Check an IP Address, Domain Name, Subnet, or ASN

66.132.172.100 was found in our database!

$ whois 66.132.172.100

country·🇺🇸 United States

isp·Censys, Inc.

asn·AS398324

network·Standard

$ sikker risk 66.132.172.100scoring →

confidence

57%Medium

first_seen·Mar 20, 2026

last_seen·2h ago

sessions·4

events·4

$ sikker protocols 66.132.172.100

HTTPS

3 / 3

MONGODB

1 / 1

$ sikker summary 66.132.172.100

66.132.172.100 has a threat confidence score of 57%. This IP address from United States (AS398324, Censys, Inc.) has been observed in 4 honeypot sessions targeting HTTPS, MONGODB protocols. First observed on March 20, 2026, most recently active March 20, 2026.

$ sikker behaviors 66.132.172.100catalog →

mediumMongodb Version Fingerprinting Reconnaissance1x

Remote client performs MongoDB service validation and environment fingerprinting by first initiating a wire-protocol handshake (ismaster / hello) followed by execution of the buildInfo command against the admin database. This sequence indicates targeted reconnaissance to determine server role, software version, build characteristics, and platform details. Such activity is commonly associated with automated scanning frameworks and pre-exploitation tooling used to assess exposure and identify version-specific vulnerabilities prior to authentication attempts or database enumeration

$ sikker primitives 66.132.172.100

mongodb_ismaster1 mongodb_buildinfo_admin_command1

$ sikker related 66.132.172.100

🇺🇸·More threats fromUnited States→AS·More threats fromCensys, Inc.→HTTP·More threats targetingHTTPS→MONG·More threats targetingMONGODB→{ }·Browse allAttack Patterns→

Report IP WHOIS Lookup →

IP Address	Confidence	Events
206.168.34.199	50%	2,219
162.142.125.217	50%	2,375
206.168.34.198	50%	1,804
162.142.125.44	50%	1,713
66.132.172.105	85%	32

IP Address	Confidence	Events
68.68.101.178	93%	3,940
208.3.195.65	100%	96,622
172.86.73.58	86%	461
194.164.107.4	100%	794
206.168.34.216	50%	2,069