Check an IP Address, Domain Name, Subnet, or ASN

66.132.172.37 was found in our database!

$ whois 66.132.172.37

country·🇺🇸 United States

isp·Censys, Inc.

asn·AS398324

network·Standard

$ sikker risk 66.132.172.37scoring →

confidence

80%Very High

first_seen·Mar 19, 2026

last_seen·1h ago

sessions·27

events·27

$ sikker protocols 66.132.172.37

HTTPS

11 / 11

POSTGRES

7 / 7

HTTP

6 / 6

REDIS

1 / 1

TELNET

1 / 1

ELASTICSEARCH

1 / 1

$ sikker summary 66.132.172.37

66.132.172.37 has a threat confidence score of 80%. This IP address from United States (AS398324, Censys, Inc.) has been observed in 27 honeypot sessions targeting HTTPS, POSTGRES, HTTP, REDIS, TELNET and 1 other protocols. First observed on March 19, 2026, most recently active March 21, 2026.

$ sikker behaviors 66.132.172.37catalog →

lowRedis Automated Service Fingerprinting Sequence1x

Identifies an automated Redis service probing sequence consisting of PING, INFO (uppercase invocation), execution of a deliberately nonexistent command to assess error handling behavior, and QUIT. This tightly grouped pattern reflects reconnaissance and fingerprinting activity used by scanners and exploitation frameworks to determine Redis version, configuration details, and command availability prior to follow-on exploitation attempts. The inclusion of a nonexistent command indicates capability probing rather than normal client interaction.

infoHttp Root Path Request2x

Identifies HTTP requests targeting the web server root path ("/"), typically used for initial service discovery, host validation, or baseline content inspection prior to deeper enumeration.

infoHttps Root Path Request1x

Identifies HTTPS requests targeting the web server root path ("/"), typically used for initial service discovery, host validation, or baseline content inspection prior to deeper enumeration

$ sikker primitives 66.132.172.37

elastic_http_get_request11 http_method_get4 elastic_http_bad_request_path_probe4 elastic_root_path_probe3 http_path_bad_request2 redis_ping1 redis_quit1 https_path_root1 redis_info_uppercase1 http2_pri_method_probe1 http2_pri_asterisk_probe1 elastic_nodes_enumeration1 redis_nonexistent_command1 elastic_cluster_stats_request1 elastic_http_favicon_path_probe1

$ sikker related 66.132.172.37

🇺🇸·More threats fromUnited States→AS·More threats fromCensys, Inc.→HTTP·More threats targetingHTTPS→POST·More threats targetingPOSTGRES→HTTP·More threats targetingHTTP→REDI·More threats targetingREDIS→TELN·More threats targetingTELNET→ELAS·More threats targetingELASTICSEARCH→{ }·Browse allAttack Patterns→

Report IP WHOIS Lookup →

IP Address	Confidence	Events
206.168.34.32	49%	1,593
206.168.34.63	49%	1,841
206.168.34.221	50%	2,270
66.132.153.129	100%	1,806
206.168.34.217	50%	1,748

IP Address	Confidence	Events
38.54.50.81	96%	1,617
92.118.39.92	100%	103,497
159.89.236.241	98%	341
38.54.104.5	97%	598
3.129.187.38	100%	29,719