent report was 7 minutes ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇲🇳 Public CSIRT/CC of Mongolia	2026-06-14 12:49:02 (7 minutes ago)	Honeypot hit: Empty payload (likely service probe); 24654 [1] TCP	Port Scan
🇭🇰 sandra361	2026-06-14 11:07:21 (1 hour ago)	Port scan detected: 24 attempts across 1 ports (37205). \| Evidence: REAPER_TARPIT: IN=eth0 SRC=66.13 ... show more Port scan detected: 24 attempts across 1 ports (37205). \| Evidence: REAPER_TARPIT: IN=eth0 SRC=66.132.186.199 LEN=60 TOS=0x14 PREC=0x00 TTL=54 ID=44943 DF PROTO=TCP SPT=49316 DPT=37205 WINDOW=21900 RES=0x00 SYN URGP=0 show less	Port Scan
🇺🇸 MPL	2026-06-14 10:31:32 (2 hours ago)	tcp/7681 (5 or more attempts)	Port Scan
🇧🇷 diego	2026-06-14 10:20:20 (2 hours ago)	[probe-44-49] 2026-06-14 10:00:54, Client: 66.132.186.199, Protocol: 6, Unauthorized activity to HTT ... show more [probe-44-49] 2026-06-14 10:00:54, Client: 66.132.186.199, Protocol: 6, Unauthorized activity to HTTP: GET /aht5o2gh9h show less	Web App Attack
🇬🇧 gbzret4d	2026-06-14 09:27:50 (3 hours ago)	Honeypot [uk-production01]: Empty payload (likely service probe); 16798 [1] TCP	Port Scan
Anonymous	2026-06-14 08:48:06 (4 hours ago)	Tried our host z.	Port Scan Hacking Exploited Host
🇮🇹 abuseiphack	2026-06-14 08:46:32 (4 hours ago)	Automatic report for brute force attack	Web App Attack
🇺🇸 mutebot.net	2026-06-14 08:43:45 (4 hours ago)	SRC=66.132.186.199, PROTO=TCP, SPT=44820, DPT=39557 SRC=66.132.186.199, PROTO=TCP, SPT=44820, DPT=39 ... show more SRC=66.132.186.199, PROTO=TCP, SPT=44820, DPT=39557 SRC=66.132.186.199, PROTO=TCP, SPT=44820, DPT=39557 SRC=66.132.186.199, PROTO=TCP, SPT=44828, DPT=39557 SRC=66.132.186.199, PROTO=TCP, SPT=44844, DPT=39557 SRC=66.132.186.199, PROTO=TCP, SPT=44844, DPT=39557 show less	Port Scan
🇺🇸 LotPhantom	2026-06-14 08:32:19 (4 hours ago)	2026-06-14T08:32:18.954949+00:00 bridginggaps sshd[104810]: Connection from 66.132.186.199 port 5559 ... show more 2026-06-14T08:32:18.954949+00:00 bridginggaps sshd[104810]: Connection from 66.132.186.199 port 55596 on 157.230.217.55 port 1992 rdomain "" 2026-06-14T08:32:19.179650+00:00 bridginggaps sshd[104810]: Unable to negotiate with 66.132.186.199 port 55596: no matching MAC found. Their offer: hmac-sha2-256,hmac-sha1,hmac-sha1-96 [preauth] ... show less	Brute-Force SSH
🇫🇷 Thaliruth	2026-06-14 08:10:45 (4 hours ago)	Jun 14 10:10:44 151 postfix/smtpd[775538]: lost connection after CONNECT from 199.186.132.66.censys- ... show more Jun 14 10:10:44 151 postfix/smtpd[775538]: lost connection after CONNECT from 199.186.132.66.censys-scanner.com[66.132.186.199] ... show less	Hacking Brute-Force
🇩🇪 dispaisyenterprises	2026-06-14 06:45:47 (6 hours ago)	Honeypot [fra-de-honeypot]: Unauthorized traffic (8 bytes of payload); 5672 [2] TCP Reported by DisP ... show more Honeypot [fra-de-honeypot]: Unauthorized traffic (8 bytes of payload); 5672 [2] TCP Reported by DisPaisy Enterprises (dispaisy.systems) using: https://github.com/sefinek/T-Pot-To-AbuseIPDB show less	Port Scan
🇮🇩 hermawan	2026-06-14 05:09:07 (7 hours ago)	1781413736.639870 66.132.186.199 103.166.156.58 21900_2-4-8-1-3_1460_10 2026-06-14 12:08:56 WIB ...	Email Spam Hacking
🇦🇺 LiftUp Hosting	2026-06-14 04:31:28 (8 hours ago)	Honeypot hit: SMB traffic on port 445	Hacking
🇺🇸 xxkodedxx	2026-06-14 03:04:07 (9 hours ago)	[Zorvexus edge-defense] Edge-block (probe URI / bad UA / hostile vhost) Trigger: 4× edge-block in 10 ... show more [Zorvexus edge-defense] Edge-block (probe URI / bad UA / hostile vhost) Trigger: 4× edge-block in 10m window. Origin: US / AS398324 Censys, Inc. Active: 03:03:43→03:03:47 UTC Volume: 4 HTTP req Probed: /, 0\xAC\xB1\xBD\x8Dh\x9B\x12\x08jM\xFD\xD7\x8D\xCDY\xAB\xD9b\x1A~\x8A\x7F\x93]\xE1\xD1S, * Status mix: 400×3 444×1 UA: "Mozilla/5.0 (compatible; CensysInspect/1.1; +https://about.censys.io/)" Auto-banned 30d. zorvexus-banner. show less	Bad Web Bot Web App Attack
🇭🇺 wap.dynu.net	2026-06-14 02:19:39 (10 hours ago)	Mail Rejected due to Proprietory Method on port 25	Email Spam Exploited Host

Showing 1 to 15 of 1912 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 162.216.150.246

🇺🇸 194.62.107.135

🇬🇧 185.216.145.178

🇲🇾 183.171.44.82

🇧🇷 179.184.0.32

🇷🇺 176.120.22.113

🇭🇰 172.253.5.16

🇭🇰 150.5.131.119

🇮🇪 128.251.36.118

🇱🇦 115.84.92.45

🇨🇭 104.244.74.201

🇸🇬 85.203.21.232

🇫🇮 80.223.192.131

🇩🇪 69.5.169.126

🇩🇪 46.101.239.104

🇦🇲 45.129.185.4

🇪🇸 34.175.155.244

🇵🇱 34.116.164.179

🇨🇦 20.220.219.90

🇨🇦 20.151.104.16