Looking up IP
Check an IP Address, Domain Name, Subnet, or ASN
66.132.172.219 has a threat confidence score of 80%. This IP address from United States (AS398324, Censys, Inc.) has been observed in 16 honeypot sessions and reported 1 times targeting HTTPS, RDP, TELNET, FTP protocols. First observed on March 21, 2026, most recently active March 22, 2026.
Identifies RDP clients attempting authentication using the legacy RDP security mode where credentials are exchanged through the older RDP security layer instead of Network Level Authentication (NLA). This indicates the client negotiated legacy plaintext authentication during the RDP security handshake
Identifies HTTPS requests targeting the web server root path ("/"), typically used for initial service discovery, host validation, or baseline content inspection prior to deeper enumeration
| Reporter | Date | Category | Protocol | Comment |
|---|---|---|---|---|
| User | Mar 22, 2026, 24:22 | Brute Force | FTP | SikkerGuard: 8 blocked packets |