Check an IP Address, Domain Name, Subnet, or ASN

66.132.172.186 was found in our database!

$ whois 66.132.172.186

country·🇺🇸 United States

isp·Censys, Inc.

asn·AS398324

network·Standard

$ sikker risk 66.132.172.186scoring →

confidence

89%Very High

first_seen·Mar 20, 2026

last_seen·1h ago

first_reported·Mar 22, 2026

last_reported·4h ago

sessions·47

events·47

reports·1

$ sikker protocols 66.132.172.186

HTTP

27 / 27

HTTPS

8 / 8

SMTP

7 / 7

SSH

2 / 2

SMB

1 / 1

MSSQL

1 / 1

ELASTICSEARCH

1 / 1

MYSQL

0 / 0 / 1r

$ sikker summary 66.132.172.186

66.132.172.186 has a threat confidence score of 89%. This IP address from United States (AS398324, Censys, Inc.) has been observed in 47 honeypot sessions and reported 1 times targeting HTTP, HTTPS, SMTP, SSH, SMB and 3 other protocols. First observed on March 20, 2026, most recently active March 22, 2026.

$ sikker behaviors 66.132.172.186catalog →

infoHttp Root Path Request11x

Identifies HTTP requests targeting the web server root path ("/"), typically used for initial service discovery, host validation, or baseline content inspection prior to deeper enumeration.

infoHttp Bad Request Route Probe2x

Identifies HTTP GET requests directly targeting the /bad-request path, indicating automated or manual probing of application error-handling routes rather than legitimate navigation flow.

infoHttps Root Path Request1x

Identifies HTTPS requests targeting the web server root path ("/"), typically used for initial service discovery, host validation, or baseline content inspection prior to deeper enumeration

$ sikker primitives 66.132.172.186

http_method_get16 elastic_http_get_request9 http_path_bad_request4 elastic_http_bad_request_path_probe3 elastic_root_path_probe2 https_path_root1 smtp_ehlo_greeting1 http2_pri_method_probe1 http2_pri_asterisk_probe1 elastic_nodes_enumeration1 elastic_cluster_stats_request1 elastic_http_favicon_path_probe1 smtp_ehlo_censys_scanner_identifier1

$ sikker reports 66.132.172.186submit →

Showing 1 of 1 report from 1 contributor

Reporter	Date	Category	Protocol	Comment
User	Mar 22, 2026, 14:06	Brute Force	MYSQL	SikkerGuard: 8 blocked packets

$ sikker related 66.132.172.186

🇺🇸·More threats fromUnited States→AS·More threats fromCensys, Inc.→HTTP·More threats targetingHTTP→HTTP·More threats targetingHTTPS→SMTP·More threats targetingSMTP→SSH·More threats targetingSSH→SMB·More threats targetingSMB→MSSQ·More threats targetingMSSQL→ELAS·More threats targetingELASTICSEARCH→MYSQ·More threats targetingMYSQL→{ }·Browse allAttack Patterns→

Report IP WHOIS Lookup →

IP Address	Confidence	Events
66.132.172.232	37%	4
66.132.172.223	96%	60
206.168.34.194	50%	1,916
206.168.34.61	49%	1,520
66.132.172.135	77%	34

IP Address	Confidence	Events
18.116.101.220	100%	32,809
185.242.226.40	99%	1,846
198.235.24.19	91%	185
45.131.194.49	84%	1,394
92.118.39.63	100%	51,611