JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 66.56.81.187

66.56.81.187 was found in our database!

This IP was reported 57 times. Confidence of Abuse is 38%: ?

38%

ISP	VPN Consumer Toronto, Canada
Usage Type	Data Center/Web Hosting/Transit
ASN	AS212238
Domain Name	vpnconsumer.com
Country	🇨🇦 Canada
City	Toronto, Ontario

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 66.56.81.187

Whois 66.56.81.187

IP Abuse Reports for 66.56.81.187:

This IP address has been reported a total of 57 times from 30 distinct sources. 66.56.81.187 was first reported on August 8th 2025, and the most recent report was 1 month ago.

Old Reports: The most recent abuse report for this IP address is from 1 month ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇬🇧 PeravixGroup	2026-05-09 12:20:52 (1 month ago)	Honeypot detection: Telnet / IoT device brute-force or exploitation attempt on port 23. Severity: ME ... show more Honeypot detection: Telnet / IoT device brute-force or exploitation attempt on port 23. Severity: MEDIUM. Aaran.cloud show less	IoT Targeted Brute-Force
Anonymous	2026-05-04 16:52:02 (1 month ago)	...	Brute-Force
🇺🇸 bigscoots.com	2026-05-02 09:38:10 (1 month ago)	(smtpauth) Failed SMTP AUTH login from 66.56.81.187 (CA/Canada/-): 5 in the last 3600 secs; Ports: 2 ... show more (smtpauth) Failed SMTP AUTH login from 66.56.81.187 (CA/Canada/-): 5 in the last 3600 secs; Ports: 25,465,587; Direction: 0; Trigger: LF_SMTPAUTH; Logs: 2026-05-02 04:58:32 dovecot_login authenticator failed for H=([10.27.18.10]) [66.56.81.187]:8918: 535 Incorrect authentication data ([email protected]) 2026-05-02 05:37:50 dovecot_plain authenticator failed for H=([10.27.18.10]) [66.56.81.187]:39564: 535 Incorrect authentication data ([email protected]) 2026-05-02 05:37:56 dovecot_login authenticator failed for H=([10.27.18.10]) [66.56.81.187]:39564: 535 Incorrect authentication data ([email protected]) 2026-05-02 05:38:02 dovecot_plain authenticator failed for H=([10.27.18.10]) [66.56.81.187]:49848: 535 Incorrect authentication data ([email protected]) 2026-05-02 05:38:08 dovecot_login authenticator failed for H=([10.27.18.10]) [66.56.81.187]:49848: 535 Incorrect authentication data ([email protected]) show less	Brute-Force SSH
🇺🇸 bigscoots.com	2026-05-02 08:58:31 (1 month ago)	(smtpauth) Failed SMTP AUTH login from 66.56.81.187 (CA/Canada/-): 5 in the last 3600 secs; Ports: 2 ... show more (smtpauth) Failed SMTP AUTH login from 66.56.81.187 (CA/Canada/-): 5 in the last 3600 secs; Ports: 25,465,587; Direction: 0; Trigger: LF_SMTPAUTH; Logs: 2026-05-02 04:58:00 dovecot_plain authenticator failed for H=([10.27.18.10]) [66.56.81.187]:47267: 535 Incorrect authentication data ([email protected]) 2026-05-02 04:58:06 dovecot_login authenticator failed for H=([10.27.18.10]) [66.56.81.187]:47267: 535 Incorrect authentication data ([email protected]) 2026-05-02 04:58:12 dovecot_plain authenticator failed for H=([10.27.18.10]) [66.56.81.187]:51501: 535 Incorrect authentication data ([email protected]) 2026-05-02 04:58:18 dovecot_login authenticator failed for H=([10.27.18.10]) [66.56.81.187]:51501: 535 Incorrect authentication data ([email protected]) 2026-05-02 04:58:26 dovecot_plain authenticator failed for H=([10.27.18.10]) [66.56.81.187]:58202: 535 Incorrect authentication data ([email protected]) show less	Brute-Force SSH
🇺🇸 bigscoots.com	2026-05-02 08:34:48 (1 month ago)	(smtpauth) Failed SMTP AUTH login from 66.56.81.187 (CA/Canada/-): 5 in the last 3600 secs; Ports: 2 ... show more (smtpauth) Failed SMTP AUTH login from 66.56.81.187 (CA/Canada/-): 5 in the last 3600 secs; Ports: 25,465,587; Direction: 0; Trigger: LF_SMTPAUTH; Logs: 2026-05-02 03:36:19 dovecot_login authenticator failed for H=([10.27.18.10]) [66.56.81.187]:38962: 535 Incorrect authentication data ([email protected]) 2026-05-02 04:31:47 dovecot_plain authenticator failed for H=([10.27.18.10]) [66.56.81.187]:34804: 535 Incorrect authentication data ([email protected]) 2026-05-02 04:31:53 dovecot_login authenticator failed for H=([10.27.18.10]) [66.56.81.187]:34804: 535 Incorrect authentication data ([email protected]) 2026-05-02 04:31:59 dovecot_plain authenticator failed for H=([10.27.18.10]) [66.56.81.187]:40002: 535 Incorrect authentication data ([email protected]) 2026-05-02 04:34:48 dovecot_login authenticator failed for H=([10.27.18.10]) [66.56.81.187]:40002: 535 Incorrect authentication data show less	Brute-Force SSH
🇺🇸 Ghost Rider	2026-05-02 08:24:29 (1 month ago)	RdpGuard detected brute-force attempt on SMTP	Brute-Force
🇺🇸 bigscoots.com	2026-05-02 07:36:18 (1 month ago)	(smtpauth) Failed SMTP AUTH login from 66.56.81.187 (CA/Canada/-): 5 in the last 3600 secs; Ports: 2 ... show more (smtpauth) Failed SMTP AUTH login from 66.56.81.187 (CA/Canada/-): 5 in the last 3600 secs; Ports: 25,465,587; Direction: 0; Trigger: LF_SMTPAUTH; Logs: 2026-05-02 03:35:51 dovecot_plain authenticator failed for H=([10.27.18.10]) [66.56.81.187]:29503: 535 Incorrect authentication data ([email protected]) 2026-05-02 03:35:57 dovecot_login authenticator failed for H=([10.27.18.10]) [66.56.81.187]:29503: 535 Incorrect authentication data ([email protected]) 2026-05-02 03:36:03 dovecot_plain authenticator failed for H=([10.27.18.10]) [66.56.81.187]:10956: 535 Incorrect authentication data ([email protected]) 2026-05-02 03:36:09 dovecot_login authenticator failed for H=([10.27.18.10]) [66.56.81.187]:10956: 535 Incorrect authentication data ([email protected]) 2026-05-02 03:36:17 dovecot_plain authenticator failed for H=([10.27.18.10]) [66.56.81.187]:38962: 535 Incorrect authentication data ([email protected]) show less	Brute-Force SSH
🇨🇭 Origon	2026-05-02 06:58:57 (1 month ago)	recidive - IP: 66.56.81.187 - 2026-05-02 01:18:56,583 fail2ban.actions [1676911]: NOTICE [plesk-pos ... show more recidive - IP: 66.56.81.187 - 2026-05-02 01:18:56,583 fail2ban.actions [1676911]: NOTICE [plesk-postfix] Ban 66.56.81.187 2026-05-02 04:10:20,088 fail2ban.actions [1676911]: NOTICE [plesk-postfix] Ban 66.56.81.187 2026-05-02 08:58:57,020 fail2ban.actions [1676911]: NOTICE [plesk-postfix] Ban 66.56.81.187 show less	Web App Attack
🇮🇳 evicky2002	2026-05-02 06:00:00 (1 month ago)	Confirmed malicious by STILWaters CTI platform (score=95, sources=1)	Hacking Brute-Force SSH
🇨🇦 eGuest	2026-05-02 05:37:25 (1 month ago)	Fail2ban - \[POSTFIX\] SASL authentication failed: authentication failure ...	Brute-Force
🇺🇸 masterguru	2026-05-02 01:13:18 (1 month ago)	(smtpauth) Failed SMTP AUTH login from 66.56.81.187 (CA/Canada/-): 5 in the last 3600 secs (0-169)	Brute-Force
Anonymous	2026-05-02 00:59:43 (1 month ago)	SMTP AUTH 66.56.81.187 (SMTP_LOGIN_ATTEMPT)	Brute-Force
🇮🇹 Inartis	2026-05-02 00:59:31 (1 month ago)	2026-05-02T02:59:30.074151mail1.inartis.it postfix/smtpd[3277092]: warning: unknown[66.56.81.187]: S ... show more 2026-05-02T02:59:30.074151mail1.inartis.it postfix/smtpd[3277092]: warning: unknown[66.56.81.187]: SASL PLAIN authentication failed: authentication failure, [email protected] ... show less	Port Scan Brute-Force
Anonymous	2026-05-02 00:26:19 (1 month ago)	Authentication failure	Brute-Force
🇵🇭 marklozada88	2026-05-02 00:12:26 (1 month ago)	SASL LOGIN authentication failed:	Brute-Force

Showing 1 to 15 of 57 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 180.171.143.104

🇺🇸 104.207.44.7

🇮🇩 103.175.225.15

🇺🇸 35.226.57.185

🇮🇳 4.213.224.194

🇳🇱 2.59.183.60

🇺🇸 104.207.43.69

🇷🇺 91.237.183.81

🇮🇷 85.198.19.244

🇩🇪 69.5.169.101

🇺🇸 65.49.1.192

🇺🇸 65.49.1.24

🇺🇸 65.49.1.10

🇬🇧 51.195.183.225

🇺🇸 45.131.193.43

🇺🇸 2607:f8b0:4004:1009::126

🇺🇸 2604:a880:400:d1::9642:3001

🇩🇪 216.26.245.236

🇭🇺 195.199.210.194

🇩🇪 195.63.31.212